0)="37d67d162432d0489e0be858e21834ecb2b8", 0x1, 0xb8}, 0x48) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:28:48 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000162c900ba7c455ab361e275e357912473aff91e31e3ff42abb6d63e860cc5d848b9e3b5d4b7ab354781fc0a0e9785a4f90fa3696364b1818cd2e84edc67ea8377486f3cf238aea6231591f06072a40d55f88b2a65397c5d1e896a6249b37cb0149feffefe8960284f9451882f9ed1616ade17d49df0c7795718955d01ad050181762fc52281f999cef1fc7c72155cdf3c7b13869370b2d32854bde87a43f8fcf"], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:28:48 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a10000000000000000000c00000000000000000000000800000000c1277b2470857ba91575f7bfbbfb000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f01000000000000006a08d6b7a84cff7f0000ef448700"/200], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fstat(r1, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r2) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(r4, r4) chown(&(0x7f0000000100)='./file0/file0\x00', 0x0, r4) statx(0xffffffffffffffff, &(0x7f0000003340)='./file0\x00', 0x6000, 0x1, &(0x7f0000003380)={0x0, 0x0, 0x0, 0x0, 0x0}) r6 = getgid() sendmsg$netlink(0xffffffffffffffff, &(0x7f00000035c0)={&(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbff, 0x2}, 0xc, &(0x7f0000003180)=[{&(0x7f0000000300)={0x5c, 0x28, 0x20, 0x70bd26, 0x25dfdbfd, "", [@generic="589ef24f06b544098d4644e20576804e27ac993d4f8168b0eaffc8b97a2b7b52bc52452e17cd96142f1992706879eb1d2017f58f48f83968a6e546149f9c62a07dd966b029bfd1c7298270"]}, 0x5c}, {&(0x7f0000003600)={0x2448, 0x19, 0x100, 0x70bd25, 0x25dfdbfc, "", [@generic="519ea407e1d391084e7f461f7cee598a0bb7e8fe6a5b1308ac40af09f6ea39e076a155b213dd99bfac4651c7e6ec402f612fc27e8151707726225e638c3fbc25d6c5720be30058c27ae6717e64153d3ba2cbf77b7e0773517f6fcf6af9e5e1e97a4d3aa9dba0e5974267f69c817d5e44a4ba257ce4dc3ad6900eb05d2d05", @nested={0x2e4, 0x69, 0x0, 0x1, [@typed={0x8, 0x3b, 0x0, 0x0, @fd=r3}, @generic, @generic="3693ddbc641bf5d2cdf9faa2f6ba710acce85db8e73654f71fe8ba70583217c442e81020ec6f5c1d9c38766653ea52f7a5407d7a844d63a84f6debe0449b72d7f232c0566c928a6fe9a74c66675833f8379efd4eb688f3493ace38c48475c46b0b1de85262491fbf7632d5481e3f670bea7f36ee3dbd6ac792b9c92ebf4516eea178016012a4ceb6c7da8f5f8cb31f54da9ec160c8f479235d26ba07b041634e049079bc8f1499e0b3e2b32e10b1ab64f38ea5e3a0b1767a827d96b430c8b18cda930f41d3", @typed={0x8, 0x30, 0x0, 0x0, @fd}, @typed={0x8, 0x83, 0x0, 0x0, @uid=r2}, @typed={0x5, 0x27, 0x0, 0x0, @str='\x00'}, @generic="ac8afdc8058d8ff054427eed2a46f2245835dbb520d84ab083d42092f412b5a4e7a6e9f60fa265b8ebfc84d00ddabc9414df5b5ed35ec5f0a00cddb277ff1ddbd7af202edeb7386bb02953731461939e3bbe5f21bcef793cda958ece79449996d6228eb83cf95529f4ac7a4b49f15a276e694a642e342978ca32462596c9d78f4f80df3800142e8ffed7e3c829917596239af0cb26671a59a169725c1e637faa69a19b80d5538fef8a36e7cea7540cc8447c3ba8d915ac5db8dcc201503aad16cdbe25f36dfa783d6085ec5cc01044d1c49f997c47ab824808fece89726a0216dfd5cd82ec6eb802a6d256e4a624953f99a32dc7646a230368e5179bdbd59c", @generic="e3761ab58409e3b04badd6407e0d4e6b6e22ddf6253268104b04064e41860bd6425f98057f665fcfcfe870a1cb30737b1989ef666273806aed2f025fba16829113dcd619724cab80ff44e929dfb3e661bc712fcf7584c5aaacc97f20ecf5cdeb4cf5afbb24f3f4dd6df223f114a1ef378d9dbe68a05406f7ccf8eec47f28cd28c1c81f0b53ed69d1b2651afaddfa55d27083ea4fa3b5e8264d6b12b5d98277247cde654405f11ace59a31572dbeaea8e095cfac74e8e36ba0c817b0a7be3ea6a75dc77e692260ee0b8b3377d217cbe8b0f7ec93e16bf5e3cd9a1a6427827fdde3e19b29d4812651af59a10c8f1151b5ab517658449b34e70b6ac08f8"]}, @nested={0x20a4, 0x2, 0x0, 0x1, [@generic="d7d3921d3ef6a325b85e743b512ecb0490bd2e8eafb4c031a096d3587dcaf83383905aa9695ac3aa5e6798931e7f17087dbc7624035ea775326ea09a16471d65c5aa0dde930b9d964a4acc471b745775c71a630de54610eb43b3ff9285d88eb62d96590a7dfad7c8468449aefd1c7b420e56882b65fd6a3c2682e3528775423b5d676fa49f1475e0b1c42c9515bd8cb040c663b402befd1d9390a490da34ad382cbb5711c621bc5c2163b80d50bf28f869b71c84bdc6f3a3d7152d4a365a4bbebe2e93f453f82045237f8b2d833139cde5f500839dbbe89cf9871387907dc90b7325db50e1c0cb87f0c23e94d61e80b9a333e80389106f1c5ea6d81d576d6040a183c8f8c580a3caef28f9da678bdecd1259cdfc543c71b7772ff88eff917545a83a48200a2fffbc330cba4b0c5eb87342d0adbacb740a78ab4acaf0359b957771c28192474e4f30e3ddc0660920d0dbb31fe8dc00f953e9efe83d1c4dd1b961030e5f45135bc75e12f04c3ce207413ea02d5e1385a8752a8499ca77c6cbb3907227e8f893dfe8875c3e78739a7fafaae143ad83443b76165d8b2bdcbed48f54d9c237f8278a3a3d2d31c6758f2680150884df9f97ddbdef1ecece6b2a20df07eee808ba29c5a7c634df64ac9156d63918493a4bdd52627c592c2bccdd8d282306c56ba1d850cec536b8335ad85864b54ca2870b1360421cf868e861f339aabf75c90aae7595f36f752021bf8ed5d1757ddc2594ef40feab3e41a868a9d284c4affcd41a36fd17119c0f725f859c12f2a4eddf03458614dcf70a9dc8fc698bbef87e685c214c396cbeca33f2439319e9779da4b7dc6194b2849c0c97383f13a7af453d26d3a31f0c4763238e4a19d64a1e319d0efad38c67f5e649ca07da3bc4cffbd6c76e4953d4911c2de8f7ddd3314ce94ceb563b551bf5fdd88ebab8e57455ef21418ee1d2c1602ad346511649576e3dd01c3f38757ef02dc44c4e1ddcaeab618f5c996fa50473687dcc88a663ed5d77136db79301ce491831ec22d39134a187edd95f5232144185c24089693d69ea69796d60d66d6256da480e8e86909071a3b34e2ccfbc637fb07538201b321476914ec7746938ca85a36b5719da9490a411d1798c1086222aca6e2c9ae39f69b9af7f72d51e9a1098af9602dd4ea78618803dc0c3110e049e359e73e77c222ff1e182f26c9069971397e78a5fa3d3ba6c3f956938802b83db7d767422170d25017c429263445a963b3ff2231fc05f7e846752a73ef98fc074b0325528c04d7d947cb5a23c78c1fe1f5c0d62838d5545f4ce7c9439a66b39f8b663e2af8a9498943ecb213ae2cac1aa9d4620170b774d65ce83e4770697886f3c6aa6548f5c7ddb0a7515040f9a2a9e3de043973c37d615466fa74da01b5d0cc18bcc6cd17d73774e0a3115d66990a06c62811419be172c2262a1f79a139b941d4fd8340e9c981450434b2beabedb324e1ca059ff2320fc7e4c778d1b2f6daaea4ffcadf013acd9de5caecbef8ddf4f56964bb9c307a62e255158c2a4e4d0c8cc096e5b4104f3299f8b5021062d076d879691ad923c98f8fc8ff8876000dfb8345676603119519792d485aa362b6ac483e62046a6dbbc22d596798f7a55f6a6ad9f77bf32b3046b646a982e52d686ca12792ebfb47e46fcfdd8d7ef75e580c8524e50f69c76cce2988658f5cd58efd5054d9c22c23243ded1659ec559ee1225ce2b913aed55967f02dd7db7046e8d6eb80771818f532b78b2d2e35e57e42c47cb25d7216b6d83c06131c6e2a2bb115be54f46845146d36299909812e898c9ba73b3b4975e702c54fd3ea1d96d1803c8586a9ef511bc48faa4adddbbd1ef3244b01ba447bdec819810ec030b8ee97985dcd672cf3f24b433c6b8bc01fe04cf65119620b4f72cf110a893b12e30063bab11da97f5ebd17597dcedb720de69adb7e2c0b7addfa6b22a47c30361c02a8582248c7050f4c1bd62690b60963159563432af8103e610946ca1486c972a8aeda63db07cc667b9cb84a9242ea93c5775bc688560abe2e370277ff04567580df917b0ddaef4c957e30c7802bed82151336d4b7a70b32fe833bf2163c8e31ff02a5217f14b51996bdafdd1a91b7747c4e23da10e2f32cf0de8a72e550e5c1f560489552da96576b061523cf56b6c4edbb4c7bec8ffd118eada112ebbca7bdda942670094cabf0fabd6fbd8e1b6a770f5884033ffbe2d518e98526fb9b2ed56fc8d7024f4b3e07e9401c707b73aa426ecf63a10a942434db29c033df7ce936b8ea43bc792aa39720e591472498a4c42cb9a58fbe90fa69184e6c6da2819a2dfb99cfbd4831ab6d000a23176be501f902dd56fd220396164a09a9cbf18d7502411a8acca7e69440a8c3fbabdfa0a107cfb53b9afab0cbdcb5be26a0ffa4634d644c4fc52fa33f3e77adc6cb77778a56838c62d6e273edf0d1bef75e0feacf5048b16b7536bc0178eeb0a09569af342381697d8f18fb07e049dd73e6869d76d4ecd8ff4b6cfcde3b0150ae680054484419f1f57d8a62346dc4392fad895eb39c53db0ba155aeac1035cc8ab76cd80246af0ce109391ceb815a52bd9d85599bb15fd644047a5804d817c074a2453170ad183445896fc151e4e025463f8cd9adc5f3747dc8a572e938920153693d60ab62b344817ee7b2a09aa9f6356531322f8654594f3c299df2062d97f8b74b8e4eb9112fd4c1678cad7a35198b21e7acadf080ab2b24644f0788619d360547c1ad554f376b943ea336071fc9ce74d6f293b17b7a7649447a1f78f40f2bf58c71a249e83fba6bd09a7129999a42330bad838d0edbaeab9de7732a0cb7d58814195de4e5bbf4967d56fa7272358ac51c2311ecc26bdd4896e561837cf228063971214c5c389f87a177ab0c7213d89d6c56d9d923ab7d035869aed9dbf4f0bfc976d0c8bf9abfc34850e1aaa371be90f3eb0a0159442e601dee36824f0a3fc83f3cde080f83b054f76d74f5a6a24359f33af3760d60c9a863f618ccfaf549059643ae8b714ff06a58928477d643244f15e51e8606e9c49abb93b39b5819b3b370aba93eeed86c7f281c730affa2bef4426a53ae81e822240c959486ca5199f6a581ef0cbff44c35b88883e2b221c1158230f8564f92f3e4cee24a56eca100e30d8bb6b07b20fa24ea3ed327b7607cde87169f9dd3a7fcf2ad7c078123ccb1be281d96965a55d8c0bf33fdbd33a673c715992b9eff6088ac7d019793366de15a65cd3ae1a1fe06c80952c21731a3a317aa9cbe95889c0dcf2ad0a612aa48df4004e6bd6d5596825f77365a8088d353009a98c7297a1b0ff68f59d9d06b44071840380e9b7ac6d3476b25de705fb2e0c665b611bae0fedf2d51d5a87656550a43be4b7f1d7802de440a9863ecf61aa2d25449dff2668ce14608f4b2ba34610a8127282bbd82e7e2fda7a7150dfe05a7391d0c5d091522dcd6c72ce49adb64550425c3177bd2c76181e55e8a74bc008116d05347e2813dcce1a8a1c125e4159b0e863da3bbaac101db976f7cf45d121642153d020b19ca5d23c2dc4500bfb017b85cc5dfb0bdb869548f4af63caaaefe995ac60e2731858a4d1fb6cc5f4a79bbcb98b2fe7ad65b04b75fa308b76d04e2b84d097ea65c18474b4218cbb6265d992f994cd696c54307de69ac0a4fbcfc8beafd8873bc3904322046ea5057386e6b7729e87dbce57eb17d4d79cc5c15e619133b6224d0f7480f6a2ccca95b7287b92a3786f26de3707680a4fcd22a9a2ee2769a9814a2c8e50626adb9723fd1f6da6c4935028f9d164029a6faaf562be301fe7c21397501a15800ebde2954083dddd665eb145c9cd587c4444c229b3d1ece583f194914dcac7fc5880e2b7579f516276a8edec922719815843d19a7690864a0e3a4b3aa956f6bcd7f5b0ac50e00d596edce6be0d37649754045e734b37ea46a22b0745198efec65fa23d1b08e34a5a41b39d2ce2b7dcb32d593998e811b8f4dfc81093e0dca3fd399aa09f5686de7e03403c9f9d7564d218a15308326933c104638eaba4eb245a54a613d2e0c6eaab3f8942ede1211c4f15444a7840dac35710045876d2d6e1b3e8ee50d02b9f7308ee07643c6defe1008bceed3eaff159f63c6f62c8b09e14fa1614b1f8c73797ee76d57f57a395b447d5d083a0b1335076505106e8caa9d0ccf8370cb0aaa330b42367abcb44bd4e8b336ba5e8916f8f4338c8795f55b6bf2d999fcc278f037528c93be36b117aae07a6debeb21901cd76a613a71455603c7a11a46f75e1863998bd91f624692885d03648458f8dab549e2a34ad78113b05d10a224d0b2a90872ca2d3a2c47290a71c1c484a88db11f5b85f7531c63fbf86f73d496b98da41c2a057ba04ca40f0fa5d733169e67177ea00d1d460ed3b4247a0ffdcf15f0334e5b98e615e9a872a816d4f0309dd7dd0af8058a06cb50539c5ed4a82093f1fdb967ce23feb06dc822257ae1879c6a079caf8d886f2c9fdf1649521188a50a48984538b0ad9ce1de01cfa94d6b9acc78ff547c7fd1143e7e7b7b8b67bd5f72697eac215d72cd43fb6c1a4a395fccd0e0b35646a45b5bb40c4b4f157fd015c100c0133bca8ef58975c1fc97d67c175ca7d2bdfd14b850ffa62dd19e33e02bcd286a8920af73ca0e6ba63d6e9bb9ad23312a5205bd129463f7ea8948e19de86126a89bbfcdb79764569b84915cd4c00dd16760a1e3665f08e398cff9cffffa1282c736b604d62c4ed5840df3a0fe4e129608cd1dba3f4ad2036add15224ddbac77ed159ddb8926d249fda9ba45e503d96ee7a88e495a7772885f1e10f8c1e12c0c82af034f5cc4e6de1edf247841af251d8cf7645f2d2cbe280805bf14fb7cf4d7ff8ce3814258f3e61c47d377521bcb9d74b88b619b57dba423b70a0a7a99a73b23a35d00aeaf2650336cdfc01f316d1e9eefac76d4efeab216aa992f465286c8213236bcf8122ab21c440bf453cb14d6a033da21e719ff7ab5635de2e5f88ac626ca1b551a229a4afa9b2e967deb3ef22fdf8e311df074ab6865b0ef66b447564c7c988079c6d048e0adb0033016ff5a2aec183763ace2d049752e8e1f5db04533e404501a2776b3d4133de5bb118a3f5a31a7f0861b72429d35283a984c66763f94a63d1c85ed5a606e31a98b36a651b1cfb8d8b30a4a82a71e4bef26a7acd1d1a1d5c87591907cfa20e295a14fa23b681896666bb0c0df4d92b3cb21df4341379273149bc13bcddddf48c5a352847387fc9a2990161d18602c45929d425f19f91d9ea14b33da83cb08a74aa85266a223293d53cbfef2c2bf1814f064013f16865d039b3732b81cd7818c20cbb06a2377aeca95d987e1410b7e6594995e03ad1bd8e477bed8f8013a5ea0b97db2718a1a9339ec69589105c675f2dbf5e044bd9e512d010e51fbe0c5b2af10ac37a50aac8320e3dc2dc32b87f62d9018f127cf7d56a6a72ced12b4ccd14b9aa56bf592f33108bcb119dd948562572e117839f4c87ae11bca947718800bc0e1d7bb8d80d83541b8c1707dd7e3b94fcf81fc6d5eed719d70701750d617386b20bf2479044283954c177e85394cf3f0e29fb3d279722e1d6c82aa9654ed4133a21944755c0e454cb25f7dd4969af30186a14fda718915d8135062600ac22a722a9666a136c27766f918bdcc29a1dc01793bd46ef94136788a28b2dd11a1e390669f892ecc1dfaac30c7f56ab02296a6879dc08859a05b300ceecd6e0d88dee5b7a064fb8865a74a7fdf8a7d1bc834692b4314fd953d6", @typed={0x8, 0x46, 0x0, 0x0, @pid}, @generic="4128b5ee1f573330fc63cd330190606dfef6f83ea815b2dd7c7f357789dc12c57d8182ac4318330322c5d1e8622ef5b64c83fb408c509506a69c446bbff1c4f3fef8e40eb27962f01c9fd60c5bb7fa1c95e7593bc8fe67156983b05a9012d62f7aa5b35c67a7e7f79bcf846e3bf639e32695c8ae9abf429f32cab1a1ea38804ed338a157bdbee7fbaa4e0a47259384cc84504dc9c9cbd57a19c4141fe8b2d9af517190e1998c2334882e8a83fec9ab93ab65a8471a2c8de1fc701e7acd44ae9822ab455aeb245e2da566e910f3801f3b3489f6b6c49da223400564a84c022fbe5de29ce61830a0f7ef496044885b3ba0e38246f8f117db9c720ce6acb6fd78e5257fc8786ba135c799530a0d60f44a905fba4177fbda5dd568774f7791990f747db6dd51873ef5edaf3a0d7df2766b92d8236c8d431f3f4ba4cbf86faef7b80612b4e229ffea54e0df8bae157ba51182ff5a23d51976f3b29be5d2e5491e942cd4144a333c5710e30c3eee1bcd5fe3017c48b96c07be674127cee0103a4c93132b7cba3a8fb143e1ecba79c35e9380f1d7d3f5af753977bf092ea225d43d9a614bbfe549c2e992ab69f0ddeb26ea27e710c4f843ed8cd4b478b067de4576b1ff277ba4b7701669b5781e51f542f7ee14e7f6be7f7c7f6bb3ed8abab436eb5d68a4e4ba0e21d99b4a3cd262e6dd5329306a7f89bf907e9ab46416bfcfd61437fe3a01425e8cae5dca3086736f4e412b4aff43b8cfe26433228878fecd19df4bf5928924a9f1d7e3e3706e2b50457e70ef4d0ba539cc8d8dad7309aeb57beb1e3d4e5c69ff42756e199f7b4536f867f2464d3c18434bd41b421ab2392f348a3653abb549422c4da7f0166919d375a98c9223cd53f248ee358d6342b677f7df246182fef4fd853ac18906f8b7433f2f03e09626bd478a25b8ea7d302638b422877eeabbe2a829d72a935fe03afeddce593049a5fbad4829fefb2e194b6dfdfc19a18cc32160ead5836f84fd1fa2d57f59d794f0293e76b2b59c8029bf3b2dc346c14d884e7c3e637b1601f8d2e048bab7e2b9f1ad84daf754b40e51f14a98b7037aa2fb61234bb4b223e2ee9abe9881a7e363e3495c8a1a8f5a3a4f0040b4fdda4df5459ea4f34191d8887289f24d381a7f7e8940e94794fb24e8d5167752753ccdd2eaf1bd696c857cf7d34e3710b68c02bf95555b161d11e1268527fb34704d18c516b583e4809cb49625bf99237e1b960dec2d441d8a230f6765e0aa6d841e0a48001eda303edbe4c870bfa9ee6371fd84ef8b371cc4866655ff68653bf7351694794fbc31df0697762c46a1ddc6a486d80d90fc1e1d8ac57932c5841c71fb2e4593d83705580d0a3a1d3418cce1fd95e94530281f5116aa3e640e59ef699284544f2ab9f0ba94a157f9ec1eceaeb41d954237c3b5b6238445a41ea61ee31c03a29e3b706d6ca2bda5eb3d1834bf9e143f9b3e4eaf1f682bd349cce0344a81cf5e079ab972f4cf08788c444338a211c143b4c51a245ff47e634327c0ddaba1bf64389761c3e2de37f64abbf4cb7ca6a64d5ca9823b0421e993b7a3244b48b4c60302f3e10a74e8416799f5763c5fbb4d5c7ee598e817a3252d94f2d9786e73ae1f32951f1b006d937e92b62628dd746b15ed3aeb68beec4fee76263a940da1c05aeeeeceac8bde25e29a3660cd2d3e8352acbc9a914d21204aaf5b7a2c14194f3c2150bd49c60da02e92053b2ea8041efb988521263ae5704df0952cf8f1438093dd43b563e0db1ca2f5a74d88f24928ab1196b4dfa8a412d27d31a140552c9fd877ea609bdf4a836580a2fb75771365a89d4b83996b68d1d6f0593b144e612ad860fb2923328fec29f3eca25f8d2215bf8846116c28914f3238c772067e635e4a9230047e9f76f67735236f7b958d5ab111bc72581797ec89e89553abcff649a2ae7ff536ee2703d82d753ba6f22c17aa4d5e7efb99ce239167daa97317acb092fa23d9d979f02b97b686401193eef2375f1cddb316255569950a099c65ab465506aba358ee3ae4233cae36f0210f6155b04905ecbe6c04ab09966ad11a4603990730a01b2d01b7450a487ef848aa263c69656e476cd674060e3c73c04cb24d1f1972b660011eade10c9a83906aefc7701f15607ae947301c0a5be345be08dda1facec894e5401a3e191f0e67e4dc05ac6873097d25a5c3b52b05be6d71a558f980d451dca776a2ee0b09261d12e44b7008891a7a39dccd51374cdb0bf1117665e94237cc00c9e8481f569620bb9bf9a08155e6baa124bb9b95dc4252979830f8ed812adffbd43cd8c601ca1349e435e4e0fc2f149e19fb4da40ea98627c18a1f4506d072caa247afd6aa124b84d8f06557154738cef8546ebe7763ebb353522bcfc0dfc0924e1ca02489d685420cf9a3fe89e6a779d8ce9bc661f97fa5e813634991537ad400d49ea07fd3c98c68a2827fa018b8be532e4c38e3c1ed6cf7c959d188816fb5ff5407bc35655034b7c73b5904db744c500d2407472f91312a4ab55eeec2eb580f29ca526b281183415b8a5d956015b6068bc99a934c2280341927fd26bccf8bc6d455bb6633677190a0f07ea1fb8bc218c3938338011860927729b3beecfb55567fc3f985d5cd541abc88fc9e21df70139c6579c096ec4d5a74708be2f1c604258a3c3d9052b966fd40cd44711b9547ccab2c320215187474bc96df092061a48b42ee39476d36a83d8013665773f8031ad47f7748b091afe32282955b94e7aec56f8a922ef2f8790d0464e84119f6577fd804367835a57c8baea722f3bfd5cf7cb0fc100208ecabbd9260c1c78ded49f7913b7949f3ea763dfa9da5587992a9eaeae5d278f554db5f2f2975af3c98940b68e911c5d1cafc7b0dcee6fd5cc9ae31734ad33e3750a09280faff64da80585cba3361bc3d435787db63bafeb18e176d4c9511198c94cda770828d6b6e28a500cce3922e277f1abfafba633501fcaa70f9cf2d07c86c082802973e1338d64386728a1edccb93d632bbb757c43206208a51b58488287bc95206dce49560176cc7dab541fcfec45fbff6c0a2954dc20ceabbb736591f27fdc0e4c520fa845a3e71dd7a3a14525e481fa36a559d2374c2ec62f3d50e696b2ca883a4d87c16350b6a600466d5818990a906f2e6122115cb94589e05008b7f89b2708fa451085eefcac9550aba8830ae36dcd867923a588f90a767e68b9577c267a252b3ed90488bfd59a95c3663a8a82e8afee9546fcfe6b0ac8d73e84b13d6f51e0c57cda5d6a27dcc3aacccbddd38b4f5c98c53deaf802dfb5ab33486c9abf90a5a03d3b770e145b98479d306f98c9600420b0edb2328fa078818f77f5c37e1fa09bf3fa94e4db79500165c98fa9752dd618501ff91e56d50c5f647ed4ed531bc194db7dae80dab54eb49d0aba8afe27a0403a064ecdd401d951c74636f5400af75629d2110dbcf7d3ff0377180ba74e997840df5dab0be34d6ff10e2a77904a89f08777d93875f51dbb46cfbb7c6a0190f87ca421a5a95a79e95b98fe886d1774a6301a868e177c08ba11b1900f346495099c5b3ace932b9039c77f0316e2f4a422fdb8a3e72640f1eb0961d455ae5e938ae47d43f0dfa87ecd84e2eddb5ac927240034bc64fbeb5e205a88dc79f859d410017a274525279dd3cb4b9699acb14b791194028a7116874a4a61efc07a697b0b27d66605acb2b8cfd6e28e258bbbf76f148a66f2e91e3194ee9c27bd845b0e0071c09587fc102683f4eac398c174dddc5608158ee9fa0b281338b45d6b0947718fe45f15659406605d66578502065077071c90aeca923afc343f47d2e03bb13aa649acb80d49faa46b8a479a8bc0c28aabce33860234853b3cba3b8d934bcff633a7e9d1ed914d664dce8c40acd7dfda4e8e1aee2354be89a937deea77c9219e0b1c4b4529c2ff6e4c04316c0d70c694a1d1ff21ec6acf418eed639501199a0e052504d2ad457e52c1a024aeede8ac2b4c47de0a96effeec159d8bf86bc9f78856118175aa75dbbe3902717790f1442930875923f1ca78397c5e5679f77a37c49cc71d0b84e794e00391ee063a9f94a9d42c5f15eb37588c26117d010e2baa9cb60188d1fdb1f560199fc9971f75108aeacf2abd54cfbae35fc2be4ed82e1d930a40f0285e9fa54e607fd373fe10a974bd06e263710ddba390bcff20e516271154b94f204f3323ba743a02c5f290d7a5253b3e78315d5b606dfb23bcc851e9229a94dc9a5b1e93f9aa11a78ea964e09b63d238b4872c55ea70f8598a784d1819e09d4beef00ca675dfe03d1ef56f2f4b701c19f83d0dc1f2e5640fd8ba96e907640f7d0b0539dac04fa964f3df8b0a1175de5d7ac7cb00c5227d1c9eb07ee128cf7dfd776510c95a850425e90fd06027a2dcafa8f1b32fed6fc911b5dc25fad0747b55ec4f81f43fa88f65396e9b9d257d40ae334c76d2ae51d7f79c64de2a7927282d3ece69f4dd6f13ecd7da255fbad1727674bd5bd24ff8e619c1e0f39511f502145fd4e293863ee66c6af023973f371ccb714ed5d9efb040404ddd691bc14b131c9f2629cda2861ed28adcec754babcbac384e80c80246abe7871100914975bac32a9857e1405b2183f531963e4f2ab013b6946636a7225e6f0297e0e6708fc2f79e489d9ca340d87d5b80d8b41f26714c06812b08eab527c32d5aa6a9c5952cc4174237a22d7d3d0e8ba98d1194c5a7958f4f9a65077a7b37084faf814dc95fa03b1c05314e83aecdb96690593fa6ea6c20dc139a628263fe9db2317e7b33ee11d97be1217bf191351f2692caacb2639d42571ec3832d0c14764308a9924a72135b88cad9a44e8676d585110976c0f532b41ebd560a7aeb0c4891c1bda5dc62e810ea990a0b527a6daac3351cc5a94e26061a4d2c1fd4856063d527e833f654185058d3c5ed81ae568aed6212fffdaa38f7c68ea5f3b3f31fe0a687893b4d249da9ea33f0d1a2104306fc218b7c18a06817fa434b311319706c135f3938902ad8625639b49726f5c25d13316593877236689c14312d503ff96271b7fa18c875a19b39a4d58d14b7edb5be325bcf00c39505749d981028a0e9c6ed82afbc39a231e09dd3840f192209e06d304ae5200204376761efa236ed2945f67eaa39ccf2d95c2d72997a52cf82e40cd18cfe874de64ed73dd416dff169ffb61f9a2eac3f7e927c21df133c820ff3f15d2a1f70a7fcdb2689800c115b1527546639d8e4be7c97c4e807db0e90d41c28f1e950727c0bd9d41a7669d4642049d0ce158130ff3a75981e8cc4af49bedf0f725d6574a49764d73b8227c5793acb6907eb3a181ae8f761cb5c150790caea0606325aadb3995af5cc73f9c7bbd233fa8143808e2cf04d0a9dd97a177f74708fba8e70456b9c2748301974d77733afb63f02b0b694016c8269c6c74c32bad64ef6f395d464bde01c01b72c290c4f0ec64f8bd179d3fe3d6d55ddf341bc962b6d1bc1ca6c5d68c656c48aa66d8824a1c143a0cab817905cd4f405307aa438ba1eba8dc0bb08f95a77366d4ea215eced9aa6a7121b5b652886896b5143de8d137cd7a46fc631bebe2cd139598e639a4fa3729ae37f10e308e057c813aaef147bb7ad95e0b340ef48bb6f5a9a3f0d2e965da76d2d4e845587cb0596680b197346ec9b6ac7f4ce3181846b91a9d0c3bff1d7a91497e78800102fa0dfc0ae3c4ebfdc627eac3f5adef7b4b7d5d70013e96cabc3ac0ecd85d483f3ffc7d6642566a5691756ecceb4331a8a26bdadff87d359a877e", @typed={0x8, 0x94, 0x0, 0x0, @uid}, @generic="6f10cb218b97aa65451e544cfbef01b6ba1ac3fd547d336e7284cfe703c71162165707406ba6218c356465ca4330f5cb382069fdb9b1ff665b7e5b050d9c62e9983f23da56a961c83de11f8224c81b0e0427b9854077fee67baf573484a6ad00a0ef0d4251afa61d762e38cad1ccb44e9ad59b1e12b67da95f47b24d33cc59f1c66697509395686c", @typed={0x8, 0x25, 0x0, 0x0, @u32}]}, @generic="699bfacf12bc3639326163b636aabe2a3efcc82e467d430125e95142e8ac96fb8ae6a69ac3a847f47637e9897ec0929cb291"]}, 0x2448}, {&(0x7f00000025c0)={0x794, 0x13, 0xa93, 0x70bd27, 0x25dfdbfd, "", [@typed={0x8, 0x37, 0x0, 0x0, @pid=r0}, @typed={0x14, 0x8f, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @nested={0x1bc, 0x2d, 0x0, 0x1, [@typed={0x8, 0x23, 0x0, 0x0, @ipv4=@empty}, @generic="8dc8e459e91eaabc7ef8bd3edbe2fa411db309869028667e6f03b7ace89110c674dcaa03a255b20b92fc295d02d4e700074a3398e43c58832927becd7244338938bb3469f8bc21eecb14fd05d69b620f06044e68876010ae68048a6219d8eeccd0d31c6206b23e9e", @generic="2ed438e61c357e0304f2b30bc06feb449e4ae133a56c1e1966a8dc9cbc252b2e0513abe34d274b5bddb5be2de469d562d8aae26cab0dc2097a02e8be09dd4eb296bf234004dd41f530dc5cda7994291fa3b9ba5791e4d8914f1f1fd23aee045d8d7b", @generic="e6ad07bc409152360a10e047cb91d33f8022643dacb20527ddb07797667160ca493612af0f164b5f6428d5826463b03c2a7c9cb9cb82dc3966909d99c60dd281fc5489180ded3b64049d177cc6e56a6951e9d5951d3b8eac9dc44fb39be947cbe038daff81d5c3258f61e32c241336fd570f8b9e3e05c88de78ef101fe680f6ba9a1b8ee1bf7237d6d261a0ba23884fb4f2adea512e9294e8f8887af2a34e6f3f489595cd90599b94daaaee7d58138860c42c055b398d182eea7b5156bff30cd7b083d2b1d25", @typed={0x8, 0x57, 0x0, 0x0, @uid=0xee00}, @typed={0x8, 0x2f, 0x0, 0x0, @pid}, @typed={0x8, 0x39, 0x0, 0x0, @u32=0x1}, @typed={0x8, 0x4a, 0x0, 0x0, @u32=0x2}]}, @nested={0xc, 0x4, 0x0, 0x1, [@typed={0x8, 0x5b, 0x0, 0x0, @ipv4=@local}]}, @nested={0x249, 0x70, 0x0, 0x1, [@generic="15a8629ee77fd11867445c98d8878ee4d0fe5145850839abcd6ddf108d3d324e3e8af5d42b60011ac006e52c87955059fcff1c5dccf84875da0f318c824bfe6d36d3b7f0343d015447935787910dd7dac430f85460b10996d3bd064ad09d338dfba10cc6b4a2752a65f6ed9c79a2ae58b06fce7868995147346f413bfa5bd09e8dfbb18b102cb67607b1bbbd8240", @generic="a5910b1cfaa9ac75275a9e886889b07235e83f14511001de4ffc347ca3ae0327234f83cc93d2de412546a2ade92daa2dd637cd9056c0bf09691ce677538d1a9e6be26ffd2f7bf4dd332c155cefa4f1c9c36e12c5953f51a1ae04fbb0de29e56caab95f5ce4b117a34d5f67080e4c18750aba2775ed2a0b0a2bc30a7321fff0bff2043c187ba9f1bc21feb429bd5f1f33f01d237f730d9639487e23d774ea3a0a7f1c470b3570e1628b98b86c07b7b496a9b22284aaa8bf0d41819257cc82101d45ea024f9866d6d7abf708c3bb89739490b3d48dc642a7309aca", @generic="f2bda6088f472ab83f8da72bdc5805ca8b84edcdaa5c24055da0fad0598807db94aa9e0fd074b1a08d99a32cc4f2bad94f5cdd19ab599903899aae73906a09320a419e8e2c0cbc81772b0d8087802fcbce8ca8390c78d15c1b5a8d6c5a2d95a173860706dbd187de016fa6dfeb546c83954e6f5204b4f1ebd6300a48325ce2d7f8e11ce6e9f40ec96db8b2721ba1a5659dc4d4dfc7e42db0c4bd84572f78c196d91b9d05fcbe6ed2c8bff00a86e1198abb781f2330c5ccc8ba923c9ed7823a011f7ab2a9f98e38a30fa8ef51ab", @typed={0x5, 0x1c, 0x0, 0x0, @str='\x00'}, @typed={0x8, 0x37, 0x0, 0x0, @ipv4=@loopback}]}, @nested={0x351, 0x83, 0x0, 0x1, [@generic="d18221b1cd1a3443cf8f529f5a72e5d538dcc7710f1510aa5816fe1c31489bddbaa72bd300948d5863ee552487840a2b77546c7b38b02c5ddbd40549ca7e55ff04b2b2f5d52dfbb355ff92b4148dd66d0b0ba39a5d57b4bd61083dc005e3ab54e1af32acdc21fb1c0023de247efb76b1741122a350c9cea8548865400081b892ecfd3d550920629c6d943dc270f4015e20ae9a974c5864e6bbc46c886a160525fd461fcb4c07afa698455368c4e823629477008e05e3cbf9dc62ef4106f1d4d28d152e91d2290cf0fd34a7a55ae302922df448bc97c668b33372def2e83e20bcbf2377f5", @generic="4c5c132a477089f09c547cd5d7a260bdc4f0a88e9378c941288ab028e8274122e124e750431a8bbdbcfd4d2c126dee19e86d8cef71d34a900954ace95daa58933381cc003927b164e3e8f0180d358b2c45c46ba50abb30362caf21fd2c887931beb4a75715661068584e9d1888cc8024037711890648a440aafbd24d4acaf7228d892efbfa660d73f27e99eebf5408fe5322cbae62124ca6d3d67a6ec39e212357af2f1d10df0f522d438c8bd6f835e4555746e499a0899f5bf723383545c0e8cff0eecfad26f94312e27ebd4bd8cc8e30d66313e011fdf49b34f0935a1b723df88e7ed575480dcca5596c179e38b214615d80", @generic="ace7b68319cb78c7dff8c4960b6abf0fcf2715cb88", @typed={0xf3, 0x8a, 0x0, 0x0, @binary="1b4f51d4ca0440935cfa9036868781a9307dc600965c79e8d832c704faafa3c9633dbb8288c607bf4e0bc69c226eac69237d431e41f8bb924dfb04c833e3d0e06f64a9fc06a9ef2b6b9374c6873e6d6491bb45f82a8c3f128c5f2af70f0702f0cee6f43ada6f4ee6a301c4f492c9b0e3792e797887c2435d5fdaa17ba3884b2c4302ea2d9aaa6dee54e160614177ef36e61c771d2743f5a673ca7eff2cb578e78e350f57e0f6826004f4e93a54eafbf92776f7ab669abd958dfa7e4ad72daed491d14d24c1152a9a6dd3e88f53b48792dc88af69ad5694e424ea1b9281f4bfd6f7019fb9a397c120bf9a4f81f69b42"}, @generic="1eb118d12cc6b4890293d5d515f5245beb54dd3856ca0bda462a75d73eb2e64bca93467627f36c9875c9879a04505416c5ee4c11e523c438a255fdac65d0e977d1839f85b6bffa0e006194a844390242b9ed6cea404860dc5e2a406a5f00fe78dc80928c29", @typed={0x7, 0x78, 0x0, 0x0, @str='$.\x00'}]}]}, 0x794}, {&(0x7f0000002d80)={0x370, 0x1a, 0x2, 0x70bd27, 0x25dfdbfe, "", [@generic="b2b8a37a802624cce781aa661d48263e24707e20a58933a784cbdff7f68d", @nested={0x1ab, 0x20, 0x0, 0x1, [@generic="9d6720f27db4e5888caf870778d22815e204c4ccbeb0d57ea36b270a5a011799de825b85e41c1932054842cac29e049fe64a2fe3452e6eba56a3efa7c8db35e2c38a71", @typed={0xc, 0x78, 0x0, 0x0, @u64=0x1ff}, @generic="a06fee263b72ccdae6d6df25afb8b32082eb6eeb129467aaaac12d6427fe2647804402976aa9941b530243494a7e7e7b550578bf7064cf5a048bd4e9958f5ed53b228d4d4590bb33ca03b86fdd8c1c5fdeecefbf0164f5d37a2d223b4e991bb33bff8229ae5b360e2bb88fc6d0c79b590ca02ceb5e02712878c6e0036deab9bb4105188531d688", @typed={0x14, 0x16, 0x0, 0x0, @ipv6=@private1}, @generic="9c983aa97499c6ec3168cd43de2250a51d8a2afcc16a7217e0a7b5c11144632d2b2b90c3ff6b18cd325f762c9f295f03cc69824937fdb6569f82c9d9c38dfc83476e803b8593d4f5a10fd9", @generic="ae40de4492c3d45c58bb36d89ce932e0f25604d3e3512d418b1c3de9ecceb3a3009356da54f78002c32236873d6bc34a99d345a176ab44e31334204e41834e23c24ea83e1b873c8281b39c8172b45b1b7644320558994e958659f4b6f0dfb222ec5969b0814c02248342a17f9596fee50580"]}, @generic="06b549e9401c6e4d34bce0ecdd547fd6132b1f85fc3b2e4b878795670c01c194a33b746b32b44ceeae321a989f3059ef90d6861bc8fda06a4c8e54b5c435217ae5497dbfc529e58bac1f9b7bf986c7ef2568deb96f50ffb4df", @generic="0c6680ef74a9e50519d5b0c737705073d05135de12fda150122ecf1aa98628995004f39e1afe7ddea73958e43285b7eef34b1a7c8a6153950758176e9ca6a12923830772c379adb48c8271bf90795e7da50c67104550e8fc9ac14c570e279eb0dc6b915f841fa81aa4579ec892dc9e073f7b4a2b2d4218667caf3da4c6b2f57019506a000cf3b5c71ec5ac34d671fbd55d08531daeae3198cf260c5ce973", @generic="a78775f15d28785fbb45b799250274653ec80cc0b15f0b16a4436d737c3c24ee75be296b2f7f22c94685adc903dc9be0cc722564fd4000401b49db4c846e3c25ed75e9aac4a18ad337da2d86ac6c41a583378570b9c4aae101787ea7605b9afd23342326339497483620c750384577cbf8c483619c22ace51c439a81f3b2568c55830b66b6ea1d5df0520509f1348cd39d17594b3071315ddf36372fce1ef2"]}, 0x370}, {&(0x7f0000003100)={0x18, 0x38, 0x2, 0x70bd27, 0x25dfdbfc, "", [@typed={0x8, 0xd, 0x0, 0x0, @fd}]}, 0x18}, {&(0x7f0000003140)={0x18, 0x3d, 0x4, 0x70bd26, 0x25dfdbfe, "", [@typed={0x8, 0x79, 0x0, 0x0, @ipv4=@multicast2}]}, 0x18}], 0x6, &(0x7f0000003480)=[@cred={{0x1c, 0x1, 0x2, {r0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xee01, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r0, r2, r4}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r5, r6}}}, @cred={{0x1c, 0x1, 0x2, {r0, 0x0, 0xee01}}}], 0x118, 0x128b0dc354367f7a}, 0x40004) ptrace$cont(0x7, r0, 0x0, 0x0) 09:28:48 executing program 2: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xac]}, 0x8, 0x1000) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000180)={@private, @broadcast, 0x0}, &(0x7f00000001c0)=0xc) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f0000000280)={'syztnl1\x00', &(0x7f0000000200)={'ip6_vti0\x00', r1, 0x29, 0x8, 0xae, 0x2, 0x0, @mcast1, @private1, 0x8007, 0x40, 0xb191, 0x10001}}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendfile(r2, r3, &(0x7f00000000c0)=0x9, 0xcc8d) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070c000000000000000007000000", @ANYRES32=r5, @ANYBLOB="000000000afb0100ffffffffffff0000"], 0x28}}, 0x0) 09:28:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4b47, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:48 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r3, 0x8982, &(0x7f0000000080)={0x7, 'veth0_to_hsr\x00', {0x3f}, 0x5}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:48 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4b49, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5409, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:48 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:48 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) recvmmsg(0xffffffffffffffff, &(0x7f0000002d00)=[{{&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000000140)=""/244, 0xf4}], 0x2}, 0xfffffffc}, {{&(0x7f0000000280)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @private}}}, 0x80, &(0x7f0000002800)=[{&(0x7f0000000340)=""/129, 0x81}, {&(0x7f0000001480)=""/176, 0xb0}, {&(0x7f0000000400)=""/30, 0x1e}, {&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000002540)=""/175, 0xaf}, {&(0x7f0000002600)=""/5, 0x5}, {&(0x7f0000002640)=""/183, 0xb7}, {&(0x7f0000002700)=""/246, 0xf6}], 0x8, &(0x7f0000002880)=""/20, 0x14}, 0x4}, {{&(0x7f00000028c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, &(0x7f0000002c80)=[{&(0x7f0000002940)=""/101, 0x65}, {&(0x7f00000029c0)=""/72, 0x48}, {&(0x7f0000002a40)=""/210, 0xd2}, {&(0x7f0000002b40)=""/147, 0x93}, {&(0x7f0000002c00)=""/109, 0x6d}], 0x5}, 0xf82a}], 0x3, 0x40002101, &(0x7f0000002dc0)={0x0, 0x3938700}) r1 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002e00)) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070c000000000000000007000000", @ANYRES32=r2, @ANYBLOB="1e6fa1914dffffffffffffff"], 0x28}}, 0x0) 09:28:48 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) [ 2195.986060][ T8904] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2196.011561][ T8908] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2196.067312][ T8926] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 09:28:51 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f00000003c0)={'sit0\x00', &(0x7f00000004c0)={'syztnl1\x00', 0x0, 0x2f, 0x4, 0x7, 0x2, 0x1, @mcast1, @empty, 0x8000, 0x7800, 0x4, 0x20}}) bpf$MAP_CREATE(0x0, &(0x7f0000000540)={0x7, 0x3, 0x1251, 0x80000000, 0x8, 0x1, 0x0, '\x00', r0, 0xffffffffffffffff, 0x4, 0x2, 0x1}, 0x40) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000900)={'ip6gre0\x00', &(0x7f0000000880)={'ip6gre0\x00', 0x0, 0x4, 0x2, 0x4, 0x1f, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x31}, 0x7, 0x7, 0x1}}) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xbb, 0xbb, 0x2, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x3, [{0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x40000000}, {}, {}], 'A\x00@'}]}}, 0x0, 0xd6, 0x0, 0x1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="18080000", @ANYRES32, @ANYBLOB="00000000060000009501c0ff0800000085100000070000009500000000000000"], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000007c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r2}, 0x78) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r1, 0xffffffffffff8002, &(0x7f0000000340)="73109df03041316aa85ca6d8d5877cac77d78a154422ada859352d6f9390c885e8d5dce8a9f6ba0c7cc405000038a117bede0f1e2f03f9eefb965310f0adb1b1c462f56dc90e5485f18e39409a6a4f5a41eb80371433000000003c898eb26de8928700"/114) 09:28:51 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) getrusage(0x0, &(0x7f0000000300)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:28:51 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) fchmod(r0, 0xd9a1058c2572bd50) ptrace$setopts(0x4206, r1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 09:28:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540b, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:51 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) accept(r1, &(0x7f0000000080)=@ethernet={0x0, @link_local}, &(0x7f0000000140)=0x80) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:51 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg$sock(0xffffffffffffffff, &(0x7f00000028c0)=[{{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f00000017c0)="6c22d6c5d976492540725a783747765d144b96bf877c25fafcdb2c965c1a55524529ae9687d21a765616866abfed2d85ac878c09be137f89602a9a483c6572450009265e28c1148c9f309673804439ab08d783b6a991fd52bf33b772c9b9f45babcd0d2e20ca28d616dec347911e11db506b671a38b611363cf328affb07dece86d9af37fdd1c94761e67b8ae025e99ae5a3f1ec511caddd00a3b301044dc96550339aa0dc14eeed9f3266fdfa1826c1a02c2a659709989423a104d7f8366a9e2b7f63a11e8829205874cdab1a6076e57a03419d822253a5920591b996986d0856793fa03bbeb89a4e0802bdb6ba102c364763cfe5df873b9b7d0a249b3a9b80800bd990a1893d7f2f1cd7db596ca1331c04d7ea7097672edafa7385f430015a4d84b0939e69be3c6b6bf39f0135b4b3b77e93f9153e7c13bba0b382c598486c271b5ab7f60fe30c04ecb7d2108e6fb353db68c36655a441bf6f02d0c9eaa3dfde73d759e2e85c1c066ea3bfdd59490d8c44ec188b11eaa5ce971626270ece9611a43b3ff437ccc47c3608e2b7aa69e6ad623ecd74e70dab860218c52ebac2bcfff95aca1b57e864d02283a0abf842ac60614e7e66901a382cbc40b40d16250faa5dbf68334adc5d6741d01e041154377ce4668c76cae1ae739d3e2f3d50f4fc447fac30672c999a3cd8b3d0af13897713bb919c6ec039a265d666bfd33d675d22b70dd27725ceb73c4b2edd14395dc84351eb6cbfad6c24a49080356e8c998df0557a86ddc8da81d7119d373726d27c571e1c7e2dc213e6a1916c98bee749a8e851f6c63e114f8028568ef2c7efe05346c082ad2930cbc77dabc8038db24edbd629a14239af7ae5b31ae839174047b72a74325fd607e258f8330400d933ac8f373adb73eba58841bc5501d51355947b1d9dadfa5373c12def177e44482af069f0d3c1668f8974addb1d7599096766cb9383af045b18aaa79888954d599f54ee796e8f6e498e673117ef03d1d31ff2767b1278f81f448119518ff0cb26e2e0db112b1c645d40114394ef281e5526ebd9a0366cfd4d15099a3df0d9b81e7878d9aaad5b6eb05caed9d5cbd460d7f9ff08894c1ca5dc10b9f159412227137ed88947a6f209f5e8cdc598713b9a96e471139132f3fda8306d6d8769cb34cfa42f29f596be573ce55d61efa34f2353ce147fef4c20dba5c64deafd327b2a2c6270605e1f51233667b0fae4558721702fe56adfad1411d9a1de54df279fdc69199a943cdb08d0c894434ec3ecd206368de7640dca34f1b267b943e26fd8c66d5cc1bc967855a309367fc51aa6ea8ed3b7de4344589727bb33cb341ddeed3f83ad46443e6bdc91ecb834b0153c4773a7a3ade13365871b80343435c82d162be0a2b6031bb6526c2fec09fe4f5972a8768fc98e3d4ff9904c6beb9746acb456d917e2ead3fa008755357adabdc09184b06125d93bf82cc1fecb94db951580e177fd09aa6548b550efb96d2032295f273868b6546ead3369d3d7964163d6a078ea8ae1b5933d635b2942caaa453a397a47591b42e487332c187688c23855622260bb2b3637fd1f9800737d8a362b1090638a2ab3b24a8c11d1a38b548a648af5ae09bcd6c05a33f1d9b323b5667d5ed6033b96f2b259593593db7be4df308491ed8036cfb50490730201e8e19a70619fb64eaf077c18257fd4d5fefd71e2aa77412193b46de59ad0d736197e4e0517057fcb6571b970cab399ce112de41a3c20a65332e41b0ed972c00875f08bca032980741dd3a1c8b1a5dff019f915ce9ebad267f9b962feb6881ac019c7b4bc46bebd3fe2766d83fe5ba0ffdc1262520eea24044f9e47ca67755065fcabcb99e654016a7384bcdd40d59470d3beb023f485091943c7808a1290aae51a2b308bf5f69fd66481ecff3ab07032dc079a1ef258f3bf33c6f03ff6e389c74f5d8e0cb63a1c60c3b58353a2fba8ba65d6cb5953230f3b13725aa55481fa9f6824c6c6ff21da201c4d09b457db214620aa1e31b12e7b32648c8971b1961af03c6a882f53d7600200261bd5df363950ece514159b8e0126ae0d27ce3c5ce685cfe252f9041aa6278c736181f67472b58af8a6eee2811e1a60a14cc2419247dd1cd519b62073ad8db740af4fff8bda7a4b5760649171854230b34cf66cbadc5fb6339f005d7272b0aa3e12f92672bce5f436a5a1fbca6b048421e14a15eb14d4b0f24fa9c6b58ed1e58304cee5e7a9849bc5d9e1c4c6f6b76d8e3b0f4a6fc29e6e231822cb6b15d3a78116791b5efc957c61d8e4e2cf0d82c0387cec8690e6ea0c99c82ca2a3b918986ebe1c01f5af1ea2e5720eee2e37250a28fd39a492b516db97ff2b808b8cc59082208d0f275891e0cbfa673feaacbbd6af8a6c0f801eecf166e558abf88796754913bc9dc90da2b274bfea52b3938b3937233a6ee0aab7da221124a6ff192cda6158b4df0dff72da5a47ddefb32362fd4dcd9572d027956bf17604c5e5bdb40d13fba6f7d46dc3c2fc059e470ef3e35c6d4440c2028dc25be5c8c20347bf344aadcc7276418fda5c271649779e9405641823accafda8d564433cbda77b95d1763e91acfdaeb92502940c8cc96c09c1b50191dd41a6ef1e74278fdd0a453b148b0e57ecb4295fdb9784f1b6dd9ed20e8c0980cd01351e155d311d1ea3a00ff0f92ebb7b48268fc3fd6fecd617c6a809b6e0392692515babc96d7e5962ef98aba9c7063e0f390288d58bbaf4b18aa5d08c100d321eb90d73bc1057f05ddec0113dc2afc51d7fb3faf48c84d8b09eb8ba5c65880aa027915d00418076246e135641bd8bc636179a0f8ea57c6448b53a2d9e3407ac35daac6896a02046fecad33fb0070125709417484089222732401822409684ac3d12c5a92d4a2b5876a811f30978432376fc5279a870fb6350056e6e42717c08ce5cc65fbcaf211b631ec52078c6991a203cb333ce0a311e3fc595f673c201d33e458cd6fa1b4a2dff77fac101655191681b203b76d48b214e90886cc8d705c4a79088160f37844e28504e7d4c9e02a63fbe1b124c03d218e90fa49411da78d0665cfb3fb54c18b28ca5988d8cbbae1f0d3bd5f670a34e432059a6063ae4d650aed1d771abedae8660c65d4c51a38928901b4f89d494f539bf6b618149b9ae35550469c094bdb8277b6ab651281b8289ff4f453342724f6ea45c941e7f3ff72f58eb2d75a68ed0fcf0d47bcbafbec216d48e6b8d3391075f31ab86a9ef3a7410a68f8108ae25e2cd20b9d78d6b545322764ab5781eed357d0c09344b2a2db2b10421b32c9cb995a1636a3148d09a255c16cecfa0b9038c10ce8681c36e465b0ceb48d21e24440ff704fc7aa2096e69f8a7ab084ed300b9923cf35b572e46a51494f5de7c203f978f690ec5d219944a7b05366be53e2681fcedbc55b395704bcca4e893805588c079947ee01ad3a386757f2082fdd4c2d8e21f96664e8f1e98efc5fd5a4a1e008059895b6d321591d18b7a0ead6ff69da38c2432d5ea56d2708b5eae30acbaf1b398d9cf5b5aaf0535f75ce5c7662f8093cfed23746d31614114db5afb0fa1c1ccb25e3d073ee5867d06685b7302016182828795a407dbbcf1e1cfe102279d8a82643ef2bcc36b9eff918f5989759432fd936cd87434f3f45ff34907a7b5b99e635aec205f7508b6f3e8c99e3041d2181ddd579d97d07dd7475b36c3376640da4a8bdaa1c631ca706bcca1029112a8476c42371c1fbb398d1aa60b6d553599fe582f3a4de764cf726a1c10e66f86ed1ba3e794d77c0843959d18d8cb9627945f42e51ab3ddce792e8b6c09581b628a87a7ff3f297553ddd476c5bb0bf67d191ef0d8591a5768b3e0b0010be638d01fa922ceea11c7360a1a55781b0324bda77aebccdc72b022895978b04a7ac17daf8d0a9ca87d636d3527d59b5458257cb24833207586b10128e0804f50b0516cb2f005ec0b05434123bbd62bd83fcc1fefafe7e348e4e2f6ab65e581fc1f6ad6bc93c441cf9f73057d1ad45596f91a1d324d5a78fd23299c4f767e5e438e3bea28080d08b6803edfb400e5", 0xb41}], 0x1}}], 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240040000f801", 0xffffffffffffffbc}, {0x0}], 0x0, &(0x7f00000001c0)={[{@fat=@allow_utime}, {@utf8no}, {@fat=@fmask}]}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00050c00156e61a29b1dd2a34c749a", @ANYRES32=r2, @ANYBLOB="000000000a000200ffffffffffff0000"], 0x28}}, 0x0) socketpair$unix(0x1, 0x4, 0x0, &(0x7f0000000080)) 09:28:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540c, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540d, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540e, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:51 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) wait4(0x0, &(0x7f00000004c0), 0x8, &(0x7f00000007c0)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000340)={0x0, 0x0}) tkill(r3, 0x23) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:28:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540f, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:54 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b90000000300000000000000001355e7a6000000000000000000000800000000000000000000000a0000000000000000000000020e00000000000000000000030013140a4a7bf8e0fb00000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f01000000000000000000000000000000018000000000000000000000000000000000000000008bf48fa19252bdb2439047c4000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000b8244720e98f8af922f069c355df7b1dd9e606a1e5ec5032810786786a59f6afdc6e5b2e1f9787b62f97520c212badfdfe2e623dad21f1088d74e17e72cada4f3c9e5fd22432465a36c68cdb23de45b89965d30909781ed3f395cc75d6cfa4cfb2c4acaeb9e6654f45c01402527101a26bb654a5aaddedb5d047ac25429262de5a54a10dfd6bf2ce9de4c06299280f1925dfabebbabcbd8da5209958ff45029ecaca48462209e015c44aed20621207f4a27261a92f50c1f90a20db42ae54371dd9c43f8664cc24dcd42f9b5020a955583f806b4484246718528aaff4ce57a6e9b5"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) ioctl$FS_IOC_READ_VERITY_METADATA(r1, 0xc0286687, &(0x7f0000000340)={0x2, 0xff80000000000000, 0xfd, &(0x7f00000007c0)=""/253}) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r2}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:28:54 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = accept$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, &(0x7f0000000140)=0x10) ioctl$sock_inet_SIOCGIFDSTADDR(r4, 0x8917, &(0x7f0000000180)={'ipvlan0\x00', {0x2, 0x0, @broadcast}}) ioctl$KVM_CREATE_VM(r3, 0xc008ae09, 0x400000) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r3, 0x4018f50b, &(0x7f0000000080)={0x0, 0x0, 0x1e8f}) 09:28:54 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x131, 0x131, 0x3, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x9, 0x1}, {0xe, 0x1}, {0x6, 0x1}]}, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x10, 0x0, 0xf, 0x1, [{0x0, 0x0, 0x4}, {}, {}, {}, {0x5, 0x400000}, {}, {0x2, 0x9, 0x1fe4e000}, {0x1, 0x4}, {0x5, 0x20, 0x4}, {0x4, 0x7fffffff, 0x9}, {0x3, 0x6, 0xffffffc0}, {0x5, 0xa7, 0x1}, {0x1, 0x8, 0x42}, {0x5, 0x8, 0x101}, {0x5, 0x12, 0x1}, {0x5, 0x2, 0x3}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x14f}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:28:54 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:28:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:54 executing program 2: fgetxattr(0xffffffffffffffff, &(0x7f0000000080)=@random={'os2.', '{]({:\x00'}, &(0x7f00000000c0)=""/16, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x80}, [@NDA_LLADDR={0xa, 0x2, @link_local}]}, 0x28}}, 0x0) 09:28:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5410, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5412, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5413, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5414, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:57 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5415, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:57 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() pipe(&(0x7f0000000080)={0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x8) setsockopt$inet6_opts(r2, 0x29, 0x37, &(0x7f0000000280)=ANY=[], 0x8) dup2(r1, r2) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000000000000c00000000000000000000000300000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:28:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) r2 = socket$key(0xf, 0x3, 0x2) clone3(&(0x7f0000008780)={0x202000, &(0x7f0000008500)=0xffffffffffffffff, &(0x7f0000008540), &(0x7f0000008580), {0x2}, &(0x7f00000085c0)=""/104, 0x68, &(0x7f0000008640)=""/247, &(0x7f0000008740)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x6}, 0x58) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xc008ae09, 0x400000) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xc008ae09, 0x400000) r7 = gettid() ptrace$setopts(0x4206, r7, 0x0, 0x0) tkill(r7, 0x40) ptrace$setregs(0xd, r7, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r7, 0x0, 0x0) getresuid(&(0x7f0000008800), &(0x7f0000008840)=0x0, &(0x7f0000008880)) read$FUSE(0xffffffffffffffff, &(0x7f00000088c0)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) r10 = getgid() sendmmsg$unix(r1, &(0x7f000000aa40)=[{&(0x7f0000000080)=@abs={0x1, 0x0, 0x4e25}, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000140)="356f6ec73609d0d786ab58bdd04c0434ea47b7b4facc1016fce8ca53413d2f9f82dfce0bc98d2213148c7e28b7a5a26860cfe27ba76756a87fcda914be7b012f458c4591cfb256fe3c35a9835a7b29d347d197db0c82fe14566e38a3619b85b98b528b12", 0x64}, {&(0x7f00000001c0)="b8d8743a0355269d73e1c61017f9c82c02783b44c69b285788711679955234e70ad2b5623138dceaca4e2f9c612038ac89ac82328fc219bda1f6623778c22ef5737c4986956f27e69bca6a1aa1a5dde02cdd9b55c28c997bbc18377efe21ce2334a1cca86694057bea48a5ac300216f9471a36f52b134298d064e06473df24b2ce29c9e7bf5a4d33b39c48f7a6ecba6ca4cc05920a34c2828ef8acc5f757ece132e943f7ed4cc6bb20158146da6716204c0ef339cda16b4ab8ae8a793d9ec60e088a2c97fccfb4eb9848c5ee3190d89a0f9db6eb9a3b4cf8e3", 0xd9}, {&(0x7f00000002c0)="74feb246a854f2f49b1ceb2e45f6c6234a95ee881f3f6f61bbbac8ef5f41565d3985d7ff2a15e15e3ffc7166803403d8a62b", 0x32}], 0x3, &(0x7f0000002c40)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, r1, r1, 0xffffffffffffffff, r0, 0xffffffffffffffff, r1, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}], 0x100}, {&(0x7f0000002d40)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003180)=[{&(0x7f0000002dc0)="7aac83ccea9224e3599d9cfb99c52c73315ce6383d27ddc6a53bee32b8c6515309e12241430ecb07f2b8731b93ec6b1b8ae365e59368843b51258526613c12b182416b4b1ce4b6a4329b90fb6b99661faf20f8acbb9de1b6738e16627863b1ce086a1bae266571f05f2c6f630dd2804d509b561ac2a5b2a13a4988e89303461b3c4352b244769fbd25c0d30ffdb61f5b5a46358de842904da338780652324fe8b7778a85d4bed801c1287126e1c4351a59cf1c", 0xb3}, {&(0x7f0000002e80)="785f6e745004823404c17b1a46afbc649abcde1449bc1f33a168ff935e4663a0c2c26543b718b7142b4ef588", 0x2c}, {&(0x7f0000002ec0)="337a49fdcd7f0b64cdd0726cb44fed6ece86bae7f621c3ce53bacf317249546c92e6eb3d3f46c06c1482954f2d8a87079219f749bde814c02fd28698011102077a4890d6911cb99e2fa66d46187fc88688d273eaed77cdfbb8d8c7f83cd39e535ceb9a114261853a65eee48112eeca938d", 0x71}, {&(0x7f0000002f40)="c0af0e4be0fffb61a8c984ee827f95a3514014fb23a794e9c64f1b59906e6b817ea398b54542175a055768676224bb4ea4f2a8dbe295457f4ae82466a62e8bd219c37a7a120c23c1e2cd166ffd840aa281e35d49612fa8b16b765c0cdb80b8b1ac9f99edb7b6b0aed5933d2cc3ac5e6ee99ecbdbadd816e2b7891aa8d1e3a31d7a2f909cd91e663cb0cc36fdba5e44c910e0cce2aec216cce1af5093f7f482a1426ad343cafd8a34e28af646bda96941bb226adfcbfdbc4807e1", 0xba}, {&(0x7f0000003000)="0b4217aefaf2b087bbc893ebf3a0c2e2d002155eba2d3c0b74c9fcabab92b5b0bc504c37a123e015203dec04fc717f626e1277e1fba9374d39781955c503531ed0f200cb0f3dd58819699105dfd85cb77031ce56bc49d47853305747e006abcc4824d09184f9da4c77b0760b07922924986023f49a37842160cdfbc0eaead0eb9e75e1d4cb53e4ee941887ea9505081c4b602663142f14e132bc43ba8e88b350b4f899b8e35bc0fa2f3713cc199dc17dcbdfe4210fad6b6d04074b05ef55e3df65e6a7f6d132ce21c9155a3569cd91488f0964f0892c47bb3578ac713eb5788e07017c411733ff3197798e5667830e6cf9b6aa13694b9879e4565951298a22", 0xff}, {&(0x7f0000003100)="de92c0a59fe48c79d78fb69e90ddbce956616a192552f0ba", 0x18}, {&(0x7f0000003140)="564085a43546cc7772426859695199161cc52ff9ba1dcb4206f0b1888df23cf26a40061c560998a4cafdf21c6aea63a931", 0x31}], 0x7, &(0x7f0000003640)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r0, r5]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, 0xee00}}}], 0xe0, 0x10000}, {&(0x7f0000003740)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000004a00)=[{&(0x7f00000037c0)="26c57bcc9b90f4723316fae562adecf94a5299483b55a3aa04833823d705a18c8905a17df732ebad5b0dc62366892f481f46091e7b02f2dbae27c20b3b79b6e931c824779595e81fa1b586361d2da8008ebffac6a80d5bdf", 0x58}, {&(0x7f0000003840)="4731604f9d28d3543b3a04b3fae2033caba272fdf64ebbed0a44fe60058ee7e67f367efe800e89d783be32d9f56e0200e898820c5c8bd001f21a67855d6d2639f19f822a32bd081099d2e982438372e16f955e17733bd229bb9ffd6011c2a9970a195e96ed40c4332a22e77096cd1fc5e971149790384878331349690f5cf8cd8bf5fab700cb850dcf2fe7d9df8d0c2c71bf23cffe093091428b89f27195cdb40336f64f80d88e32df1c67db639ed097094fd13ea133e037a6ff00f9e30a4705e85aa30f369a0c56f36f1bfaad401955b4513c5e3da401c2f080dd6aeeea55b0a8f6196b7ab08751522fb3b350b31c2a87a56be2ce86047d01dd1dbcbb556e559b417a07898af668ef49ad99ece1ac91a1f4191685f7d4a250fbdad978f70a2ca4f6b2a45cdaf9b321a0819ab9aa390c3cf1cacec1e60580f517fb75a808ac3e72d9d4ea81c2c56666c499bb31e1382fa6bc28909ec8f7a6c90aef00854be1415f02b26eb18304f21f3380a5b4d333a6d5f46082aead3622009fec74d466a9960c6226f09e658592271fbfda986ea322b14ea5a7e867371aa6e2d6518c1af6389cfdbc75ece18ee3a9e7b669a2967c330e3aa30acb4311d53474e99141217447c8f4c365dd14091e3c4e037f71ae8393f92c93b17f24a26ca2a9f58a507941fec5a1eb668ea2b58d5ad0e3453253fae3691c5090831a4058845332c0b082378a0824cfc4099402d01891d18fefd25054b7492d7452dc233fa445ec579d701ad068a696a69f8a99529983e7873486bd2e932d26fbc4a2e3172f23935c49e06d4548b6a8b4ff8a0b7c168bff1a165d8fe35ca081d57941bd8b0e73207880b7077f60060bc6b9721d33e0cdbeeae289878de4d200a9bd6d700e371e9486339cbab2dd54f3e0903884b9e13279e2e3d766922f8e6f827c6e6777ac8fa41c47bea895c13479d865f178d1ed8f6419d4fefb65cefb1530b0bf0b4983a748c82b4b2d864c6dd1904b90763bf81ce57f5e60e75eb8dd8b539d268d3d3286b813dc697b0f88f4e4937d0432719c8983d4185da5b3bde870ea70be33f818e3c355dbff07fd1a606cd168124c1f74eb2e955e811a41d9da6370f7e9cba8d0198bb59937d739ae5b58630e5f3217afbf409a97b6c5ce21a505d44aa04c89d377eed6718a366624ad99a0ab4cf43646e2d7e410650af5eab498773b03070c593447ba7085b32b24d7a80a5f70aaadd4bc0d0d5a2d49a874791c90bd8e146e2fbba737e1edb62c8397765c83b62092afb8b94d306da9f6a4a723b4c795b87ad0dca721ea8f15d96b0379f04541d5ce3c454ad5fe7fed4f51e9c518a05c9741dcdd90ea64b5405a678069c6b4b5b22a7c034cfc9c5ef2037badef7f3e81b276dbe590b9e508f7f3c1decd2ab923b9b55df16050827f8c2c5d2e9bcdfbb51ed95472db10ee0e9541b07a5e5ccbfea2dde0cf4d66eb58331638bd6a37147ae881945d7c6fb7d3c8e2369d3f4185010708f6d399fc631dcad165410dd888b1cbd5c1a44a9113d9b48a700d0c9476002ea75ab7bd202a6b6ea083753d1dbbeca4798978a2876748ef121aba78a10b3dd41f9e2bc3378cc1d96b74514bfae783af4ef2c113aa7d74fdb14f0a1fbc1b56e0aef21642dcbe9e1b4a5aa9923aff67cd50b64315022e9eb2f1ac4c5c223ed312cf05d0f7be7f7a727179ecd8f23103cde4425dbeca8d05ff4d565db07e8abe90780f9bc77274ec42252c6729263325c4e949108a80985611cf576e8d80b7c23b94a955c774904c9b278230614a98219a6544010ea80e2a144d61d70701be74860c68b88baf0fea73643cc5ab0f1cd6472584289778b218df8083094db6c88bb6e09d79dddad09f3180bfc2f0dd68123f3a8eaee77566df2c53c549d48adcbb22675f457862eeb88c7273e0f77c53a9f9478b1e0c992031698800ef46a62f080b1864b70e01098189c8ec7e2b708bd7e5a4392ae15d6e63fa87c6cdb55a59199a5f0d325baa6143431e5754df6a5d68e0b325e0ecb466f40540f7f34a3e86f49d14328d27266838939da545c3972646e06c034d8a684332a5964921f73762dbb0a1a04f6a18f7d6ad73c773ee6d0c9f2dbf34b7d2a8602a18c6bca3c4addc54b774a2025ebaed414db5767b235516703d0c705076b204a625062afc20a78b6defd7ab8ed70c28fc7a653726f0a85d56b562e9f9a3ef644f44dbe5a68c60c5ce01c429d12533d7a41c5a2d72898b387b0291c52e33c2e3c893f25f8decaa0021c89c2beeff69f5f20c8a826116d03ffb9476da3a55677084fa3decd13dc37af587da16d885f7f15347a2456a275b2017899f75e027c5d5d164c0662cbfb07193dfdc78d227457a383560c9d3a53e0b25ef5c0358c36e8415cdb32c63e9556b8b0f3a6be2011620d49489b63410052a2a6d268dd5158f6e574bae571de6cfd4fb667f98c68416291c9e1ae8941cdfba1229a362b3f9e88df588fc7ee72f09c4ed4d1fd5769390477b7472704fddc315aaa46eb7b8058c599f33fa01d39d6228293f43dc680ff62c77189ff302ee52aa595131346a5965112749d0c2e7a47b66eecfc5feb06b17dba77571420fccbf8589b84bd4b351be8ae87374c8bbf3414e730fabe68ca3c40f7eef1523c1d784cb9b870d9e39960e9409406d618962d544c507fd2f65e96451e4e8370298e15999c21a0b02ae503710d0d3cbac9321efe6d6f7271952bbf86406522382560a27c3b1cd6e8b5f478d24a78bfaaa9e5d81f92d8d4ea17bbbb2271088419323df3cff65d39a59777b2148895c9479fcda3f0e3643d2de9bd71e10f820382c828d72a6b99f9fa97924f27a24a464e79dee76f8557137d5be5e5a2bd114e0515d528c71a5a17200c22bf9854cbc6c65bb8d63b8b2bed7fbdfde6dc5ec3cd93fc56ac4a80895429067d05229d20e61c1eb3a512e5bfbf2809e82513cbf9a1143b055b11a94ad037cd058cb42f46e321406bca9143dfe5a4e336e3e00d79deaefec100ab28c8080fc5d3ea76a35841a12446963f2ba72329c7646be0a0e6f77935231bf2cfa28f1f6d2554eb495bfcedd8ff8a6279b8643dc28e228dc2c2a003e361e596ae868bd564c159ec1f7f9b2b16e010b488b4ef85c8ac93d8031310d5bc16e9c7d8ea46788f7e32b36214d7513d1e75a31863fea72de6e6d74902ca1ffa057fb5798d6b8b30561acef74b88664eb32ff0586961871d0be9f2baf846d378cdbfa9be7b17590992de270f88440433ab3bd1881df0c5502d94bcd1ad672a076c1b88e25d94cac106f4dc5109b94f726953ec00e872d09157efa6ec7ecf6f6ddcaf56458ff5ea579861046c5bb19f873ba1a9e67b4837a10619f47b667de81f2cad254b8abb61353bfc7de33d19fbe8d4e3933f1cf5ce80b546b1e83d5781c009614bc44eba79df5db58e654df325f38cd97aefcc026a162e931f62a0701ddaa4e7e2fdfe65bf72ee66c1050a0f3bc31776dcd7a944f4af910251cb00d1d7389f3cca7d098ec32f3985e47c09e9396bd96b362858cd3cd715b34101f59500df42a801c4c924298c3167f3d485bd83521903ed24fbfef0b6efec6b342983add6f13f6b1d2f42178b95ee346b7aa2e0c950ed528293653f14b4b54f3f83a18642376b223ec1b3983d12322d52aaf4f6f7bb5cfeed1f8b7e7842e7f45e648c71685983cf860ad31a72e07f81f132bd394e554c34bd68fd51c04d4b2e15ba50c764aff2cbf3fdab445a509e7ec0422cc990f568284138fa795f1c184b41a0d10642851f642c9345fc3b95d7e3d2ce496645752c46fb7366c4620471817816522e3b5e9e72b5bff3df7fa2e2c25645c1c089a5462bb2d3a358e656ce643ad3b8fdfcc3b29f94dfa90ad88a17b5aa1ca1f61dcede6871903346279b2a26db73732e5c77dc3ad8b7682a623c010cacfed36df069a511ca2906f6a7bebf2ab68489a0e537afb263b0c163c210dbfbeadf449a9de7a5c81ffcb51ab41f6de1478c505ef7a328c64cc91be4ad4778276406d4de94b7ea83863d68d17f23f98b301ccafefc7770d67c48aabbd49301ef3fd6cadb349849dc28e781f0166cd33a8a480635f70dff0abfd4b206e49e645ab669be947290818ad9f4b2fb71ff1d701c277c3435bc7e4a85e5f3cb7043e86954fae0437f9671204caf63e7441b4cc452923da742f4cb71c6f15dce6cd308eddd29a5d959ecf874ee0de7a4d599976e28c42dd0ed26ca81b67e34d884e2c4b1a154cf91c2d066f1bc9aae39b02f4c0fe2f1ae720f7f1aa2b73c1a02a3ed198f64ce9976ab25f2bbf6db218e59054b63ad1d1cbe12e84ca3103fe879d51e8fb434c5b05cb86c14775ba8a56104c462a70cbca67d39dab212c1aecfd4544a03d9eb30b5cc2862d9511f0a05e30a60887a1cf917b4114cc9af5cba56f512e717ce00fda01d07f05495c27b3961abb0fe4608c384a1dc63f366fb7aff0d8604914ea52d28df86e450819e1503c6bba9ed93de57f000dbedc2c04c8d8cf01da42c601b111e73ff82ab5b6a01647c0e684836cde16c589cf355f72b2fb9e6c7c3ad3df71fdb7bfc8f3978dac4432e0ba7f12e983df10a895ca8ec72894241f5640867a0559dced6455f1bbaa0e793e49d3e0662725b1216e24483850296e9cf88031ece2c67f3f73bc616162df07c07256e8195c6ecd4c539a8b86beaaaa1213bc7a1b96eeda65359140f86b388dec0a382ca97edc3bd207b0ba956f4b38dfb2c7a1cc3aeb2b44c083333b2f4f4e77f7e60df4d6e5f0233f49db2088724682f0b6d2578e067081db66e93d853a10ea3c211de429a9e9554a7b2c84683defb8277bcd9154d6e2299723c1353a085b32cf3e5e8cb058c2072bfaa9d4aaa09b10e23c151aab32694b8b67148fdb56f0c14073f5c8ce6001aeb606917a404bd490f1057881d98bc90e0e6cf8eeead1fd043ab0e37860d55d279fb89e94d8ccb27cc7002a78856c273ab0ae782e13584b44102e4248f2c99c38b448fd501ae7c67e7dd0692f142c5dab898029132f8e9eaf51c5c65b0fbd3aae8b2ad9d0773fc5d4f00033bbb4b9046b1bdbe96b6538f703ac899f075e74fcadd2ddaca8dcb9c1db18555241f678f869d876cb843f53e63ad372c6d0e6220c23366aafa6fccf7a8d4890dd59de6d50a3836b0949d3a058d7d7a7f0a42859e79f05a597ec3b0cd761d338646a402e746f1692f0e70fbf4e3cfe51eb995cbca97fd5b94fdc21384d9fd20ddd11970c1a4935c00b9a7509d041196adde4ab26747d18255ce0354aa81e33bd5304a2cf3081b4ff62b92dd7658f9fd66504ba23a8904d44dcaf9edbaa5d4d4e9b364bedcecb6da7d280e515386d1aa13d0ff8857ae516dcb34106e25a2686d72ff35ad90895626aff9e6662a7ad03013c4746dab52ce0e9f2db0ecdfb1aea25a43858c77d03a123b78514aa1f805303e9b69bc4629a36aaa3110089584e443204a4613b626002c39957b655f70baff9bb7a67a79a678d21ae1badadf0dfba045ea89666617fdf97cc11860390ece331aa3ac8acb9a33e0ff1c8f37eb26b9352c2879203bf1d30469d0325c8f8e199ffe2e3467c007c1fd1286032489e0004a01e268588016a0308f57f2b70af4586df02b3f7882f5a9311e1940cbc8bc1f7ecc16ceb1ca850e30163e11a4535e43f51a27dad8c247bfce084caf71d8f8d0a6d67badb9c4d40b30f7a17b8f90e799cacdb4b8e0df5f9c5177c7c2080261aa92fbbe94261d1054c2b6c8e97f7a49b997b9ffe545b88be9bf4e440ea3af299b27b8316d310e8", 0x1000}, {&(0x7f0000004840)="d7ddad0cd136cbce9d050db5ee1dbb40b89052c726e7807d7b6f23c2ff1348aed8b66a4cce697c877bf76efe7316a90014b43e7dd475db1828d0a6c45223e8b734deaa4b5d41a4805f6e66d114edaab96744504bd881ec17ed5ef4cc18d57f277a5701eb815ff5325a20fc8fb091fbddee79bce7a41137ec41d85b3fe6d9f3eb5567b318827173ca71044891ab38d4b2aef24fa6fef8d66439e121472cb3c59c5ab43464936268e891eac6d3bbaef57bee9feef2a7081da3bbe3ab22fb3b0eecc7948a455a8edff606c477841b22fa03eb9c500699e18779be", 0xd9}, {&(0x7f0000004940)="572bb9d1b1f285f0c23f8587146710b6dfe92ba80ba1d84015d858ed7f42cd84dd3cbefead121750ca926f18803d3a7ba03608768876b8576a1f846605e8f2db805cc48ec09da68a344088be8d73f49da815effbefdf99c5735441ac7ad5d07694d581a89e7a16e52ad776185f6eaa5cf1330cda9343aba666486649b8b736e4d4b610613e7bee70cc2b84d6ce882356664e7f22387be15939c691fad7bb5b5eefb2559434a5cfb4f2", 0xa9}], 0x4, &(0x7f0000004d00)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r8}}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}], 0xb8, 0x8004}, {&(0x7f0000004dc0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004fc0)=[{&(0x7f0000004e40)="cf627c28b8e0b59d0f904fca2852c1ef6a0e088e01b2ca22973c190cc587993a4ca7e9fec66a2e3e2ce388dd31ebbba0cb11d6590c3d8155b57c62dd73981cdd4e57d234e1e520509683c4004b01f645db76540941849be8ed3715c5356a90d0c8eb359f92f1efde9de8ea6fb7cf148cca23704ded7f4bc236befa925b3771d9b338b4ff94c2734733d5f65b1a0de32542b53b3510a4758ba52af5dd2cacef26cd26d9ac4381e3cfb73766033c81665969a7196f62cd4b91192f12cc94d387893ee01975dfbd8f6ab2a58094bd2bc547549e7c240db08ae5d189f66cba93990127", 0xe1}, {&(0x7f0000004f40)="c72b74416449c8ec653ac1f04f3edf44d79ee954c16ef32f65b33d0a9e8f13b2fb06e0e2769d582b6bba500bc9ca58e61e14ae06be150f356d78c6d269b2c210ecd2018a4e1503e986db8db175c9910c03c7ffe3b79a04242856bf4e79a7c6a79b9f1d4b9c32643afb6e04f2d5717577e94683f247fe8507", 0x78}], 0x2, &(0x7f0000005000)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [r0, 0xffffffffffffffff]}}], 0x38, 0x4008004}, {&(0x7f0000005040)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f00000054c0)=[{&(0x7f00000050c0)="02ca1d6141cbeab3761605be977ef14e9fdec68aea31f0b1bc65b9bfeb1bd4dcf9559b72ca2ee94e803e87c6b82cacbd220c6ea53c74585a0167965ea706c13fd894fb942b8af2c3a02bd00228555d3eb48a00dd0623bbef31cba85755b9a71c5952093d9a35d424c04c630aa77f0ab8b6996a5215fed2bdd2aeca365c3e5f77a99231e552bacdda43c358703518072559b4d36b25eb2f4a7d59e75337ddcb11db1be10b969229c424", 0xa9}, {&(0x7f0000005180)="c38c28adce7743589a2a94cc41289b4545cc38401ff1563c32f79017ab51088d3102a5ae71af9c58c9e353583cc2e7bce6f192f6b15656445a2b461e44f6fda6ae95e66ee3e91cb2be1f500e1f3dc38e955d15f3a16594b072134ce13a6741deeb411b1532a87bd11541059389ae4b842bfb4e035229b13a34fb259f3486e647a65e966a13589792bbee2fd9459f047948ff9881e40ff5c9c17b2e18ccd362a6be8cc3afbf9b9406514cf8c8aceaf86476506e7d28d343f103e8f54ff0ba6c5fa4c9784f60af23e134e8d96d53edaec841a6a9804cda0644285fe688", 0xdc}, {&(0x7f0000005280)="44e8e63d973faacc3e1d182260805ccdefdcc56840ba07065feb6cb9e6ae35e88c013a329d06c4aa6c77c0d209eac572226ad885feb8ba9aa2a7a04d2bd4ef14c7916a3c7ac0d6842beb4752f7512d0bb89a721bb2b8ad9fd7ee7b38df6385569d1f75159efb292e1aa414dda88ccb4cdaedee0baa28bbe9f938b98488a2146dfc61dbfb938578b4ecf5f3d66dd4fa715aa851b30eb7ac26674b700e9f0cb0be06ffd42c8b012795c15e2a63df15b5195b2780c00857aa8108ee9ba8d2564505c38d549063b879c868dff7c412c517d6fc8cfe36c679dcfdd5d13bff6fdeb1a990e3689e0d5b", 0xe6}, {&(0x7f0000005380)="22f499b1b5aa7a587b78a571a4fc21ee101e365aacdbb466f4ed63cc8cbb8043b880bae8f0d3808e4baa26152c", 0x2d}, {&(0x7f00000053c0)="c910dbc28b505ff64439041dcbbbe40c83a65bebb2568d3d45a8578bef100145a24be492554dd01aa174903b97220db0a1795d1fd99f257006f0e1e60cf1bbd7e5b92195bbaa9e40d0a29874678b19c4c21ec5b6384ad88e7aea87f0badc34c5accdd902dfbfa70f66169cda226b138423cc85c5b03d59b2c89a1b1b85dcb5e7e3860b82bfdd88a25d4eff24be5405ef4b9ec84a61f36ca4f891cbdde1586bf0eca549a8d6135bc8f10defa3f1735c3f273ea9c80f19d39b21a24732c94d2a3a7c2cd9ff7a06f5c23da813696ef5ae1217d6cf881e2936d58c316bf1370d2992284794cd389bf220b711e2b8ca3c8edcdd3ff77cfab054", 0xf7}], 0x5, &(0x7f00000056c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xffffffffffffffff}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [r0, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8, 0x4000001}, {&(0x7f00000057c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000005940)=[{&(0x7f0000005840)="eeb710394db25c1841847c7f35f8543e54f736434ba97311c312414a8d4cd1f5c4e57bcf91b21994b1638d93e72e5f642478ab7ad70f7ca3c6e5dbaebe55b860ba7fe1b7a9e83ff64897bae49ba8f5d630ace170c1afdd7882cbd8302ee921ecae01bf9a7ec1a6195e1d77af16b6b7c26b897450468af77107bb5c6531b4a8a3983373840623e120735291b7a7e133a31e0bd1796f5919e1ed6c47d0aadc80c796ff891d6dc6a7da0d2ee373216ac16ba6456ee4ee0dc506d8b6ff3e307371a798015673464fa2170d7fdc0f77005707b9352f0b9c5d8491db973d62c3d71022", 0xe0}], 0x1, 0x0, 0x0, 0x800}, {&(0x7f0000005980)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000007d80)=[{&(0x7f0000005a00)="2fc39d86eb60b03116017f2b521f15654162f92eee3d4e6ea2aed41ea515b4e0b34ad3d4a6c66b24616e2d8f6011537087cc7585864a5fe9ba3807b450db8c5838530533796946353c857bd7817712cae7a1f80166ebc4f9aefbbc1094730c9e82d637c848a8", 0x66}, {&(0x7f0000005a80)="9af54558ec2d91c078903aed1bb9a6ece7b25c46bd72916c62b19e580b2e8cf538c726c7d64c0600e7f17eef0ff2f9930978ca0f0df525749785cdfc65749cf76499602fb46c8bc77630497849cfd298d318bba28b3df225e13edeff63f067c771de37746ef59f199a8d3ce02df446fe97cb65cb09e066d023467307e8ec9f3b55021d0309207ca5dc0df7ecf26acbb35c14a720641517bc8625e202cb3c9e69aa0163de76f7fea42c6a0afedf", 0xad}, {&(0x7f0000005b40)="a5b042bbe2dce68cede52279b7fafb8ae71ba5731a73a8d3ce4c2ada2f7b0e2d44e45af5de04e95a486ba81d2b8d1297f2c4e9463c362be619f9079a2b70729b09ebd432395aa0c4c7b86d146ccbb2b0be350ac3f18c4e23ff566dc19ce636eae3de40efcbfef0a401c31d87bf107e8b68b7430f5f5224f5faf699cdb8705204a0b39e36447a12ecdc95afd3a870ad7975c022b34f033ebc2f7c2175f23ba548d9d55a0f0c2def569fa65f339a367ed3576e977c48a49c109d90", 0xba}, {&(0x7f0000005c00)="265cf13bc224c26ce0fd5a76ffbff088d08d79711cd188ad2954b962daee553b8c0aab0dce71771ceb0de8edacb8d46db901ca3c79826dc83f2346a0fa474cc437e3e3d78ff071a37dcfb4a36a9b7d6f8799e21119f6915df9e96669fc5c23d1bfb331b9f3b803f7ab4e4011310f01eb51460d4b54f98e4e8fc93806429a4b6c67cafbb121f9e734a366ee849fe4674b5c87741b353ef4479f9b03bdf6a6ab63da6e6085dcda1f77d23f98f6d3fc332dc048a417733f", 0xb6}, {&(0x7f0000005cc0)="85bd19874968e6a8cbb7931c071f9bb88b77fb2d6f0213edacd880783515480e61b4e4ddfb9a97a11fa835855596bfed8615f4f8c4ca57e5e8403e1e2d473d9eed67e7da947aec40226585b3b454efda11ffc13ce960c3431b94b86289fa0e73e0e44cf5efcee3826496f23c2bde7ed39eeb3e2fd653c9d8836f446dfd25e4a8b28319362501a44051d5e3f71c0dabba6404847ff9ab3d2cfe55c10e035e6742976942df4bc871b58530ad76e5ff72c4ca0dacdc04440f71fb0833d7f6c22373512a4e081e016cb604a322f3755ea3654c505ee94566880ad075fd15ff70df324792588e9dc4682c172c245ef020d12e2c88e8e0705ea55f64567c2a50f59220a60ee520ae2baf3bee8d8972691d572b97cd29c1a474f6f83fbd7b7d634356c69ea47102c89a738689b6c455aa6f70e9d2296d52f267664a52ddde404947220e10856b62b960b18dd0cc1e7f0df9452e42ef2a0561548b6bcc8a1dc9c214a713d00bf55a09a2d01647bc485698ce75215fbd79fbc9973f90fbd95714ef7be2bd90cd675fa4c88e6f215c449f7d0a53d3ff512a786abf382213a8437a7465b147ca0195d913b0d1991d3a17e6d1703f649d0d6801d0d499ff2ff64c7fff9229c67d2ce79a3140d11a1c08d7a54e13ad305b3ed706dd8cbb6e81411da4613d9dc7acec4ba535099d6ceea704ed87a3edaee7eafdf30b0d4b010e28451bef4e19ba9495854503411e59901d49352d47a0e160b73ff422997df5483ae18201b7ac21649e10c40d10dbc1f4f1df756597e7bcb52344556a13f7fafaa4ec024af20f0cec902013fd5641d4abd7bab85fc11a62a607596896e621f931e83f5dd15035caeb5b76746d48fc56225fa624e85ecc338bcb38655d1c8f7ceec8357d6ce1dcd7d6449a759661395e39305facaaaf6869d284c52c2afbad77af5f7b72e6baa8403be62bbff256005a88995cf8cf633fc3468c3d7f39d6f3ed2ed59da1e1e0e31f48e90358d0b356fd952132785e7d65c8b1bc5bbdedfb18548a6076d5cb33bb5fb37475fc0881cc0c43643839b10cf801cb306b455072359cc1afb6084ceee684182aca48bc7dc2d032bc9f2a1b6113e4c740728a8a13b21961c4f440f750bbf20cafc05ef68f5081996a2e57e0a51df872c287562a951bac36f107dfe544ca2e4f0db1e219d23f0e271e02dd221b203b95d5719072a3b5a62a27010aaef2e1c0708b28089445211087ba5ba87a297ccd98141d1ae864403c139edc0a683f256bd8fcce0100d1a21933b31de0eddccaaf0043978dddfcab8b3c1770a8f4cdbd79ef3ee67f8cdb897e43cdde896b2be8eb2f66ec8d137ec2cce5a5621f0d76770fce3ce7462109ed3baa762c356f560143dcc2e5ccef104451d6ec3621f3403bf596191c00857c6a39b1cffff3df1e06bab1ddeddfbc40a4e0b587dead9e6353c30361097ff5220b53d7d99687788b538492812c9b1c557cf2c77e3c9ebd44279010afdba3ca5b2ece2139694353a4811730e4b59deab2fdd1c3b60e8f957d6cc9e5bd68bc60c8010a533bdf8e82d3f3b2194c01bdef65d34e376d3af22b3cd6b4d01a1b75d190fc45c3745c2f524fd44277b0804aa1113b6a4b693c5c60274be06ca9d92a2bc425342df21341a14ffcda8e1c523814f7cb9cbe1fb568d2fce9b740205794e31fd15663f7d0d0690e2f638148a67d65aed4ba66832bb0d9a1f6d447a6da5ad50fd4e42c8cca4b7ddaa902db07a14563b186db03dff499164c2dd88877387c2d296f7d823699e0d05caa0d7a5c4546fc33f31a992d41e6ad885e42a1dd9ddf36bc9b2d7a1280ae10de269a4f41e04356e8103928747a77675cab9c6e95d9fd4f72521213faf79a1c230dd94d6c6cc89fe3b0b82f970e34760e04358ca5e0bd1eb6bf4136fcefc09b8d7f38fa5102b92f9665c3ba0a432b7d69580bdce495bd3bb235050bd69855543f209ef542a5a58883a95e09b8b454800e41e0f1370e77d9f193d4d479c01d017d20bda3f3ff03c047705b2634d1f9866c7e4be840fe6c0a5406f3bbc1fcd883f2377e8db2b1c93898c5fc7e64027ec34bcf9fefa9513ac287bf5c74c12ca6da556f8fe864c1c3be164be7820996328ba24681fea908a21605caba8e21c0e176e1fc2e1c1f051678d9b5ac94f3de8dad8ed6994b61dbd22185b137e877b6ac1296748ea88d6ab05df88981d2dd318e2588eef4d73787024d4323bab055aaeace69a0885e5462c90d93c429fe491cebdb5719a3f3696df2440a1d62872f8bee527dc9b51379859dfec29775c815a98e24ef50829904d1f8db3be93d9c5091bcb7d0eeea8c0880b213b7a4fd844775559a7cd0314dd0e67001b752cb9772fb08f9012671c4a6d5f82ad7c3568be308559b6d47067a0cb05fccc251c49706c354cc791e9798e9fdedd1dea23e60f6b328155aa70899a827825a34de8970db9454cd978d465070f4f24bfef10ac5b11d8cce2536db38c18fec87e34b79da964a3881877dd59e50e11d9ae2a288d9448992de5f983d4f74b4e8354a2f18a365c3489cdcf157e2f2de4181f63f18ba1328904e086abb3483e740c032dcb50d9d29af68ce8ac9fb797cebb3d41f279aa5eec137fb4229ff97d090f27d114660982aed488565940039af69253824b68fc8153877b1bf6a92b059bb5a99ef118749c3ba6c4a8aa0c37a4727e1eb7512b116c8f919626d5c806505cf2566cab8f77ce19279a7561d9dba998653b26f8163a6a77217fd37b217a564f3afe918f9527ba4a4e21aa541577dc5e0f531860bceda3141be2484fa7c2da739a007e4ad15f84b086735f89c4b3e4eb0060392e741252f15630e787f7e5ee8cde4dfd2c68385cf1f0aeee2dace38c55034f73f72aeac8fd1a4ffd365159cbcec71a1d55e49d61d0d8515dd25ef003dec81fb47ad7da5e387936b7ce101332ca1c94052b4d9e6ba02e6bd97531ff546a5560c1a5fbea4cfb452ae508972041b93f17e8eae485a8665a2332a5e4905ad4969a729a6393f26d77b1e1fb1f5dc0cd1efd76f0c2d457528ceeb3f67f7fd60b7b3e41bc2eeb8d7e8425a3f61d84b7d956b05a625675c019662b9eaccb1e32e1363e990c9011467bde9924b49860aacde907014f7b1ee95f9efe0b34a2c9c4362b5475ee00efb09c893339d3f452875a11bdf6e225c6097e812ac0f1003fcdfbbf1440468f58a4ee5853767466d31ae506758ce2a5a3d2d281789803d26535712a4a8355eaa8bdb6a8d51f45de67f98911386bcd67872005b4ac2976b4e138a8eca13df3655fdfe32672d1d77cd168298205f84b88911fab11f21b2cc52f526789fbb4a1866f77388271c98d015afe2cd88a285f4f609dd513ccf83efda5421b575940768f2d1ed64c43a7179d2fdede39499bfcd0bfd87c3b46d7601a3d41d8ec72eef292056d6c43039a674eadf3e20e9909a295f18683fb7cd243bda543731698b2c40ca561d3892a4e3ea6381732190752ff0612c01af434f274b833674d116b526a3bfc7260cabae4a46fa86589dfca559e52ad1b576121ed361ba8d50568d90f120392459b04b7f09907608cc0521bbfcfce4d61cc78ddb55040006b80202d6da32d002b045264e3b97e28a4607fcbda188d94e2fbe8533934cdaab5f8ec399928ab0a9b3bf80cfbd1499f64c2a95aec1f42ea006666860ca69b51cc6899bb347c6ddb8265dbf97a0302b3ac20b577282ce9e35177d7609f66709da0017c5c71434a185db82510f34998c974092564bf3513e10de727aa260607910ea6fdedb473c72ef851b2e314e7735d076e7ce1ae3c810da58bc81c88cc66a3084952c03f058cd2eccbaee0856963ff5e828aff739749b51bcbf6cbc032cef11cbddc8b91b692f87037cce62001d278f0763a885c254e935eff5f8eb1642435a3d0b811867489e01baf8d1527facac3822bc5b33b5597c3ababc6a354bba73a51b30eeb184fe104c94065ad925dc0face4487216cd8c2066fc9f25da98683425edfc4e5a9eb084e217c3f22272d975504d7a6d32bbeeea4892c66b90dfc01079b13d6f9916b67f7d868b9ecfa6379b646c2de16adda2030be13ee640d4c684824d67b38dd02c5979a0a4cf6b67dce6a16c139d819d8ca6a1e12545e87b83ac17250aa63681484e3d42469f98192d76fca80bce6393d04e6da0a43de1fda16c5b4816a219324ac083627fd81a99a1764dfe0d37b2f8e662ab80098a72f731eb60ab5ebdb7602c4688b680fadd35d629ddf45f7688862667b74ab8e94564a4f1451dcf9298afe2aabff9202f9f600122817b279c1b41c760074171c5f58d5a00e4698b47887480af9a734c604d20af3ce7c6aca51ea1e52a11fcd7568225a812837efbfd99ba8d534773a74e702092ee8cc3eaa2a840c8823a5829e1c5832d66c5a7da0a5e53f51244f8de45752056c9dd7ed2f86b96fb8d9c451366f4d3a63e53676e04bc9caea4b451088c22d7b751cb8a4a245515a97b893825d763b74188463030ac300c4e36596161f402fd1479f941bab8682ab0e955a4aaa66901cf4a3d8544be1629718975ca603bde1229dc2f67a08924e7d080d701d989cf82a27c7664c4d54be6996b3d2dd118be0b83c82bf301a9b0089f3c25fb30235a3daee6144cd23abec5f916ecd279ea38bc9974682decea7560c0bd037b7be9bb66ca32a716a82b8d740ff62dc130791b8ccd50e90c198380fc0fd16b5adf08647910c007c48f65c087d16d2e8eca3a579f4d381ae62781bfeea4c3433c6b9265b364ed2c9745020af0dfca3c32297c617130658981030ec0b7d02fcd006214913094fbe50d6c847d69a64822a2a0ed8cd0e353239bda85d249bd14a05376e2248a0bdd3fc8d9a4c2059a8c924d2a474a3c2c92d6c09d62681ef796c920cdf1d4c30e8e2b36b054cf1eaa2d6fe0437a4da19c34b66b67af9cb82d7d6ab3b1a010a596ab2a971a2d5a51414a207cd145f0ab6844e889024573d78c3b4d6372b99442b89aee359a372bf857dd7f6b9bc93d88b4ab8f1f1b35ce8e1366b6900f5ae7da29f5bd7ecf061dc0214320825495825cdc1830b44e5a2473d7ba76364ba3704c772efb47c9d0e4ad429888ec54bd3e3aa3edb4663b17ece7ef88b7e6780f9efb909256ea78bf30a29964bd636b0bf266d5e66953346043d150e60cadf71f09bc7214cf15c98b8341676aa31a61b034406d7bc191b38b266293b844f9f8221234e366d11e997340609c048748a2e702b77997a0296a81e58b87d4e5bc2ff0cb77a2f239b1cbfcb65e313b8fa76542122b8ceb0cfd2f1ceacbac46738347374ef3dff09b2570244c4a5de1ce723fd378c7f6613674bc704303cdcb82465334fc3234ae7518363252c20ee69cae5875b7a8bbb2dca8ee0262dbe1ac812a1105ca0dd2f230d4de325f3f17893116ccee6c11b6595d5d07f4eeee41f945fa0c231725d8537cf48a9941bddf15e8474f0aaef415a221fdf17ad883e96793b910aefbed21b73a87a1f9dde6fddb5a31d0b1cc3870f9c042d5ee20f0609ce0384c2771bd997cfd117fc1d552c87da83c2713abd60c5c21e89849879313d3c48323c5294401754051f77413f7cfc1460e334fc15f6dfe4cf89f5962e423df41f2db089a67a5a52fe52b7571c555c4060f389162fbdd2b743cbf8cb4868dff3bf2bbf773a62671f97982ac859113cee81370d3083147028b75aa426d095efe354555645e83a5352a0f187f76dd905f19ad8e9d7029c40a6f127b9f504959d7066aa02d38c537e7e98dfdbe200c09518dc5a45ea66741", 0x1000}, {&(0x7f0000006cc0)="847aeb8cbd823ce2b7dc9303bde0f1778b61462f386175163ffccf806ac1dd7e3afe71cef92c795b01e34c678e03d8bb351c72306069d32e824d37af98b0d756bc6f88f04cb46b6a8bb88bf62e2d778f49f2ae4134801f34cecf844ed5ca314b6ca335ad0d3eb3f4df9760220507a3eab87df6ca2b9bc019406100cd32b5db7c68e35b027f87a8bf1ed24b52f2c3e8c4b7d0fbfb48e143ac", 0x98}, {&(0x7f0000006d80)="704d0ef964466f46c1ac6171fd2e424dd510ac413dc743cd1cf131199da2ef38e021e802ac04a80f194957c8e1358208eb97182125e9eaa30a0de546d82c581cd81b455f9590fe0afdb1751c489d5915131cfebb3b0f32fd8285e87e6cacb258c4b043e518a9e88acd537dd4d4fcf2528657ddafcdbcd0c4486d8bf57cb62fa48965f354aee8ce6513fbbba8c84b3c2f032fdfda14b18dc080b496dbd1d0b88c08196bacc7bd98f854dce293e5334d5a0aa2c985b5881bafa0797ecb3859f8c942508b8a7f8437e1ef3b7a7a2b58e6f55da152bebbe5ae6114c2f58603fe8e8c75c5260594649100e032be54d0c83b4e21846d3c7d7645c959dddab87970eb0abb4bb206beb3d7c15b98281990d46f8b08ec4a2079251cc20e3f559e9911d91859313194da874fd6e0f0b5b43d62cc3439556239fa20179fdfdb9066fb31f7e175e9e311c17e4bcfc7e94ed821e0c7bfc17d4b2b8b0a01c460c2b78454d9ff55f23f903b7bc7c4b88b81c1da396420587f36aabd67c52f799d9b3c9045a704249989e3525a102ada2247a3d04ae115b349bf8f026d2d5eacf67314683666bb65f40e9ff256b302d71957bb007cfe087dc3ef02f8aa85dea502a56aa73844dab49c93ff61092f73a86c22b6618214ecfb8622420315e1cb661a51b091b92827675f1e7fd1f9ba577c5a413b5087e64bf61a799de23bb1d7c1604906edd61effebe7d25bc4f9ecfe36160d49454432fce138e8c3424fb16119f5dcb75de75f58be61d21d968d1c5ac9d04df3497d3071fc1e61d51c4d577d1a017cb0cef59f639967ee31dea2dd7c1a1f67834f85ce7c49d438d2a8c9917a4718a82dfbd6ef4f370cd077af72fa51c370c134b5b29626d4669f80cd03be95e0a9bc9b5e7c299c017a673957c20fd549c2f5631dc6c7aff0bbb2aa083c45b334e8088e7bfda2fdedce8f1e24926c385c5d6b905c06907bcf82f2c9da0188b1845c01d628ad2f57cd2e07d41ba2920fabf87f7a3ea32a96600c7a42cc1ed9f4bc16f7173318b2b976607a77f0ebe447df61d5f979dcf5572b963ef99382877ad731f11c0d214072530f852564a0d3a92c9e42ddeb202379098db057114c159b9eb095d9819e3dfb3e32c47343c6869251556f56e2b6ce54b560b391d97b3b7d6f8cc6d3f6480cbce7c144676a81df575e4cc0d1819630ed851dd52bae54e8a7d6f7fa1ffcc070d83895863e905ba152d5df41c1bdd0467b572357f0f0d58fbd6002c55fcdc78caf800597345a54539575d15f71d8c1485ed556dca13377daafb424525c5f4fbda924d99fc46b8788147a1e36e1b05cc462bf6b1abba92e9330981e15f0e43605e66e0e122e45a2c6403d061ddc108ccd88d603d8c43be1d10bad47340fbfe6a84f30e9f0cd9cdd48b41703b9c862142d650335f07ce41e49903d53763e30e0985b4b3a36314f46845e942eecf1990c29bd3542127ecfea7f78acd209ea152ffbd8169d8d126140c0bd07c167f65c958b38826174c7882492ecaca30501100add35b4d4df848b94d2b8d8b0c7175bdc9302d7605e27a21b58a1b8a852ada7a0961cd5577999259b521fbde4403f642ebd52112059c88d42bdba48b1979ea91d2804dc2a41ed7e0d30598dadf50fddfe3888cde1dbb381b1d26d97f2812e667724e1c6c488ba4410f4f4ce1ba7a2e22dcb077d5dac488dfd01cf2c234b32b89fabfb6f8fe2c92ea48057a15a52cba37b5dd94c0d8fe0320437a6eaf9a17b593929ce023e3c2f874bb61bcda3ab52d68796980ae394f909e1917c9c1f9134c605121a349254150e5156a5eea9e3d244c15b67dd3e041133d7f809ba9604159fc863f7ec3c172e2061fa2b702b4c478e40c65be590df5a303b357dd3ffd99a0e0e4f0199fcd864b26c6c714e829d7fdd066209ccf3cd7206120ea9e9cacdd5389b4ee7125d86c3c875c58440fb853ececb199faa85af8be63a37f1cf52bdc1dea12afb84d5939c8f13d40f0fb8087a547871de658fbb1b69ba8b9fe55381ec58e9bb204912484534600931ba57c303c59765a9ff9cf0370f2cb7caecc83ba4625206039d049b3da32e50d7af6de40802fe1b031fc680d39fbe61e05967ba1f92302bdddfe441e9358599ad774a6b7a3da198ff25dfdf6fa761fa6b3f20000aa19431bb72a9a8ff8091f60b9ad30141918a67d1854e4efd43a281efc4049ac8094aa7c976f06c49b3f918350fd77214a26d503afac4015210f26da873a53b0c2e368ff744d55d7c3779ef4c818cc83baf3c7352368979bd82fcfdaac4c4c1cd5f7562ad4302241cb98b70a2d8d6bc67e16259842925dc56ae47ee715749e59b6dc9a42f3c379710cca7f73fb23649195769daad5cf89d1cc1210081b215b9198532ad25b3441446af3b726350ad6adcc9ebeb9280a83aea618d02c2d90d056ba35bb43a01793515d2614b75af2c08a0d31fa51724f6cc297f61e99989470c8e252b03f72d60b4ffe0cf17ef8d4f76971dcbb8f9bfbb98c39b08f3309ff978d1f261835fc4ae9a23809c56c987e7c2e2386d9caf181ef235fd8161232fe605b9e13c86d76168187da2c4f9234a16d03e436623f4d605d09e4dea9f022fb153cb4ecb3b537836f4889ec70d3a4b1ef71194c4cf9adad9ce665ec8f58b6c12c18e41c156a8e58b9e870ed9a2eb54a797068ebbdd40eb471357f4b2942a39ddec5b2f445945c14153fcb8a8725f9ca39073db33258ac01c92c84b0124cb3f8cd15828a66a73aa355d50892d934e034f95971fe73c7a1981b71a58bee55c2e1e82a37818d2fdf0076c0260261242bd5f4bd437bdfb5ec0b0041c500a531bc86ceee642fe1b29edb8925b3c5370f95191c16106970a6887e87c1db96b6ffc430e3bce80d8eb020c0700cd24a539ae8863fd3d68580b83fbb4e5a95037674292c38c25353e7139b3b45b95644d59109013ef08b7fd40a59ee23bb73b03a4538a0436636e6f4303d818ef0624e797174c9a2c906de7ca613258a69bea98324d5b4c2999a6c57f424483d84ff855d4905e6d545219a993dcf63488e22a90c966f0ee6fa050368454305791c7500ce7a302abf28ec87f7e540ac29364ef2551e504d8b0beaa6b2b6a5f1d99c9413b4da55807c780949cf9a1fd23f2e04c86d85713c51df50d8294807d3d9d71a5c961be33ea856405d19cfc23cc5d1a494e98698ba3fab99edbec379658c1d1c4484906521286454f1cab78228bd4547d3cd5220f0bab4694b4bdbdad9b2f2c592ccfc0aaaeeb04ba6c6b6cab46f2615a266713bc8ecea0991d930cfd31cab80b9cad166e9a636045da56952f7fdddaf74ee7e2589da21434bbf46d0652e11b8752f331a2019b542e276802be70db8b0e18183711c56c1ef2f1468e0fcc7b26384062ba351d2e61064274986036b8d6d0597803766426368f9f80f5440fb12aa624b3137dc02db306742a5b5901f6dfb1f00e16555677415904d2f78bfe4a322bfc609c04fce944837a0506432e84f89237c6b9b81a960842eb44de2c9cab01baef722cffaacbacb1eac27fc79195922339f49a9c1f45b4a85f175d3d76c916c3bcad350d1c17d6edc365ad5428200dd2e8138892236aaeecba9056ae80db5e81108bd872a5a2ca2ed02ed63e65b687ea3f88fdde2c51631c8d6a5c74174852886d6824730862055e947b53bd024d1ac25eb776835d81a65e6104444ec2db1a2e6748387419fea9ac3e247c5683709a87f74f3640ded01c2d1a2a750abf3dff3048c6a09a0e03d577fe744143f576cc5e9f82f47dc14363a0777b284cbccb1d24296a0817656dde33cf451ed780c7ec2e4a773d18b4239b224977027349081bc649085bb181e7e4292365054f319a34ca5d4abbe92d95900a03bc49891c7d7c4d66c825260d6db0b1d6c73b12b57ed6918356621a6f4b1be2353ef3d75958e59e0addf6458fad0d3427b3211fd1dab83b14a2b20dbedac241182ec5caedf262481f8e6b905aa4ff4ae55c8d79a16028e459689f9e8f9aaf4dc350ab14dcd65b514bfebbe764905735b9898d29d23292a120d7f3c76ec101e14bcc12ac7fd311620b65098809a2d1c20ad926cf22165956038a57441f60925d69fcd21785afcac656b7f9e42ce38a899987d5bbfc209825975c822f69af9cf20a0a72720eae81680cb5f18ee121883ef70daba82a97c26c0b0cc2a6ba7aa19a283d4b71b99b4f3f217c1a3fb30852c38b4c36734fd41634de8019201da0d9d66fb275d1cb58d2752d187fd9178f9bd27f9b1d7f42f24ed5c56a3e894d44fc5032cc0c4ac4e025fa4597d3234722518f0c9198f4ce3809d6ad21324dbdd00612071e3e206a0306b59cb1a6aef7035e3c471e71f34ee584990ed947852663e7ea8fc4882a25a21b1757866749693b4b9a0f43183ca96ef99545e59adb2c1939b64c16c704f2e8f64e4f55e40fdf45afc447f8213acc8ca5fa7693f72df3b88f8b536087a7aa809869e2dcfcfde6ea8e638c403b37cd0d990a4f53962635900017f3f5fced044fa9058ebbcf8a916f0d316e5ec874c02970e01f82384f108780e9423b5b6d8344c62ab44480dca46327e0bea493cee25323468e58bdf90fd0366ced0056f6b04e045ffa7f1b2823f217d74ab1f66b4797b671f82195401d7b30134da7e8da4b5f177840ce82a4f72b77cc9550a48c11b00e707283af8846e3459b070f05e2fdeafe53de08d2b334a2f92a780c6e70bb9fce63ff589ad343870d61f990a88d71ca33eb6134ff54f3d714beb2cad73ea9fb349e6db9a1d694841d81d9021a71948e0d04733b2b29883a4e61696e3699dfaa240af00163a3eaa186c8f20dc20f2d2ed4c588e12451d1f20375e7e1da2907d265f2d1817a8b98963752b33754180d295ee4080b3bfbb78cc5baa1801ece2096f0c9dc81833e4c925158fe800a4747d28b7c45290b42f1e1498ac3690b7e84dc9bcab40c889f3c37c091dd90bc187dac1a79fe883ceadd9959cff4c3bc531648749bbb7dae84d7c0e422e2bc240419c9ffc227eab07662a5ba2720f84f12710ecc228402743c1f98c5a009e1c25d2860f030ed8cc2639198a6d1e73e8254b6141eddd3f729ef540d7869ddeede39c88e14fb7c7e31b263df598cfd170fea80bfa0f856a0bd4d98ef27478abe149b1ecef5793641dde8f9e6142a1372f7e9a99e65ba25a588e9fa8f4d5580a88fa19de55fc0bb97af5ba648decee7640111f4b2c7e39ed0674ab4b8dd923a700bffcb22eabc7839cbe3c7e4314695cc74fd8707bfa3caa3e66814f14312d1698510b616e53f1fc1916383fb5799501fbbd7d4eccc02103c56fefb816c9deb4b10b6ff1c467da6b00a6f89cb9b4dd119c88a2517b669cd95af727adeb14dc5f0b1c0a2c04e02578b083ff3e4f15280ab31e42d8aa91f456039c0fee28ffc637b66d3563838816604de199f477984459cb0a4b14ba77e88aa86d133c70594d23e3432a3bb73195cef1f4de26be5c31ad35926d07f000d1d11bf4e2e93f2a733e5f15b4a9837e0c6d845b57810bcbd982e4b264c2d3f67fce5c923cc3e811b391854f4d4a8f143c3f759bd8bf4bac562ee194a406c495f18566bf3e2b3aad75e8ff272dc279e29179e245a22c976905d12afb4fb00c15776190f6068e4650a49b03d098c940b32dff6cd6fa36353ad81070364bbda21d64183647b040ac44aa6132ee805a9b255e4348e27f1fff7547ec5741888640e17ff213ca206c11d4f852631d5b484fcbf75099066ff409853cee3bfd15793892a84dbca54d2453defd38af278", 0x1000}], 0x7, &(0x7f0000008100)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [r0, r1, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r1, r1, r0, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x128, 0x8044c44}, {&(0x7f0000008240)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000008300)=[{&(0x7f00000082c0)="52c0e204", 0x4}], 0x1, &(0x7f000000a900)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r2, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @rights={{0x20, 0x1, 0x1, [r1, r1, r1, r1]}}, @rights={{0x20, 0x1, 0x1, [r0, r1, 0xffffffffffffffff, r0]}}, @rights={{0x24, 0x1, 0x1, [r1, r1, r0, r0, r1]}}, @rights={{0x1c, 0x1, 0x1, [r1, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r2, r3, r1]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r4, r6, r1]}}, @cred={{0x1c, 0x1, 0x2, {r7, r8, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r9, 0xffffffffffffffff, r10}}}], 0x138}], 0x8, 0x4) r11 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r11, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r12}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:57 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2f16add569b95a06}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=@dellink={0x58, 0x11, 0x8, 0x7fffffff, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x8, 0x10405}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @sit={{0x8}, {0x24, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @broadcast}, @IFLA_IPTUN_PMTUDISC={0x5}, @IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e23}]}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0xd72}]}, 0x58}, 0x1, 0x0, 0x0, 0x40896}, 0x20005004) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x200, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x24, 0x1, 0x8, 0x101, 0x0, 0x0, {0x3, 0x0, 0x6}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x800}]}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x400a0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:28:57 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5416, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:57 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200040000000000000000000300000000000000000000000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="000600"/14, @ANYRES32, @ANYBLOB="00000000060000009501c0ff0800000085100000070000009500000000000000"], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0xc0, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0, 0x0, r2}, 0x78) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000380)=r2, 0x4) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:28:57 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000140)=0x60) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f0000000180)={0x3, 'vlan1\x00', {0x7}, 0x400}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x70bd2a, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x0) 09:28:57 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:28:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000f2", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00\b\x00\b\x00', @ANYRES32=r4, @ANYBLOB], 0x24}}, 0x0) 09:28:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5417, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:28:57 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:00 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5418, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:00 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xc008ae09, 0x400000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) splice(r0, 0x0, r4, 0x0, 0x401, 0x6) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070f000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="80008dbca4baafefcd27aaaaaa0c0000"], 0x28}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r7 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="280000001c00070f000000000000000007000000", @ANYRES32=r8, @ANYBLOB="800087000a000200aaaaaaaaaa0c0004821ee3dd3df6f45521b016e17ba101e6af9f1ffb0de4d29ecf3b2a602e5922536de6de998ce542dafa2a2a24f23fad50717c46c22ceefecb79f635e6da40b45164ea103144f3fcdd0b0a2aee558cb6035ed855e931cd0351fb"], 0x28}}, 0x0) getsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f00000001c0)={@private2, 0x0}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=@RTM_NEWMDB={0xb8, 0x54, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x3, 0x1, {@in6_addr=@dev={0xfe, 0x80, '\x00', 0x3c}, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x4, {@in6_addr=@mcast2}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r8, 0x1, 0x1, 0x0, {@ip4=@multicast2}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x3, 0x4, {@ip4=@multicast1, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r9, 0x1, 0x2, 0x3, {@ip4=@empty}}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x8000}, 0x800) r10 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r10, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070c000000000000000007000000", @ANYRES32=r11, @ANYBLOB="000000040a000200ffffffffffff0000"], 0x28}}, 0x0) 09:29:00 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x363c3, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r1, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@RTM_NEWNSID={0x44, 0x58, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@NETNSA_NSID={0x8, 0x1, 0x3}, @NETNSA_FD={0x8, 0x3, r2}, @NETNSA_NSID={0x8, 0x1, 0x3}, @NETNSA_NSID={0x8, 0x1, 0x3}, @NETNSA_FD={0x8}, @NETNSA_PID={0x8, 0x2, r0}]}, 0x44}, 0x1, 0x0, 0x0, 0x26044800}, 0x20000010) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:00 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9d, &(0x7f00000003c0)=""/157, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) wait4(r1, &(0x7f0000000040), 0x20000000, &(0x7f0000000300)) tkill(r0, 0x10) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const={0x0, 0x0, 0x0, 0xa, 0x80000000}, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x5f]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:00 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) ptrace$setregs(0xd, r0, 0xfff, &(0x7f0000000340)="59faaef9f85b153133f9c16c53c1bd1238f0d6104cb30548f8d6abf4f6d5b0c6b206b428d23dbb8e014d8ba8206de03cf49d30bdd64864cf956aa37143659f28986776b08d86e16c30ef782453a787cf1e9644132e412b81c559452fd0928c0e774c1cde6c43758c32") r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:00 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541b, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:00 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@cgroup=r2, r0, 0x1e}, 0x10) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000003c0), 0x80800, 0x0) r4 = accept$inet6(r2, 0x0, &(0x7f0000000400)) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xc008ae09, 0x400000) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000440)={0x100, 0x80000000, 0x6, 0x0, 0x0, [{{}, 0x8}, {{r3}, 0x100000001}, {{r2}, 0x15300000000}, {{r4}, 0x49}, {{}, 0x4}, {{r5}, 0x7fff}]}) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0xa) ptrace$setopts(0x4206, r1, 0x0, 0x0) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000010100000c00000000000000000000007b3412c66e6d47b459ade79bc1ffe2d30800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100"/191], 0x0, 0xbf}, 0x20) tkill(r1, 0x80000040) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000300), 0x2, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [{@euid_eq}, {@dont_measure}]}}) 09:29:00 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:00 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000080)={0x3, 'vlan0\x00', {0x32}, 0x8}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c00070c0000000000000000070000005c07bae8ee22076d4672fc4a6c4eafc8e844ba9a5509d1fc67969f22e5599978530e3e9f2a38e92924f621403f9cec630bf3b885abdde78144670bfa02702a6e8d531c00213b437a79eb11db9ca52ea3d5098237bc45d4e64f0326e6c8d1ef33e0f6c07cfac2691c691522fe425217b516c027d3a946aad7e41e9ae62f18bc2a220e1ac27c961a06f1256f1895be7e7c3bea363270a327611ee84e788fe91772218c3b05e1b0e2fb2c99cf655c31c633bb5f9903880ac346bf4a76680b", @ANYRES32=r2, @ANYBLOB="000000000a000200ffffffffffff0000"], 0x28}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x246d1ae6f9976372}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@setneightbl={0x80, 0x43, 0x200, 0x70bd28, 0x25dfdbff, {0x1c}, [@NDTA_NAME={0x7, 0x1, '{$\x00'}, @NDTA_PARMS={0x4c, 0x6, 0x0, 0x1, [@NDTPA_BASE_REACHABLE_TIME={0xc, 0x4, 0x5}, @NDTPA_RETRANS_TIME={0xc, 0x5, 0x4}, @NDTPA_MCAST_REPROBES={0x8, 0x11, 0x8}, @NDTPA_DELAY_PROBE_TIME={0xc, 0x7, 0xfffffffffffffff7}, @NDTPA_MCAST_REPROBES={0x8, 0x11, 0x9}, @NDTPA_PROXY_DELAY={0xc, 0xd, 0x7}, @NDTPA_QUEUE_LEN={0x8, 0x8, 0xcf}]}, @NDTA_THRESH2={0x8, 0x3, 0x5}, @NDTA_PARMS={0x10, 0x6, 0x0, 0x1, [@NDTPA_LOCKTIME={0xfffffffffffffda8, 0xf, 0x1ff}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 09:29:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541d, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:00 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) [ 2208.041575][ T9086] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 2208.076825][ T9100] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) 09:29:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541e, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:00 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xa) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) connect$unix(r1, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e21}, 0x6e) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000001080)={r0, 0x400, 0x8, 0x9}) sendmsg$nl_route(r3, &(0x7f0000001180)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001140)={&(0x7f0000001100)=@RTM_GETMDB={0x18, 0x56, 0x2, 0x70bd28, 0x25dfdbfd, {}, ["", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x810) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xc008ae09, 0x400000) write$binfmt_misc(r4, &(0x7f0000000140)={'syz1', "80470eaada9373324fe7e3fbf947ce611f338c8c3dba797e747728340ed59cf50de044fe5fd1fe4b42076e281402ecb25d9b7f70b682"}, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r5}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) [ 2208.127176][ T9123] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2208.138515][ T9125] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 09:29:03 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bbd40009000000000000"], 0x0, 0xbf}, 0x20) tkill(r1, 0x40) fcntl$getownex(r0, 0x10, &(0x7f0000000040)) ptrace$cont(0x18, r1, 0x3, 0x6b) vmsplice(r0, &(0x7f0000001840)=[{&(0x7f0000000300)="76d44aebfb1fcfc8113958d99de2617833033c76a36c9ff190abf864be95c2c395c5e8b89ce950c9b47879022a78e7ea341bbba7307ed53abedb0679f8c9fa3bcbe187c1fb035ad2346b9a3820349bd4e4afdfdd4e90f6b4fd5638652d96b756e7f0a823b3eba5206e12716d826fad75b67845d15d8d1533ba07bc1b00bc8e0daf653c395ab086f6f0a26f6910a0823b927f9742ecc1861f4daf6d17bcb0ce2cef75c098e03c005b7a823e09062ad6857156ca52f80a4bd05dd063d4b6fc6ac4aaf4f17fbc04553ea8074e9be659b55db4566e5c0f0cde88e530ea5e4bfc3853f21aed72944c3983ecf8c7956a65f343618b4be8fd3a4c1a", 0xf8}, {&(0x7f0000000400)="1edd9216d43a877803e05ee0ca34aa34c8399756aa5ad58205f3078156e38ee8ad7ec36ad3ea1c2451ea77984be00a92e9d8f7024e0912c716dd6297311747e0ef1f4912f5990a6faf094bc07958b6c0e8eb9fcbc5bfd5ab0ddf13aad730dd991ebbd2b10d7b2d2d5d5e2e9b4bbfb35cbd0b5cbec9188a152a5f148bd08243586ae3ac9a7ada83ffbca35db042a305774ceff31f35", 0x95}, {&(0x7f00000004c0)="967e8e065e4922c739fa531d76d7d093ed283fb5fedce20d923c9c2dc37aaaceb2f15184e61a487b01bb2a5e7cafb89707be23c3c16c1b3f5c7b88be6d637c6d77960403973afc32bcacaa126da8c88d7bb4ec397e3b1ef22c8a2af45bc46850c90c81a6fde2cf29c294847609d3dfac1ff92c2e83f62e5e43e85384b75fd2c9548289f8c5be85af9fe60a9f8f2bb293d3b45212fa0cbf412518e0e269f5545cbae7135a4685d38582db3c2fad9febfbd4036b46ea9a01e2aa36dddab300bf2ebe7fae86f97f42cbed2fb298419a0ac1a72dafdcbc1189b636011d4ae511b7a4d1c9fe1f2bf7b7181a53cd1f538f0142b114b0de4049fb45", 0xf8}, {&(0x7f00000005c0)="96cf96962a2f3a79986e1da97f6f16ea2fea164202f39ad9613bc9e35be86d96270126b7ade17d1ff3b25514483a28f4f214b423cd829d9672f2f98cb6fd7068a014f4f58af595d4567ec828373f180a966dd39fb6c8281dfbf339aa66425d2ee5a5ec3f0a7a3d3b0c862ea935afdd5956e4d0840131060cdd207f21d830ed6b09e7609e31a42945fc8c535a03144053182fac51528659d7c8a1cc0d2195f99c6754e59a0ea3df93dbf82bf61d8d225133d483e2c7f1072097473e4c69efe7ce7f9138ead3f80e508549", 0xca}, {&(0x7f0000000140)="bf3c4db1143b78c20e1d5f79baa4b30a0485865cf2171d10b4afaf06bf4bfa36", 0x20}, {&(0x7f00000006c0)="f1350135098f48624a003689a1f112561c296656172013ace2f68729eb64ccf6c02fd90545347bfaf2f025de916a0fe1afefc0c150e10744b09218630217ba1ea3a22f53140c0f186bb266b1d25396e6bd0a9ec94d2d962967f43551f79aaa0be27a97f4b12d524516f984", 0x6b}, {&(0x7f0000000740)="33383f51aecb3634572e7c441600e361957aa5bd75802c33baf23ae8693b3b724b0a1dd18f9f", 0x26}, {&(0x7f0000000780)="8af3f769fb22935a4be7b9a0f8a5f0c8ed0669a792b67e9dffc07cab1ac8e98b5c6e039dfecacd3f0c09101c7316c38f181216171e23a8b716acf73dd4acd372ad1d7a16680ffe745dd85371e509cd243dd37c780f740913c10411e705cd44981524383f5353f10f241587a5aaf0c407c1aa127f8d1f4f15ddd5e78a5deff0a2a2a8", 0x82}, {&(0x7f0000000840)="0b7c2d4204bb14612a1b8b59967df86ad32142a6aac1ee08c4c5e301f47133f0cbc11da7234af981697e90e301c11bce9903350403b45ad325de0a2e44626a7fcc2521b63a4d0be17b62dd7569b0f07bd4da6540da7910c124eba6eab433a303b08a1062235594b0bfd00db969452871e951f7bd7ccb742261aa53aea58ffdb17664673d1ed1f45c21d489f47cec841ff893fcfa5fdbae2bed3bc51e6bcf92ded2cf88336d931b61e2f007864fa8ad044128fc25b1f64f26ed53fe9c9f40bf4dcd00020efb7d7c3e05b2e04fce9d9bef99fc697d4438f2a38a331221c927d67b24b55c2cf0b162398b261c60b6f14661e94c8e7679fb22b34dcf58e2b9d5099c1a41a049b258c9514ef6113aeae71c3dabf34aadd33ca6e85a396b11a348ad182a106ff4bbe539b116e1245cbb98243df55048799a3a670a35182d97a24cbb5204946f273904ea63626d40552e7bec0c70de7c3de0a0a423028e0ebf6bf1dadbdfa1d12570b47e56f69fe698dada12356dbf6cc052e317e592c615be4b82a82a88a36f9b5fac1f892e70c3be610c41cf050d4b2548bd9a4289b8fdf0e9b23e7bb9a39edf75f7d05f583f80db18ef0f06050607c8851b5f52963a1f83ca65a99165d7a3a2e226767c5aa8453884087cfbbf180a1fe08a1cb331873dd4473798be83f3475036e53097935220198b70ba8df9c2b41da89ccb2b2216838b6354ef112f28589887956f3876dde86af9d1f32c45d2584d41ef2d7524c1a42fb500502b3c1f5023004422b0b67f763f8d1b5822223dd17405a3eb07f6aff64995fbec772f04755e013fe557cf3ddad7a921d9dba11972440ec462d9540510e8250237f8889d2080f9f502ce3e8ee8a53c635badfd22487be65fbc421bd9a1db0a0dcbddf78b678f0a4b64806323aa16806650422ebea77250b97f4467399f0721cb8b0df526c48572549e15a5672d67a1da2d13561ee3795886b8f44bff2a350fbcf2bf9115692a1d1acc1f22a4f389c9f2d792e25c941f6e5649d826ad56ebc882baf260275629f0d5e73d87ba7cbac0cb5691517feea72ce5101dd358708ce81d4f8d5c82f621b1c4fdae1c299cd233115831392b4e0a8fd6bc5d8b757987aab91ec12c47e153cabd2e3228051172cd50f0e927a59d955bf2e7ace3c9a1406664967cd77f6ac22567dc762e120fad3adc5cd5c4be7bee5923f33327272094adb3bef41c4262249dd815b1d06540facf4140e2ebd34af4bd9fdd5c08a99f8cede97c85bd6c1604612010d32340365d732f4bc12d3f0402c971569a9991ba4c623cb854d79ee5e1773a1de2b2a78fcd830dd7fbec7164a4261677a1a4b32699597bb60db42744532ed6dcaf943298050f21f1607ffed5bb0d35005ee537623e0b721d603551f8f4cb8ddf7848e96bb7f70a51bf00ab4c9fe68b1770f685ab666cff471034f05e639efd45685d5334897bf8235493634a7b3d111694e83bad6638dda2bd09ddcd303106531605d1adfe8f26b4ded93766c2dee7705fba65d959a9650f73dc6ff6d47a8c8a7bff04e32cb020f1903f8b9c125ef092fe8db19e73012aed8cfe1d560284c85c69100f911965a1df03c77590a414ca4d3a737495f5fb206c7d023bf64b39df5094dc7fe82da7460b9fc38fe01ba74c2806831a89cb595fa67bc5a39d0642afc925d77368646e3c175a6e49e3f3a5da1471e8c390b4d0ba0660990df15e9929e5b62f8d5962fdb429b32ffca32bb3eb19f888360da213dbfee9ece78de00772b664828f4de3a55cb54c1eddc448ae4bd247b2e7f18c83831746e6c431bef385a1bdd724ed4c409a129d2e186ab6e957f19168878944456eb8b56afc8e689609303838dbc576590f6f851a9dfc3b877ade79c35bbd76804919140530605797c524f81936209a2400f760f2ca1723b98aa95dd47090cb4900ad4e1335ac4ed65c9eaf282984d184595b27b74c27e6d94025e7df8a963bd283620c4ba9c95a6143fd763f84e66246eb0994229fd0523e218c335d7dbf4f913ec2e31e2d52068283c3561993c7c4a8b6346b394191f72935e2f04cf80715172d30349dd16d81cbbb8be4d729bd60f5119cf134e401aefd7786ee60ce19464c7a3ae7204501044bc3bf3d39be9381d15f9c2c28f0e957525d0c4ff53cdcb01f5db08cea03bf3c83cb2e84ef41b5749a5b7e04b84a6958d56b264670febd46c8f6a7c7c5736c988cc60686c3018d996537cf37b340b89c9d966816709b19d0e87670a5d61292c8c967f326632f12b580d20919c051cf46e3af361b7dc49d8d9a6c102b51502eb620fff307b109f90cc46c5541b25eb0e95fecf086ebd590bdaf27176504857d59ec2c562ab98d89266287613c43b26ba741d2a2b7dc18dd8fc8555ee60419734bdec89c8b3740a9707083cf016eba3fb0f715825008b706c9ee95423288904416bf859ff3ffdd126cb6f731f8a92d75814c19f5fe596c1eb980628e9e2d2b2f3a8e4e0c626d48fcc18c5819fe760160a85173ca4257c28aede078da62d0c6f62c061b82e4c25ea14bec37b81fd5cdf76416973d17477ff6862fa0bb1811a9a80281ba2256d3c960bafbf2aad7c4689e1f83a6bf8fbcd0a4a0746420bb1e4120bf0e53fbeaa6bd7ebe2c9dc28e829b5a40149cafa50e54bb95389819efdef10fc3cc846c0e3f6a11de27ac093f44bb06170d11905b8f3a4d3e7b7c22bf3e40c647f38f252861b04ce9cd1eac310201c105d3caa6198676030a707b9b666ca30a026d66cabceefcb3028fbfb651b01b3c2dd5882671fbc80cf2711ed2e2361b09160c95c5aa7a8c898b234abdfa7fb0761e56e56d7e7e9519e4ef18047ca17388d7c4499034833fcf65a48af6b13efe7d6d5b1a826adf2d988eff4f3b372bc908e32b14cae4d51f8632a315e414a362bd2061e90bcfdcca73b9781d6b56f0434ec320a27c144105e0ec98cc92f0fc1257a67a08a88224ed10ad3535d9cb1cc56deae243e3f84d505276ff109149ac0898731c1aa2f027826e9e1cdd2aac9241d8de0c43209ee7c3c956f1b79cd139474ae42ff3cadd0cfcb1dad5cf74cfb2b05393de1497535d1cd4b3764ab4d600f6dc63de5ba595c47b8034603dc3834495ca8b6cc6f10948992b84dc79955bb83ceaedb1a38148818b8a4d6ea0eb07a1ded15c2cc88fd77bf5d4d15fc65f8440e7056803fd1cb0800a4a38b33aafc27ffc09624bac10260b08bc7b6c5154472f0c1bc9a967006c4d61cf97ba0370facab2495b36f8a6baab889e0811cf51a9f26b79fff9ae64d29bdce875c8e6486da4e8787da601dc0bacee362ab0a915158465c59bdd15a1d5815fbe604f276bbf1b2b4de6f4866a16cb21ae9d054e3450cd7d6dbe5dad853abbd83d32efda73610fa3349f8e9fff654ec8cd5ad5d5fc007a8aa6ee75495b681edd4af9f6accfae7ae24acb9f52499ea66cb7accc7fa6383751cfd73a9da3542401bc48179606d31721b5ebb7d9464c53433aadd222cc461f9fd5df271c6c005e042f631df668734dc800b6721eb1c1b39369b1fa78df2fc2a8f6df6ebc241f12c8344f4e81869dc5072ff8f828257e60ccf41757606cb2c44101dd2df1c6969d0f122cf707b8c1eb390e88307424ee6901635f577054201606df1fe45d6aa282b87a0f26e4b288c4fb828694be59de5f24670bbf86e0c71e1b07ce63137f5ba1c6d32643b426b6880c3d8ae46d4a241550c463ea45d8a9be9899a90077f0494363afaeed40865f19d56199d227915b59420be048d3ee17c3cdc396889a6edc2fc2814678402bec44c94ec691f25d9c6efecae2c5899ccbc0d289c4d347d46d8bb71aede2a64bc3fda43bb21a1d96f1a47677bc59a8dfb2dcb094d2065aca6dcec1e1568bfdcf5f88f77de22348ba53c3285b201bbac7a2ba97ad30a93cfbbdbe646e3e816e4792df163cd4f3050f813be67baa9a02588694a26b0e549ebeeafae10154551be3b0478ecc6ea41ffb0f30c893efa58c6370fed526c02bb2bda679f34ed2ff4278f6ffe7630be77434e5975689dad68668f370c9638583b16ed9e9a95d1b456f4860c3277d527b733a8a635d413f7898fc55c3a4d6e6f2e4da9786e4e77f675b40a35b08f4d0a1a6319cd2e26bc07d3eea78cb93d45a4736fa2d3742b7d3c7904093ff3b4a6a9765a51bcb66ec32ef8d56b05209642bdc33c7defc2d5f19093049b7f70db87e4b3e5e9f8e39551f3b16f619416b62995fa05851c9e1a96696cc0aef56104f227105c018359c1bb72c87fd49e92fe6f22b7eb0d8310e2151ccea68418404634c82f2dba22a76113abe28a67fe3afee767297593482f82f9340a0d66fa7498d22e79aea112d348fd4772161024f1d6ef38a101f59145f2cb0e50d00b139fe8c98dedd737039e3a5484bdf723b9ff6c7d1c80c9347aecba5d75b5c232dfaa0c25baea930cfa6ddc1b47bb2220da1c505ab44420ad79a768938473059e78ed22c065b17d24498e9443ff0bc7c57aa3a27d82d0c49b3544df192a42fc7af734e196919a01459529f4d775aa7575eae060aad7d16c046e19e8c30e61544dfbc8f9448992658dc2fc1904a5fe2d9075091b7b9f53c88a2033de74260c1760fefa20434c1f1fbb293d4c2f13985e3cebc19a7d8bde0e2efdbb6e293f85774411337f677e4891b1fd7fbf0e7db69b628140ec93794576066594463f3e00aeba4231e6109930889fdaafab4883c2053b2203b1b937db107b9d20e8a1ad14680eaf9cd00913b4563e3826f7f476aacb0ba49e62e36d5d99a31d5a82126b792715252dbcbbbd7d88dce2e2a753fdab4e3b7cf65ae16fa6c932ab0a83216cf5e626a9c6e33aaca3f523aa02d652ec5aba157bcb49258b818bd4c37e7bc448168b27b3e0d460f4d62f2e009dd27c7180d223779d7d39d1b887afe02afba93e7a3071a862b598521b8a123a322de04c8e36a08839276862d74bedec11740f7a5a085350f4461596026d85b846ffe65814a3a42a2c3fd4b6bbb1e32f44aa889817a18e30907843e3d62fbad55c7e8d2214e07c74b7863d2abac68174c3614fa172421ae36cd8c1575f2f7efa0ae649e0ad7232d0f86b7c0a9ec5953df54604b55460fa9c36f5e8d993dca3c55eec5b6a2cf906a19e0c02b10ec1e95f1a3c14c32d2ee34bfac32b129b17bc5a7e7e2e04e5e12550140523d52310c10c65ebdb6e0b1238a015c8895b0e47ec15e3f7ca9383161b2880a61bebae999669accde4b3cc55dda56494d70352c89f72fdd300723f3a4527205de0e1be0aaa1acafb583243c3a1dd73b3382474b5720dcc363354509b0a8e08cd79dc82c903b992c5b263522caf9dab099d29d00b857c7055630b321f72f70361d8e65a9d92ca87601a39448faae90bc2d17ec801470d142c20230d8d8c6e914b40155fea8dc4be2f8cfe8662dc456dfc0fcf9038997d8dc8174dcf12b713fed868151fe94fa2d88f1c46080e712d014ba78b1a59eec28a1459ad03814ccc36a481b6d7b2ca5f33882bd0e1610a3a21057a5b52b0cf590e28a9cb6e9fb034289e3c7088a17d50a0adbc3ea3a0235746249e645dc2eb70b7be7fad6336343c61df00547b79d50cfe9594ef0b91b5b7f889c9d031ecc1bd6191448f8ec80a6c0857f234ad05d5f9f5103e79a9545f62d3dc0b5e6a9aed8cb21ef903707f40a8286522deedb7507c90eda3394a8734c171336a1dc1a673069ff5b21d2d67a87ad6c0852ea5b4cf03e844ad799669d353cb6456af1588ae30ad03d19b1b7807385635a489f667e171f8cd5a9a638f35f", 0x1000}], 0x9, 0xc) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 09:29:03 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:03 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{0xfffffffe}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:03 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x4) sendmsg$nl_route(r3, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@mpls_getnetconf={0x3c, 0x52, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x3f}, @NETCONFA_IFINDEX={0x8, 0x1, r2}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0xffffffff}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0xb3}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x200}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004001}, 0x20000800) 09:29:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541e, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:03 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:03 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = gettid() bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x14, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="183a001c2b04c700029e7a1e100004f8ffffff"], &(0x7f0000000740)='syzkaller\x00', 0x7ff, 0xb0, &(0x7f0000000780)=""/176, 0x40f00, 0x13, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000000840)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000880)={0x2, 0x7, 0x1, 0x41f6}, 0x10, 0x0, r0}, 0x78) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x40) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) process_vm_writev(r2, &(0x7f0000000140)=[{&(0x7f0000000300)=""/210, 0xd2}, {&(0x7f0000000040)=""/18, 0x12}, {&(0x7f0000000400)=""/123, 0x7b}], 0x3, &(0x7f00000006c0)=[{&(0x7f0000000480)=""/178, 0xb2}, {&(0x7f0000000540)=""/244, 0xf4}, {&(0x7f0000000640)=""/83, 0x53}], 0x3, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @fwd={0xa}, @const, @ptr, @const={0xfffffffc}, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {0x2}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 09:29:03 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r4 = dup2(r1, r2) recvmmsg(r4, &(0x7f00000023c0)=[{{&(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000140)=""/231, 0xe7}, {&(0x7f0000000240)=""/114, 0x72}, {&(0x7f00000002c0)}, {&(0x7f0000000340)=""/164, 0xa4}, {&(0x7f0000000480)=""/82, 0x52}], 0x5, &(0x7f0000000580)=""/168, 0xa8}, 0xf4}, {{&(0x7f0000000640)=@can, 0x80, &(0x7f0000000980)=[{&(0x7f00000006c0)=""/132, 0x84}, {&(0x7f0000000400)=""/18, 0x12}, {&(0x7f0000000780)=""/182, 0xb6}, {&(0x7f0000000840)=""/129, 0x81}, {&(0x7f0000000900)=""/22, 0x16}, {&(0x7f0000000940)=""/31, 0x1f}], 0x6, &(0x7f0000000a00)=""/10, 0xa}, 0x6}, {{&(0x7f0000000a40)=@nfc, 0x80, &(0x7f0000002100)=[{&(0x7f0000000ac0)=""/39, 0x27}, {&(0x7f0000000b00)=""/227, 0xe3}, {&(0x7f0000000c00)=""/136, 0x88}, {&(0x7f0000000cc0)=""/220, 0xdc}, {&(0x7f0000000dc0)=""/138, 0x8a}, {&(0x7f0000000e80)=""/4096, 0x1000}, {&(0x7f0000001e80)=""/15, 0xf}, {&(0x7f0000001ec0)=""/248, 0xf8}, {&(0x7f0000001fc0)=""/198, 0xc6}, {&(0x7f00000020c0)=""/38, 0x26}], 0xa, &(0x7f00000021c0)=""/121, 0x79}}, {{&(0x7f0000002240)=@in={0x2, 0x0, @loopback}, 0x80, &(0x7f0000002380)=[{&(0x7f00000022c0)=""/191, 0xbf}], 0x1}, 0x9}], 0x4, 0x25, &(0x7f00000024c0)) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = socket$inet_udp(0x2, 0x2, 0x0) close(r7) splice(r5, 0x0, r7, 0x0, 0x80000001, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r6, 0x541c, &(0x7f00000025c0)) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:03 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5420, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:03 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) splice(r0, 0x0, r1, 0x0, 0x80000001, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan1\x00'}) sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=@ipv6_deladdr={0x40, 0x15, 0x400, 0x70bd29, 0x25dfdbfe, {0xa, 0x10, 0xd3, 0xff}, [@IFA_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x2f}}, @IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4008004) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const={0x1000}, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {0x5}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r2, 0x40) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) 09:29:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5421, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000002500)=[{&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000000080)=""/7, 0x7}, {&(0x7f0000000140)=""/146, 0x92}, {&(0x7f00000000c0)}, {&(0x7f0000000200)=""/238, 0xee}, {&(0x7f0000000340)=""/93, 0x5d}, {&(0x7f00000003c0)=""/59, 0x3b}, {&(0x7f0000001480)=""/4096, 0x1000}, {&(0x7f0000002480)=""/83, 0x53}], 0x9, &(0x7f00000025c0)=""/140, 0x8c}, 0x401}], 0x1, 0x40012100, &(0x7f0000002680)={0x0, 0x989680}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f00000000c0)={0x2, 'veth1_to_bridge\x00', {0x745}, 0x4}) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r4, 0x0, r5, 0x0, 0x80000001, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000002700)={@private2, 0x0}, &(0x7f0000002740)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000002840)={&(0x7f00000026c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002800)={&(0x7f0000002780)=@delchain={0x44, 0x65, 0x2, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0xa, 0x6}, {0x7, 0x4}, {0xc, 0xffe0}}, [@TCA_RATE={0x6, 0x5, {0x81, 0x2}}, @TCA_CHAIN={0x8, 0xb, 0x400}, @TCA_RATE={0x6, 0x5, {0x0, 0x7}}, @TCA_RATE={0x6, 0x5, {0x4, 0x20}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40c0}, 0x4008040) 09:29:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:06 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) clone(0x140080, &(0x7f00000007c0)="06808f755a988329cac3bc6f804aa9adeb74bc5c41177f5681518f64745a5d29b99fefd952c9b8cb4ce28203aa84e1cf64d59e5092d801beef94a41438f095d295cf366861292a57f8b26457ce97d65f4a5b6c10392c849f43befb3c14758b23327bb41f5cc3bcc8d6a2a2e9bd898149f0ea9f14187c942e93700245dd45988f196cba1a5b504524f6945af8aceb93b7e3ae85ce038dfb437c93a3c281fce7ef3b8bb925eb13f4356d531a6d05ee0abc57a9a028495fb20cf6d190695236fa45793802a03812137322557db09b227641e1d6cb4175ab6454bd7a8ab06692e6e5ff9935cc482ff7bb7f15ab633afc251e1c266f28b414ea36dbf9f7a2dd5265df667c4a52dc27ba3d198254488ca6c3f13c1ddfe2cc2312271ed4625119e5b91f666ec95ba1f20d39c538d601360848c25ed45accc6b1d701fe25a736ab9d978dbe234de09c786bf4f1d5f3f48cb15f85d666728e5152764cd690a4931cf64628fa6515fcc240844c1fb11f5c1d793036a3bc61a77e12f1efd3fa94ad1627e3021ef8298e2d03bcabfd1715243e1bcf4e8972b091ab5c934b1b8ca5c3b137e18849d2b7fd1e27de4bac6896aa386cdf9f7be2ef73312e6b4ab87bf038a4d322c47462d5d1a7bdadba7f4e7ddd5284cd07bcb3ba6cf932c10c6b7e6bafe495e3e394a294dd7a668174a0707fd2a83d3edbdbd54afb7f4ee31f8ebcd139658888ce3f8a07ac1c5244a70d235ec73847f5d623cc1c72ea449d6bcba064c0787b1fe745e4a4af00636725556000e417732ae8eff9fad8d3ed0feba509ae633337b000a15a51ad583030b40f696ff9e06e4ab9fd117b2b2eaf891b0dadb602a07f43650666dbcd27d47c4010930025dec5a3319cb6c256134197059eae1693b77ba2e9d69295b37136de3dd156fd3f32f7f647d8bc48bb662fc2ab40a12b4e14d3ee651dbfdb11bad6b48cfe7fe4735a88962be4b6e2f029a2c62109a7a5aa20c390121b30024c37edf642ed5a64aec2251c12ae1376ee4e3beb402a81935a22eb13e67477cd15bc3f57b7a1c676189a774dc7921a71986b75a9fe08433300cf902c796795fa350f74835172a82ad7286f44e077dfb3510bce5f3b789d8db0fe338c6f0e266c5485fdb7c0c1495000e2efbd01be11251a5a64b7249fdf106776fe582a8125c54207caa88e01506de95f5955cc27118206c242670cae060c4c4b454eb03548645852e8eda29e61f642a963708083e548a8f039fc9a1572e41a0b97e50aa066126349207b5c3e75b04c9cff3d01be305f5c654838dc62788da9dcca84b56b259de433d123b4813496b8007359c4cc8f4e2c6431238b1ca313006aa1b09191f9b2a431aeefe6d32804c32451fa33ce7cd7805f28ddc93c82087bd5a5283b0ad8a1a4f10ae7e95840a5d276f2399d59240878724f8b7243478927507b0097994a1790bf49c055679eee6c6caf30a85c57082c647abf3ccd63e1ceaa4b34b8424cb15a0eb988de89f67adf34cb3b4922c8926687460a233e2df83596c6d351a352ee9f80dbd958951eb2b9a4b4d933ffcb214591ebe9374bd38ad271e72794562ebe9e5807e974300cce4594411c717d51bb4e9df053b94302226ebec84ab6642895490c575e51fa1556fc8d357fd5039b3ee550580c2165edd8e3834cffdf5b0fdeb78c95fd4746d2726e18278382c7e650cb94bded30613736363743d9602ba85c7501e071331e1dc9f2c60dd24d485350c6e6c9b38d95e9bcbb3ec73bd0c6642f49b73d65ae203ac13b72cced00f8539308d3b3b5278b838ebaa66458565c3436c24f26db89f228bbe4afe7a7e44d7c3b4133856bcafd0d490f30fdc24bd85ea33f1a5abdac973211a3f4c75ee3ccb93aff95faf9b3601d519dcb48b2afc0efde4ea6defdabe9b44593ade38d666b15ea5a152adae19cc91f8249d12e41c9fa0130ba143d5bdf75aab342b6c79f740980ca6db7426211bdbdcc7821b02a97e9a6404c54b014029402045e7bc908c78942efaec47cfe310b7ccdfae55f01fac9dd46aff9e70e72d2d7373dd91826f1dd15a0f9f3a1ab4e531fbdb466d8b9cb2b3fa2b382608c925779df99a8c35d4673504caefd7b87a60337d489ab1873b35ab799e76225f202453658bb7cc8f90125c09491f01ac827ade39e05f78258259538c7daf667365b213b8e2e002924e6aa619af472b2f82c062925855f7838de00216cef226c3ef302d06d602a3091c7b0df0267f724f92ea0ade7481c0268bb6e5d2b097de351f306f0c78f04e60bd4c968509e315141f273db960fad7b27b083a5a9a3d68041808a358b3179798a98d12665ab79510abfc14454fe766f0aeb25648e83f696cc588c9df297b36ad2f32a502d875678ee42fbc998cb32cd6d5bb629c3cb881c121de4c42081d3195fcc1b0f6f31993032e1fda5481f646e6f55af7c6ea8e368d1b81c98b3fed0d8550b867adc92073ba38fb4c638a7e35f2785dbbd5da40d4f769cfcffc50909801b0ef23f08f2f3848be0da29baa4ba5b2409e0dc4d2a8f37609a991cfbc5897a493f7560cc84c827c86d925773d1076054cc4220627b65a6d015f5f8ef3258adc08c2ec60836a3af0128afbe0f349bfbf6f5f6f99740cda54433f0db20b4361cfbbc4e7731dfbea46ed581c0962ce75b423f0a8cb77779ba4369ad588a7db792c8a4ebc5d82f0fa07e4ec99a6689f4c552e93c1140bf6826e83cd065381b5d593cc32625f9897da9f6eaa929683b49622bc2d178f60c840162a2878e767c5998398245103eeda569b9db3c660ef1b014e259ce4cc9836ff510a88bb0e8ffe703e279d579ea26ea457a8f75e910d5aefb703eb2c6c631421c3d3792b925b371ec26b1c7ca6b21200c818119caf9ab690a7be4ec38ef01da02f65eb7126693bde04c021f81d641cc3a86b4ba56d0629d4345757f18144ee555ba1fe771f01b9565a6c81d8fcf60f6ed4cd34dca829b4acb611b44c8ad6b5b96b2475e08798bfc95fd1bb68b8b875a95cdf2178ee117368e4291f416512846f5008f1110ee97560c42eda0a5802a2972e74a92d2ddeaf6f070c8c658b4fa9b4d94811f36fa90b9858c02c83e7837e4615588eab8ad541ec615aa20522e766ccf9cfcda71b96d215536f42a2216275dc6f4d57e1d9e24f78149bc28efb4146ee7ea4411c898886b3aadb48033f743d479b4d2ecdfaf5e6ef1ef08dd64fde0bdb79e062d6880c44081ee9a8fe04d1caa305e38002b845781de47ddda8b96f33e322965453a4ccdc4c8d797f45b6a88320ce3f3040032cb022d36fc7e8d29b9aa9ef3a24c6d55a03af24fcbef5baa1b8988e46fe61f19d47abcea81857a33dcaf6d8a49d212d38b1b66da535b4cbba1efe7768d7018ac34e7219eddf804b61bbebb30660e12536b917fcdb7f2c19a1a4f0f6392e784e2f6f7aad8850e0320e6d0f988dd4282053698b77c9f8fce8e58aa9c75433f2f6a968cb07a83fc5f7f46dd289545640a6de4711a8263215131ed1bdba41ebd719ea1c964944181e29990e2a130a22d089b55b6c0253481001ec3b5ec36b3de77518d4dbd23e9c5c0f3606abdb6853725fb0cb8aab5162dd7ed7a8ab3a1483096a3ca266b43c01385ecd21d0cd3e6c777a8def0ba618dee19793b5df80e65cc542cfce2a722a5e3bddfd97e43b56ea4ecff1acfe5a60b7568b414ff242d688b5d43049caa310192b58ded38c7bf77290bd38bc0a16eb24cf09c54e830eea313ccbd3c96974bc68c4a4e95a3e6462d9fd6ac6a153423bd5ece468255446febbddf75f1aed7f44dd006107f6f0a2f4a04d7a0775b9e72f514dd6317d31dcdd5a7c41d5001f9d2c0683d39eaee5ce3d44bb9ba672b89cc310f88e7d9dcaa1bacd44521a372b3ab767a737978e31c6bb52eab08f4ad0b5235e6010cc203c9ebc3740bf391452689eb8d36fbb911496e55e9d9080b12d9bfec283ef8d7c2bf46a13de57919d2ce55d5685c4d5a4927b07cbaea04c51f5d606ee329ac4a9812e25104669ba05f3976897ca22de723473c1f2d65dc97368f5ca2d8db01b3533216a24e534b6e0cbeed836f734971cb9d2a5bd10c2183868b45c0e1dfd1371e9600c0a2ae625469087f493de2e4db86119634de5f9982056d2e3f21f7d380a287da4a2dd2a2ae974b30a14b8888f02049e7bc59127fafe3fea2e4a97b229a085379156a1eac1b34461ff87048ba12845d669fe87b5039b7dc4d2d0d23de29d264e954ecf8eda288ca67c436c5a3a5940c112abf27b1b323406b9e38148dc98846af523a10a2009f8690603907e7ddbc8ba72e457a418b48c2c618ba1b8ea555878cad84547094bb8d5dbc4ba784d6005705aaababc9eb33543177279a496935ee456dee588bcd2ab49ee1507cba8fecc9b4105a9fbb5160846ef88a9a66e3d459fa1a967ff229545a792263cc3c6b710ab74dc749600419c1d51b5a5cedd3256de55bf275d648eec94b5845ceb2ef44f27cc7384a8c520ecb956d62b71e41d3947763880a5b7c2a271212fd00d151c458f57e372dec71933e56a60aff9c87144eb273199c171c5a15ff349936685a61c8caa2203ea96cbda2f86ce80d9ca24373017a6ca5b7e6d002a2da785bb9820f1891892a986303d6ab87c5937c47f9ea03f8ce0934185f8a188d3ba54894fdd4b791b32adb88fd9e127ca43d9c1fbbfa89614ff362cb43851b832e55f3057c02395bd8673fbc9b1e87be6c45328060801c04d9f0cd4e3c9edfcbabeba1132d85a1a47419f74d39d87cea85e35d3fbd59d88c281c4e310178e970fb2e8553782c42afe4f49f8a05031446a1615ba4fe2ab7abf532416333d26f963e77a8b637fbd6eaa046f63af5a54f382f81f2194b012743802dd4eaeb8c85541210909e41890fb4a5c965a1920c86caebeefeb42584dafa44d2839bf83080c2c519547167253faa837f3b1f9da79fd5e1146a6e87f161896d50839213753ceb364ecce923b4daa7dfd90627bd53ff41c4d14cdc5b09e963bf5ccd47fb4e064dd34d1b6c6842d2bf51e189e4fc5e2dfc36b6c8e29d514dcdfbd2d6f6bc43be0aecedf8afa418612949ca439c821fd2489051341dd7e1ec8d47d155e24565854cf532e9d8156d9146c301a181727c097d04c0796b9c7334f4de85bbf7ecbf68dd238cca3bfb490006d1a35eda7ac43e022a16bd2aa9ffb9f034396433469261d19249e532a4562f6256a0fc2c968804e6bed9c112ec264043d8f8d2c365aa443189ab3c820614b5389e20e9264b70fa7edeac7773739a842a4b24bb8ef6ec85a92db72a69262f3c28c18e3287b4b9059c1d22072896d50b9b9cf856830e67f3f71bb0c75ab3796e29c1b8ddd6a1de0baa4eed6d0ebcb72c3d30e9358252e466123ec5a39ea0b3ff689aec483eda39a4ad58d3eaa381b7f446d9edf8a53e115d62956d1f2344651cf0ee397b43b45e3c2af3fa899af3171adb95ef822a6d85c2acc1eb0bb72cf07276b8e03458b8f1ed4adf717ae2c31965604ff819010c8a0a45224c55763f5304e81eb90db996ff3b0d1bc0ac863684ab4ff9346fa15f95476d581e1c3a2de25a925873f60051ce51cd16c5c946b2c15a095224ef38cb7653b0d25fecee988dcab45dcf460b9ce194ca14e7eafadbdea1de54ec52eb9e35e0f5ac6400efa0b54a681eeaafc1920a32270a895b2894ddda315b03f1665a23504313c5d93f236cbfabe192334c295d9f22790eca125bdabdef5696a3c86227331dbade8cae97cc6cd106958bc88ed8af51013d7ac8227bad443a1e87416e5bfb6a", &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000017c0)="c06178c6140c964cdee73f7600dca614a5ef894171cc8fb9f14a7279bfe3ac4fcdbffab59b173f7e6dc6867e0dc766c0165332d285272fa7bf3fc098fbdee22596d8b641d8dc165f398641fceb2ff3c78c2100baf5b0c9fc540928fa136f509e98adf5193dd0f1c132ded7bf8d3bf41b1a70a163ad563c66d71a4600ff9ddfb444071d0af4a561b5d5f358714bca8861cd82a83918c733cb04beb857df22e543dce57282b2c7ccafdd380b0c6a8fa9ee5aa67ea2821df553f3dbc470f0bb007ec44031d2572f87ee5e") ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5422, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:06 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) wait4(r1, &(0x7f0000000040), 0x1000000, &(0x7f0000000300)) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5423, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:06 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2, 0x1000) 09:29:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:06 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5424, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:07 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:07 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5425, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:09 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4200, r0, 0x6, 0x80002) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:09 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_dev$mouse(&(0x7f0000000380), 0x1, 0x81) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0), 0x64400, 0x0) r3 = open(&(0x7f0000000a00)='./file0\x00', 0x401, 0x1) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b40)={r3, 0xc0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r1, 0x400c6615, &(0x7f0000000a40)={0x0, @aes128}) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0, 0x0, r4}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYRESHEX, @ANYRES32=r1, @ANYBLOB="0000000002000000183300000200000000000000000000001836000005000000000000000000000095000000ef07000085000000a30000009500000000000000180000000300000000000000000001009500000000000000"], &(0x7f0000000480)='syzkaller\x00', 0xa730, 0xf7, &(0x7f0000000c00)=""/247, 0x41000, 0x4, '\x00', 0x0, 0x1e, r2, 0x8, &(0x7f0000000600)={0x8005, 0x1}, 0x8, 0x10, &(0x7f0000000640)={0x0, 0x3, 0x1002, 0xf9dc}, 0x10, r4, r0}, 0x78) clone(0x801000, &(0x7f0000000240)="c3d0802b739f861fd08359ddece150b90702a0e2abbe8e298ee74242ba148f9e2a42880a2e0462e4a57a5aaae7710f8a7e9305ead8781a38ce0ae5d6255740ead100f95584d47b7bbe82f62890c65ca1296cfd9e54893fba7701621cfda0537067b8f25c2b40", &(0x7f00000002c0), &(0x7f00000008c0), &(0x7f0000000900)="f47bc64de0e5e86852e78035f2ad093177161854a61d73170312524dddbd738c1dab2d805063483069d87898dac05c3be5ff07c5e381d204b027bb0d72db453359ea6ac4b808f5fc4b75d0a8557d663fa0f1d9a97df157f72b5ce947e59ecc82bc05c13128d5d6ed53f476f19869080cd8b49e890465189857e39364fdf12eab5a99b9849f6179f72ed29f7c0ad96dfaea24333ef4029ea52f40b5cbeb629dfdada16e4c811d0024580be7952da6c0d36b6df79481413c4425f87ef30758022e6981552038a2dfb4a9f5664d24") wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0xfffffffffffffefb}], 0x1, 0x0) writev(0xffffffffffffffff, 0xfffffffffffffffc, 0x0) ptrace$setopts(0x4200, 0x0, 0x200000000, 0x30) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='erofs_fill_inode\x00', r0}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={0x0, r5, 0x0, 0x1, &(0x7f0000000300)='\x00'}, 0x30) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a00000000000000000000000100000000000000003134e91e3f3ff7fb000000000600000f010000000000000000f6ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000af6f8c26aec6f8b11a478155dcbca8fe4d9493f77911227c67b4978de4fd23f6e3f0da36af26f35741801e902f0be7fefc6b1f9210d05cbef89eca4c2264e5e5b05fbe49331d33015b50f5445c0b41236f99f805ef15a716e9b8781633f677d227d7ac3cf417b32765c63fc0cc48b8c0f402716ef5063a1c53107d0eb30bc20614562249451865b68e9f58804a943bdadf631836c2193decc0b938aa1c23e67c77ce38c0a279051cf28f7cd56f5351b8ba6d53794586be7695b9f86ee8b00a818a03bc4c7a44"], 0x0, 0xbf}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, 0x0, 0x8001, 0x6) 09:29:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv6_deladdr={0x34, 0x15, 0x100, 0x70bd2d, 0x25dfdbff, {0xa, 0x3f, 0x2, 0xfe, r2}, [@IFA_FLAGS={0x8, 0x8, 0x488}, @IFA_CACHEINFO={0x14, 0x6, {0x20, 0xe8, 0x9, 0xffff}}]}, 0x34}}, 0x0) 09:29:09 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5427, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:09 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:09 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) wait4(0x0, &(0x7f0000000040), 0x1000000, &(0x7f0000000240)) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000fad69546f203"], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:09 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000462400a1000000a100000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070c000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000a000200ffffffffff000000"], 0x28}}, 0x0) 09:29:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5428, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:09 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5429, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:12 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) clone(0x200000, &(0x7f0000000340)="b41482dc092ba6a0f75ea36fd26da53cfb73f7188dced4db27d45bfd711c981afd3fd602f03d5b8f1f82ceb1411e476e6ec59b9860e6cea0647b0bf0e3eb1e6924e47f054c22ac681ac07eee1e1ac302694b6d9794829f5f9a1adcb2a43a7d1a28bd9b1cae1b0e7359e37d0f3a36396528387efc2384ae6368b97343e49c673d76", &(0x7f00000004c0), &(0x7f0000000500), &(0x7f00000007c0)="4468e58d90288297060f2d5322fab87ae261f81aa5571523f5b1ecc01a16a4c7c10adc66b5a16246d15d320612da780365586aef2cdea7f1542661f64a902928a4bc8c48ecfef298836fc4a4c1f2893a366ec1d9cd9255c190fbfe420edc6f09c370542f180e67eabef27a8b38a30fb8b06cafc8ef6748612b5b241a515276cb20f3b5938415a1a683b78ce73b8c6565543a7ed290fe72c3d3ff5f4cb70bde660df748e6803c90a568c1789d614f11ba50b66add722547e4e7a995a2e25677ec95656cd04d12866fb3ad") bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000b900ea00b900000003000000000000000000000c0000000000000000000000080000000000008e756617000a00000000000000000000000200000000000000000000000300000000000000000000000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x801, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @ldst={0x1, 0x1, 0x2, 0x1, 0x2, 0xfffffffffffffffe, 0xffffffffffffffff}], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0xffffffffffffffff, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1a0000001c00070c000000000000000007000000ff7ff52cd3477d200a18a3cc8e7f709b01241a57534c2c5511d2", @ANYRES32=r2, @ANYBLOB="000000000a000200ffffffffffff0000"], 0x28}}, 0x0) 09:29:12 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x8e000, 0x0) r4 = eventfd2(0x8000, 0x80800) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f00000001c0)={0x0, r4, 0xf8, 0x0, 0x40, 0xfffffffffffffffc}) connect$unix(r3, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, 0xfffffffffffffffe) r5 = socket$netlink(0x10, 0x3, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x80c1}, 0x0) 09:29:12 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{0x0, 0x0, 0x6}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) wait4(r1, &(0x7f0000000040), 0x1, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:12 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x48105400, &(0x7f0000000240)="05995005bcb6bca2e31e115022ba7849b76c42f8eb3b383f979572981658cca2ee7cb2501955d8cd7d7c5c9ceae571e7c317c33d86c5c4708c4bec926bc04c8c8e7ec7c3a7a3ecd28b0f58e636b2930da7c6f20839484a20949771174bd15f9651df1b6217ec2b43e36415b91b8fd1714d7a430c01edff2da0091893b19b6d494f76ec1de4bb4403aea93a62d22695a8c0b16fce57ac", &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000440)="8be89ef7ff4824a7cf2f487f52d8f1999aafa2bc37124060b4c5dc4480f6d7adb5040579b8ad30c7549cfc68a58eb95526c141b7677a4612957dd6b45f538595edd078b6ae0f925e9f0a67ffa9492733efba8e89aa1f043c97c9336c3aa0d43dad913d0bc8b22b907e0904d98004cae061669728ce4f7a7c35139674aae66096ad8b732e01da211c2625e955bc8f0c1f9197c66a6b9ba53331dd0723a7f8abb64831e74a03b2745f8b23c574b0808595d98d6b6474fcd8f772b635eb3c280e62e3b96a2ff1c23bd0d2a6b94a21f6c1cb42743f7645930ea2c7abf89798599276b6b89900") r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$cont(0x9, 0x0, 0x0, 0x0) tkill(0x0, 0x1c) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = socket$unix(0x1, 0x3, 0x0) ioctl$FITHAW(r2, 0xc0045878) r3 = ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c1c1cda69f445b7a974bf6272c281a1b50a5b2665179d71818f41735af847ea40f17adb7f0e6f4bf83b905ab064fa7d40cbcacef92c37dacc60903e91e9b2393e98b7cc7a6e6b5b7a4a5cfe7f1ec51a7bc7fa894f"], 0x0, 0xbf}, 0x20) wait4(r0, &(0x7f0000000300), 0x1000000, &(0x7f0000000540)) tkill(r0, 0x8) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5441, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:12 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:12 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) gettid() r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000110000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x40) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x40) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000040)="9a359bb7050000005cab54d386b9afe554029685bac11c9fc0f9605e4d6e2d45ad8497833f6ef3d7d287227944dae1c65c024f34ae47a42abfbc46") ptrace$cont(0x7, r1, 0x0, 0x0) rt_sigqueueinfo(r1, 0x3e, &(0x7f0000000300)={0x13, 0x3, 0xffff}) 09:29:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) 09:29:12 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x8, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0, 0x30, 0x5f, 0x30, 0x30, 0x30]}}, 0x0, 0xc4, 0x0, 0x1}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0xa) writev(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfef0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={0xffffffffffffffff, 0xc0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=0xcc2, 0x0, 0x0, 0x0, &(0x7f0000000840)={0x6, 0xf0}, 0x0, 0x0, &(0x7f0000000880)={0x4, 0x1, 0x1, 0x20}, &(0x7f00000008c0)=0x81, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=0x5}}, 0x10) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r2, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0xa) writev(r2, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfef0) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1d, 0x9, &(0x7f0000000300)=@raw=[@alu={0x4, 0x0, 0x4, 0x9, 0x9, 0xfffffffffffffff0, 0xffffffffffffffff}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x4}, @generic={0xff, 0x6, 0x1, 0x3, 0xfffffff7}, @jmp={0x5, 0x0, 0x9, 0x7, 0x6, 0xfffffffffffffff0, 0x1}], &(0x7f0000000040)='GPL\x00', 0xffff, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0x6, 0x4}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0x9, 0xfffffbff, 0x63819e1}, 0x10, r1, r2}, 0x78) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:15 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) clone(0x8000, &(0x7f0000000340)="3c2f0dede85404f118e4461c78e2155940ce091d651dbfd6fcea50ac48d4e946deeac1f12719ebb3c9f7d786fb2345d0f19a80273992253dd6d852272e1d89f739438f83329ef448943b71190f2eda395c255ebc06750e4d5b112698bf9cd7ab68acab7c2165d3febe046256a24bc25e6a5bd4e0b72c735bf97d24efe63d5f2f07c62f06a18b78c87d38816603d320063bb5ad87caebdf81638844d5abf168c2c4af40ace967e22d8837d627b2e157a556", &(0x7f00000004c0), &(0x7f0000000500), &(0x7f00000007c0)="fb3d7bf804bf5ecbce09cf11ed4f781ae1a5e8f9aeddc97535b8f20b0bde8ba795793b189715fd65ffca2a4357805af34bc5fe27de7d71ac30f93c05a93d95f6f722d5837521ae0d6212868fb0320f48136c140ea0a7d0783807303952919b4bbcbe645bc9e283b5599a38e092d362ce024d66246ce7b357023d68d9a33cd389110558200dfb7cac0f05eb083f47e9446e8bf3773a99f98c4f900913bb93e98b09e37473e2636d3690d184ed4f8660c201573a5a") bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000540)={&(0x7f0000000880)=""/81, 0x51}) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x16, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r2}, 0x78) tkill(r0, 0x24) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5450, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:15 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:15 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:15 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = socket$inet(0x2, 0x80000, 0x24) vmsplice(r1, &(0x7f0000000140)=[{&(0x7f0000000300)="89656d7b2170baf45ef46bd7aa206663852ad62e6603d3fed2fb296b50f6cf25746bd8e40b9f543f1bf322315df899567cab7bb97eb5313f10f32474138f11b1e7dc02cd0898302c8c5d4cb3c623f84a90ffa60b5a1b8a1d307993c794d7945ca7e0b98d5bcbd029277ed529042134c78bd519bb92c7b94fb714ace3785675aef158f4010a004120b591fbba44ef3e31c593373cc06774014eeb2d4d914ce048db20786a3d42c2d45f341c309a4c775c37c2cb7d42c4efb2261605eececc401cbce5e5efdf1eb95818ce22332e00df935bd99c576dc62ec3f26f5d18eb9bd85fd767c65d5400a0fa07c62da4e3557d894eb657f00042b3a90331ccf35d14", 0xfe}, {&(0x7f0000000040)="02a1b9d1e57c5c0e5af0bfd0c4153043f75d67210c552f3dd48e68beb60118af2215ac926429142bf7c9edcd53f69adb39db39549567b6", 0x37}], 0x2, 0x7) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:15 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5451, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:15 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$AUDIT_GET(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x3e8, 0x800, 0x70bd2b, 0x25dfdbfc, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x800}, 0xc0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x80000001, 0x0) connect$unix(r3, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e) 09:29:15 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5452, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x545d, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:15 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) [ 2223.223073][ T9350] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1000 sclass=netlink_route_socket pid=9350 comm=syz-executor.2 [ 2223.243432][ T9350] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1000 sclass=netlink_route_socket pid=9350 comm=syz-executor.2 09:29:18 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) r1 = getpgid(r0) setpriority(0x0, r1, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:18 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x70bd2d, 0x0, {0x7, 0x0, 0x0, r2, 0x10}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x1) 09:29:18 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5460, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:18 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x37, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) r2 = ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0) rt_sigqueueinfo(0x0, 0x12, &(0x7f00000004c0)={0x37, 0x3, 0x40}) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r2, 0x8008f511, &(0x7f0000000340)) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:18 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:18 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40045431, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:18 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:18 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:18 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0xa) writev(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfef0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0xc) r5 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(r6, r6) chown(&(0x7f0000000100)='./file0/file0\x00', 0x0, r6) r7 = perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fstat(r7, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r8) r9 = getegid() sendmmsg$unix(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000140)="5d86b5e7a823e018626ff3c99334481dac74b13b2f621374e2370e4a2a38a499a9eada0672a93345c4d171cd9c2e0b540cb4199e3cbe9034a4924c9c7efb7fa57e465e0a71742d69b20ecaa29b3ac8862ab7a4aaca6416d07731c20828a572723ce5e8fa700585e75bc87cb3d323f460bf", 0x71}, {&(0x7f0000000480)="6974ac79276299ea28d2dccd9d16324d8ada6c588f0ba069526e60214d408003a7e45ae5f29cc2536b23ec9573b2531233e5875d0cf74769e1e9069465527667ca75974a8e1ee1d8fe0fd218f14dc2439c516203792701d81344a0a2c7c3297188b374a9ab7c1a4e1ba186b0e7c5af7ceb414de011604421edee70c9c8db27d5e22ed945829b9aecf108eecba0b9c61f28781a4d71ad5badef7b7b8906d0357aaa02882ffa49ea1b18f60f095c0ea9537f6bb8001b4b0aa62054291a45ea418beb3b905948510225b1b09142239d4c2c4849ee704a1c9d411eff0fe75d3fd484257fd0edd01a032d3fe8c9baf54bac454da21af03eb8f25a1379a666aedb3b917f4c192bf027df58b638825837be94ed45e6b4128e2221b8eecc9351211decb28e2530187fc6b8a3372921f7b825617fe1ca34fc511a6e119d67bba8cb244ed990cf4ae9485d03abfda10dec12394c7aec5fd702d8e90ea7b20cfb91461e700b0e1a726811de1a53d1f7978c456397bf462e807fc0daa5a1c13b23ed8b3b5aaea77af4482b67b0de99cc533fa64b5377b7c3b49061ec22acd5454fcc720238d54e0f4b4b754d93e29ec00c225073eeee68f7726996e05d036d48c64b4cedc7278b2fc39251f82175978e0a66d645108a67c04e4b9b68c8dbfdd8d502a5027b29900abad53da3d83f55f0706c6d13277ca70698325dc3e396618705762fa787dba76017fc284c021d93b7124f5088e2ad3ab291ddfd61f57c87c18c8e0d505dd0acd61a58a5dabfa0b46e7212987f275e26bb8fe227496954de00af4baf5cd02ce3f89aac2d132396b70fd9f88eb31ebfdf16b7a5b2c511d6cff101cc4211f9b5ef98d9fe6472d4377a8eda99a7796cfbe67b720274b1486cc13118e4cdc5663ea3a113721b822d10c5aed0969fde4e8d932ed8004072d091c89f60b8911db21eed4f0d42ae42c420bca75d401a3545d526b112c4737626a7263e63d4e579e577a2dca11de6b12f78a4f3f8ad10fc6ab368d80fd5f3951a0e630857d341fd1af2b84006d1e73555bae4eca376bb6b21a4a2ab582b829950c7bbd079773da28ed17e2f35927c47dffc8d71906185d8fb07475f61324733f22371bcd2583a9114cee9cb0cda2f0087a62c1904b02b5a7ca51a9b466475421cdd9fc355cf516c034dddf7a95ffd2a76a83ca8baa5975ba11dcefde9d9641f6e36105d7688d3c9449e0cf842a7cd921ec70f514a388bd6ff3f9ca3ab6721862bc2030ee0fbb6932bfa201793f1c92d558095e328d00a2f444709d89d648c8a93ca7780579bbaeeb8de5ddd18215d431ece33d58c72f2de979f7dc451e52cbdea772cb739a45e8a4154ef991a24a38dcaf79ebecba9377c382ba5225b61f88b52f1b3c7e184e96aaa112e5c203b3ca374b3dbb747fe1e9475d2b56dd167bd09e22aff33b81678f44170b3edf7cd79167bee88c8f3caeb2b91f6c9f199cc73d94a4d4553bcdd4e4dff86360bf2b22a69a98ab27c22a99e4a1c7b8f3716a743f8db857f021ba9b2a7830db0d47084084d8271ce1030c2e279e9ab5475290622e1c0d830411fe94d1e37497ee5f91126673d01ee22adc711b6767f509dd63f08c30fa6899cdf5889e8a7ab16b7fc5042e026df307520787adef252b6b0f9ba3b33813480452fd82ddb5b2840a385cb78af204ada5179e54fd9ae98f51483cbe66e19edc034a1cf84ec94863756c3b65800f465060650e11dca8628cf619c8ed6ebf98c28b6a3996e9ebadccdb89476e3259c179f835e816338f73d40065c61ae0d353c533b70d91bd1b26221c2b080aa812a9ed25d73d34cbec96821c6b16a44a0bda12dec9cd943d0a333d26a0f7f7da251ef403e01ccdab900685e46e0e54844770d93094f64a7b93cd4bc9509fddd98b2c0712278d715d44c26b80800f21e59153d4248886d65714a68db8908a54d02dd4d4ac1a3a4c148267fa9df184145198baebec07be7582584604a5d78054090693bbf8d4c0bb2058dc1465d1c71935ebec6a2854572e57e2bcf495f0ff7e5b2dbbddc3aeac633cef82a25297deaebe6e630a851d94cae9477ba9037bb515e0436293e0b6d2ca5832b302ae2bee43c84c3f773e602077549c5a73f635365bb2b6c8e6f5187adc8b3e6c3b56b1d210077f01398f61f196f1c16551b5828baa4ccdc6811e0ae62b7b270302773a8dc3d95f856550b01d25d8e12b8013beb55f70f975c5ff995d4567cfc48552dcb070bd09304b722c2eb3784ca2fc47f811d88bcf852c4db086ef81c8bf1428dfdc607bfc2b2f32a39f1cb56440013afd67a0999489e0536127399f667135974567b7e984f23a1079ff2f2c0ce5c8a9b9242aaeea33d2be169193175a113986105bbfd1c15e93edb37ffb236133d96b6e224bf15d08dd6d24828ebce297f44736532d8a68a0cfefb2437e56b1876101f3aa35228e8d4535618ea022513c8586676c4146dabbfc51e63f6154c2e42e7263300c56363f46d945f7ce5679b7b57391e8f983c5fecd39e29b58824dc26673a3695d121c2cb6511dc6ef21db40b699f240e29beb99c9cb3af334e4b39a887ea2901dd31fbfe5da6ec1f9de4b6e21a9ecac141f09bc013029204731059c901eaa4af2da7e7338815a325232fc10a3521e02f2bbdf94b8e34b4233fab7fadb4f20ea848315d950f66fd85b094be66c6c5191b1ac63b758aa20f56433c2a397e69f4d41ecf879061a3d379abf2292da26a80da8722fb37477a4510d26e495da8a15fe254b0dc860bb7b24cd4ff5ccb4697a9007ed45313d55f40ae99363605094d18b235b5f4d5cda2a0e5800beac156286080bcddd7a795cf3d711087865e25d06cb6547ea96a4d122915fca20e759f0497c75f8429067ab20745fb1136e5da6730034174fa3c27be655d83814e014fe525217cb7526b1c3e5e8b036ad8454224f082135fe7f7a709e054b67a7c638a45ce6685a1296fe560ae6168628bf5456e0486ecad7f0a129ab05ab859d40e341e0ba5271ebb802aa82f12423a84dd635edb85fc07250b2b3d966cd6b0dba6215dcf4b3d4088b3a011395b13c24dc0a1b21a102ab1239a6e207765d23f847f674a7100a4b1d43fb2238f0bfd7521edad248709977f74bf124fe83e2d5e608beba66766a21662cfb044a87ea318ff707b1c11b399c6735949e7d2d9a5004a907960c8974b84d996dc6c9492a64e68755de86b0b6e601b0288fee86fe6b19a1ebf2a8c6ad36967e7468511dc4b0fe0a52c812957dd301100d8c3daf21324907b583f9a08a9cc81f9384bf64bc99cf85f218a887749648ca6c1352961b0163230acb9e905efbf1fac150bfff5a1e5bc648abe4693cae895960345dc93c804dee32e64fd9cc24c9a53a93c50397e947f3c496bb3ddc6eaea209206172130f646ed7c876c0443b5a4c2beda70e5b80f5863904b5ead7d393fe65a8d30d63fcaa5685e6c735b01c572369d0024ea762b0985690cfa9fa78ce55d555549b33abf7f570f8e54b2c691cb03f3c77228e9ac0c157ef94eaf9800ac7236aeca5813617fc63594372b79d43bfefc593d1615cf3ac8f96e34e667d3143a39b0e53f85cf7b0ae0ddc3f22d6997627ccd0fbade2f0e43c01e0de01aaff0739ef8d1e6dba7db273dd581a72b3043e65f197174294a299ac871f2cfbe9da14e9bd9317657b35e4e87810a4554200b2175ffa639e83774580118703d8498296cbe3f20fc97b05a5c682285a517f3ef10490b8ad7a4ffe9b84a5e673f11bd88c2110f9ad4bbcd96ce226e8c2f951955065ff0911a8c093b89126d0a80642bad4ccc9e2f275f3473e3a85fb1e34ea6a8254608ee9839cbbfead662f2600980d084d14e5bdc434b3a3da375b121bd630d0f0584688beebf9ce3b5eb1350baec9cf6418a3349d8c5522d724e448cf020b44d836f09de1b6021207850a562dd9c6faa1e73be10559a4ea2136a6fd9983b12c65dc9bbe2b4a7bd282f68e75b72a229a9b2650b3c193ebbf9e92885aff77d7ea0b8477775ffda1756434e881b6d9f898dcd31f2167573daa3fa91083e5397337dba2f6cd8c5bf29bb37f38d78a5702294205d6e8cea825634838d8243a7eb8070f1d01b6c0b785686dd917963d629f3c8d324fd9efc357a42f8e466110b92b6c10e085a6370b32db759aae5d69421bf163b88514231be39e743fb72f93f83d7c357cc94d00c1c98fda1eef37ccce43dac6a239cb79d17aeee4fd3ffb5aca3d47ac12188da70c38884a95753780ca7849f151ca5998235ad196a22ef56055eaf5bd1b16feb583028e378d0fbc2c530070edab44649a8c0c8808debaca7274fd30dab425e343b5f1fb8ae0d0917667d99671ca77df6a234ffccb6831baeec3da61d70258df5e925533af337d81dafa3efb44f829f8ad67ea04dea7b7a02efa99d86e60b4707e5b03cd4122e786f1168d16d2da06ef1a841ca0998fae5bbe23dd39f612f184dbcf9c51653906e9df3975f1e68c3b6f714e69f935c5f38a593190f53e1449827e826cf43b3eab324aface1519a3f7fb116ce01b43963f03af7a0423415e1c2397aa6173a00b439f69169f0960278c82b816678011f27940b6fbbf486b7f5fa41b786d0f84cb61211723565e6895bf543a80791aaf33587e89161aee48fa73732a2bebebf8674a35482b2ab7bfa00d8cf20cb14d1422ab44a686d564d17c94d801468ab9fe27f4cb528f8d4a45c061fa280769dc32e5f2ec77a738c9eeb84336bb53f17b5b8cad3d59a8933e7a7a46e66bb3b53c68837c3c93e63f073245861baeaf89f189d90dd589f5f53bbfaa41b9da134524f3f810810aa242f2f37e9832399656af9718055585e0ce785056d6c328c78f2af3fd840651a71381765df39b5d22c3ce3e2e57aa6441da7dc85d35a0e9ac3cacad5bb2907bce22a9b8106184471408938a8c6dc96ab1a346292846eacbcd0da9ac883f7e0e211d9e2671ee4d3a4d8ed5692988a6a346383c8aab593f77631c9c8ddb3c81ea428f673eee3be65f6d5beea55d80c1b095178ea6de1ea68f0dba602bbf86ee2d7597602478ed1e5ecb9c9b5bf35a6802fa519c170b380ea98c256fa73e234f858fc7296c5e4e1906508fa461b81d83a6eff12a2bb911db5a0625882d7a821d93449e404991790c697e41ecc9684f989f94672cb276aa1097bb3792c04493705a8726dfefe58d957fdc1ed005c49986e8e448c4bd6b4df25589832217c8c2e4295042958ab93635557e0b2e6e717f6f0090a26879a056a0f337379275f5de86a4fe1a38de8cddb40bed798dcf94d2a3a708d50573ceff8c0863b4922338e82bed37eba9592aad22aa582e72d2b3621eb78413042a61d16f8ba446b4ab6cb3e1e8443b7640c43dc7c1d46757cb391d877ca857991b36e95d534f88af74e451303bb4c858ecc2f1b640e0816a6b6f4ef004cc8f0787b0fba534b65bbe8dd5440163c242cd1b66bf5377168bba2b186f3a62ebee2fbf1ba288997f7b2ed7ba269699c1de3a24af2c3bf735f22def77bfca38ce0c5df0571e6b192abb561f74bce62f650948a9474ebb57126525bab50ff5ffd7c16c9041dfb59cd9a851b608b1013e11ae378cf0a209564704eeaeb5062c8cbc9ebd0fc19f91f90aba63b1eaae03554f97e4be0fbc05508d28b17b83db587c9a29d9d32036a7c751026d75e015ed55f9fbd8741bf139125f035bba288e6e0caba04bf03fedc5ea3983126066b9c3b5cb0589622dfd3e824f6274e2f3071823b2b203c386751763fe8114a37dc98945af521fb97cbb20715bd3132", 0x1000}], 0x2, &(0x7f0000000340)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r4, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r6}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r8, r9}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01}}}], 0x80, 0x1}], 0x1, 0x10) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @remote}]}, 0x28}}, 0x0) 09:29:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40045436, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:21 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) pipe(&(0x7f0000000280)) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:21 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000080)=0x7, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0), 0xc400, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r3, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2100}, 0xc, &(0x7f0000000240)={&(0x7f0000000d00)=ANY=[@ANYBLOB="840000000408030000000000006d490000000000000003003a0000002400048008000103fffffffb08000140000000000800014000000003080001400000000114000480080001400000000308000140000007000000000000007a300000000005000300110000000600024080f300000900010273797a30000000000500030088000000cfefabd0e9754a571b6c0f1dec16065c589d09df9e28d20c7e66396b4aefd481aaa3e9eca774cd6ff31d"], 0x84}, 0x1, 0x0, 0x0, 0x4000800}, 0x8054) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) openat(r3, &(0x7f0000000400)='./file0\x00', 0x1, 0x60) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = openat$null(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) accept$unix(r7, &(0x7f00000001c0), &(0x7f00000003c0)=0x6e) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xc008ae09, 0x400000) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xc008ae09, 0x400000) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002840)={&(0x7f0000000dc0)=@proc={0x10, 0x0, 0x25dfdbff, 0x10000}, 0xc, &(0x7f0000002740)=[{&(0x7f0000000e00)={0xb8, 0x3f, 0x805, 0x70bd2a, 0x25dfdbfd, "", [@generic="a307c5232e60bea0b2a9613058869f7acf3bb7accd3f61a85e2ca8943ea29679184b1d064b9adc41498115687e97c9fc1a66bee9e6722c3abb8b130dde467b6b5c8990b8643116ee8d8363b9c4840c144593489d9873ed00e6b4aa846edaa4a7f58bcee8290a408b5d7355c32cdad3c947af634a691466d9b84bd120835420e17ade6c1c81e9b505b4fa36812583890f6923df014e2ba08ba7d99a4201bc1c", @typed={0x8, 0x76, 0x0, 0x0, @u32=0x40f}]}, 0xb8}, {&(0x7f0000000ec0)={0x158, 0x3b, 0x100, 0x70bd26, 0x25dfdbff, "", [@generic="ba4fd55654b59fad41d6e59258495a030989e77e932a6d65ea09945f8e2f93aa6fcb3a9a1e4803f5976f1a79f19134b5cf9fbc364f14ceb060c3d6c46aa6b785f84c6ad7c95ba8a6df821203355ea24059ee6c2d0ddd3abff84b22f008c2f55b08eddd9b1dac7a85e1802467aa70cf66b927a8688104e22a95a76c2c7fa083eaf820c8f55f72fda41e60193d79879b0e5d82af772d826b7eb8634084f63be78d64a5fbd444ef7fae29b999afae4678c93dff0a173f54", @typed={0x8, 0x15, 0x0, 0x0, @str=']&-\x00'}, @typed={0x8, 0x82, 0x0, 0x0, @ipv4=@multicast2}, @nested={0x7d, 0x5c, 0x0, 0x1, [@typed={0xc, 0x6b, 0x0, 0x0, @u64=0x7}, @typed={0x8, 0x5b, 0x0, 0x0, @u32}, @generic="9a21a5f75517d30e5bbca0a83d6006e5de5e25a8af7b6c5902a72db0957e365012e909cb075615d2c33e129094150b2e03cc4ca0ad7fc32a5325e49caf4c2117695c187e64e88b7fda25cec1e98d016e716d22eed0b91c219b420c51a6b52086e24be9cc0f"]}]}, 0x158}, {&(0x7f0000001040)={0x13ac, 0x36, 0x400, 0x70bd29, 0x25dfdbfb, "", [@generic="0f3445c4b24ab7c17a9ec1a3552abedbe8793133684ebf2b0da4d517aa204fdc59d01441322840e745565a58fe45f2b5b3156c2f5f3c6939c5a25262113a7ef84ac494a0cbea76", @typed={0x14, 0x17, 0x0, 0x0, @ipv6=@private0}, @generic="1d5899b398af4a4129c292b1f7bd2d688fb87782b3efe1678802d0616c1c6e421092c3b21c49825b7df16a4e1cdb787a9b5c1ec5df80aa8b8ca6718638bfebb13889a1e5a40ba0a41106784f8db26bfa1613f2fdf3c042c6b56970fc6b0083cfbc527d24de604bca0d73f4fbd801b6cc4b5f1d5b283077a4dcd6c4c622c19b129001b4f38b6754af3f080475755732f91ad5cd33b883ccd57ba9ae18c84e9f7fa9fb497264ecdcee1e1580275695b14bd0b29cb2b5ebcabdfeb58e8ad6476783d73dc110471b718d56baed39ebde9410f64340e51cc56f492006dc04f1d0df397e695a6023e5d2e986e5d2bbc9857cf7b9a6ab78ea487e99ecb26bc8d6ae3f3d38d50548fcb0dde6758ec6a318e42213865edc90ee803cafe62597d7a1776c5721286726c82cb81e6693190fb6a01072cffecdc79a8303e2d6531fa1b32e123434cbdfa4b03aec0b023b6b6a5dec029ea3f6978247bc2a22ac658ae1b9c9674fa950177d94f034debe5e8aba4b2abcf5b1f48f5a8ab8f4872fa89599f32d198adaa71bbe0366917e8abb35e96ed23d076b92a9e2a320e68b0051f10d417dad47ccde14e0c34d98d7037e75fab975cd63a9fc212e0e1339fd06887199a5bb7e3ccbabd86b739f78cc2b7022b078a70184a5737fce61edd092133806d605faf0d67e9acc30068176de5d1b8627aed909c00aff3c128643642b345f2899bcb59258cf01b5e0bdaffbc950ad2d0a897a046afb13be7e792f192ba6a19c6b792f8f436363b7aca430b365efcd6aed31f975b14ad7dc7d93f88bf588a058bc6219b24bf1c848925b3b4fee583fb7d03cd106cefc0240f573392dcb5a78d0e40eb80e1ff63ca9303292fd53e53f17829ee732f70821d2cb6d7658bde08ec0f7d7b96ccc8874a6aca40c14727999f7b1756ca8b4e6f86dfb3eadf21d24fb426ea9598475900d774eed44c5f79179a17fbfac77c35abfdb07a005134e40737be0fa3d458ab52721ff8f59dd4770fb834a9b5c87ca9be806009ceb4455a3f036457214b9918559660a36b69d0f9a17ae7b2d37f40aab4bcd84b4d256f1870b334e764e59b2bc5471a1ff63318341b4867f2f6d01630a6cb46bcc886cfa7edf380451f1fddca7bd24059aebbd70e593da87490d408586a348d372147ad46bccd15cbd1133f41ba437006366e212da5a5b2241df116cf19d4033dbd9d43ca1c3088d7f7b0e3ea4014a3da65020a35a211ce8c930cc957ed2cc97b06f41e4787c16b8f90a3f541f70479bf72595be51fa9e7797e82c3ccb553b412fa7efeac6983baae088a0dc80c69d1e352ab9f4589066a05aabf7276b2890bf0a1867715d1c5a5a4927fc2114713c70f8d5e4d1accb2dc60bb732f67f4582abb884e10cf006957678b4e66272b7a70a672d69ce11d8daa518af1b25242f3b0a2b1d419d618b25f0f9db7ec1e8c02b90d14ca95970fc05edc444b203afdd837fb43860370bb34e2c3aada9cc0fe2d8270b4454986ba18fb1ab5275a24f268b86f36a7dd0a9eb6ae08239e4be2052d44e55e8f2d7eff1f48036c7d23df358b7be43c891167202f417d8d437e06da77dfee2d6a324e9cecd920784e609526380c46dbf7cc744f78c9518587330f8357f70c864d431b2e36a48b26fbc892cfceeda93831b1e5fa9b601904a331d0513e8977c7f96472a7d69787be6569cdfc1bb115762f6136d2974755869cbed641458c251086b4cb1749ef9427c1e0542e63ca9e75093c5606dc305807884ba6b25f127b8ccf65aa6e7b70ae22069cd5bdfb2e5b75a4b8eca544783fe9d25ac339b7d294ff014d316020be59c719ed980c4c8cb96e59beaccecdd002a0acf672bd1dd12d9927fd1338ffee989c27845b515e374124f9af788a2e702c564e4fbfbb631c23c907a18e7586797177644900aedd78821abda7ae323406bcf8f798e9164fab621754cd3cbf8822385d937424d211349864fd1210422d31f8305608dc776681aaf2a30615b1f7ed6a358defad34108f185423840fd833f285ae563d82e63fc51407696f578bbccf7e0a1b625ba4546c47150bb370b330be8f48924fa9e2afe6161780650358a113da625fe49c030ac083192ece4c9c82c980481d03e75898134cf7d0fe4bfffe55bedacb54f10a76720cfa7b7bdf3e192979283fde993f9fde80f714ea41e31f4a12ef6c490d4c35a8741b76272ef715d540d9992b24bbd35c1a17ab748b6fab3e9b85d014eacad7d9597ba9f6fd7c806769e6f25eafc5c204ba17b1eacd06347ffb1e18a082a37c15ddf7e2edca40d48617296382d50357ea9d5cb054a77e81005af8193296b15e4aeee82ac58871a25bdd12ea6462526491e8edae73cc394d37e72f9a7b0b452fd5c852cfad94dc5ff00108717fe4ca88f5eda78192731f20475ef2c235731e522401ad28d08f86dd2a4cb188224cd3744299b1475a505d8c5136dda93765d1fee6c21dd3f4a48c2202a961a55f77f40a1746d06c39ec83410de07c00bfd3a646415b8eb9b6e8e750076a521caba62f93fe3a065efe23a5c5a0d7ee91fdcab4e0a554b0585bccd93a74c0bfae428a52c85ac90ad0414e78e6aa0d02b9ed49987671d11353f18b5790033613c176c749dd435618d1445578ed2e897073d81c9af41d8a5ed0ae80017e6469dd78dbda4a861114df45245dfaff2e5d2116fb8f21901148e70b5d23654e93b0f7ee8befa4927bd416e54e0e78503ae7f49745b5c089a5c6e28d270deaa9698e357f4a367e61539ec0044e231b55c1677551721ec2330b109b4f2fd4b725dd30569bab5bb2b9b44b566a658017a90587d035ad046e081ca786c3679c7d9f84918cd675aedc63a9d96513f9a69c798c38274142938883127b7a646c122075c6bc46b993a6137b5a58c4ee114295a6ce0175c468400a9bdb0345b9cfa1546454e97a3e4be07aab06bcd5156ba47dfd14d710943a4595235b73e7d92cedc14266e21a16a145e1bbc379a2119ff179bd4ede0168b2814dbbea3dd194b0827e926656b94f1d07ac6975149f491281af4b9153c61686280ff30a2c8b06641b63c03ff7f64c4ba7527daa38f46b86ccde93ea19810cc956b77debe77e0de2ba8edfba11ea53470b77d533cd88cd5a3d326aa48796d5f1fda2843f4b81adce8ef7916cfadaf8268576acc067c0fff69e65c770c54989226ca9fda8ac762be2d732637628723497ff690fe0fa560a9f90e9a576a43bf7e1cadea22c0ca912a8d5f69c7a94b9a7260d1c8e60c9fd0ce78b3267c4b97e7c3ca1f8377d0771957d981fcff38f89a8113bc44d358c4aa00a2d3db59b2282b1a42ddf516d1490d9c9e7c67096767c601c2e4fbc7a3be021c5a02edf32e2f2d9ea478c2317422358fa87417117a0eabd0ee2153bf5f09ccfb856481f7a44e8b719c1f841be256ceb15ebbc141c40f208a0d8f06abc050ccc44ed020ddd32b1d395e42dd45ebd8cf5f6ee6cd1d9fdeb07d413340ad404c8c2635ba7bd692a95b26fd20f955f929e275d5bbba6c471f072a04c73c3a91e90a5fbc98e25fe8e11d687581597f5b7632e136becf97878b3d568d70f15c1bf81b42a6b277d5b7abfb7fa68890ec6c3878d088a4a4333ac23762e502c2240fc00f735c43bc7f3ffe63bc5e840279efc091ce19ea10fa82b5529d7ef6bbc82c361d72585412547c3b536ac8f43d0e4cc4fb24c87bcb257180908507091792ad2289a70565152b8cdb7cf0394b16227e4905c33e615e58b79ac867ffdc2e67bdc3034ab902e1f829d7552fd098df03f4baa5c610cba9d08f4733497846cff0e934ad89f83e8c0eb2ce53c5e460c5beea3de29aa062f68ffe7595329779ff14df0cf2ce7609bbbafeb56ad8911cf2e48a5997944e1ee0e042279a2ca0c4b84a9eedba0a8fc974cfa8a9876aab03f7de0242504c16f99be2de4da5d8dd9d5bfc0ea22f9fae20fc71309758d2c2054eb0d4fcd646ea93ad18f45de06c3723dccdc4f90d1ba4ae4fecada721573d0e46b7dc299df863d6598c2dee81cb14c95108f6ffbffab475621d4e1a4779671ed0458f8ef54be57f8c74dba085d36058f34db3ac6ef43262d2366830feac33f22bd75d3e4d17076f2dbe76274eddc1013122c14f177d7765deaaf09f5d93878353fedfd61addccb60119f1c35869ec146c37c89ebb479aec245bf8ba6175266d5ca139f6d04b066047f47679d016aadf27687dec593c9d8d5525be2c133aaa59ab7337159c9a428e1a35c9a98659fae5db51ed57551df9d016852fcd98364c24df9aa16d9e19c6510b39dfc93495f9b2afb82ecf069e1c36d66f0efc86031bbbe247d5de019d857c3d9b4fe014990602b28ffd61220b01656a40c25083dd8c3079d5f7a76ee3d65e1b970bb5d2251e7948d7a0e78959904635426d4a56f64d6d48ac7f29e1f5b8840ce9a98b71d5e9597bec3eaad09bfd5c554420d7202c5bf14560852b7df699d6960cf8a093e4aff6163b986cb2a95ac4ee6dbcdae3ac61c37b21e3521d3068885f605f433cdc89434b8035fd497332de0b7e55442e215d2923b9fcc3c383c2651196db8940697e3e0009c4c39ed5b11b8bd4cff3690961c101a5b182af989efbe60dbf87931316d9c068373a5f569d2486430d1ed956f1d9e9cf0b921e66e9a2a0a5cc6317117d1b14c9ce4ef697575360bd08338e18f5be7099f5116aa70113c5d5e4a42e1d7d1acfc154c7ac78a740373c51b9b9a6b5f8e73de995f6712ae146ac675c7c24a1447b18c3b2b2fead4b2ec341921f7e2916584b19f0349f522c28149013223493a86a574fafc89015b5f53d80015e33da380950e814f1bb2fab7549a20043575038bf0a59934721a4e9c344b41af7d0f2f5adf3653564157fb3511c5b3da5f876b2cc7220a34dd1a5caa5ae7ba7bca4fa5a89db0e2a482ef3be52e71fdb178f795076d6666ab8f5e6959c79c6da35735baa165d4811daa644dfd902fc1ed02b0b93e3c2f4c8ff27fe7ca6d6ad1c1a1a966ad89f3f51182b0d9e3e78076588c56b5e11b16ec7dab8520efe985f2ed83e7ed9bd4ebf9e9afcf79f47d737d84939f71c26ed854f4d073556388401f8ded977298e07d7f161ef06c27600e6d812b48c9149d5943eb2ef414167767a0093c84981df1c8561cc784fb8850d8d75271830d8ce871b208f50d6289b371016163ef075f03f35504d4e0c5351441d959b64368cc707b10b20f2209aeb379925decf88c90db6b1c8761e80bf81cef9874015493bcd4edaee8ff45bb5f6be66b234f365be5f4c9b01990555b2b34f39ec7ca6fd7546c785dfc6458a480373be40077380bfb1fc02e36052cc7da2951959bfe56a72e5aecafabb346b334c96dcdfcb32ef87b4c71412f967af5edd0619eaf9a45de2ea0d9d88c54a0a181d94bc3586e5ee8e170d75314b9d1e64a4da22a097577c7fe381115e744b18827417caa1e2abfaf9c2d87035e8ec031b64f80b940bf5b23891c5413747fe148d06831fbf2f048d75615567b3a49c92e1e634d9921111e45d4aae6a7cf824ccaf768e411b8e1dd6a071c49885c790649cfd80db3e349458c0374406e2c9f48e4390a2fdd73c515c1dcab09ca87c4bd367475394164a7f1403e1d06963c62369ae83c2611905692ca287e73f0f8ee22184c986d189e7c79cd015aefb6491afbb4bf03350972057de07c62edc769af6f10091a573019757ab40c90a8f4a05053b8fc156af112ab2db18654ae42e0f3be8bc50a8d482d841e4bbf9d46a62e49f32550c59add68ef3fee6bef938e5b7b8095dff3d6fd4c40036", @nested={0x26b, 0x9, 0x0, 0x1, [@generic="f30292dd2b92ec05b92bf28570369acded3edebb", @typed={0xb3, 0x5f, 0x0, 0x0, @binary="a2608bd8d1175963549d52060de9a7859a629f27d01c426bf7aa907a4662b2d090eaa1ac0a4d0579f0c31387ad668a558639fd8ef713e68dfde79d20ff78ba18abbde6c70e3667d1d0b70543767a108bc9e2a5f25fef4e98bd8c3bddc15328de9301f320673235dc16dbefbc103889313541fa29a207ce5f650bbcbbd99de8c8d83d8c0f4bff48b29e030c8f0dc9ecfc56e4a60e783afd68bb90dd372bcb51d12021b9f77ad3056886c5bc5ebbdef0"}, @typed={0x14, 0x45, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @typed={0x8, 0x77, 0x0, 0x0, @ipv4=@local}, @generic="42000cd0bd7d764845bfe7616861d980f3aed450f8c4733d7e65e741a7254e2070ed7788615001ccbc75f3", @typed={0x12, 0x4e, 0x0, 0x0, @binary="ca0d854a98755adca46d6dbbe6c2"}, @generic="ac9d0267df895b4e6a9ce7fa094d10ce22be69c1519172382b514f49364f7ffcd5ff2cfcd290194b952c9384afcbe44fac08457d66e55ebd886336aa14183f44fb5a1293ea2a9f736fb7546539c3f04ca28be42b59a8c6517dfd2cc6a608d6b3bec127cf5ec401093d9618d17d209875d1162dc83d41e193ae8d", @generic="5874ae56aa20b6493c23d730cc4115d1e523038960de9a29d134487fc0d4e35953167590a64fc85644efba644c4143d0110e15f203f968b223854219f5", @typed={0x8, 0x8c, 0x0, 0x0, @fd=r5}, @generic="89f2f0b267debc83702b0009ef251997ca3225d63589082c3e205ce42842b1786ec81032ae390a61519f5ee28a02c8f44343d15a1195adca6cf855970871c4d98ef825cb2999124539ba1ff4fbee0bdfedfab5aa6e7b7c83f7a961ec1c37752d3ab4766f89e33b3b0b5eaa5243271056bc21c362a9d2033864cb720abc4477b76715189d7d"]}, @generic="6924f524659d56ef905d1b1dbc4dffe488814ce00665aad2a8b5cd45612208b550307d3a075f83077eff98f446250a299e6fcf20fe670d45f9b874d577009984f420a8d2d9446bbc95bab004c1f059b74906189b4d3f179874af2d6101aa940234091b0d9e1e61f24bab06b52f144fe2e1d9bc6601a1a8ad88232e85f97abd7d969135f0ad7d04c5f61aeda379e12b09f0306313c2fd0b6c99faa07ae7a7f57b655a6642f67f039e149ae88bef0596e5885e166b0da2881cd0855396ba9a2a76ccdf4d31ab3bf659fe4c1c48e795317e9232"]}, 0x13ac}, {&(0x7f0000002400)={0x31c, 0x3f, 0x400, 0x70bd2d, 0x25dfdbfc, "", [@nested={0x15f, 0x600, 0x0, 0x1, [@generic="f2640417807d07e7e425b6a1cc737105f2885bc0b0e1ef8d55e89f4f2dbed1ccdddb64d7ce7a45e691f74e9b3a00fc618ab468c985e4e5f6b1cf8841d3b2880e65f9c21fd9e4e21449e7b8ede92de3991e7bcf4fe7ee6377563eee867eef0eef4e0c013f67d3732e6a3e40add3", @typed={0xa6, 0x3d, 0x0, 0x0, @binary="34e91e313114574cc864d160525d2a46fe93677759f336dde25f1fec21ecf8a1ffed4a83798853a45a34ef3f8f354bf336be356c7458e982fc07c7bd6dcd08fa744b0ab9a99b802d428fc5a296296cdfea8b9bd3d3ba9e2ca8c0dd08a0b813963b6db84b111e26466c558dd40ba714693e22a56b511a30e33e2c4951f7792149f9e5bbe444f09ec08b8c36b4e0adb774be17545c0afcea8ad040198f4c209e44ab9c"}, @generic="062e2c5d7385ff498b6c6434fe069152d361b2b580f2f0a1a0df6110521eab78cb7358e71e5a7c4193fd182a40757a115f9d657a9d2e03b92111de514936", @typed={0x8, 0x71, 0x0, 0x0, @u32=0x1f}]}, @generic="de51ec31120776b28e537c330c530740a4b83e3099229d4681d8a7d852f6ae3b1e3b3a509d5ff3729d1023ad1245afeb0505e5d1b9a0eb190a61504039c94d283fd9430a92b9dbcea80d7cec821debdc4d0870ba4b442eb666be4b9b10e6ea757bc18b8050be6422c2ad808181e31d876bd1cc0e0f2992df66f507bbb29c8fce9889e861d11ecff7d814d541fc1007d258", @nested={0xc, 0x64, 0x0, 0x1, [@typed={0x8, 0x8f, 0x0, 0x0, @str='u32\x00'}]}, @typed={0x14, 0xe, 0x0, 0x0, @ipv6=@local}, @typed={0x14, 0x15, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @nested={0x65, 0x73, 0x0, 0x1, [@generic="4f2619d28998a63c818b242b2e861ca57a9191dca44c5ec2e5a4869483e444d292351b429c90610864a55035d897adf1b8d0ad233a1babcc9f0e2e91dab377e57b", @typed={0x8, 0x77, 0x0, 0x0, @u32=0x2}, @typed={0x8, 0x19, 0x0, 0x0, @fd=r7}, @typed={0x8, 0x70, 0x0, 0x0, @fd=r7}, @typed={0x8, 0x89, 0x0, 0x0, @pid=0xffffffffffffffff}]}, @generic="3a8512970c9287c710a8c657e57dddf21a7fb72ea1c441aecf6d7923e30ad1ef4a5462b384c6cea6843c07a6d34e0405fd404a541ad6be9682a34af78553dc11a5c37215bb4b56b376f6da5ac2b9dc70383fa6729b046524fd1a8a788d8b9029272c98b8f462cfa6183d66e81d1b52af962bcdb4503bac6ded5459b5033016"]}, 0x31c}], 0x4, &(0x7f0000002780)=[@rights={{0x18, 0x1, 0x1, [r5, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [r5, r4, 0xffffffffffffffff, r1, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r9, r10, r4]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}], 0x88, 0x8800}, 0x2000005) sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r8, 0x80, 0x87}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000480)=@delchain={0x854, 0x65, 0x1, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0xffe0, 0xfff1}, {0x1, 0xfff3}, {0x9, 0xf}}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x820, 0x2, [@TCA_U32_POLICE={0x80c, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x0, 0x80, 0x1f, 0x8001, 0x7, 0x7ff, 0x7fffffff, 0x3, 0x200, 0x4, 0xffff, 0x1000, 0x9, 0x1, 0x9, 0x5, 0x3, 0x1000, 0x83b5, 0x2, 0x200, 0x7, 0x7, 0x2ed7, 0xeb, 0xaa, 0x9, 0x7, 0x8000, 0x80, 0x4, 0x3, 0x722, 0x9, 0x8, 0x3ff, 0xffffffff, 0x7, 0x200, 0x6, 0x4f6, 0x5, 0x5, 0x81, 0x3, 0x4, 0x100, 0x80000000, 0x761, 0x0, 0x3, 0xffffff81, 0x800, 0x0, 0xec, 0x1, 0x4, 0x9, 0x0, 0x8, 0x1, 0x20000, 0x5, 0x6, 0x6, 0x80, 0x3, 0x86b, 0x1ff, 0x80000000, 0x28, 0x2, 0x7fff, 0x4, 0x2, 0x3, 0x1f, 0x7, 0x9f4, 0x2, 0x839, 0xfffffffc, 0x1, 0x35dd, 0x200, 0x9, 0x8000, 0x718, 0xfffffff8, 0x11, 0xff, 0x5, 0x5, 0x479e, 0x0, 0x7, 0x0, 0xfffff117, 0x400, 0x8d, 0x95, 0x7f, 0xfff, 0x5, 0x6, 0x7, 0x9, 0xaec, 0x6, 0x2, 0x9, 0x4, 0x0, 0x3, 0x4, 0x1, 0x80, 0x3, 0x5, 0xfff, 0x7, 0x4, 0x34d7, 0x200, 0x2, 0x400, 0x10001, 0x3e3, 0x3, 0x100, 0x4, 0x7ce9, 0x6, 0xfffffffd, 0x80, 0xb, 0xff, 0x40, 0x3, 0x2, 0x4, 0x1ec4, 0x2, 0xcdd, 0x81, 0x8, 0xf6, 0x80, 0x0, 0xd4, 0x8000, 0x1000, 0x0, 0x4, 0x800, 0xcd31, 0x8001, 0xffffff83, 0xfe, 0x1, 0x72e4, 0x7, 0x0, 0x50000, 0x5, 0x0, 0xfffeffff, 0x4, 0x4, 0x5, 0x9, 0xfffff800, 0x9, 0xfa, 0x80, 0x101, 0x7, 0x7ff, 0x8869, 0x7, 0xfffffffa, 0x2, 0x4, 0x4, 0x2000000, 0x2, 0x368, 0x8, 0x3, 0x5, 0xffff, 0xf7, 0x9, 0x5, 0xffffffc0, 0x3, 0x26, 0x6, 0x4, 0x0, 0xfffffffa, 0x8, 0xffffffff, 0x3, 0x5, 0x7, 0x326b, 0x4, 0xc584, 0x101, 0x8001, 0x1, 0x9, 0x9, 0x8, 0x80000000, 0xf16, 0x0, 0x8, 0x2, 0x5097, 0x1, 0xfff, 0x2, 0x0, 0x7, 0x4de, 0x10000, 0xd8f, 0xfa6, 0x2, 0x2, 0x43f, 0x5, 0x9, 0x0, 0x0, 0x80000001, 0x6d, 0x80, 0x4, 0x6, 0x0, 0x7, 0x5, 0x7, 0x45da, 0x2, 0x16d, 0x1, 0x81, 0x20, 0x1, 0x7fffffff, 0x1]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0x1a0f4a9d, 0x0, 0x6, 0xd93, 0x6, 0x0, 0x3, 0x1, 0x7, 0x2, 0x101, 0x6, 0xffff, 0x80000001, 0xedf0, 0x0, 0x7, 0xffffffff, 0xfffffffc, 0x3, 0x800, 0x562, 0x80, 0x7c59, 0x80000001, 0x1, 0xa1b, 0x3, 0x4000000, 0x1, 0x9, 0x3410f9c, 0xfffffff9, 0xffffffca, 0x8, 0x9, 0x7, 0x2, 0xcc, 0x10000, 0x302, 0x807, 0x1f, 0x71c, 0x1, 0x6, 0x889, 0x4, 0xc478, 0x3, 0x0, 0x80, 0x5, 0x7, 0x2, 0x3, 0x8, 0xf9fd, 0x80, 0x6, 0xfffffb3b, 0x8, 0x80000000, 0x0, 0x6, 0x7f, 0x1, 0x0, 0x5, 0x7ff, 0xffffffff, 0xfff, 0x49, 0x3, 0x0, 0x9, 0x9, 0x8000, 0xfffff000, 0x1, 0xffffb31b, 0xfffffffb, 0x0, 0x3, 0x4, 0x6, 0x5, 0x3, 0x3f, 0xa72, 0x20, 0x4, 0x8, 0x1, 0x800, 0x7, 0xd, 0x4, 0x4, 0x7, 0x9, 0x3, 0x1, 0x3, 0x5, 0xb5, 0xffff, 0xabe8, 0x100, 0x8c7, 0x0, 0xffffffa3, 0x7, 0xfffff800, 0x1ff, 0x3f, 0x50e, 0x3ff, 0x8, 0xfffffeff, 0x8000, 0x5, 0x80, 0x4, 0x800, 0x1, 0x400, 0x6, 0x1ff, 0x0, 0x3, 0xff, 0x1000, 0x10000, 0xffffffff, 0xb587, 0x9, 0x9, 0x6, 0x1, 0xffffffff, 0x6, 0x9d3, 0x0, 0x800, 0x9, 0x5, 0x7, 0x9, 0x7, 0x4, 0x800, 0xffffff91, 0x8, 0x3a4, 0x400, 0x1, 0x821, 0x7, 0x1ff, 0xf7, 0xdeb, 0x2, 0x2, 0xd0, 0x5, 0x7, 0x2, 0xe32, 0x7ff, 0xb6, 0x2, 0xffffff7f, 0x391, 0x200, 0x568, 0x7, 0xff, 0x5, 0xc5, 0x80, 0x6, 0xfffffffe, 0x9, 0x7f, 0x0, 0x3ff, 0x3, 0x7, 0x7, 0x401, 0xd22, 0x1, 0x8, 0xb6, 0xfff, 0x100, 0xfffffc00, 0x1000, 0x1, 0xfff, 0x40, 0x1, 0xffff, 0x2, 0x8, 0x5, 0x7, 0x2, 0x5, 0x7, 0x0, 0x6, 0x5, 0xf6f, 0x7, 0x31d, 0x7f14, 0x95e0, 0x144, 0x9, 0x7d, 0x1ff, 0x9, 0x7, 0xdf, 0x6, 0x658, 0x0, 0x20, 0x1000, 0x7, 0x9, 0x20, 0x4, 0xff, 0x0, 0xf6, 0x0, 0x100, 0x2, 0xfd21, 0x3, 0x8, 0x9, 0xdd, 0xfffffffd, 0x437, 0x6, 0x8, 0x465, 0x1, 0x0, 0xd4aa, 0x9]}]}, @TCA_U32_DIVISOR={0x8, 0x4, 0xf2}, @TCA_U32_HASH={0x8, 0x2, 0x2}]}}]}, 0x854}, 0x1, 0x0, 0x0, 0x20008000}, 0x4041) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c0c000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000a000200ffffffffffff0000"], 0x28}}, 0x0) 09:29:21 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f01000000000000000000000000000000000000000000000000000000000000003bf432615bd9d38fa7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="18240000", @ANYRES32, @ANYBLOB="00000000060000009501c0ff0800000085100000070000009500000000000000a596f91f3a2455e9886605d758e726cf6c5c4763f93e6344a9913eb7ed63bcb257f0fdb2ef33bf6e6227a46fc248340318c7f9499786f7ac130780d863b5318f6cfeb17a21fc7f2617b89671434e4c8fc7903e6481c1a7f6c4515bf2e1094e5a38e9f20979b35e830dac689bfe7a6021b307aa80150f481cd1bf05b6dc69c7de5b1f6861cdc78c8a94624b75"], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_open_procfs$namespace(r0, &(0x7f0000000140)='ns/uts\x00') fcntl$getownex(r2, 0x10, &(0x7f0000000240)={0x0, 0x0}) sendmsg$nl_route(r1, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=@RTM_GETNSID={0x54, 0x5a, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@NETNSA_NSID={0x8, 0x1, 0x2}, @NETNSA_FD={0x8}, @NETNSA_FD={0x8, 0x3, r3}, @NETNSA_NSID={0x8, 0x1, 0x2}, @NETNSA_NSID={0x8, 0x1, 0x3}, @NETNSA_NSID={0x8, 0x1, 0x3}, @NETNSA_NSID={0x8, 0x1, 0x1}, @NETNSA_PID={0x8, 0x2, r4}]}, 0x54}, 0x1, 0x0, 0x0, 0x50}, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r5, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:21 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r5, 0x80, 0x87}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}}, 0x0) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040)=r5) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:21 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40049409, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) pipe(&(0x7f0000000280)) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:21 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) [ 2229.207875][ T9410] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 2229.231831][ T9410] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3100 sclass=netlink_route_socket pid=9410 comm=syz-executor.2 09:29:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) pipe(&(0x7f0000000280)) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40086602, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:21 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070c000000000000000007000000", @ANYRES32=r2, @ANYBLOB='\x00'], 0x28}}, 0x0) r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x10) sendfile(r3, r0, &(0x7f0000000140)=0x2, 0x7) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xc008ae09, 0x400000) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xc008ae09, 0x400000) fcntl$dupfd(r4, 0x406, r5) 09:29:21 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) [ 2229.258166][ T9410] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) 09:29:21 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) [ 2229.313873][ T9446] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2229.330846][ T9446] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 09:29:24 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="9feb01001800000000000000b9b900000003000000000000000000000c0000000000000000000000080000000000000000000000000000000000000300000000000000000000000a0000000091415c61d20f000000000000010000000000000000000000000600000f01004e000000000000000000000000000000000000000000000000000000000000000000000000006745200000000000000000008000000000000000000000000000296f5e5b4bc3321b7be400000000fdefb10a0000fd0000000900000000000000000000000000000000000000000000000000e798f08b5d08ff24400fbea0473a7241f8ecb2000000"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) close(0xffffffffffffffff) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={0xffffffffffffffff, &(0x7f0000000340)="d500fdf308edb9852121de7aec35ad27fa69a5f3fcec67c88169cb98e9494c2a0de1c1b99795d22a3c7a886c58bcab2d3a76d2c10681e21701cdd898998059229844ff2267d3c64781879c505d90c05022273f81bfcec080add4e6febb9acd5be187ad54e38b3f81fafddb5296628ce1aa53d6f034d49a6e20fb12dbba8aff31e9df48dcb9ad6d1b20cf1949", &(0x7f00000004c0)=@udp6=r1, 0x1}, 0x20) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:24 executing program 5: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000040)={[0x8]}, 0x8) ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000140)) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018001e0000000000a1000000a100000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0, 0xbf}, 0x20) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 09:29:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40087602, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000140)={'syztnl0\x00', r2, 0x29, 0xb3, 0x1, 0xffffbcfd, 0x54, @rand_addr=' \x01\x00', @remote, 0x80, 0x40, 0x8, 0x80000001}}) sendmsg$nl_route(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=@getstats={0x1c, 0x5e, 0x100, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, 0x3}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000000) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r4, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r4, &(0x7f0000000040)=ANY=[], 0xa) writev(r4, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r4, &(0x7f0000000140)=ANY=[], 0xfef0) sendmsg$IPVS_CMD_GET_INFO(r4, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00122dbd7000fbdbdf25571d3c14607cdd3408000500e000000206000400050000000800030003000000060004868c12de72"], 0x38}, 0x1, 0x0, 0x0, 0x44041}, 0x810) 09:29:24 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) pipe(&(0x7f0000000280)={0xffffffffffffffff}) splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:24 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@getaddr={0x14, 0x16, 0x100, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x2, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/class/nfc', 0x3, 0x3) pread64(r0, &(0x7f00000004c0)=""/172, 0xac, 0x100) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000140)={{{@in=@multicast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@initdev}}, &(0x7f0000000240)=0xe8) sendmsg$nl_route_sched(r3, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@gettclass={0x24, 0x2a, 0x4, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x1, 0x6}, {0x6, 0xf}, {0x7, 0x3}}, ["", "", ""]}, 0x24}}, 0x20000040) 09:29:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4020940d, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:24 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, 0x0, 0x0, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:27 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @ptr={0x8, 0x0, 0x0, 0x2, 0x3}, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {0x0, 0xffffffff}, {0x5}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:27 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r1, 0x40) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x20000000) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) process_vm_writev(r1, &(0x7f0000000780), 0x0, &(0x7f0000000880)=[{&(0x7f0000000840)=""/9, 0x9}], 0x1, 0x0) ptrace$cont(0x7, r1, 0x0, 0x0) 09:29:27 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, 0x0, 0x0, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:27 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRES32=r2, @ANYBLOB="000000000a000200ffffffffffff0000daf662255e56ee1685490b3b0f79511b067c0cbb2e4e2da83c8f55a7e854569bb99d67fbe479bf56a66de52da78635175a312cc595f2416f41c8763ecbf90baf817a9bac92ec3f32219f1e1db32753f829dc79450aec3f2bce4f0365d5a61eec72a61052189cac3a62b5ddeff7ef7eaf9c2b6c475fd95b946781f4175fd52e8ab07265191cf228f465c3bb"], 0x28}}, 0x400c800) 09:29:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045430, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:27 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x4}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:27 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, 0x0, 0x0, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045432, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:27 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:30 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) wait4(0x0, &(0x7f0000000340), 0x2, &(0x7f00000007c0)) 09:29:30 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xad, 0xad, 0x3, [@func, @typedef, @const, @ptr, @union={0x2, 0x1, 0x0, 0x5, 0x0, 0xfffffc00, [{0xc, 0x3, 0x9}]}, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xcb}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000080), 0x9, 0x202000) sendmmsg(r2, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="cbfc7e451637e9edeabcc10533ebd101014f2cf3905b660642fbe899ea499219e3b76aa5b10854a42b6b77c23af28910fabd97dc5099d549039150bc8f7282e19f7e63deaaf12adb5d7e2f0568b04b69052317564b8a8d920b7e4b24e28620306ad6c9f8699d36e7873d9cd42135bc4af2305dcf8b1addc23ac8403dadc1b8e9b1dccebb7ea086399763999a99c3846327bc5ea5d08974e37509ba29e949f2a9e03a56db0869d006662c734daff9c412ed8c8928a6af99c0c70e6fd6297d7ce4bed67131ef9dc36a", 0xc8}, {&(0x7f0000000340)="8c7678d19563b938f323eeb982621bd16caa26517b494a8a54bed6c8e8f83ab65f77a0f27d099bc8f657079992a269547917582bdc6c8426a36edcf8a8c61515ac5b407c595ee5fff58265621f1c2ffc265a2a5391964254491e1e13225aea0d7da549d93681c05eb8f7438a31cb0a92dacbd9979521783c026b00e8c37f97c259b122b8feacf6bafb1a57730fa0a5291c0c9a3392d787dd7931f7af0191cd5b5b146972b8e523b0c05a8efb8dd59ec3e5e05c44359c0d37dadb47482bf0e204d09354aa0c3f4c956b237a84fff8ed090680c76b0a993f1690d1951f6725e44b829f2714ebb590bbd077b5fca646984d136ccdadeb66e6b666a2ecba", 0xfc}, {&(0x7f0000000480)="ddbfd98e522303ab49174141b660172a78b2696670c113135664606b4d92ddf6825361c28626a9d3fbfcbad8f3ba11eca07a1a6335864b887cf267aefb15cae1e96af2ab621cea1d5e2d71d1fc5cb8d8796ebf0baf898018defa9f60162fcb5dd0bfb0a5d03d3f82fbb1720335b358345e28e4bd76c22c8ce9dfe69de59e8c1861ceab8c532432372a45380763d2584a8173fcd8eb83fb2b3cd13203445dcb62ab5c08de9b35e2047a6ed498fdf2fd796645a4a782556f4fc861c8af3227f84c61fdd8696d3ff233e98874b1904bbd419f934316364a8ba22a405d4d55e17e27f372b7cc31702eb095611b5f282ae571092d", 0xf2}, {&(0x7f0000000240)="7ec17f88256dae9c83e4e26c6f482817a01cc4b5418080aef5a4b5308a81917804ffd167c8b8c77a4dc3b0c41275eec9977d72b827eed44ec39c981f6c9c536b666000ae03658adf59e7853a4f74df762313d4b123a201", 0x57}], 0x4, &(0x7f0000000580)=[{0x60, 0x10b, 0x1, "4ecb353cec73b564f0e791a01343b90c01e858e3784b9dc97ae601201a87c9d7ba873bec2eed0f93d6c8d73a805ef48241e6802f8707e1917826d768bfa858da982130b029e86ef6ddb379314a69"}, {0x98, 0x102, 0x3, "05865c703277374e998ce7ba58dc0bf60b8f7edd0416cd08bfa552e0fe328a272cd66fff8eb72f3555885c7410e37f9a50b6fc15e240459e4497d15cf687a744000cea5f09f70b29c659ca60b9f740cc1e967b793da1713fe3b3693b7221a7c84ccb8d5db3ae549e9089c9ac9fd7a986c4df2b9eb750953d8a423cc7733bcdb744d9e0f962d79402"}], 0xf8}}, {{&(0x7f0000000680)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'ccm-aes-ce\x00'}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000700)="3f21f71cd026b9613125f13598a61d22cbdc09c93b530f5ddde3b500fa92a13b9292cc3c73909081955316eb67ce565753b426991d6c6c36ebc06fcef12b3d6c28caed82c691937af6fe1a8d89ae39fe5d8608dae7eaefe195fa69f14c842388f352dd07864b691e8d680261dcb6e96302b26347f5c01f4dc5eebe5e8739aa5799b0b473e8c09dc29b138d3a33dbc90540099000acef5c8af06d169359d3b8299332c5e2756d5deb2fcd5a64f39729a2", 0xb0}, {&(0x7f00000002c0)="7d17d048dc2f285932044ddfa71f", 0xe}, {&(0x7f00000007c0)="79fd5f57bc5d335d8671c519d1e88c69d30792e69034bf82a4a1b638cc50e797dc12421a1569e0763ccada15762a5a7bd69bd8981e459a2e406f110b5127136cf61ee9e63821e5b2152480ec2f01a07f413ed456e515085ea4e1ce34c2e8a0bf0bbbd3be528198e58b7b24193f916433042b", 0x72}, {&(0x7f0000000840)="5904dafddcbd20efd126dec10c41bbfa88598f3a8d7fa8d389ca9c862b1c72d4dd8355ddfd8eaf21715bbafe89eb5da4b935210334f3b3a9e6ad2c555181a60a001e6652c4488a76456b6f49de1803c6108c88d96d3acb71207a8c2d70fc8af088222111fbb304869ffe1241936f8c12f84ea80c7faa20e93b8a9f7b979e0d15173b5142a6105bede90b2e3c4e666a3dbcefe1388ba94fd997795b0c06e51ab09969296916f0a31de7b69429795973e4c3bee6af7b10b6c784801ced646fb62af8e97bc7f3c6eff8b770f8c06e6c", 0xce}], 0x4}}, {{&(0x7f0000000980)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3}, 0x80, &(0x7f0000000e40)=[{&(0x7f0000000a00)="d0ac9ffa29d073df63f5a710c807bdd1ab6f6e2be8703c3f4f94857f5e292a1fa96aa7c2d19027a2be47681f7d0a27bc1fd7bdb683c66629697e1a7d30a270744fce3ebecacaa59ac23f8d4d98c5121bfbfa1f598c2b3a960d0ee7c94059ba2fb3a56f8546762320bce5d217f921ec8535a91c9b3e9ddf89dcb51404c335df7db316da62965ea2401dc0ebf2880b16abd04afa108a8e79e6fc307405877be99a2c30079d72c64210ebe5b52b76177918082b", 0xb2}, {&(0x7f0000000ac0)="503100ee5c9b2c59fc1a771ae3", 0xd}, {&(0x7f0000000b00)="8e0a611caac8802d3dd49c05331c30adaee86283860349e0fb5618b967a5a3e88c67f58a4b509e84855cdc13f0964700063487c9084b9c5de8d9f22c0ef479b221bbac3a92a7a5a7d38ee82496c570e2b53a47e6f6db38448789617262a83b7ccf08185191af9ae93ea067e984801eec2b0bfd3d96df87651839672b30e20ede96335c485265539e16548698d0ba6dc06a4ae7d897957263a024b6fcc92fe2422dea4652e1cc394ad93e45abd7bfae17aba9284b13f0a170fefce962f2ca0b6c657ca0951e710e8c1cc5190b32bfaeeb61fa286b3933bfcf0c60f3a95efa1b82e6487870e88e19bebc9cedce20e3b18420f298626c8bc02b947dcbdc50b580", 0xff}, {&(0x7f0000000c00)="7ade075f623ce584f3e455af5563791a38d21834b8084f5fe598b837a2cfabc02af5f31216422fa3629763878edf722ce28c285965b5bfd69e83234c83300b3570d5307388584cc9117dd65dcd112b7dc8b21fac573e10fdf7fe1439e358994a64c03f6ac0fb036e39dd82186fc0fcecf67dc148d992d2ba675bb07479d55c24cb6baacb6e2d52f768b484a1f65711d366ac309c058400c8253237cae33e3349aedd80a75e792071cf266bf517537e6c3adbd7612b6275f8e8b0529a903e3e4d", 0xc0}, {&(0x7f0000000cc0)="336eac98ba1bc11fa84dd2d38fe51eb09ba1b1fd9114e849f1897991fcbd68f987cb85e2275beec8b88646bd7c568657b1cf7278eb50933ea62a27a741ae7d348384e1171ab275f8ecf41d37019d2ff30c23981c63380abfb845b405ba38f9bd0bbdc31efb2f3092c9c2304991bd5a6af899912ccad0929f00fa54228317c74254cf7c2ed8deca8c3659d4620c24cd715ccc8573c3e4f560185d5c1c8c99727b9fda9513ad022a1a45e69140fbcdeac4894abb", 0xb3}, {&(0x7f0000000d80)="a0822600fb27f17741cd5fcc5eefaecd58f2f7757f09e4eed4b646285607442476a8fe531813bd", 0x27}, {&(0x7f0000000dc0)="d643d812e9ecbbf8a7ad99797b2fa5b8b8ebe60382e331cea672e75b97becb8a714a6903dde26d307187bc4a3b8afd4e3b9887e5ffe54ca42d86e4052fd737830439b7058329e4a3b7b2f3c379d554fe6beb6ca9", 0x54}], 0x7, &(0x7f0000000ec0)=[{0xa0, 0xff, 0x6, "fca8b1bd962752edbdd5d1cf8dc26ed6f482dd017ca43f04595a99d797bba101993f5d356e6bc96da3a6af2e26722d7ddbca2412a48d2aae4ba879c201a5e983b6562e1a98f17650851a46bae58452028064fafab42f800d8fd295dcea2c2cd399b20967a83aa4b57cd777545fb2a733a829f4f945bb62bc1592526af1c1fcdacc7a5fb5b28a2711067227097ea09a33"}, {0x90, 0x113, 0xfff, "b91e473f9f752019c2fad4760f7e95db6f2da5ab1554d60ae700f4dcff46e3dd3c6f0f79b4ef543c6066493d666ed352157f1463041c246a3992e2aa46e4e115a635c9bd68eb7e4db36aed9b8598b86cdc08d389883a802ab660af87f6e63c725655fc5ce50cde79bf8f1a34fd79206bdea5997ef372a19a6ee9"}, {0xf0, 0x1, 0x5, "828c3df9c39b4d8dd72ce97ff6485643b396d0721eb85d52e635a36c971ff9f903bdf180006c45b1f50824d0485857b8f52f417eadd797a1772c5cf5381a08d7e4977ead70ad1c742bc6d3320cdd384f6bb515417167f2ea6a8291af4e1dbd65f7c7242329d88524ed5e2310c55cb9966cf8443048518b226528f63fd0c0f46aaf44641458be28fd4a8a8dd9482a7b14c41239050e221332d22b0b2f4debcd7f402802d9350245db6e4042b1c700f95a35060a7bdce38d4a398d604a93e3dee1c2f3cbf1c32b8a572950c8cfe95d7bf1146f2fa3c45b6841b39855c6"}], 0x220}}, {{&(0x7f0000001100)=@l2={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x1, 0x1}, 0x80, &(0x7f0000001380)=[{&(0x7f0000001180)="376817e4e8f64f83079f5a499f7537ad368d7c8e63678c224667c9d471dd5cc1b67a4c90fbb919fa57c16f0f45aaae78c1958be565ac5616a51d174065260cf3089be95360a7edd8a6ffc4547648fbe9b7a6f0fc5ac299fb52afb275cec59e6beeaddfd18fc8eb83ac3ad5969119b0b8217b9a992f1cdac9b05487d0cd672125b6aedf70ec9a12dd21bea2103dace2dbc323c374cfaa3f1944d8cbb7d0e066780574fe14c6ce79e140b2d88f0a4a806ae2f51e76a93421489497bf5a6dc0aa3372c4dbc6d494bbbd0604f493bd6196deea2e16f46df881fce267a1b2d8df", 0xde}, {&(0x7f0000001280)="319c1b663589f19d98d278bf4973c5f30adcf46c38a50b6edb8b08a2044d9ddc2788c2d79725ee28f5cc9cfbf0ab265d4bcc1b000c618915e949a12d808bdde2ff4be479e2b53f8c34024e6c294938ca8903d5cb7ce4d05a064966f5811c05cdbdf270f1432616a6c05215ba8591ea98a219dcc502415bc268e2f05098813a2aad83728997bc5c969f3c8aa1b84495b345f19367603b093b098cbbcb348548d71b759d56219cda35f6057cd9f137697e0d66d5a02e18c0b4b85f1a3d99a11af5cbfaa70c4d57afc7604df77ea41273563ec469cadc10eb49329d42119bf9cf87a05b163ece574b2019bcadb991d0", 0xee}], 0x2, &(0x7f00000013c0)=[{0xc8, 0x10f, 0x20000000, "a0679edf99c638d10cdaba0a65ec3d66b813ad6a45612d9f3b9714b1cba4a4ca78c1b0c18a1c1d6e11db0eb4b6f948e5b6149ed581bdc8e11202d2b63f052a5c3a3f0a3b2c8f0eccfd24b49f4172f1f550753b5ef16054a886799bf575b6e7c2f0ae69a9a16571eee9ca7f63636ad657ee3414dca535598005d2a4dc4d6f6fcb63c853af8601d3158549fa1db281668746b8c8a63be7da15b902c46074ae67fe7afa0f00d5ec4c815a92cbab19d1667aac46dd"}, {0x1010, 0x0, 0xffff0000, "a3e5e440046860c77d8d07bfbf790dd663398259c1e6c8546aa548a95e79d51cbc1c0f0120360f5432b55fbd251ec92e5bc2531b4b22398a321897089fa8ea8915dab6861e6f9d48e1d1f6e6c2b1a363069e8f648a6253687078eb50b386c235cca4debe88ab7e0c2fa7817b4aed40d5ef25355ab7cf3734513fb6a673ce0f23baf31829d9799b5652849e1906c649fc67c13a256e20309a8790c8e08c56521952bc783fa6d7795795dd9a23126d6d34ff5a87e3b9459d0d9e17f957a50a6b066e23f5ca5b9d9e7ccc7e6f2ec77079495f1bf2c01420cb870d359e9b3243bedf02f16528b8148bb4ca8f554636c6afe1d7b137448413d6a0683052b59914120f5383807a04d0d3f21e71c3de024b63f1f034d07de21e4426c9bee8ca27a2695e6fe574ac06445952ec2602df499b0477d500b2c34612c977b56dbe9bc7b2da9462e10a2b36c0c08faccef3cdfea424c37b4d44359485453d76fa91ab9f22cce0fca8b8853085095fb5c827b2b1017d40dadf1734fd4c1448e83f92caaee7305170e8f4bdfa12e57502a98ad7bf2f7bc8b48b63a95534c15a6f1687aeac2d2005b00828d90507e7696b946a83ebf242907f0acf25a9ec38a7f7d175afd5dd1212ff781c38a54462bb7baff2080b5b04b4eb243893a0dd5a675ede8141e40776a3a59a5afcfc40afd9530b5a523b73b6b0d55367a086a974e05d5008f03bac7d96a3c75fa0ee2579478f52fad119fc7ee86641b79556a9052d72234368ba4fbad2bc53fd242d681f183b4f07e3e7da24cfe5b59d3c53422c3367a529c740be496c764ffac1c41cfe16f90f008a47e083410f0f28e88e379b0a3ce410eb1b360fc7a9608d489df54dc2ca7eb95124adf82f1a7f027a6bf9da7405fe72862c861d395de9e0376b0da147fe48fcb8e977158c14c4033fdf339c188e9ab1297faab991a36b128118f37ca32c65fd495f4f9127a33f6cb33b586f57e156e41e09ae270e345ec958d028f8684e784cbf9c15b2013734d2d307dc78b3fa325565d61a7fbea7044d110d3c33acebfdf887072e04de64e0c0c91d2cda376a1bece6a98d8d086c4d920e77000109bef7741a5ea9e17cf12aab19e68c32175e89aaa0dc8502ed0c5b0c1332f526d1ace1520bd9339819edaf141145f8ef2d4ddaea3a26a6b926c04bdd5650def6f6c2bdec608eef9f211dad947fd59abd67464bc5999e5aefd7c48f8a2cb8622ab97c00c212377e2700fc7add6f66e21b1681b348e1f38d0b67148e2c09bfc44bc69a08debb2130fef2390fad2649348556b5bce4c36ac40c786d1ef03a009fc348e78168b0cea46e35dee7a0a6075e30f39dbd109c6c2b308ed05cc49d3845b8251f0809961f87ef02ed4b93c7a4e571e0a8e143fba7cc6723ea2cf1cde6ed527b5c8409159551e333490bada345cf96a3c373aba4b52834b4e68cb9c5d1049546cbd59ed8d8eb1d0d133c723cfab0a7f8db33a649f871bce0f40e62505d4847adc65091b5fce039ee1144efacf08d5d84af2d2237124fd63eb348ab1151f5d24238a82d25aedd568f7a28eb64ffc5bf5447cbae280c0b8542e97d4d82a44ee14cb9411dde951d4256197b24e1d5bd8f9cddbf687c62f150e354f99f0bd786fa5766889730bb175cf11cb2cb7f4bebf7b36cc4cf1e7a6b9c744134d17142484a7e65b5472ba4ee051c8796077f729baa002df76d83e6de6b18956b303d9b5421fb71570e3549645b4a0dd2d62f9613babe24918e351c3cc04cebcd83fed4452c6f28a59a2c72bd587be8ee6cd1018305e0160dae89c04fe3879f5b8cc696c172c309c1bd0bf3464fd8f45240f51e405b779db0f3a88600f9526bdd944365f319f67028f3435faa73f315c7e26a2dd6fc41e01cb667d07b9fe1f25f55fde9243a4882a8b52a66172d3b1e7311c83e2c2c3d5e258ed6b33be5c3dd0d36636500cf7d4cbce60cd1ed87776d9596340ed66540d563e2f964980a4eb2258f57d6fc8e3b7e2fcb41b0fa0b3d92690ae404c7b3483150c3bed6753e1d3cfa081c5e42e2ba7058245e0e198cb921d6b3a60b00b091ca2b4fe58594c5c9ac12c2bfe19d542701ef0aa4010dde689273da9720b76ba2afba3902c254cb6fd939dc95f4e1d955c6034db0661b2ffa5c98f4cd33599be12c0d6904f17f35c69ad8296c71c5ccec627ebe7c2d2e84c16f3f029324c7b510801a5d293624d51f34b8ef783bd6667b7fa746132f7502e79dffa43928d7d4c1d7b3239b10c6cd5d1f0795c857805158c6ea324cb9b4aee8ec9f039bcc80c8fdbb2d4c6a529acb13c7d838e2ccd473f812fdfd67c1d149f900504931140cf9aab1f305de7e8ece7c85cfe5f37d55842c916719deda9d861c92a1d280e433803e69a167de918739be853e7a5cd9d70aecf05e76719b2d05b845275f08e11d962a861e803069935b75376f5858f5ed4d69d3e70ae403c8eade45d1f3987c713932e76a6b6c9651f13361317eb21e1a0fd12b46eaf5191f45e822a4b92781ec9446199621c71b0290712f2e0a37157ed8019773380df3f69bbd5ca1579c081bc5f9e4cf01a45b99461a2c9f7d9de846c226678f4fa68d926ee3f20be8858cf5948b0d0edc634ff0c2eeb520fd787f5447fd6671e096586942b54c8bd8964b5c6067667473f29b9c3b4e447966995d3e43d1be793840b1a272c06607ce5623284b11a906a58468bb23b5d69593af242d0269d2a5366489f181e343673913c97997654848ceea59797f787ce89fbba51e7c02e61ecbcdf5bfc257329606b889061468127f3529ad81f0e2c57c8ac409b09be2e66c2b521ef10bc80acda4672f5a2e22cdb5e16e7d0d179c04d528ca940bacb861b2ab1c67a18e849c6c168379d1634121ee04c16b583c81e22ac0176a64a6059f3df52fe1a7bcb247e3d51537c510a22de659bea1b8c047cf1f6039395c43c7e8ef7402b23a01d98d06379d5553e871e1a19211fb5902481ccea1dd67664b5b8e5bbe427f7fea1f87a9ed31d11b36740acf76d1158d2fdc8e75f8495b1849c3e524f1a120205daa8d460d8a61124ec4eb1ca26f6486c1a77856800a2d89a4cab8ef19d5fa6ba2c0b47acebb86f8eeda1df640462b564fa1ead83090931bd15d4f7a94879e08616b187f836b3b6d1c383032881e67c1d28a306b79d38cfcfe276610e7f6fbf67af1320fad9ed1025a4dd6eb4baae0ec6d9098f0c121bdb386bf8ae793bb0c032aa93ed6550cfd15491559c8903da3a06014c216c8ef5a83be54a0985fa0ef701082a94233a235018e2c24206e5ec33d1df422a03bca03842fe38a38cb5d868c970618c3b7ddaa738f2a31545b0a54a46d630b0cb955b8642413b7cc96ac30414124ecd6f622c9fcac64f2af23d9450ff01a4d91e003afa91dcee742dc6ac8b14b8c7de611006521112e93e7c94d3a673a8a4a0be4f5d12338b6543ac32f01d369b4b361dc0c00c215b2d9955369c5bd5957e1b2f24e10cdf6554cfe8c98af6d0c9b2cc36f7bedf48338d2c26c3024da56a6e57e19e0aa7e3edbb168723ac0da813992fec29cfcd70ea72d0b944fb11fac5086c6bed2ccd46c2df20c50d49b62cfb0f8d2048b9a5419cf0758d1ec348b7ca692dd91fa2a7a183034259585fc65f892abc9cf52f66fecd1d4d5c20c21e053d6fe34073c53d1e4749950738c50ce0528c1c6076a2431a7fc986ba7496b9d289bdb408d4be9572bf0dcdc70c3ace2280acf218f32271ca64601bc8e01046dc3244fadee60876f014ba1e8df048102c238fd22a718c8bf4c4bb541017e2289f81babde1f4b5da8e8f91d07e97c873c40c79082a83948b9941a57e64cbe88041b8682543e43724b1ea30e97d7d2e8b0dce100cee3c46947410024c3cfa226df499a11250dca9337b8695cc4648d508185e3edf2097af2f94229f753d8d7c08281fa8f1208ef26a0a2c69747e18fbb53df60ca548145cbbbae892332537b2bea03ba89286398a66bb268499be070f596f795261649cd6847b24863bc43fd47cfef28fe249d5b4ef49652e1bbcbbd039bd186e5acd3d83fae1eba5fe5fa5478bd5f9e1882e7c41eabf131e42c27b34d95476771304d8b61326d85b96c1a14640cf7eb209711eab6e67046de615c7d7215ef6d6782502362159c266c0f47a3419ff6e4d839edab9df8a2d683809e880aba8f10de62bccabeecd2194e79123d20f59f4bd44ad7619e6dcd4ce6ee927d00ca28075c797707401faf115231711de2d9ca2a73e1d1926d87162943012d9853726bc781222573eca5654b5026119ef48a0bd0efd1e7da9e2baf9764ba83daaa2a36345b6c1f08b23b537b5bebb0a64c14abc112bda39212c110fa87b0cb03e83786307ef8a4518d2aa4852bb6cc044a4b3ddc1440f6f34ba62264b1d6f604d7c8098126c0c199335d9cc45e760b7cdcafec574ca37e9facabdb10c6b0b996b6486e58711d0e8219377af88ab5195b3fc93cda45032b78057963a1ab4ff216795c9fa2b5efe90759a2b7451ba06e7d5dc6ebeea16ebfa3f446893676df9b977147c7b8abdfa312dd45f53b422ac90a2633556a516baea521eadcaff6bf3cbf2049ff6f6c647cff7d44b3cf0974f097eac4ef77b54ad9fe77426b50f93236f320a511c84d1afa9a51bad2cb6b448050214b8d16a6a16d821cd59f825239a399db34529c52980b30943345077db0790cdec5b1b9899ab09253d0de611333be995729f6ac90f5810cd954c135bd5752f2e232d297558cc33888459300498f431c86cf2f2ace1dbae9ec8ed01ab789adb78659c299942fb0e73ad523340b3f05c6d0bc10b6accee9495a5b35fe431a2be580ba03f780d4b5b4eecb9fc4946a250ef2365f62f08ed093bfb8c2c65def4c39e669859ec6524b38fceff59800e65e71192f4cd09a7447fe511301e81b70331455d1e6e03b93a4c2bdce76d96769dd179f6e9bc79b9ef610d88e6f961c11d3a0cb173520077d4e33e5ee8b923065f163acd93156fa056e3c131368d76040d57892178aea013ac69792f490564c0acd8b0ab05c6c79626b2c6eefefedfc6577c48e7b7f26e62af9aa9d617f2cf5102d7ad606cd0d3200a1f0b202e231938451a1732253698e6288ef94ef7e0436ebf0a5644ef954ba7bffb0dded90e3275b2d37a792a01efbb6f859159c2535d43a6357e1bc8e1e05b43763238e517f1fbbe652db7c7e23744f60fb0a6a55bcaf0f1d141d07eb81f0252542de9250cb7a606f70592f1273a3e7821c3ae21c739c54f32402efebab5f87ec7f9698b3530e0b633b21058799741813f3a92c23c898d506ea5cc32957fd4915bdf938c6018e80c51de0db48e0cbc717fc893b2f1ae60e284dfd6bbaea10f085a7d59d33a6339fe34f2998c8d2c4b9a863829c4adeb7fcd847c05acf35c9a54ca3dc8830d2801614f3be5f1baed728088c164b9ee6ac3824970d8eeaec8b632977ef513189a0e6a8183ec57e82580cff19321d53db63c978714684eaa08488fcdaa966bbe949b73b11f1f265a0f528fd1b857d70e31dcbf4096bf92ff2b606e68c8c5ba4a3e54e47421d927617b8b5478b3302ef64b3dd553d7bd1280e19f55c3950cc9f13140101ff46f09e410db35dae8772939a5abe7df6408859e1915ed16fab0bfcd3fd490b797dc58880db0f6f2755b9cdbf9314d134f732bc33675d626d4ede2b67e2c4ba87a55fbbaa2cb3fe038999fd5b6cb48eb753403e396f9b5bd6b44b018d0a33480eb7820a803d5c298197ca35348d9111fc7f756962460bb7f9768385654feb102d18a73a0a"}, {0xc8, 0x109, 0x3f, "615a27b64cce38e01b85e2baf780d9f0af43aef16ad9960f667ae462ef924954f26f1b7988c748132d9bf5b41c39420a89d06eebdb4a208fce3abc07f4164245c24d5ede0360546b0b756a6c48948f8284eb20161cb0b184ee0c8799b413c91d49eaa0a8185aa5f98d163482e9047ec85fce3bb670a1e5f029cfd0d6ff04a6664d404458bc0d633b9b1855bbf588f62489e0a755978ab7e60cd140d10e61a1ed360ce38d35127293b5a639ec7b7966acb0755530"}, {0x110, 0x111, 0x9, "d8d88f90e1abcf52f5dd95da6578bcdc24e8e766b4e220f1b895b8d0bf9ee2fd574bfea22e69082adbbf1a4b1e443ff1cc3302060fde7b5aff61269a4b1e3b56d56cf042fe3853de2b61423854ef18017b0e8faa3af27e64cac21c4aa0c8c91fcdd75c692dbfe2ef816cac9a201701d2e272edba42e032302acbb0777aadb0f48002655806389127eefd17fe0d3d1d080901a5defc36070bec6ab7a95b17a56c2c9c116fd8ab7a4628a0d61f9527805c2c07e3c76df9b41873d817e1f1984c6276c54d4a6fbf3f6d7b8f57e4b9198d3a169858b2e03980b928e9b80cfb7286e991611db9d25e5c7e164341b075261f55a3be80ac239c437c9da695a40becca"}, {0x18, 0x100, 0x3, "aa"}], 0x12c8}}, {{&(0x7f00000026c0)=@pppoe={0x18, 0x0, {0x0, @multicast, 'veth1_to_hsr\x00'}}, 0x80, &(0x7f0000002a80)=[{&(0x7f0000002740)="2974bf3639d2647141474540f16164a0b4a4bce8ee77d51086230a7978513079e70ab1581125c465be3a763cddc84e4052012ee3f6de7accacec2beb51e1b4fb4094c1a3a7b9ce4ecee3aa8ed93a7f", 0x4f}, {&(0x7f00000027c0)="aafb122e855a66ea6b1b0c701937e2ceaea912cf61e8561c89ecea2aa14e35ddc998c02199a99f63cea6f8325f5179964a9b4bbc6b5bcc9548043fec07f0996453987f5cdce0c060428510568f1abb8284bac9b11e77ff40f5c1fd2ba1730d950ed18e6dff95bc364a0a5ffd4ac913ecad2fcf80d9e6b691e399d425335e23794306156c164d3ecfef0e0d03054fc849293ae973eca921553cf6e9762bbdc927f5f1489916b0b98ff4100bd02b790a4eb7b582de4c5f0c868efcc2699c95a4e46a472c5d5c441896dfcff7d76d35e185b31d8adbade1f314", 0xd8}, {&(0x7f00000028c0)="0c07d6b3d3852abfbed63abbeebd3e964aa0f3db2c782dbbce6d0bad58bc7de12e778f60b8509dc78fa13502b0049c476ef350cdbcbaa8535e2c2789cff395f6cb8a6555260e9f7645d168f73598e3eb4b503b9a5418206d2d12dba8d7b7add2597597a669af4b17594c1596bf13adcf01085291612e736556b8450d7f4231077d02293bd283579c3b9ed8bae07325ebc8db18edba45025190d2589bf4c772f85d1449d75009b639d025b8e2ec98ef863fddddb93b1eaf33b27d8525ea493637adda25e4f0ca8566f057b4161b09546ac18d0cae617357680ee6611f78ce618c9a27103224dbf2cc1b36ff3f", 0xec}, {&(0x7f00000029c0)="24ab22a890166a53d88e7b151677f25de63a191daa07a509c0485c5a059057d5ba93a2ace2a09e56e1a03cafbe2a149d3f408418ab8c08f12cda969bdd9cb7e97e5e7da0031fee89", 0x48}, {&(0x7f0000002a40)="e2", 0x1}], 0x5}}], 0x5, 0x240080c4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045438, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:30 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:30 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:30 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003000000000000000000000c00000000000000000000000800000000000000000a00000000000000000000000200000000000000000000000300000000000000000000000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000170000000000000000000000000000000000000009000000000000000000"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="18240000", @ANYRES32, @ANYBLOB="00000000060080ef9401c0ff0800000006000000000000009500000000000000"], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:30 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:30 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045439, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070c000000000020000007000000", @ANYRES32=0x0, @ANYBLOB="0000eab100"/19], 0x28}}, 0x0) 09:29:30 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045440, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2238.325645][ T9570] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2238.340801][ T9573] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 09:29:33 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:33 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x800455c9, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {0xfffffffe, 0x4}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:33 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fstat(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r2) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(r4, r4) chown(&(0x7f0000000100)='./file0/file0\x00', 0x0, r4) r5 = gettid() tkill(r5, 0x40) ptrace$setregs(0xd, r5, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r5, 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x400) getgroups(0x5, &(0x7f0000000a80)=[0x0, 0xee01, 0xee00, 0xee00, 0x0]) statx(0xffffffffffffffff, &(0x7f0000000b00)='./file0\x00', 0x6000, 0x800, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r1, &(0x7f0000001400)=[{&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000680)=[{&(0x7f00000001c0)="84cd0a62c7a3b03578eefdf945f6313ede9b75667e5fac07c04c2d67cfb6f6f2dd6cf3a7178451a4370615b56d7c", 0x2e}, {&(0x7f0000000200)="a61baaccfddc955bdb9edce3e5e4b09fcd123aef240f921a2c850a0b0789f2dbf8661b2a8d26b7a9a1c8b2650ed8bf3436c6e24973176d191aef54f78f6d03aec0bac2b261d8c0dae3e1c1d8708039f4c554a0bd289a76d88fef04682ac047cfd55d22376731c8cf5a242354e7bf859296c13f985edc7b8b73203b8b06968d7c975ee3da2912661b4b36c381408450313e7302a42e3cbdad3b116ed23159a77fd4610899b995f202d8f2ffcd462efaf5d659706e0d14c6b9947becb243550ea6077979e928b3bd2575c38539efc13faa62e187906ab9fe22e7888cf8d4b16777e02810f21e78", 0xe6}, {&(0x7f0000000340)="9ae099e34c13de1b4b349093fcec484564d9f4d8a723cd7407d0", 0x1a}, {&(0x7f0000000380)="d002b5a719d45c067400e78897f3bdf3da406b839366888e04d90d805ece3890f6b9609ef5108a274f2d868809899c03d2f13544057a9d1dd7a72ef58eb60c7ba6f46ecf1bbc04e572e956dcb303004ec00fea090cfd35b12124a5e5851958763c978c74e8eee4c0e746f3ca52", 0x6d}, {&(0x7f0000000480)="8155e66b1adba6eee470cc077daa331e81d33a01005c775b0a32a98aab0ecb02edf54bc178d054de905fc47c596a1489c98376d1b8d87dc4902ce82b551376c014fe377294bc0048f362997af0daf23b739d1dce77cd06eec7b4a7f40a9cc90422162ebbe559566e822d861cc68d166a1aebacc8ef603a622f14695fd751795fc45018866eb72bca3c0b2f108ae7cbb2695702d3cc3c3663779c0617293bdd47c1ebf7d82c873b78ed40710000f30ca5c144215db23c0db712d2e37047027e6d09e5b759e4", 0xc5}, {&(0x7f0000000580)="06eba3ec076835a3c31e1f9d13bb7190fb439ad60d1208b0b3ad0a243d98c0d9cb180501a8b1e095a99baec7edf1e2e551ef37e0d4a928ea91681d967fef78d79ce0ad0ef5e08cba6e221d98d128b366221b36af51f0c2a1379cc38ff98fc97b09caec6b3c0de78bdcd1d60c99e8518ed256b4643981048b6158737b39e399c49465890b62bd453f8f6f225ac77c7c86da8924d9124fb76ec7e6bd595a7d63946b5f128bce33af30206d4cf23d26dda7a0c0a188c1f4cad31856fc1b9b20bae2e2037672f991e76b", 0xc8}], 0x6, &(0x7f0000000c40)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r1, r0, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [r0, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r4}}}, @cred={{0x1c, 0x1, 0x2, {r5, r6, r7}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r8, 0xee01}}}], 0x140}, {&(0x7f0000000d80)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000001180)=[{&(0x7f0000000e00)="fcbdeaacd6797ffe0b6334c9651a15c58b986b6c44b13123a27d99af557a7d0430c69d7e136ee1ed10cd85435296f9b0d148cb4a40a2e7748452d8473cd7b4e9c404a030393841ff12d5b64f14a162414a62b851bb7b4774fb90ee33720fda514d0b9313991a29008110e4808649684b7c56f59bcda0e98325ae7d41a81dad7ee7e8f96d4d8fd460c3f7", 0x8a}, {&(0x7f0000000ec0)="41a732ce7c9a7467d4624690c3460a", 0xf}, {&(0x7f0000000f00)="08c6b58211fce392744457c6dbd3f05bb5dc0685104e42a87579685f8c870fe21c211b582c54c2588b405fd844409620a3dba435816c0ed7164657d6f78534b8b3cf46adffcc7205aaf6316ca270aeded98f6f9b8e066f0da7ac27cd2a4a53b6f34f5b6d0892582a259bd709716f10ca6ca91e6cb17d328d3589c924965123be8d340a5165ec9c594d42d25f5140a3631e295ab6843500d81504c382c6f0c90e59b6f9db91aeaac4731b86b2f6e24f2e5df5167d71d6d0bfe06e633f3cf2fab55bb190eeeb7b514b66adaec52d6e331d177e75229772622caef5ad4dd1ef3f890d1cb8ddccaeca890ff5b59b2fcc013835c3ec3a", 0xf4}, {&(0x7f0000001000)="f41587459e8a7645295c19986c09bcd3f732fc8691f81076431b1a74cba15ccc689db2fd164d058eb9098c5b1beb55483abfbd27f802e28c370dddede7871ac93d70bc8d957db03d458f74f97b9a27f51dff64553d5714f54717f148345baa4af1c327f8bff71b299ca8e421a058d1c6db3dc2bf120e9020763d5380e34e", 0x7e}, {&(0x7f0000001080)="3a023907e97ddc999a4029e895829b5a8e8f2080f40c93f260ef105e1a103bb37ee7964397a538cfdb14774fb33006a02bb169c3bef1237738814543ded41dc80bcad301c4a900da2a1be0c253ea56cfca44a32ca45707c040f41cfd329dad75eee3465e1ba8ec374ddd1bf43506544f3d7c7bf19f68e8", 0x77}, {&(0x7f0000001100)="e8021e6f953f0d61cdfdd80680ebfd39631c7309577d06ea3e94b32bd88773bed2e927850347f3c3ebba0308eac89026ad8864bb86cceaad967e9c966eda356082f6e98b3fcc606d3a69a11f900a1ff5d65a3516ee", 0x55}], 0x6, 0x0, 0x0, 0x5}, {&(0x7f0000001200)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000013c0)=[{&(0x7f0000001280)="08fd0ecd7459313e3dbe361aedd392e776de78ae6a31ef9a793b55a5224b9a1d733d9759abac38100d86b79ada7e48809d7f743f76aa55a35ab1a0e666170528c547c2a79d102b8d15e6aab05338b44683115e4aaf0555233dad4c527e940e12a816c794ee4ed537fe4363e2d34571d4736c834987924086788c589469397ec81595f54a4582e9cff7fab7c043989ebf0b0a60a894a02a35df695300fe42e2697742a6543079b1c8", 0xa8}, {&(0x7f0000001340)="9413c3df2735dee113b6d4f343c937ec6a2a7b87ade0343904acbe6578d169f4a188182936250246064944fbc6e734c298fa676ddc207bf6ee3d4fa5b3144fc216096a36a357c6ce0b2fa870b30a03b245077d3ceae9b489ac77", 0x5a}], 0x2, 0x0, 0x0, 0x4000}], 0x3, 0x10080) r9 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) ptrace$cont(0x20, 0x0, 0x800, 0x3) write$binfmt_misc(r1, &(0x7f0000000080)={'syz1', "5a8cc6c895a769aa9336846856f40bdc067f0b359aa2bd3301c468a4a3976a832e5ed6643afce054ab72a601ed9023dfdc6e58094622d41d7fc0eedcb9e40685ff61ec8ae167d4418e7dadf27eaf4187404be5506bd3d792e7eff850f53eb33a1f6d6bba8e6763418bd07939a3216b"}, 0x73) sendmsg$nl_route(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r10}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:33 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:33 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x800455ca, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:33 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'nr0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000140)={0x16c, r3, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x20, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="434a28932cac0cd199664f34c14d17c631cf639b0c6266df"}]}, @NL80211_ATTR_REKEY_DATA={0x60, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="cb4054de2b79cb70f6f2ecd6c54b2580e13e2a25dde1df4183b829b5afe59e72"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "ff9f899da36fca46"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x5830}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="78f513a45fef1df7f91d4675ca86204b254e6bb26f0fca2190c8092af219bea4"}]}, @NL80211_ATTR_REKEY_DATA={0x70, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "bc8e88d709b394ec"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="9305131a61bbcd7e8f543e3dc0b92146ba4dc391a4ed3f1f5e9a534246d0ba9a"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "766d08a2c01c768a"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x4}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="606672993c33b063be5dea5183cb8b37"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "1143e1f63ab5cfaf"}]}, @NL80211_ATTR_REKEY_DATA={0x68, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="6ae1f4f4718f642dfc1ed1dab64f914e63a5b77709ef03e1"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="ac674be459ebb7abc64e86d695c85aa8"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="21faff401cf5b7b162d9827972ff559b"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="44b24a3d792d03cc02547fb0c161995b"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "dd7efc503b56048b"}]}]}, 0x16c}, 0x1, 0x0, 0x0, 0x8040}, 0x40081) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)={0x41c, r3, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x8000, 0x6f}}}}, [@NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_TX_RATES={0x384, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x78, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xc7, 0x5, 0x100, 0x80, 0xffff, 0x72, 0x401, 0x3e79]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0xcb, 0x6, 0x9, 0x7ff, 0x4, 0x9, 0x3fe8]}}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0x48, 0x48, 0x30, 0x2, 0x1, 0x8, 0x16, 0x30, 0x9, 0x8093bee0a52c21e1, 0x24, 0x2, 0x1, 0x2, 0x9, 0xc, 0x18, 0x3, 0x12, 0x3, 0x36, 0x16, 0x30]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x2, 0x3, 0x24, 0x4, 0x13, 0x36, 0xc, 0x3, 0x60, 0x36, 0xb, 0xc, 0x5, 0x1, 0x6, 0x5, 0x4, 0x24, 0xc, 0x30, 0x6, 0x16, 0x0, 0x18, 0x9, 0x24, 0x48, 0x1b]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0xb8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xf, 0x1, [0x18, 0x36, 0x6, 0x5a, 0x18, 0x18, 0x16, 0x48, 0x60, 0x3, 0x6c]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x8, 0x4, 0x6, 0x1, 0xb9, 0xcd, 0xea]}}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x60, 0x0, 0x2, 0x0, 0xc, 0x2, 0xb, 0x48, 0xc, 0x9, 0x56, 0x60, 0x1a, 0x5, 0x60, 0x9, 0xa7df7eeb46e6a9ef, 0x35, 0x16, 0x3b, 0x16, 0x30, 0x3, 0x1, 0x9, 0x9, 0x1b, 0x60, 0xc, 0x30, 0x60, 0x6c]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x1, 0x48, 0x48, 0x48, 0x0, 0x1, 0x12, 0x36, 0x6c, 0x3, 0x6, 0x4, 0x36, 0x12, 0x6, 0x9, 0x9, 0x2, 0x18, 0x1, 0x12, 0x12, 0x12, 0x1b, 0x1, 0x9, 0x30, 0x2]}, @NL80211_TXRATE_HT={0x3f, 0x2, [{0x3, 0x1}, {0x3, 0xa}, {0x7, 0x6}, {0x1, 0x6}, {0x5, 0x1}, {0x4, 0x3}, {0x2, 0x5}, {0x5, 0x8}, {0x1, 0x2}, {0x6, 0x8}, {0x4}, {0x1, 0x8}, {0x6, 0x6}, {0x0, 0x3}, {0x6, 0xa}, {0x1, 0x7}, {0x5, 0x6}, {}, {0x7, 0x4}, {0x6, 0x9}, {0x0, 0x3}, {0x2, 0x1}, {0x0, 0x3}, {0x5, 0x5}, {0x3, 0x3}, {0x4, 0x7}, {0x5, 0x9}, {0x2, 0x4}, {0x0, 0x8}, {0x0, 0x8}, {0x4, 0x1}, {0x6, 0x6}, {0x2, 0x7}, {0x4, 0x6}, {0x3, 0x1}, {0x1, 0x4}, {0x0, 0x5}, {0x6, 0x9}, {0x5, 0xa}, {0x0, 0x9}, {0x0, 0x7}, {0x7, 0x6}, {0x4}, {0x2, 0x3}, {0x1, 0x5}, {0x3, 0x7}, {0x6, 0x4}, {0x2, 0x9}, {0x7, 0x2}, {0x4, 0x4}, {0x1, 0x5}, {0x1, 0x9}, {0x7, 0x1}, {0x4, 0x6}, {0x1, 0x1}, {0x0, 0x5}, {0x2, 0xa}, {0x2, 0x6}, {0x4, 0x9}]}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x9, 0x2, 0x48, 0x20, 0x12, 0x24, 0x3, 0x0]}]}, @NL80211_BAND_5GHZ={0x28, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x7, 0x1, [0x9, 0x0, 0x3]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3c7c, 0xfffd, 0x7f, 0x5, 0x8, 0x3f, 0x0, 0xfff8]}}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x48]}]}, @NL80211_BAND_60GHZ={0xb0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x97, 0xdff, 0x100, 0x2, 0x0, 0x200, 0x1000, 0xfff]}}, @NL80211_TXRATE_HT={0x1b, 0x2, [{0x3, 0x1}, {0x6, 0x6}, {0x5, 0x5}, {0x1, 0x6}, {0x0, 0x9}, {0x0, 0x5}, {0x1, 0x5}, {0x3, 0x5}, {0x5, 0x1}, {0x0, 0x3}, {0x2}, {0x1, 0x4}, {0x4, 0x5}, {0x2, 0x2}, {0x6, 0x1}, {0x2, 0x3}, {0x4}, {0x1, 0x6}, {0x0, 0x5}, {0x7, 0x8}, {0x5, 0x3}, {0x1, 0x3}, {}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0xfc01, 0x3f4, 0x7, 0x0, 0x9, 0x3ff, 0xf4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x76, 0x6, 0x20, 0xfffa, 0x1f, 0x40, 0x2, 0xffff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x8001, 0x4, 0x81, 0x8d9, 0x2, 0x3f, 0x5]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0xfff7, 0x8001, 0x2, 0xcd, 0xbcec, 0x7, 0xff]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x1, 0x9, 0xb, 0x2, 0x48, 0x24, 0x12, 0xb, 0x5, 0x6, 0x9, 0xc, 0x6c, 0x24, 0x48, 0x4, 0x9, 0x3, 0x16, 0x48, 0x6c, 0x18, 0x12, 0x18, 0x0, 0x36, 0x60, 0x5e, 0x16, 0x48, 0x24]}]}, @NL80211_BAND_5GHZ={0x88, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x7f, 0x51, 0x8001, 0x3, 0x1, 0x4, 0x7ff]}}, @NL80211_TXRATE_HT={0x2d, 0x2, [{0x4, 0x9}, {0x4, 0x9}, {0x7, 0x8}, {0x7, 0x6}, {0x2, 0x4}, {0x2, 0x4}, {0x2, 0x1}, {0x4}, {0x6, 0x4}, {0x5, 0xa}, {0x4}, {0x3, 0x4}, {0x1, 0x6}, {0x5, 0x1}, {0x3, 0x5}, {0x7, 0xa}, {0x1, 0xa}, {0x6, 0xa}, {0x7, 0x3}, {0x7, 0xa}, {}, {0x3, 0x2}, {0x1}, {0x4, 0xa}, {0x6, 0x3}, {0x1, 0xa}, {0x2, 0x4}, {0x1, 0x4}, {0x2, 0x3}, {0x6}, {0x2, 0x6}, {0x6, 0x5}, {0x6, 0x1}, {0x4, 0x9}, {0x2, 0x2}, {0x0, 0x2}, {0x0, 0xa}, {0x2, 0x9}, {0x0, 0x1}, {0x0, 0x4}, {0x5, 0x8}]}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x16, 0x9, 0x1, 0x3, 0x9, 0x9, 0x4, 0x5, 0x24]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x24, 0x24, 0x12, 0x18, 0x30, 0x36, 0x6, 0xcfdb81f9fece4a40, 0x24, 0x48, 0x6, 0x3, 0x36, 0x24, 0x1, 0x18, 0xd, 0x69, 0xc, 0x16, 0x4, 0x18, 0x1e, 0x18, 0x4]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x13, 0x2, [{0x1, 0x9}, {0x3}, {0x0, 0x5}, {0x5, 0x2}, {0x7}, {0x6, 0x7}, {0x5, 0x5}, {0x1, 0x8}, {}, {0x6, 0x9}, {0x1, 0x4}, {0x7, 0xa}, {0x6, 0x2}, {0x4}, {0x7, 0x4}]}]}, @NL80211_BAND_2GHZ={0xd8, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x20, 0x7fff, 0xfff9, 0x101, 0x4, 0x9, 0x200]}}, @NL80211_TXRATE_HT={0x4c, 0x2, [{0x1, 0x4}, {0x3, 0x5}, {0x3, 0x8}, {0x7, 0x8}, {0x5, 0x1}, {0x6, 0x4}, {0x0, 0x2}, {0x7}, {0x6, 0x4}, {0x5, 0x5}, {0x5, 0x8}, {0x4, 0x6}, {0x5, 0x3}, {0x2, 0xa}, {0x3, 0x3}, {0x1, 0x7}, {0x0, 0x8}, {0x3}, {0x3, 0x1}, {0x5, 0x4}, {0x0, 0x6}, {0x7, 0x1}, {0x7, 0xa}, {0x7, 0xa}, {0x4, 0x8}, {0x7, 0x5}, {0x7, 0x1}, {0x6, 0x4}, {0x3, 0x8}, {0x6, 0x8}, {0x2, 0x2}, {0x2, 0x6}, {0x3, 0x7}, {0x1}, {0x6, 0x2}, {0x2}, {0x0, 0x9}, {0x2, 0x4}, {0x2, 0x4}, {0x1, 0x9}, {0x0, 0x3}, {0x3, 0x7}, {0x5, 0x4}, {0x4}, {0x7, 0x7}, {0x2, 0xa}, {0x4, 0x7}, {0x5, 0xa}, {0x3, 0x4}, {0x1, 0x9}, {0x0, 0x4}, {0x1, 0x7}, {0x4, 0x7}, {0x2, 0x8}, {0x6}, {}, {0x0, 0x3}, {0x4, 0x4}, {0x7, 0x5}, {0x4, 0x3}, {0x6, 0x2}, {0x0, 0x6}, {0x0, 0x3}, {0x2, 0x8}, {0x4, 0x7}, {0x6, 0x3}, {0x1, 0x4}, {0x0, 0x2}, {0x7, 0x6}, {0x2, 0x7}, {0x0, 0xa}, {0x4, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x101, 0x8, 0x8001, 0x1, 0x7, 0x2, 0x9, 0x20e3]}}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x5, 0x4, 0x1, 0xb, 0x9, 0x18, 0x3, 0x4, 0x30, 0x2, 0x1, 0x7a3b1d5b135c09ab, 0x9, 0xc, 0x16, 0x36, 0x1b, 0x1b, 0x0, 0x2, 0x1b, 0x16, 0x2, 0x60, 0xc, 0x1, 0x2, 0x9]}, @NL80211_TXRATE_HT={0x1b, 0x2, [{0x1, 0x4}, {0x5, 0x6}, {0x0, 0x6}, {0x4, 0x5}, {0x7, 0x9}, {0x0, 0x4}, {0x1, 0x3}, {0x0, 0x8}, {0x6, 0x6}, {0x2}, {0x2, 0x7}, {0x7, 0x5}, {0x0, 0x3}, {0x2, 0x9}, {0x1}, {0x5, 0x7}, {0x1, 0x6}, {0x2, 0x3}, {0x5, 0x7}, {0x2, 0x3}, {0x0, 0x4}, {0x1, 0x1}, {0x2, 0x2}]}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x4, 0xc, 0x2, 0x48, 0x24, 0x1b, 0x2e, 0x5, 0x6, 0x12, 0x5, 0x45, 0x30, 0x3, 0x1b, 0x1b, 0x44, 0x12, 0x1b, 0x9, 0x1b, 0x30, 0x5, 0xc, 0x5, 0x3, 0x16, 0x6, 0x1b, 0x12, 0x30, 0xb]}]}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_BSS_BASIC_RATES={0x14, 0x24, [{0x30, 0x1}, {0x29}, {0x3, 0x1}, {}, {0x52, 0x1}, {0x48}, {0x24}, {0x12, 0x1}, {0x12, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x36}, {0x24}, {0x3, 0x1}, {0x6c, 0x1}, {0x30}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_MESH_CONFIG={0x54, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5}, @NL80211_MESHCONF_FORWARDING={0x5}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x80000001}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x5c}, @NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0xc0}, @NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x7}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x7ee}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x1}, @NL80211_MESHCONF_FORWARDING={0x5, 0x13, 0x1}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x2}]}]}, 0x41c}, 0x1, 0x0, 0x0, 0x880}, 0x200400c0) 09:29:33 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80000001, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:33 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:33 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) 09:29:33 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80086601, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:36 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x8, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f010000141f07bcd4c9c522000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:36 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) 09:29:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000c80)=[{{&(0x7f0000000080)=@tipc, 0x80, &(0x7f0000000200)=[{&(0x7f0000000140)=""/156, 0x9c}], 0x1, &(0x7f0000000340)=""/217, 0xd9}, 0x81}, {{&(0x7f0000000240)=@isdn, 0x80, &(0x7f0000000700)=[{&(0x7f0000000480)=""/183, 0xb7}, {&(0x7f0000000540)=""/187, 0xbb}, {&(0x7f0000000600)=""/172, 0xac}, {&(0x7f00000002c0)=""/49, 0x31}, {&(0x7f00000006c0)}], 0x5, &(0x7f0000000780)=""/142, 0x8e}, 0x3}, {{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000840)=""/55, 0x37}, {&(0x7f0000000880)=""/234, 0xea}, {&(0x7f0000000980)=""/239, 0xef}, {&(0x7f0000000a80)=""/139, 0x8b}, {&(0x7f0000000b40)=""/32, 0x20}, {&(0x7f0000000b80)=""/75, 0x4b}], 0x6}, 0x401}], 0x3, 0x2000, &(0x7f0000000d40)={0x77359400}) socket$netlink(0x10, 0x3, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80087601, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:36 executing program 0: socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:36 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfef0) r2 = openat$incfs(r1, &(0x7f0000000380)='.pending_reads\x00', 0x4102, 0x0) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f00000004c0)={0xa4, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x1}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r2}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:36 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) 09:29:36 executing program 0: socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:36 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const={0x5}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x48}, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0045878, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070c00003171ca84000007000000", @ANYRES32=r2, @ANYBLOB="000000000a000200ffffffffffff0000"], 0x28}}, 0x0) 09:29:36 executing program 0: socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:36 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) 09:29:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0045878, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:36 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) 09:29:36 executing program 2: r0 = request_key(&(0x7f0000000280)='rxrpc\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000500)='\xff\xff\xff\xff\xff\xff', 0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) pipe(&(0x7f0000005ec0)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = request_key(&(0x7f0000005e00)='ceph\x00', &(0x7f0000005e40)={'syz', 0x0}, &(0x7f0000005e80)='[(,\x00', 0xfffffffffffffffc) request_key(&(0x7f00000000c0)='cifs.idmap\x00', &(0x7f0000005d80)={'syz', 0x2}, &(0x7f0000005dc0)='ip6gretap0\x00', r6) close(r5) splice(r4, 0x0, r5, 0x0, 0x80000001, 0x0) r7 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, r7) keyctl$search(0xa, r0, &(0x7f00000020c0)='big_key\x00', &(0x7f0000005cc0)={'syz', 0x2}, r7) recvmmsg(r5, &(0x7f0000005a80)=[{{&(0x7f00000001c0)=@alg, 0x80, &(0x7f0000000340)=[{&(0x7f0000000240)=""/64, 0x40}], 0x1, &(0x7f0000000380)=""/37, 0x25}, 0x20}, {{&(0x7f00000003c0)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000480)=""/65, 0x41}, {&(0x7f0000000540)=""/155, 0x9b}], 0x2}, 0x43230597}, {{&(0x7f0000000640)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f0000000900)=[{&(0x7f00000006c0)=""/139, 0x8b}, {&(0x7f0000000780)=""/66, 0x42}, {&(0x7f0000000800)=""/97, 0x61}, {&(0x7f0000000880)=""/110, 0x6e}], 0x4, &(0x7f0000000940)=""/228, 0xe4}, 0x100}, {{&(0x7f0000000a40)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000bc0)=[{&(0x7f0000000ac0)=""/134, 0x86}, {&(0x7f0000000b80)=""/24, 0x18}], 0x2}}, {{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000000c00)=""/37, 0x25}, {&(0x7f0000000c40)=""/59, 0x3b}, {&(0x7f0000000c80)=""/4096, 0x1000}], 0x3, &(0x7f0000001cc0)=""/135, 0x87}}, {{&(0x7f0000001d80)=@generic, 0x80, &(0x7f0000002080)=[{&(0x7f0000001e00)=""/79, 0x4f}, {&(0x7f0000001e80)=""/205, 0xcd}, {&(0x7f0000001f80)=""/114, 0x72}, {&(0x7f0000002000)=""/82, 0x52}], 0x4, &(0x7f00000020c0)}, 0x800}, {{&(0x7f0000002100)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000003480)=[{&(0x7f0000002180)=""/226, 0xe2}, {&(0x7f0000002280)=""/228, 0xe4}, {&(0x7f0000002380)=""/232, 0xe8}, {&(0x7f0000002480)=""/4096, 0x1000}], 0x4, &(0x7f00000034c0)=""/50, 0x32}, 0x8}, {{&(0x7f0000003500)=@l2, 0x80, &(0x7f00000046c0)=[{&(0x7f0000003580)=""/38, 0x26}, {&(0x7f00000035c0)=""/233, 0xe9}, {&(0x7f00000036c0)=""/4096, 0x1000}], 0x3, &(0x7f0000004700)=""/196, 0xc4}}, {{0x0, 0x0, &(0x7f0000005a40)=[{&(0x7f0000004800)=""/255, 0xff}, {&(0x7f0000004900)=""/46, 0x2e}, {&(0x7f0000004940)=""/4096, 0x1000}, {&(0x7f0000005940)=""/251, 0xfb}], 0x4}, 0xbb}], 0x9, 0x10021, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000005d00)=ANY=[@ANYBLOB="1c1000001a000800080000000000000002101401fe01fe06000e003147a033d265d19283eb38701a4adb5cba72c8e4b9c88008d30cf4a52908158cd8320ba1e9063b0c33fc2f"], 0x1c}}, 0x20000040) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070c000000000000000007000000", @ANYRES32=r3, @ANYBLOB="000000000a780200ffffffffffff0000"], 0x28}}, 0x0) 09:29:36 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) [ 2244.415694][ T9664] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2244.433053][ T9670] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 09:29:39 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const={0x0, 0x0, 0x0, 0xa, 0x20000000}, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) pidfd_open(0x0, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000340)=0x0) tkill(r3, 0x13) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0189436, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:39 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) 09:29:39 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000300), &(0x7f0000000040)=0x60) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000004, 0x50, r1, 0xa2a5a000) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:39 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) 09:29:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c00070c00000000f90000000700000050294bf98eafcafddb2d989af44f28b797bb9cd0c9421454ee18c51cab0fd5e73dc52c25362b4494167d991abe8b8e9d64d86fda187d3313128eb25542d04e6e58f4c503fb6e4c28dae0419b54d1d50bb777a7f5eafa367a315585a006f1f1ea8a3cff9344591086ca555af28c02aee3be92e84df69572d78691dfab9e5e5a1084f8486955e095f03bd890c23211dfc382f3e22d9be1cbfa3ac0ce8b40c91a33ef3e1959f605d985fef484720bbdeadfe457da31c04f5a07995d", @ANYRES32=r2, @ANYBLOB="000000000a000200ffffffffffff0000"], 0x28}}, 0x0) 09:29:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc020660b, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:39 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) 09:29:39 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) 09:29:39 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) 09:29:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, &(0x7f0000000080), &(0x7f00000000c0)=0x40) 09:29:39 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) 09:29:42 executing program 1: clone(0x4050900, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="7472616e733d66642c72661f060000ab208aef1f1c12e45ed2029f8ee04570aebe259636dfa9", @ANYRESDEC=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4200, r2, 0xfffffffffffffffc, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000008c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc5, 0xc5, 0x3, [@func={0x400000, 0x0, 0x0, 0xc, 0x800000}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x4, 0x5}}, @const, @struct={0x7, 0x1, 0x0, 0x4, 0x1, 0x80000001, [{0xf, 0x2, 0xffffffff}]}, @typedef={0x7, 0x0, 0x0, 0x8, 0x4}, @const, @int={0x4}, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{0x2}, {}, {0x5, 0x0, 0x6}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xe3}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r3}, 0x78) tkill(r2, 0x40) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) 09:29:42 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) 09:29:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:42 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000000040)=r0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000000000000000000008000000fcffffff000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f01000000000000000000000000000000000000ed0000000000000000000000000000ff0f0000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000e42b5ea01a8ddfecb5158ee0beee5a1aca2e1c4ba0575a01f4ae295d9d0c3ca15fd4a0e97755fac9708b4bb792d66f0ed7152419f3a099fd9b11682da8214285bace3ad8c92bfebb5d89fbe75164d7707cc578dd99c90652ee9a8b8aee3162f7ede2e8ede27c8a28020c263023dafd3568824647cce1930155ecae4becdf746f029fb3017977fdafbafb03f9809d039af5275372bd9c0f41d5eb3da0ec8b098a353c163a914b5ae9d2fd31873c3d3c8bfbd5a3fab38c5536728226e139aa0a54ff17962f83fcd8a165d8d68fdde894ba4c9ee7a6e76fc8405a4b59efe51042bcc8c6bcfda917679a05ab0844cda8140000000000000000"], 0x0, 0xbf}, 0x20) tkill(r1, 0x40) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x40) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$setregs(0xd, r1, 0xffffffffffffffff, &(0x7f0000000140)="604254df1794c3a5db30b4fa1796a6dd3eedde12dff9ade4ccbe37569de35ed581e40045cfbcdc713ce72633b55f3e464706") ptrace$cont(0x7, r1, 0x0, 0x0) 09:29:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@ipv6_getaddr={0x30, 0x16, 0x20, 0x70bd27, 0x25dfdbfe, {0xa, 0x0, 0x32, 0xfe, r2}, [@IFA_FLAGS={0x8, 0x8, 0x2dc}, @IFA_FLAGS={0x8, 0x8, 0x200}, @IFA_FLAGS={0x3c, 0x8, 0x42a}]}, 0x30}}, 0x0) 09:29:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) 09:29:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:42 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) 09:29:42 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b964280003000000000000000000000c00000000000020000000000800000000000000cd3a3c5559ae93194bb294cd000000000a0000000000000000000000ff01c0a464530a29e78d61d44bbb1a954fbb00000000000000030000000000000000000000000066c161fe000000000000000000000a0000000000000000000000010000000000000000000000002600000f010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003324000000000000000000000000000082fd3e90e59ae674c3388087f8b57acecf949346aecd7d8881c529e98929f23fae39f1f3e9153f847a6a856ee749ede5051f2e745306069dcd4f5dabe20b29ddb72e84a2c502e5242ca6b00b4ded36b866063574e1d5b39a3a62fa1f0e1e388df3726ca4e39de190b287ea2048be938987f71ef3beece6422a76901f9beed6c83aaec4257505324df6c2df4e73d5df9c814f73a827df3ae23372014f33a0b1155fec56ec55b37660623ccf123dd4930283b6d41b74c4fdec089631fbda3a0e45537095085e6bc715af864955e8ea42bcab9eb80516a561103bd5d576d0e120ce8a5fbed45d223d5816ec833c1bf3ec6fa5aa4e42e36e40a5f9a676e3331336d2b1742f90e11de69ee0"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x0, &(0x7f0000000580), &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xfffffffd, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00070c000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000007390ce6bffffffffffff0000"], 0x28}}, 0x0) 09:29:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:42 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x7) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) [ 2250.335890][ T9718] 9pnet: Insufficient options for proto=fd 09:29:42 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() clone(0x80000000, &(0x7f0000000300)="e535ed464493e3c0f982e39bb709ab31b92720f01f95be7b7fed1b6aeaf4771a9c3b53cfd971cd857ae632537dd72a503180bfb62e3ad9dc8596119181d711c393f548cd561f943440c2e016ef0a7308edcd65808320f372bf196ffb7b491c70", &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000380)="163cc45aa75032bbdb2279490d4729b2a554646a508308774f30ae3cf0858cd9af69737ccb87f32b401dc011a54eafa4808e3420ca21b9a274f51be8b3c35841905dcd7bbb96bae80075d8aee6abce0fe307243a56959c15ff065c5067a11ed80213f6a3e3405f388e9f31fd68bf2efcd05e4373") wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:42 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2250.400195][ T9739] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2250.420065][ T9741] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 09:29:42 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:42 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2250.449897][T12254] Bluetooth: hci0: Frame reassembly failed (-84) [ 2252.493576][ T678] Bluetooth: hci0: command 0x1003 tx timeout [ 2252.499851][T11898] Bluetooth: hci0: sending frame failed (-49) 09:29:45 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2254.573477][ T678] Bluetooth: hci0: command 0x1001 tx timeout [ 2254.579498][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2256.653600][ T678] Bluetooth: hci0: command 0x1009 tx timeout 09:29:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x5) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) chown(&(0x7f0000000100)='./file0/file0\x00', 0x0, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xc008ae09, 0x400000) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xc008ae09, 0x400000) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xc008ae09, 0x400000) r8 = gettid() ptrace$setopts(0x4206, r8, 0x0, 0x0) tkill(r8, 0x40) ptrace$setregs(0xd, r8, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r8, 0x0, 0x0) statx(r0, &(0x7f0000002580)='./file0\x00', 0x0, 0x200, &(0x7f00000025c0)={0x0, 0x0, 0x0, 0x0, 0x0}) newfstatat(0xffffffffffffff9c, &(0x7f00000026c0)='./file0\x00', &(0x7f0000002700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4000) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002840)=[{&(0x7f0000000180)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000480)="5718ffa804c8ffaee7ee938847d28e65ffa4f2e841983b88c025efb7f8b2c886c5211eb92e1de56ba51546a154ba0486b881f9d2d26a3a5426ace453df8e41479cc6447efc9206920ace6d95952f9e97605ceda6eee6d9de2a499558d7fc5f989ecf160c9f564a4a998e5eb410df3a137bbbd72838472402c7cdda3c7e5c5978e1d9044423ed85c6b659d84aa02aa5851a009b6946d89282a81d33f849de9564746248f268e011df30a48e2de562a23b7f8b62146fe7e6bc43863565170974e3d5de0e40463ba860ee7985c84f2c0137c87a86da5581cd33efbac2c9811dc809a76f4d50f4a962270e725b442b5718806184408037fc12481a4a3ad8b8eef57bf43cb2f82c936af9c5a5cfffb00d0385e52133329742e259a4edc719873b560170bc8ed2cc98726c490f80f75055e47c3f31df3ab197a89d0b81f7d9f4445354d02ab1665221d185e6d415608403dd87395124e47595ed1cf48774571cc022108d1a95d218899a2ef91c6fb5a19ba3a05bf7a57931e3c6e9a67268064a7a455e01f910c17e98c83baa751fec6c7f89d0395b8663804ea5eccff16818edb73edbcdb376718853b151238a84d058e4df05955685a6ec892ea6ae35ea6f8ccb45c31f589bf2a1b512e2ce3df03dd0a6bb44bb29c29157a6a4a298884198a8b89bf3fc49839940b2f4c02253ed23c4cbd29ec4fb7254f1f8c18a8229462f351193d394079b34a1f04329315787620a017002b428cc76fa9897e84813c3a77b47cf8c1ad4ed780138ed430be7a38f869d56c39fddf2a54ca6b14f55b7b4462f25180b62aee4e303905c1342f3fd0d3eac057f2706d450ee1e4c948aea4962957fa7359f38f929ad7543d40b870fbc29aa2521b48003d66a53125a53e9d36867692268c27ab0d496164e6bfeec13bdc04e00fee0fbcce32bb9ecefe88fc8ff7badc625967eda83f687e0b0ba3c86fd478c4f9f38ba5964576132dc9bb9e25ccdb87c7dd4ab6224fd37d3c7350ceafb4fc7dec07ff680d439c6b7d9b0a8796e9a291e9d1dc06de67edd6d5bfc70d3e1c34d3eb5f498b3ca71d2359dde554c3701593046010ceddb3502d7f12f11572c92d74d135ff61b0a1b87ad86af66bc9e6c7fe546e1c36812b1a2f98662cddc12d37d7e9706a1af43facf6bdcfeceb025ac4fa7fd33ec2ee64eafcec0c2b1fcdf9e48a67990a32f1bdf16d9765d7cccb6fc3327f9bcdafe01e4581712395ae9fa7098048c57d36a916c90cee8c1d2a196f880ac96dd4352d06fddc05c69d4e123be4ce6619aa1b4626b3eb45aecf6c5070113a2d12891621f05fd3fd3c3fdef4d0259340076bb624f18e3a3d4372f93a3bd699cddbacd8d71edf2902cf80b6e83f77159d7747a249408c3217a3a9e1235769426e0ba90b8ff6c0102624ed095e5ee24f958f8a424ee3424ca3c4d6489c09901290c686a093b1d232358276226a41be05ec69c86b3da6463a986271980e3f7d79b6d6bfbe8bdbf2e6a7bc49fa48c4428c3a06fa354c0b95645910ea46584cb6f707be18a3beff6ee8f8d30ecf174f17fee6bf8a6411fde0f3950e908e131f1321b3a802bd7d00c233f0acee4dfd6b76c36dc218850f9997b415f26fc0165413f241e61444c6cc959d4dacf656128344e444b74cfe99f76202c16131d1a1049d658490f7e85b8f2c751f64eea0304b40693cad7fce1513d5291c9be0c6084cca98fd43870e410c55cb7ae5c46ebbd4ee38b515dbda4f7c5ff4de415cb73d6ed1ada1b52254ebbab572f20664e5bd284779306dc8674e4b858f0eaf116cf1193b54990d6d2271a7515d48578d362d04ce8a161c6c2ce619d4f00bf1109bef35d985e3271ffabb012382bdf921214cfabd6981a64eccf228377071a243e0e3fb662c5e161dc8ad39e26b24102e18528d20a2464139454adc12b8c6de37c23f2ce21c6ef78e6817622b6016861403473093f457b309c35f357b9aaef708a834b569cb2179f8a9b029b9302a42d020fd5e2c0d72bc01088463b3536d2a87f8b0e77dc4b7738a2b5374e45e1eec810fdb858ef4fe8ec3e9964cecb3eaf721aa10037dc004fa4d6fec6a95464cb23a707d11cd036e6a8a30250a094457981fddde33efa7a6895b08d14d4865cb7b8f6ef3123d37b74bd0788b9fa5fb11c162c555ce62748bb973ea579e1f72cb3e7e064d26ac8b5c04b392240fd19e90bb40c77203ae9c55b2e5434bb542d7bf8ca808db665b670d3ac9693b47433b2657da5478a64d1b652aa1ceb3b2385d956ebb924fd63b0babe8585cabef86862ffa58ba21f2afb168dce1dd071d0e583b3d00a213fd32ce763762bc1e6dacb3d2882e2242c4ba4acb077195af521c1356e8e1517c773193d22bbf44a5459e12510489387da44523cb8b5fbff7e35cac366bf99f47c8e6547441d79c294478895caf6a942efea7429d013c40fa5870ed60c9451f1596d6db822d8f5cf9841ebb48ac7250d481141ef972bf40fccaa746e14dee32511318345ef387e500435019c70d5d20738077b1c8bf242bf7a814c5500061a300a637af11fb8798fe2cb72c1eac04865307cf99dee313049e89db5c84652a0cac504c53a2318d34bf9bba11191c43d577ad03fd1c2f9fb523e0ba35319b3d978cb01f7d892d91e00a3941470ca6dbacbb7b3ac419190ada040d3cdeddbd3085cef07cc5ddd4f9c7f6ec1d1a595bc8efd7ed7315f596222dcd31f05abcf3a96b2cf02e3bf109c463cdd6c29dc59ac9d54ce2a38fb9ffe45c8e87b0b2227f2cebc5ae469b74f4d09a8c1a9c138a6e2e28cc29e5455c02a9ff0e44b49f0f70b2b1d4b2e30f05a6d49b7665f31fd4697179c47f6208458ac73f86b2b438fe28cd6fbef08e86cafa8b33b4b01e046169469f29ded7dfa7e92eeb69e4916ef6580d28b6028576308c98ca78e46c0fcc71ba81a68e664c996f5b63f3937303ee592c7198101b2e045923380e97ce22e49442f8409c07f2ecfd4a6e720801758c988b36f7a4d4bb38ec981b54c9ebdbf6a4609365ef34ab36fd17e98e29bc1c758abd18c3580696d8ccab3ed9d59bdd9a2e84a2897d8cd278c318358d39b3dc96f154945633447040cf0f6d65007d26a2975822117a1b836692d88825f63457fc713d09bb77fe5f78025c903c051de0ac8b395ede756faf7866d1e7b79a72d7508b003225fef85b8cbecec86cab0887172d92f5768f0dbe06774c73ed92894a08c5cafdf10613442404cf7c8514c5054d87514b1404245a122aaa7317115c44706b089e5800235c118f75482fd27dee0e60ec3c176d5512876cdd8312f9d1dcc90190c0188d69e87a28cc44e8124ecba050a9f102ac3f04a0b3aa1002b5deaf60d2d6a41b68c066e664d24aa1c211d872d9c90ec76f56ad6a6d189fc3699f3bdc68477139ad8e4696be9606164555cab88a01002082f1d579fbd149b8a5321042b43b2102c5d12f0405f7c7d1374adce8dad6cc415a2060afd074335e1f35beb1e02ed4e230f794b0f882d2c1773d310ed82de874e64c077882dc50ad78e3fb9ddd01084f5b3b3d74622ec8c3d4a4cc23297ae82fa904fdf1bedc8c0a5cf5b58ac098cff594bafeb7daeb0a5aa0205ed4c2ab07e0a495cd3418514e0435c6e7847a6326e95a9fa94ef2c5369db334e6b2ae93c4c83d557f5ebb8e739ce4617d6eb122b0ff0a6c5ac96bf843f91619a6464a8b654f7a85bf73315843079c5b4ce47dc068f191330a0f2bf75ed010ba4018b761f072f338784015504c3f3321182080028f114ce5973a032781843f695bbd86e9fdffafea27b5e21289a999493413d50ba9203bb0f62e9d33dfd186c816b485bc8bbd0ab8be2c4e6479dfd2bcd7757411ce711615595d37ebd8fd39fb3c53127394c416dc2e91c8e2110c8d83b2cbbbe0f1408b7d14d413b1b63639567e2a228f8a75cc2da3f08ca7abf277a13bcd87bdc11b641955bd011c419c7773a85cd2f2ba3a11282191806301009f082cd011cc567fdf040ddf80b89d5322267372bdc9319c490a080020da8cc1108a8561c2d0b9b3b098e23e2d83eb2ea57b88ab01b6994ffcb872d215efe5d68250127c01388c6b62beb9b432bded57cc91a8c445c8e46d15eb4534b9af1e703c653abb2145ca00964f49f7b56d801ead213f791cbc29fc666f7d0407964a7b560c325d4e57028b699854407236faabf854f994cdc60e555f4051b9c8bd3695b02638e98b29c7e47d61af230e99163be1bb2fa14e72d93dd7c38fb665c7bf329c65d794aa93bd32426d72dd27def85652483c4cccbc11843250f710a55d7a6b685999326543824046fb31b9f85488e34d549a169453ff1b3bd4c93631347a60d23635988bb7d4fb21b5d91a246324884dd006f4fe0a413cbbe67c80bbe15606371db45073c6088cc7868e7a2ee99e5165ecadaedcaaf052c8be9a910ab98e48145b065943c1ac3e0afb705dbd103a9606d134d517092921013ff2c20580c2232eb41613276ca24efcbf3a37f9e03cc1a51327d94ee61e076615ae057638fa64802a8fe0abcdab2468c128d90c4b9f50950c428ce8a3967d01190b95a8b53e96f73539676526b79f88695f7da1278d5750004ef05b8b9cbb1ce5a1b4734ac8495d09dbafa3dd9416136efd82ddf75beeabe8136e8ea8936d2c7a2354ffb17891af966c114875dc5d35387f9444853ef1337f0e2eeee1008d090527802e62345b9014ca0e2852c515309521f1221a31a45c0e89581c107bfbd74047920c357fa20c009bc2e5ef4accb9d0ca904272178f6ca547e6dffe3bd4ba7b871b11daec15f2a1aa356c9dc6647c1e7babad5c4605bbccb7e94c0e0bcd562c9d00b0be20c99e33a146a16d8908350f0f837aa2e3e449a226d3ec6908fb4904bf5b1276b15d5c3a74eab9f8a9dea04843cb8961579fe018d581a7351da7ecdb934eb8e22211b0a77843b5651ef93bbacd4e53861d0b389ff98f204983dd8add9e091cbf97b9cc8abb6046258c330a66ed6721f369756a8c72e85bddc9fa759072f5292872a1eaee3561b58123fcf580ca959bfa5d60e6992b39d756cb3b9d96e248517b1aff277c689948b6c58dfea828261934ae1616cfb6188101809cd8b04b97c8d14cce1a23a333ebc952ce594a2d7f60f49bc1fa484d687f07738d1da0e17ffdbcdd8fe905d7ad2a624e82cfec357f6f9ace296a8cc83e896bb8f2393554acd017bd183bf155339110f92d732f46c173e5366ea9a538af40e2aa34eea19fcb64d0b91b020e029a99f4f5d071c78eee44a0c82739f9e95185aa5b628d4ad95e7517a97bfae6622953537318936d39406ef37838e2e58c8f5cee9610293e8cd2cf15a94bbf4ea320fbd288809cb51597f959814cdce4540a46543cf248b86c63901c67f99ffa7d2eb606f222bbae697f40b87907ae2d6b1e055bfe2505f126735ada8144a6200080609ee65394fd04937feec26b0f666cc424e561e273906cab70e17dfb1fe26f69e61517a40bd633298f14bff8a63d8221dc7f367f487caf1d30e9964b58665985de5b54a8b59d4535f52cbe010ef724c68e3aef4787f76c53e193f65e3e349af0914e80e9976b3676c701cc0926b54961440d1cc07dcac14306e397426f35682e9e9bbf5415b941d23d8c5015c049e4e298d5c9a05bf8d290c920b6cad8e42f45ff5c1ed780f8e676aacb1d6538b2cfbe275f10d935306dea0e8fcd166c943c2decd5e6cb2f38b20775a309f2fde6229f89f4cdd1955c00281ebab6dd7751cf0df2f022ed3a9c83f5d4f7bc4802658c1453c3aeef0e5efd225", 0x1000}], 0x1, &(0x7f0000000240), 0x0, 0x8804}, {&(0x7f0000000280)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000001940)=[{&(0x7f0000000340)="317988ef5bac6a2e9b1287c4961078e9eda56e8879", 0x15}, {&(0x7f0000000380)="7a01f9d347ecb5c5201c69ad6eb9f47a2f06c2c0003123b078e5a7ce4839030dca996f23fa7e596a1102bd57d67807d7d43c8edffb01d75888fba1d1df44d2bf221eb6999e2f30f5803dfd63cc9f9253aa6db761a9b4a324792a5818aacade7260218dd0507293f9f1b0c491ba7f71f44d768998c8178423b974a21479122b8b1b84e481cd5a5b69e57e349569de650cf208c83f87bf1d1df44fe66bb95338d10970ad57cbf0426d82ece1bf0f070cc847fd54", 0xb3}, {&(0x7f0000001480)="a44d8d6d1e0d750a354b85e52b02803eaf90d7e63b72e748edf67d6dc424c379f5c15d9abad1f3ba5ce0f19348e686cb60eafb2c3950887b0ab135284f92646caff8ad", 0x43}, {&(0x7f0000001500)="349b51d0726a37124b5c4a7aaf6c3e6d304b180c239d2db4b9dfe1c04db0974c83209a4a3a125721d36866d0598d2f0acf50400cfc2fd2bef444b5575738b2b3bea3bb562ef363c7e6c5b9e57068ad9ff8d6e234119c5f", 0x57}, {&(0x7f0000001580)="c7214080c7613ceebc5a4612613e2b9b87b1bddee0de7e4327c427aaace7a4a3d2e6c4d1c1b30406e754a342ef090e8e559e631e58855e291b3f73291e5a3435c6cc85a610a0e9fff3a6debf0fa5ec9bf08b566875d9c23b3c218dfeb108ebe8141a338449e65d5d319925e1021388bb503758fa1aad506a6a2a0c735d3b91e8a95c41ad3ac69ee22b63e88a01182aa219ddbd2e008315b699293e5d453c72a743bb1a9a5b17b3b274aafd1341a45266ed9aa31a1dbc73257b80d3a03de0da8ab999f573ed65c5f2915547128d12a38c", 0xd0}, {&(0x7f0000001680)="f04c89b39528cc8f8db15555cb08fe4eb42b7805c25ddf53c342e6ee5659e6d1e0270e6029d25668b5b7f9d75eafa68adef127cda58a5d350b6fa760b396e73eaa2e361b3069eb6008d262704e4b009665ac29188151f25d97cea765fe0de4e88129972c0bddbc903122ea0ae6e6de9a04f037c930e83e5d29c3bc8a642a470a830add3f7c529d149520b9598fbf69b6af8120a3a1ae9c421acf027b7ee205cbf7160365ce527e0faf7acb2a0cde09abfa0f94bf7bf585aff1f42b95ed528fda7643a3a404ef1d6bb1ca88d748bf0d2ca399bad74d87a29aecb5112cb414c6a8fb596a1fbf7bbca7510dd3e8f7", 0xed}, {&(0x7f0000001780)="c12793c6a97001", 0x7}, {&(0x7f00000017c0)="bd1f8a1a918030e6d4aeb3e90fc20b36508b984d6292a8c13f440f761a60d8743820b5b5032a8705b4f40f739307a255a6539e4f062c18375caab2f944c09fc7035621d85e13c94c2173e6b2aefa62bf29864274e398d5f6b156b67ba3feb82aa6cad71fa48dc56f7b79588d4e213055c2eb1b55651c9b35e73be7620bb0f4f908b0c3cc564647a4e90eac64fadabd9dc18d51866ac8d2e546ccfcd699af75d44b54e0", 0xa3}, {0x0}, {&(0x7f0000001880)="ff64cb65d547ef0174a54d65a6d78caa1a0a4d23f5c1ffb8895980ab422803806dbddbba69afcd4c29615cb9d836ea172ca398abcddc7a56b624c7d31676a27d5cf6136f14a14cf4a0f940cf474af1e1b7c85058a09eaa65958e392e0c75226e77fe30d37d74c43a34a6c9e65c3fbbf784b6d916d199c42461f2a5760b90932cd7f5dd38b577a614e6df6471d09d", 0x8e}], 0xa, &(0x7f0000001c40)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78, 0x8081}, {&(0x7f0000001cc0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000021c0)=[{&(0x7f0000001d40)="57082122461062aab78be58d1db348ddb16d080210d5e321cf23e780273ed115acb4fbe037b9ec0dfa4a1135cb20f0ff577edd56c42501f8c19cedf9157a2f7a886ac195ddd3df997caf8ad48f11060a84c736551fb5b024b0e212b078e459fa32dbe3fd48438caa0327ea71dacef4ab7239358585ebe17634d09c4aa8e8b52a98abf6e61b073fd957f93cf30a16078329d3bc83753ef62a64311e7c42431e601d0fffaff6e03a969c4c3453bbec227219161e898cbb3315d318c790dfad049444c6da0bcc717730ffd5a4bfa6dfcbf07e143fd41e28a233f9c7ca4e3d50a5355f310f500f6d67bed8582b8a3b15b8c560", 0xf1}, {&(0x7f0000001e40)="b50bd07b452292cf20fd4cfe7f9b123fb56271f29b39afbb9e128639e2e39c74a2f1718a7f8bf9c790a69a8cdfbe7b85ce7dc609aadee47f2bb86237f6904c6333841af8aa186058152edbe043b67c3433ed75155f09f309a543fd58dc005aab94cf9f8bec452a8c47ff8a0a10c834c11057c367b48e479901a1c098a1240f6234da263f012f12387e75770694e75ac896d77f1b9986d075891e61c6d61f6fdd05abf2ec163d7beec839446c6e985d9c153186d7a9860019a8fd447ec6073adcdf3b97f4569ec9b8f02577a53ec38b63f55d7ca7d2efaf4cd69c433e108b33e7b2cf2cbde3e58651647db325d6ad73cf3e3e5240", 0xf4}, {&(0x7f0000001f40)="1a3e76993b65ff88367469f998f56d17b800a866ecd591de5ba5dc5aa43cc698d3b84d34030032e9dc1a2bbbc8c6fe092c4287bb9310cf213a2e27869b76c1128dbbaeee9365261e3ce7581fcee76a039a7599d90864d794a86a58c03c9a7fa22a6fa2be3bccf7a4170113875ad842d0467ee0345460fd23a0bcf77a5616d2d3484090", 0x83}, {&(0x7f0000002000)="18cb4497f479938a9c0e6ed7d3b66c4d9d04461b20e8208a1364dd586f74ce85713d1fee98d041b88680e6f0b999e93198b44db1e4446f9ba1120bffce44c933a4ed7d51c65637babc3778fe01f8765aaa0582206be69b1c410fa487e5d1eade7448104fd6d3b0776f3a57348cc6dbea07714eeef2a883", 0x77}, {&(0x7f0000002080)="90676c00ddf99230e80e3568b772f7d8c55e5cd6b74a65ae7e16aeff95e429c0d2a4231b7f02f41a6a16d8f12dbd03577881bce278c9db3db64e915cba9d6bbeaf0c0d7839a74fa34062d05b7f63401050de60e34dc575762da94e16f72613f43fb02e5f391260cc49b43ad4055e2d4ec328bba13dd6df365a797206229387fd6e58041a1638fd72c6922e81f9e2109963eeda1cbcf9f29e99c25dfd23716f1b3927390aacfc9a0038cb36199239ea6b7a0c3350b88501a6710d63ad304aab902629ed1176ea8b44491c507031b5c62e5a0a8ad854916866fe", 0xd9}, {&(0x7f0000002180)="0bc501553819be9a9a9b6a0c395d46abe7ca2f798e19ffeb65d1383cdfe8cef26d3748e4c37696539dfb59e477", 0x2d}], 0x6, &(0x7f0000002300)=[@cred={{0x1c}}], 0x20, 0x40000}, {&(0x7f0000002340)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000002540)=[{&(0x7f00000023c0)="1638d7aaa72bc359df33f6f59b59668ea888107a58e507cf47cf6de21ab911a404ee12ee253d3998d67c93103c91d045a9bd27aaf42f7b267fd79a7201a239111d5aeaa5626b", 0x46}, {&(0x7f0000002440)="3318087971329a6c5a7dfc7e0640aa3b30f51ecf25", 0x15}, {&(0x7f0000002480)="d8a9d2591368c86371bca9609d5b2a65d1c9c560a7ad175cbb06c0c773f23eb60c4db8084d8c448b336f8a3bf6838bb8b9cb6c5f5f5c3ebdd068ebc05e8bf80512a3f81a0cc779651dc71449f2723cb6dfd4c20726848ee20c3205383aad71a9332dc93eaf47d0f69767ab1ab681b65a3f9d5fd61af228c47eefb078a726fd708d4af907d4adef39573b2bc72b133a4218f5252c8b5fefc90edcfb9dcb55899aab5e3ab4f518378653dc37bc85c9feea93fe9269b6df33b2fedfbe30", 0xbc}], 0x3, &(0x7f0000002780)=[@rights={{0x10}}, @rights={{0x30, 0x1, 0x1, [r4, r0, r1, r5, r6, r2, r2, r7]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r8, r9, r10}}}, @rights={{0x14, 0x1, 0x1, [r0]}}], 0x98, 0x4040000}], 0x4, 0x81) 09:29:52 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:52 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003000000000000000000000c00000000000000000000000800df0000000000000000000a00000000000000000000000200000000000000000000000300000000000000000000000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f01000000000000000000c1ab000000000000000000000000000000000000000000000000000000000000000000000000000000000100000033a5dcfd5cef302300000000000000000000000009000000006100"], 0x0, 0xd7, 0xfffffffffffffd7e}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x9, &(0x7f00000004c0)=@raw=[@ldst={0x2, 0x0, 0x2, 0x3, 0x3, 0x20, 0x8}, @ldst={0x2, 0x2, 0x3, 0x4, 0x3, 0xfffffffffffffff0, 0x10}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x4}, @ldst={0x1, 0x3, 0x1, 0x9, 0x7, 0xffffffffffffffe0, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x832}, @generic={0x20, 0x5, 0xc, 0x8, 0x1}, @call={0x85, 0x0, 0x0, 0x73}], &(0x7f00000003c0)='syzkaller\x00', 0x8, 0xdd, &(0x7f00000007c0)=""/221, 0x41000, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0xa, 0x1}, 0x8, 0x10, &(0x7f00000008c0)={0x3, 0x3, 0x4, 0x8d7}, 0x10}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000980)=ANY=[@ANYBLOB="18240057d17576bafc658ab2fd00", @ANYRES32, @ANYBLOB="00000000060000009501c0ff0800000085100000070000009500000000000000"], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) ptrace$cont(0x20, r3, 0x7640eabc, 0x2) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:52 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:29:52 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x12, r0, 0x5c36a000) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800010000000000a1000000a100000003000000000000000000000c00000000000000000000000800000800000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000009000000000000"], 0x0, 0xbf}, 0x20) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 09:29:52 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:52 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:52 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) clone3(&(0x7f00000004c0)={0x0, &(0x7f0000000040), &(0x7f0000000140)=0x0, &(0x7f0000000300), {0x2c}, &(0x7f0000000340)=""/112, 0x70, &(0x7f00000003c0)=""/131, &(0x7f0000000480)=[r0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, r0, r0, r0, r0, r0], 0x9}, 0x58) ptrace$setregs(0xd, r1, 0x7, &(0x7f0000000540)="88cb9bdc047be95616f0772157a6aabe85dcc00b4a2c03533cbd7a0cf06f362ac86ed337873831c13e144f559741c3fac35e3061270b2688bd18523f179b1a0feb9024d52fe03777c5dcdd76e0158a16d6dbdfe694fe145112783e93692b818e63f1a75ea208775264906ce764d105f5c034a1291ee62f668c5f7381b7f3e2ab2bfa3cc0c0ec545ef013373fbf64748d6b064e5fa7c1") bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a10000000300001f000000000000010c00000000000000000000000800000000000000000000000a05000000000000000000000200000000000000000000000a000000990000000000000000010000000000ff0700000000000600000f01000000000000000000000000004b5dc000000000000000000000000000000000000000000000000000000000000000000000000000000000be14ff8a00000000090000000000000000000000000000000000c7a8d7bc00fe67af197f0c9c846915f56f44f9babdbd852761f3b5a7babc974d9f6985a52f78aa0ad56a88dfe6383ee5a40393b0440a86a10ea4cd1c1f6b919cd062a72072160d6a2d27b30b179f7301dd191101ce2a43f25dafc668da56f0b94abbe09351f734ac0a5b848952d8653711ff238a09783ee264e0919b4c5fc5ccb540f58e26b2e8afc7f68a196765a264c5404e5cb11b"], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:29:52 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:29:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:52 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f00000017c0)=ANY=[@ANYBLOB="327432b97ac2024724e7bcd61129c4ae1aa30b8a5d1706bc5150472b1814877a3a021eaad5f4d8954d1a388e5e7b04f6a05158b54371c06cacf98f364a8049532b307e0ec72ec12545231bf009b2a2ea39b57304295fd082ecd1b682108dde9fa0309f0b57875b97d8260a1db5e1995f032bd770019eeab1c426377fc9", @ANYRES32, @ANYBLOB="000dce5bbbfa29337fb8684e6d27000000060000009501c0ff08000000851000"], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r2 = socket$nl_generic(0x10, 0x3, 0x10) vmsplice(r2, &(0x7f0000000380)=[{&(0x7f0000000340)="0ad1028d7f8ef0577478a2", 0xb}, {&(0x7f00000007c0)="92eea9bafe621f2d361ed06ffcd16037836ddf90c9940a68d9a48cd0a074afb74d9c46fd4df1f64070fa8d815289c2d29af66dfe021eb6edbae6a66b6e496dcd2c9ab91bb2df6772d0865882203ea2a32e769e06987432e8e995330bb7182d8e9d5d726856891e68334101da26fe1c7a8163b482ca3e6307f471053974d74e4abec3f4b4729bec23a9ab43b2e7c1eafc11a7bdb36b8ed8b29dfe4bb22022245b382ec17fca5bb4957149d5fb580ce4a788ee962343d4445efdcfc7cc0dec925727949adc2e77364906b9c9ab6c48123c79a8002850716c3b94af28767c050d5dc55515b0f04c9106cb795015615ef2666a9eb611d6e097d6315937acbb1ff1af4e13293e495019ae5f095ec3ae183646a8cd93eb920a8f9caeaf37d1f313a37dc85f43e7039427b83b6277104967b35d5e4d434c01b8f12de8846ec7f71166f829d1be988371ffef29a59548abf9f9be9555e69451bfcdc8afb6fb32c56503239c7b15bc80e1b2e79ff1fcfaf649f0c3a24db4a17f4886421617123b29517133ad9d325f3768c5a9fc4a81634f54ae358d7912974cd22e9ee82848cb816f7b9c9d2a379ab4599e33d76363f24aa66116068bd6c453dea60c548fc4365fcd76a2fafa7d00b1d3f89da5c7627e4ccd4b97777fe4f8703b345e509ead9e26c2ae6bb64aa54f5b0868f4a213bb14c826c90d8d63028ac6a586b1d508f1a967deb92a0de4bbdca9fa7a63ad6634190e3dab4f80e6f0c936ea872f062362134cd58243f6618db298ef85a2611d0e55f2a59fca9f5fd9e63ed5099d7337c702c347d0b90dea7116f8b52f3f51c6504808a245240334a2c1250200f0469d1d385b57298cac3e0fe4f670ed04e67f26f803259c87917c0bdf508a498c8c2bc29d6ea5003e60e94a02927689f73ca49964c4ec230c2a1a9b347eee558090a2b5efadbd21dad04794c476b344fe2440ab69092412a9133c31cf0ee64187c90b6e1a0a7834ff7479f42c4d7146d94e5669eb347c47f705ae7d473e15dbec0fab00d6569b18095a6c3457935d5fdd0a9451956011bfbf1374fe10de33ba05f3edc5dc36ed82013b4fe2cde57b3bf8faab034ab64b864119a407ffb0ed58773375334106a094d3e41ac21f406d348ee9cfcfce5b5f11fcebf789dd23042a1a528a938a5aff02641fb510c933cfdbd516c34d2960b5ad3a57c4fc48f78f8c609888730b68f95193372d72ec113fb060f9a461cb50929dd15a402aa1ef860c9cb31e50190ba7a365e7d5630f73774385ee043c0c0422025e8ca3354cbb84a4727baa6b91752ae44ddde8b21fa67ddd7e2526ea60e9a67bb730b6dbe584437bf3b5207270ce0d47af2428f8b1b1c1cee179c5056563fb3bd74c291a7475d4b35df16092933ca6b0f494380eb5b004bfd736900e502b04d1a6826d038029c2fc4705535fd204dbae5cea4b0eb2697c66926956e010829803888d121335ab8c889088bee163172ced803c96a4b9d2a98afe3e96f37f0f51380b52c813335b74cb852d966ef59109cbc8469046e4e58cf9cc2e0e9e5cb1230c90c8223fd76eba80b1de086db4071ae0bb1e13a0a54271f239c6cda281481449d27928f6a9d6996eb6835bb8ada1d3d59433e7f2c29174286eb9c27442bfab7142c5c1bba1e57d15b7bcb606ff53d4db1049feba2e01eac3f539ccf37433bb4fe78280aad821a66d241c435e46b7123228f6409bd25672476273dc1876966b95d92b3008493cfa4d5b0c3c62740b63399bc1972cadebffcbf0018ac4567f60b2da0e306c8ca305844f79ec80bb0e4ddea1ed163279346ec02188b1bc69f61685c2981b1a1d99ab04309dd771eb88b6977802813e61a7f265d6e7f1a916df5e24f32fb9dde3cead9599a93f6c491b275b93788620a791ba51d6197e2cce0750c9df3c44a12418a092ecbaf4ead549332548dfaaef2552a9b27b5ce25323008d5bf960261251929be825aef90ea822dde72dec3c4736160b275785522a130db2cfc18cbcc416c6bb8f7bf84d4dce42c11090f7d58aef71c0532c7a09df66b5010f32d44546b1bd8e4b5c7dacd75c6d854e8614f56cbc17d10767c97d0fafd855e48c6820e28a58630efb81c4f6241d39d07cae8e407cc17f803b5f494867960dc2c63ff6e3e7318f72479a6d1b3a8163ae90c3c14f130a8084aa76644c696289040f58c9fcb7bdb0627641fa218b773ec6a9eb91cdcbdf688c7df5a33dd5e6c48de4a11cf6b4365b4f56377984e5bc9053b92b3d6e8ee78e84cc2ab790984eeccedd017b074a698d025729785030aab6acb42a4bf70ba17f33fb439a046c6d4dbcb25af3e09ab1db3a3a393e456a50ed0e988f05dfe5fa1d9927bba2791efa5be93af5ff6fa2abe29054eef348bb1dd97a1552d2a1aaa2c087bd8a97a9fef24f51d8b237acf9a9f2723134e8bee78095bc2d4575ea8922afc71129202e2070b657c7ae0b9f435585888ac3812bb083aeea17745be373ff81d1c8bef507b5d08e7c963e6a3025f9d6363df265499c3c711e0bc4f924e5d2f584ab138ee14ff5d04b30106d9971ba78a5a0eed4aa047c94b2fa4ff49b53290413d5525a71b8f60c18f1daf3db09c62cc499b95817483920604e7bcdcae1b3024b51e1fccf04466f6a62ea98ca12936cddfeb8aa739ee52c8dbcf433f53bb929ae8a08e6e147472f7945cf456991b6a5afd1d2b5858d2305c5be349955888d16b2212ce35425c875e13d516de8ae9390b7426628ec954655ee61c016a6005dfdb8a9d31ac2500be6b8b75af3f7b94b34ac42b1746cf33218983183a25cffa35c6dcf14870bbe75dc8e1c5457c77d240bd5760b38c851fd57e44404f642b64e7ddd0edded943862537076d43871aa2e8ffdca160bc44977e01f746bc85aa2e64c02b146d1ccfe9e4ba4f3500babe2731d510258ebea4fd5445660267d29b043c1df6e1efd84835961211b1b317ef4b638009499497f8ef2c789c7801b6f9c89476823e302c0ad55fbe69f455fb5fc702549e6befd375068f4ff2d233aacd492181754620513d628e93be685f0eab2eb1ba0ef852a7159850dd964d69c1148fa4322a4740f8a6c51b1e966db2a4d8be3dd6de99ab1c811b51c2f0c7bc0fbd03c185ce1faf7c03a811432efddc8600f8e5f55e222244a6c07b89ae20351fe99397e2ff0dcb6e1da40efcaf324643d0ddbdd96a70d59f25cac84741e21343cc19abd3291198556c3ace792da447398ed99dfd2cb0126a8b111dd68c24976e2136ab64d8761bf0ab698c8b9d2ab18c20494587e379a05b94d935a78e9683b94cd913b2f7a22860b5a062d0c056bc6c07e36cb4ca3ef49ad073244789576fea47e768800be89a0fe4f1c6e5dc732b0416973c0845a892c9ffc1f7406aa996a4587f1f4d15d749f4d2d20b3250f9abcab664c37b905290d09906bdae48bda214314b7fef0f34af6e367659efeb457b2a6d775bedddcfd8c58c38cb1006534a60b018e2f2e4fe569b50f80207e19a545d28f3d1a16158b6e95a6670ed02723d2031a393ce95ec8046b929c80fe6a276ce2b53ee84f02a5624304df06aefe8c7aecca248dfec38a627fbad18dc1c68b0ae2d052520099ba061a9c189a4852f0eb74f6eb5189a5e5c477b498ca95c3b541302e4816f8fefbceb33cce31fa3c7407186660012792bfa5c32f2a2277cd412fb8b9d967b23bb2ebd709b2ea7110fbad7c0ffc13d92a908482105aa2ba4dcee8a8d20e735217ca4dea762f3ce2c9908c5227b67572cb2c562b3e47c36757b5444db8a443f729485eef227177144b8cc46dee282ca6d702ad9163f18cf500bc5915fa4cb7938a3cc984d52eef657ecfc74e2f1edde2c0dfbd3aadbe735145c4e9a27c27d715ed4c1cba1d037f4da154511a65a7546f791b9f44bd90a3f456180e84ef35da2c6e88395df19f75e4d50738b4dcf8618dc41230ce94b5c96d8929da05cfa791769874527335d7019a3d8787da1fe8af33fa907b409bb14b8a251a51fb03554034acc930307f6d32ac9814b4da69ac7707d4b5dda8f32c99241ea0b115f343f7a835ecb1026fb39f4099017ef153770bf9cbc109ae84f044c4b684949b15efcedfdb51393694eec36404c4b1fc12895bfab4d6d404833ee90e8ee25390e78034ad0cd0e6a3be98c0add0924a12def4d4bd19b053b9f54f7d7d80114d42a3ba74cf9521afb5c3a76a226cfe60d78c824d761c2b3b18a1448cb7972f1130c1efa3386ced7fb95922c51eeab00a709471f934898d9a49dbd1298fe85dffb7679d60599887242faf98752ecf775c223cee26cd76656ca0c38f9e293c87ad10299bd53e8a506af35b46b52ea13035dc93ffd5e15b022962f455551a3f835916173afec4bf692621a8aa8172adf71e6b353f3f9efcb035c2cdff6b9cd304f7691951fc7aad37f8e188f9da98b0988d7c398142ba33976b6cd4fd7565cca3e34e43a577a5b3d1dba6c61f3897b4a1f98a86677873c49fc8eece5e83871a46f5df4429815af6828a11d3b439258395fab9f0e9a7c76db29315cee1108def004a04eb46a60f7004885c6cdfc18e792d8e5c3fb7939f601aa3c0106661b8f154a733e5ffd564406a15b148dd275548248238e637616e64c218bd011d8a1cd32efdc215d768227ce87cbcba52e5751caccbeee09343375c461887213c8e75ea288d566ff381b00a3fe942cfb3f51df903d5dc2f077d961e488a18b2ce97fbf38ad2b1036b14c22d78bc476574a3f66f909dbfbe6ca978df5fade4b14b9fd78bbb7c0ea00f6cae27350e276242e440a30cb9d4617bdec08cdd058d97516763c18b9e5d23cbf7db2e860ba143d597b2ec537e0336f2d972362e12775712a95eb2069dfce0c79b243df5d0475b000b1b9bce215e8cbc31560fd32b7d3d6dd857c634abeefde791dcb31eb403c96d22a98e6df19d7bf63f72d07ab30c4db1a378120dc9a44c0d966ff09a5038aed4ca667ca250babc41f98a3b156f98f031ecb5379bb469b81be56e3e4b66d756c1cb5aae1e40dcb7e99482d3d0a2710c38d0658769ef6fa85463d9580bfbdc2e8b5ffa744b0019d9bd6a9edc45588a865b6a8c4c0a3497ccd23fe9839d01e43a77ed82acfdfb6622fca09e4fc7c197188f048c546e48045c1ec541ff048f5d7c267a6e4fe7deb8fcc7dce21393d6d2b7006c21c7511ce36f37ba6910f7d161d44d7f0893f767325cf9ac53de58e800f798f0d635466a963e35b798db5c4fba22d9845756d171d23b1f6597d573b89d47c69ddf2093373ab08836de8d08b5b377170589f054b1e46f40a2c4741f8b88003ed2ee4d72bc3542f39bf244ac20792b854858190b98500bc4815b0eb9881e96315be5ac718194e43e9bf00dc527434c29576f4b3255a55260e25220d26034b8664fba5af8222c235ef905875b2c0e50cec6499315c62e263cf4c4f3fccb0b429043504e1b7fe618af22aa09f1f7a068adb0b2b0ce431acf2e40a4ac9b5b0302c593c1b0aac0103d8b1f1d87cc847ceafd0420391f5d28989f562187178bb0990a9c6597dc3e4eac7e78e722fcd5a585ac1e66259d2d4cebeccdd8b19b1083306c49739366a86b9e71bcdacc9a9f4e749a8f5f66d3052802e7ad97f889410106c1b11013d3df12e2a8ce8ccde49a1ae02c0741ebda6799b68f48c3bc93964c05de7bc7148fb1d4af671cd04b7fc1cf5e97f1bf42cc76f2281b66d1215624778bd4e4fb5fb7087817a7e9be50de01e31fa24df7b3cdd00d501594aac3384364b025811ea4f620528de43d9671d4d529a2da10dd27", 0x1000}, {&(0x7f00000004c0)="2362d0ca803a6779bff446d8575db9123cbdabe45e44347ae00cf6c0f29ed53c2712395ec07889e7d15563e84d6538fc35b49c7ff01272b1c4cd1f41dff18777fad20ef2ed293d90b5ba638b8a298e067dfc78af2d83f3ba3cf90510b197f5170b161c542c7a875c01ef396a715935fa1e2bd65176b3804bfa1deef6708ecdcb683e0f0ca18d32b7dd7826e3ceafd76147c829ac9b87e6be28803000f7f1", 0x9e}], 0x3, 0x9) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), r1) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:29:52 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:29:52 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x7) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:52 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:29:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x8) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:29:52 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) [ 2260.646611][ T9801] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2260.674865][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) [ 2262.732880][ T2255] Bluetooth: hci0: command 0x1003 tx timeout [ 2262.739194][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2264.812750][ T678] Bluetooth: hci0: command 0x1001 tx timeout [ 2264.819356][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2266.892864][ T678] Bluetooth: hci0: command 0x1009 tx timeout 09:30:03 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:03 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:30:03 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) 09:30:03 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) prctl$PR_SET_PTRACER(0x59616d61, r1) ptrace$setopts(0x4206, r1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYRES64=r0], 0x0, 0xbf}, 0x20) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0xa) writev(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfef0) r2 = syz_btf_id_by_name$bpf_lsm(&(0x7f0000000400)='bpf_lsm_sem_alloc_security\x00') pipe(&(0x7f0000000280)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x80000001, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x14, 0x9, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000600000000000000b900000018000000630000000000000002000000dc18f0fff0ffffff7f641000f0ffffff850000001d00000080170900a50c0000950000000000000073b7d8235ecccdd3a4f6752db3cb80921a9df061be82e8968b1f32ec7feb14e90a90f786a9650ae61e1f30237518d5b400ff7269d6a0ea82d6f60da367a037b6fe01c2e296d360ac59c79ea11ea1da4756699bb45055321a47275fdc"], &(0x7f0000000040)='GPL\x00', 0x1, 0x3b, &(0x7f0000000140)=""/59, 0x41100, 0x10, '\x00', 0x0, 0x3, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x8, 0x200005}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0xb, 0x4, 0xfffffffd}, 0x10, r2, r3}, 0x78) ptrace$cont(0x7, r1, 0xbf75, 0x0) 09:30:03 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x6, 0x9, &(0x7f0000000280)=@raw=[@map={0x18, 0x2, 0x1, 0x0, 0x1}, @alu={0x7, 0x0, 0x4, 0x7, 0x2, 0x20, 0xfffffffffffffffc}, @alu={0x2, 0x0, 0xc, 0x8, 0x8, 0x140, 0xfffffffffffffff0}, @map={0x18, 0xa}, @map={0x18, 0x2}, @exit], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000940)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000980)={0x3, 0x10, 0x80000000, 0x14d}, 0x10}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003000000000000000000000c00000000002e65000000000800000000000000000000000a00000000000000000000000200000000000000000000000300000000000000000000000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000f87a7567e75f7e8a358795c881f452f7add4fa0bd5659cd576acca6f72180802203f0eabe36cec66090ca2cc245d74b2ff6c49f285bf10de4bb0b449c5f19af87dc300232a8af8af00f43177ccbb6d59340b2ac6d6aaf4f790766b9b184067e403ac17ec68c46cc07c69999fca836df932a671028283cf0e6cc580674b6cfc924768a53bf5986e9aae7891277a"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x6, &(0x7f0000000240)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @map={0x18, 0x9, 0x1, 0x0, r1}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000340)=0x0) wait4(r2, &(0x7f0000000380), 0x1000000, &(0x7f00000004c0)) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:03 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) 09:30:03 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:30:03 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xa) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2270.847938][ T9847] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2270.866519][T12254] Bluetooth: hci0: Frame reassembly failed (-84) 09:30:03 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) 09:30:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xb) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2272.892117][ T678] Bluetooth: hci0: command 0x1003 tx timeout [ 2272.898138][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2274.972025][ T2255] Bluetooth: hci0: command 0x1001 tx timeout [ 2274.978054][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2277.051837][ T2255] Bluetooth: hci0: command 0x1009 tx timeout 09:30:13 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:13 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000300000000000000000000000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000cd3b1f0a1a78775b6c7c70aa5f6ba06c8628b2df064dd368d003c588de6d2bd10a37c5761e8fcbd8860a0123ff659b01141b20"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xc008ae09, 0x400000) preadv(r2, &(0x7f0000001bc0)=[{&(0x7f0000000240)=""/124, 0x7c}, {&(0x7f00000002c0)=""/46, 0x2e}, {&(0x7f0000000300)=""/111, 0x6f}, {&(0x7f0000000900)=""/205, 0xcd}, {&(0x7f0000000380)=""/108, 0x6c}, {&(0x7f00000004c0)=""/84, 0x54}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000540)=""/26, 0x1a}, {&(0x7f0000001a00)=""/187, 0xbb}, {&(0x7f0000001ac0)=""/247, 0xf7}], 0xa, 0x44, 0x7d) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:13 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x1c, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}}, 0x1c}}, 0x0) 09:30:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xc) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:13 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = getpgrp(r0) wait4(r1, &(0x7f0000000040), 0x20000000, &(0x7f0000000300)) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe0, 0xe0, 0x3, [@func, @typedef, @const, @datasec={0x7, 0x5, 0x0, 0xf, 0x3, [{0x3, 0x0, 0x3}, {0x4, 0x27b55bbd}, {0x2, 0x7, 0x7}, {0x3, 0x8, 0xfffffc00}, {0x3, 0x6, 0x9}], "12b061"}, @const={0x2}, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xfb}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$setopts(0x4200, r0, 0x0, 0x8) r3 = gettid() ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x40) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r3, 0x0, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, 0x0}) wait4(r4, &(0x7f00000003c0), 0x8, 0x0) ptrace$cont(0x7, r3, 0x0, 0x0) 09:30:13 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4) fallocate(r0, 0x4, 0x4, 0x9) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) tkill(0xffffffffffffffff, 0x3a) 09:30:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xd) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xe) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:13 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x1c, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}}, 0x1c}}, 0x0) 09:30:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2281.091553][ T9890] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2281.104693][T12254] Bluetooth: hci0: Frame reassembly failed (-84) [ 2283.131359][ T2306] Bluetooth: hci0: command 0x1003 tx timeout [ 2283.137379][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2285.211333][ T2306] Bluetooth: hci0: command 0x1001 tx timeout [ 2285.217357][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2287.291104][ T2306] Bluetooth: hci0: command 0x1009 tx timeout 09:30:23 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:23 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x1c, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}}, 0x1c}}, 0x0) 09:30:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x10) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x9e, &(0x7f0000000240)=""/158, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000001c0)=0x0) ptrace$cont(0x20, r1, 0x1, 0x7ff) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003157b05cc51f067000000000000000000000300000000021e00000400000005000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000300000000000000000000000000000000040000000002000a00000000010000000000000100000000fe000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa}, 0x8, 0x10, 0x0}, 0x78) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)={0x4, 0x81, 0x9e08, 0x5, 0xa02, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x3}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1824bc003fac76405d91", @ANYRES32, @ANYBLOB="00000000060000009501c0ff0800000085100000070000009500000000000000"], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r2}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:23 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) wait4(0x0, &(0x7f0000000040), 0x4, &(0x7f0000000300)) ptrace$cont(0x7, r1, 0x0, 0x0) tkill(r1, 0x2d) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:23 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x11) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:23 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) wait4(0x0, &(0x7f0000000400), 0x2, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={0x0, @multicast1, @multicast1}, &(0x7f0000000500)=0xc) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x53}, @alu={0x4, 0x0, 0x7, 0x3, 0x9, 0x30, 0xffffffffffffffff}]}, &(0x7f0000000140)='syzkaller\x00', 0x3, 0xed, &(0x7f0000000300)=""/237, 0x41000, 0x1, '\x00', r1, 0x0, r2, 0x8, &(0x7f0000000540)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000580)={0x1, 0x9, 0x2, 0x9}, 0x10}, 0x78) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2291.336008][ T9932] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2291.363288][T12254] Bluetooth: hci0: Frame reassembly failed (-84) [ 2293.370608][ T2306] Bluetooth: hci0: command 0x1003 tx timeout [ 2293.376649][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2295.450516][ T2306] Bluetooth: hci0: command 0x1001 tx timeout [ 2295.456632][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2297.530380][ T2306] Bluetooth: hci0: command 0x1009 tx timeout 09:30:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x12) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:33 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0, 0xee01}, 0xc) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa, 0x20}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:33 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f01000000000000000000054712c20b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900"], 0x0, 0xbf}, 0x20) clone(0x8000400, &(0x7f0000000040)="cda47f75235ddc9243a634b3afe0fd5a71aee1938603ecd83670cf91a8444e057db1caa402ba47f9c03e62a68b31fb", &(0x7f0000000140), &(0x7f0000000380), &(0x7f00000003c0)="b038e3b4c84b38c52b37b2345b6a49122f7bfe0170ad21ae43f506c02a9671b3dfc036d9622b009ee49e1342cdc939aa176a2216e77e92") ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) rt_sigqueueinfo(r0, 0x6, &(0x7f0000000300)={0x3b, 0xffffff01}) 09:30:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb01001800fdffffff0000a1000000a100000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000faffffff000000000000000000000000000000000900000000000074a414f2faf1fb70"], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x25) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:30:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x48) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:33 executing program 2: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) 09:30:36 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000300000000000000000000000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f0100000000000000000000000000040000000000000000e4ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000273244a4f95448727ea87aaeeae088a07e9a99d8303524513e7990b883d9c92d3f2505337c1a019f40bb2aa0bf7e4d5448ed3b0948760433c37bb76e63394e82b5d27e00fff2eed31a08321d9c992a0dd597901431adc124b3e006381aa0cb01e47dd67a557e066c1727a0262f6e5d7c3b182a0e6780795511607b0667b6ad2177c135f4c6ed4cd15841bef7c24a606c85d0715938bd5df04b1edddb6d763ab8dcda6611fe5c81b80c9349"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) ptrace$cont(0x9, 0xffffffffffffffff, 0x1, 0x7ff) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) 09:30:36 executing program 2: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) 09:30:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4c) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:36 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) 09:30:36 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000007c0)=[{&(0x7f0000000000)="0f34", 0xfffffea2}, {&(0x7f0000000800)="c2a547336fedd6a7d19e46cda612dc3afd59e7243cd5ad6898c9061703311424efec79af865ac567e30e34a51b63b515b0edc82e05f8123a5d51e2b31141791d47a52ccf7e80523e28cefa0210c468d69832468111c1957981f9355d29012ac75a874de7eb463c425ad81baba4f2e20dac17173f8c0b33f7619d436cfab3b5653a46b09df5e9d58b438c8c71e351e9feda0100008000000000d301e8d6c3f51e34e3a9e112ff2c59d48605a842f5f2e6c8e3ef8884fe373ccee0", 0xba}], 0x2, 0xd) ptrace$setopts(0x4206, r1, 0x1, 0x20) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003000000000000000000000c00000000000000000000000800000000000000000000000a00002000000000000000000200000000000000000000000300000000000000000000000000000000000000000000000a0000000000000000000000010000000000000000000000000600000f01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000005b1a059ab007000000173b7cb4f81622b38e250e22514f803915d9d92ba358ebc6c170cc6f6c05703241a0abaa4f9726c72b486078a2acf6443d083ba9d901aed54080e9d5434793c347d7ab65476389bcc8fbb5541ca87a85052e2c9cad0090bdbd2e"], 0x0, 0xd7}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r3}, 0x78) tkill(r1, 0x40) sendfile(r0, r2, &(0x7f0000000240)=0x5, 0xd5fb) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x6, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000040000000000000003000000cd70f0ff00000000182b0000", @ANYRES32=r3, @ANYBLOB="ff0f0000020000009500000000"], &(0x7f00000002c0)='GPL\x00', 0x3, 0x38, &(0x7f0000000300)=""/14, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x2, 0x5}, 0x8, 0x10, 0xffffffffffffffff}, 0x78) ptrace$cont(0x7, r1, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r4, 0x0, 0x0) ptrace$setregs(0xf, r1, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:36 executing program 2: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) 09:30:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) 09:30:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x60) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:36 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) ptrace$setopts(0x6303, r1, 0x3, 0x8) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$cont(0x1f, r1, 0x100000000, 0x8) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:36 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="5b17559d4f69e5dccc0000aa0a3079a51fa30ed47a109175213bc8a0bf8166dc8cca141a7ddf61004725a34ab46c0770ca37e119352ed56be2408b307da64209ed76a1f8ff5c1fe7ada5449574566329f99e465b95b23b839f00"/105, @ANYRES32, @ANYBLOB="00000000040000006501e0ff0800000095000000000000009500000000000000"], &(0x7f00000005c0)='syzkaller\x00', 0xa75c, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x2000, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000340)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e0500014a430ff8c019c35d6f4f73344340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:36 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1c, 0x9f, 0x1000, 0x5, 0x480, 0x1, 0x81, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2}, 0x40) 09:30:36 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:30:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x68) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2304.648445][T10043] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2306.729650][ T2306] Bluetooth: hci0: command 0x1003 tx timeout [ 2306.735779][T11898] Bluetooth: hci0: sending frame failed (-49) 09:30:39 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:39 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6c) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:39 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x74) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:39 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x7a) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:39 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x20100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa1, 0xa1, 0x3, [@func, @typedef, @const, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:39 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) ptrace$setopts(0x4200, 0x0, 0x24bc, 0x2f) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) read$FUSE(r1, &(0x7f00000007c0)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) ptrace$cont(0x17, r3, 0x100000001, 0x2) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:39 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) [ 2308.809495][ T2661] Bluetooth: hci0: command 0x1001 tx timeout [ 2308.815519][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2310.889391][ T2661] Bluetooth: hci0: command 0x1009 tx timeout 09:30:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:30:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x300) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:47 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:47 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb01001800000000000000a1000000a100000003000000000000000000000c0000000000f1ffffff02000800000000000000000000000a00000000000000000000000200000000000000000000000a00000000000000000000000100000087b29d0000000000000000000600000f01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000456973370000000000000000000000000000000000000000000000090000000000006b9690bdccc16fb749d1328ae90783da08c534d21bf4943dfa6cc846f194eae9e31315d53898ecf3819eeccd22f105142fece2e0ce192916c7f2304f3491e12cce41eebf55e930afd50ee47ff221ba60649176b152bfa73246655fd48acc1c41f7c705f96c8f72d07157bfe9ee42fd234814d8886eb7a8bba552af2e721e2d7e9aa7fb574e2d7e41c3e560699a71ab3b5ba8b4fb6c3c39e5e80886cd9845129b1afd5f21097ff0337389720e2f19e4ff5980f9d67bf345d1194ab729543055c189"], 0x0, 0xbf}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:47 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:47 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000500)={r1, 0x10, &(0x7f00000004c0)={&(0x7f0000000380)=""/77, 0x4d, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x4, 0x6, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x401}, [@generic={0xe4, 0xa, 0x0, 0x401, 0x1f}, @alu={0x4, 0x0, 0x6, 0xa, 0x9, 0xfffffffffffffff8, 0x1}, @jmp={0x5, 0x0, 0x8, 0x2, 0x5, 0x1b936f1d410b471e, 0x8}]}, &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x0, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, r3, r2}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r4, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:47 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x500) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:47 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x600) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2314.996884][T10112] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2315.012784][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 09:30:47 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x700) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2317.048854][ T7557] Bluetooth: hci0: command 0x1003 tx timeout [ 2317.054869][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2319.128833][ T7557] Bluetooth: hci0: command 0x1001 tx timeout [ 2319.134977][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2321.208636][ T7557] Bluetooth: hci0: command 0x1009 tx timeout 09:30:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:30:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x900) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:57 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r4, 0x0, r5, 0x0, 0x80000001, 0x0) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000200)={0x4, &(0x7f00000001c0)=[{0x8, 0xf0, 0xf7, 0x1}, {0x1, 0x81, 0xff, 0x80000000}, {0x40, 0x40, 0x9, 0x400}, {0x7f, 0xb8, 0x54, 0x2}]}, 0x10) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x70bd28, 0x0, {0x7, 0x0, 0x0, r7, 0x80, 0x16}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}}, 0x20000800) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@RTM_GETMDB={0x18, 0x56, 0x2, 0x70bd2a, 0x25dfdbff, {0x7, r7}, ["", "", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x4000}, 0x4008004) 09:30:57 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = accept$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @remote}, &(0x7f0000000380)=0x10) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000003c0)=r0, 0x4) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r3}, 0x78) tkill(r2, 0x40) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r4, 0x0, 0x0) ptrace$setregs(0xf, r2, 0xffffffffffff7fff, &(0x7f0000000340)) 09:30:57 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:30:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xa00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:30:57 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r4, 0x0, r5, 0x0, 0x80000001, 0x0) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000200)={0x4, &(0x7f00000001c0)=[{0x8, 0xf0, 0xf7, 0x1}, {0x1, 0x81, 0xff, 0x80000000}, {0x40, 0x40, 0x9, 0x400}, {0x7f, 0xb8, 0x54, 0x2}]}, 0x10) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x70bd28, 0x0, {0x7, 0x0, 0x0, r7, 0x80, 0x16}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}}, 0x20000800) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@RTM_GETMDB={0x18, 0x56, 0x2, 0x70bd2a, 0x25dfdbff, {0x7, r7}, ["", "", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x4000}, 0x4008004) 09:30:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 09:30:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xb00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2325.230762][T10151] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2325.246054][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) 09:30:57 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2327.288118][ T7557] Bluetooth: hci0: command 0x1003 tx timeout [ 2327.294130][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2329.368073][ T7557] Bluetooth: hci0: command 0x1001 tx timeout [ 2329.374117][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2331.447872][ T7557] Bluetooth: hci0: command 0x1009 tx timeout 09:31:07 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) 09:31:07 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xc00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:07 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:07 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000b9000000b900000003000000000000000000000c00000000000000000000000800000000000000000000000a00000000000000000000000200000000000000000000000300000000000000000000000000000000000000000000000a000000000000a400000000000000000000000000000000000600000f0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000"], 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="18240000a0483ab89aee485c4e44630a1bb298e7b9e43cf316a857491c87f518f58046caeff1f4a83866f80bbd29c6bd4348cb786228e887c12b505e6d7638a9945d333570afa4a29fd50e44e7648b71f2e5f27f2d49c2e680d76c642d29ebe9a3f09df9d7e206d9917d322a5c0d4d341e484ba49119348147511d83af541e418b57bde381dc5875c01b81d7238ad3b1d038056425f950d0b2957074ba153e5e60c3e11523ffed503696da6322f7a79f6effc365adec952a3b840ffdbbb9b1e3dc31b57077f4824fee66568e69e65f26a3a83998e53c000000", @ANYRES32, @ANYBLOB="00000000060000009501c0ff0800000085100000070000009500000000000000"], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:31:07 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:31:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) 09:31:07 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xd00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4) 09:31:07 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xe00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:07 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1100) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2335.585095][T10222] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2337.607314][ T7557] Bluetooth: hci0: command 0x1003 tx timeout [ 2337.613515][T11898] Bluetooth: hci0: sending frame failed (-49) 09:31:10 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1200) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:10 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:10 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="e623c55b", @ANYRES32, @ANYBLOB="00000000060000009501c0ff0800000085100000070000009500000000000000"], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:31:10 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:31:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1f00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2500) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3f00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4800) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2339.687152][ T678] Bluetooth: hci0: command 0x1001 tx timeout [ 2339.693177][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2341.767004][ T7557] Bluetooth: hci0: command 0x1009 tx timeout 09:31:17 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4c00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:17 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x6, 0x2) clone(0x81810000, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01c1a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:31:17 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:31:17 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:17 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x87}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0x69130000}, 0x0) 09:31:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:17 executing program 2 (fault-call:2 fault-nth:0): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6800) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6c00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x7400) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2345.753611][T10290] FAULT_INJECTION: forcing a failure. [ 2345.753611][T10290] name failslab, interval 1, probability 0, space 0, times 0 [ 2345.767403][T10290] CPU: 1 PID: 10290 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2345.777629][T10290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2345.787658][T10290] Call Trace: [ 2345.790937][T10290] dump_stack+0x1d8/0x24e [ 2345.795267][T10290] ? devkmsg_release+0x11c/0x11c [ 2345.800182][T10290] ? show_regs_print_info+0x12/0x12 [ 2345.805375][T10290] ? check_preemption_disabled+0x9e/0x330 [ 2345.811181][T10290] ? __set_page_owner+0x35/0x200 [ 2345.816117][T10290] should_fail+0x6f6/0x860 [ 2345.820502][T10290] ? setup_fault_attr+0x3d0/0x3d0 [ 2345.825505][T10290] ? ldsem_down_read+0xb7/0x890 [ 2345.830351][T10290] ? hci_alloc_dev+0x4d/0x15e0 [ 2345.835089][T10290] should_failslab+0x5/0x20 [ 2345.839574][T10290] kmem_cache_alloc_trace+0x39/0x2b0 [ 2345.844840][T10290] hci_alloc_dev+0x4d/0x15e0 [ 2345.849407][T10290] hci_uart_tty_ioctl+0x3c0/0xa10 [ 2345.854402][T10290] ? hci_uart_tty_write+0x10/0x10 [ 2345.859399][T10290] tty_ioctl+0xf68/0x1710 [ 2345.863695][T10290] ? tty_do_resize+0x170/0x170 [ 2345.868435][T10290] ? avc_ss_reset+0x3a0/0x3a0 [ 2345.873082][T10290] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2345.879213][T10290] ? refcount_inc_checked+0x50/0x50 [ 2345.884379][T10290] ? memcg_check_events+0x5c/0x5b0 [ 2345.889467][T10290] ? proc_fail_nth_write+0x1d5/0x240 [ 2345.894734][T10290] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2345.899907][T10290] ? __lru_cache_add+0x1c4/0x210 [ 2345.904820][T10290] ? memset+0x1f/0x40 [ 2345.908795][T10290] ? fsnotify+0x1332/0x13f0 [ 2345.913291][T10290] ? tty_do_resize+0x170/0x170 [ 2345.918025][T10290] do_vfs_ioctl+0x76a/0x1720 [ 2345.922597][T10290] ? selinux_file_ioctl+0x72f/0x990 [ 2345.927778][T10290] ? ioctl_preallocate+0x250/0x250 [ 2345.932880][T10290] ? __fget+0x37b/0x3c0 [ 2345.937025][T10290] ? vfs_write+0x422/0x4e0 [ 2345.941423][T10290] ? fget_many+0x20/0x20 [ 2345.945720][T10290] ? debug_smp_processor_id+0x20/0x20 [ 2345.951100][T10290] ? security_file_ioctl+0x9d/0xb0 [ 2345.956199][T10290] __x64_sys_ioctl+0xd4/0x110 [ 2345.960861][T10290] do_syscall_64+0xcb/0x1e0 [ 2345.965346][T10290] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2345.971211][T10290] RIP: 0033:0x4665d9 [ 2345.975080][T10290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2345.994790][T10290] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 09:31:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x7a00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2346.003184][T10290] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2346.011133][T10290] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2346.019074][T10290] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2346.027275][T10290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2346.035217][T10290] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2346.046800][T10290] Bluetooth: Can't allocate HCI device 09:31:20 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:20 executing program 2 (fault-call:2 fault-nth:1): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:20 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x70, 0x70, 0x3, [@func, @typedef, @const={0x10, 0x0, 0x0, 0xa, 0x4}, @ptr, @array, @const, @int, @fwd={0x5}]}, {0x0, [0x0]}}, 0x0, 0x8b}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) ptrace$cont(0x7, 0x0, 0x0, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f00000004c0), 0x200000, 0x0) perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x20, 0x6, 0x1, 0x73, 0x0, 0x101, 0x51f38, 0x9a90c112b06c7727, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000340), 0x6}, 0x400, 0x80000000, 0x80000000, 0x2, 0x8000, 0x2, 0x9, 0x0, 0xffffffff, 0x0, 0x81}, 0x0, 0x5, r2, 0x9) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:31:20 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x100000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:20 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x0, 0x0) 09:31:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1fffff) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2348.734707][T10307] FAULT_INJECTION: forcing a failure. [ 2348.734707][T10307] name failslab, interval 1, probability 0, space 0, times 0 [ 2348.748623][T10307] CPU: 0 PID: 10307 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2348.758851][T10307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2348.768890][T10307] Call Trace: [ 2348.772169][T10307] dump_stack+0x1d8/0x24e [ 2348.776489][T10307] ? devkmsg_release+0x11c/0x11c 09:31:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2348.781417][T10307] ? show_regs_print_info+0x12/0x12 [ 2348.786604][T10307] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 2348.792060][T10307] should_fail+0x6f6/0x860 [ 2348.796562][T10307] ? setup_fault_attr+0x3d0/0x3d0 [ 2348.801568][T10307] ? memset+0x1f/0x40 [ 2348.805538][T10307] ? h4_open+0x4f/0x140 [ 2348.809702][T10307] should_failslab+0x5/0x20 [ 2348.814194][T10307] kmem_cache_alloc_trace+0x39/0x2b0 [ 2348.819468][T10307] h4_open+0x4f/0x140 [ 2348.823443][T10307] hci_uart_tty_ioctl+0x7ea/0xa10 [ 2348.828450][T10307] ? hci_uart_tty_write+0x10/0x10 09:31:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2348.833449][T10307] tty_ioctl+0xf68/0x1710 [ 2348.837762][T10307] ? tty_do_resize+0x170/0x170 [ 2348.842505][T10307] ? avc_ss_reset+0x3a0/0x3a0 [ 2348.847156][T10307] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2348.853281][T10307] ? refcount_inc_checked+0x50/0x50 [ 2348.858461][T10307] ? memcg_check_events+0x5c/0x5b0 [ 2348.863568][T10307] ? proc_fail_nth_write+0x1d5/0x240 [ 2348.868830][T10307] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2348.874058][T10307] ? __lru_cache_add+0x1c4/0x210 [ 2348.878976][T10307] ? memset+0x1f/0x40 [ 2348.882977][T10307] ? fsnotify+0x1332/0x13f0 [ 2348.887453][T10307] ? tty_do_resize+0x170/0x170 [ 2348.892188][T10307] do_vfs_ioctl+0x76a/0x1720 [ 2348.896748][T10307] ? selinux_file_ioctl+0x72f/0x990 [ 2348.901919][T10307] ? ioctl_preallocate+0x250/0x250 [ 2348.907091][T10307] ? __fget+0x37b/0x3c0 [ 2348.911217][T10307] ? vfs_write+0x422/0x4e0 [ 2348.915719][T10307] ? fget_many+0x20/0x20 [ 2348.919948][T10307] ? debug_smp_processor_id+0x20/0x20 [ 2348.925724][T10307] ? security_file_ioctl+0x9d/0xb0 [ 2348.930813][T10307] __x64_sys_ioctl+0xd4/0x110 09:31:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x5000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2348.935458][T10307] do_syscall_64+0xcb/0x1e0 [ 2348.939935][T10307] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2348.945798][T10307] RIP: 0033:0x4665d9 [ 2348.949745][T10307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2348.969583][T10307] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2348.977989][T10307] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2348.985940][T10307] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2348.993890][T10307] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2349.001834][T10307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2349.009774][T10307] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 09:31:23 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb9, 0xb9, 0x3, [@func, @typedef, @const, @ptr, @array, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) clone3(&(0x7f00000007c0)={0x110803400, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)=0x0, {0x30}, &(0x7f00000004c0), 0x0, &(0x7f0000000500)=""/40, &(0x7f0000000540)=[r0, r0, r0], 0x3, {r1}}, 0x58) wait4(r2, &(0x7f0000000840), 0x4, &(0x7f0000000880)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:31:23 executing program 2 (fault-call:2 fault-nth:2): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:23 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:23 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) 09:31:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x7000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x8000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x9000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2351.755506][T10355] FAULT_INJECTION: forcing a failure. [ 2351.755506][T10355] name failslab, interval 1, probability 0, space 0, times 0 [ 2351.770528][T10355] CPU: 0 PID: 10355 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2351.780842][T10355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2351.790875][T10355] Call Trace: [ 2351.794148][T10355] dump_stack+0x1d8/0x24e [ 2351.798465][T10355] ? devkmsg_release+0x11c/0x11c 09:31:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xa000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xb000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xc000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2351.803386][T10355] ? memset+0x1f/0x40 [ 2351.807355][T10355] ? show_regs_print_info+0x12/0x12 [ 2351.812539][T10355] ? number+0xea3/0x1300 [ 2351.816764][T10355] ? xas_create+0x12c3/0x13b0 [ 2351.821424][T10355] should_fail+0x6f6/0x860 [ 2351.825827][T10355] ? setup_fault_attr+0x3d0/0x3d0 [ 2351.830852][T10355] ? xas_store+0xae3/0x1610 [ 2351.835338][T10355] ? vsnprintf+0x1e4/0x1d60 [ 2351.839826][T10355] ? alloc_workqueue+0x156/0x11d0 [ 2351.844839][T10355] should_failslab+0x5/0x20 [ 2351.849330][T10355] __kmalloc+0x5f/0x2f0 [ 2351.853468][T10355] alloc_workqueue+0x156/0x11d0 [ 2351.858287][T10355] ? ptr_to_hashval+0x60/0x60 [ 2351.862929][T10355] ? sprintf+0xd6/0x120 [ 2351.867047][T10355] ? idr_replace+0x230/0x230 [ 2351.871608][T10355] ? vsnprintf+0x1caa/0x1d60 [ 2351.876162][T10355] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2351.882343][T10355] ? h4_open+0x4f/0x140 [ 2351.886470][T10355] hci_register_dev+0x19a/0x710 [ 2351.891287][T10355] ? h4_open+0x60/0x140 [ 2351.895410][T10355] hci_uart_tty_ioctl+0x89e/0xa10 [ 2351.900398][T10355] ? hci_uart_tty_write+0x10/0x10 [ 2351.905392][T10355] tty_ioctl+0xf68/0x1710 [ 2351.909692][T10355] ? tty_do_resize+0x170/0x170 [ 2351.914422][T10355] ? avc_ss_reset+0x3a0/0x3a0 [ 2351.919080][T10355] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2351.925201][T10355] ? refcount_inc_checked+0x50/0x50 [ 2351.930368][T10355] ? proc_fail_nth_write+0x1d5/0x240 [ 2351.935634][T10355] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2351.940820][T10355] ? __lru_cache_add+0x1c4/0x210 [ 2351.945722][T10355] ? memset+0x1f/0x40 [ 2351.949694][T10355] ? fsnotify+0x1332/0x13f0 [ 2351.954168][T10355] ? tty_do_resize+0x170/0x170 [ 2351.958898][T10355] do_vfs_ioctl+0x76a/0x1720 [ 2351.963824][T10355] ? selinux_file_ioctl+0x72f/0x990 [ 2351.969030][T10355] ? ioctl_preallocate+0x250/0x250 [ 2351.974116][T10355] ? __fget+0x37b/0x3c0 [ 2351.978252][T10355] ? vfs_write+0x422/0x4e0 [ 2351.982635][T10355] ? fget_many+0x20/0x20 [ 2351.986845][T10355] ? debug_smp_processor_id+0x20/0x20 [ 2351.992184][T10355] ? security_file_ioctl+0x9d/0xb0 [ 2351.997263][T10355] __x64_sys_ioctl+0xd4/0x110 [ 2352.001906][T10355] do_syscall_64+0xcb/0x1e0 [ 2352.006374][T10355] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2352.012249][T10355] RIP: 0033:0x4665d9 [ 2352.016114][T10355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2352.035682][T10355] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2352.044070][T10355] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2352.052028][T10355] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2352.059968][T10355] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2352.068340][T10355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2352.076277][T10355] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2352.085063][T10355] Bluetooth: Can't register HCI device 09:31:26 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xd000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:26 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000017c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb5, 0xb5, 0x3, [@func, @typedef, @const, @restrict={0x3, 0x0, 0x0, 0xb, 0x5}, @array, @const, @typedef={0xf, 0x0, 0x0, 0x8, 0x5}, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{0x0, 0x1000}, {}, {0x3}, {}, {}, {0x0, 0x48}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xd3}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r2}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = socket$tipc(0x1e, 0x2, 0x0) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r1, 0x50009418, &(0x7f00000007c0)={{r3}, 0x0, 0xa, @unused=[0x8001, 0xb9, 0x6298, 0x80], @devid}) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r4, 0x0, 0x0) ptrace$setregs(0xf, r0, 0xffffffffffff7fff, &(0x7f0000000340)) 09:31:26 executing program 2 (fault-call:2 fault-nth:3): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:27 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:27 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) clone(0x0, &(0x7f0000000400)="31d840a87cf77f6898d72ee2d39eae1b401629680eff9503cd5d22c819c659a28ebb06c5c4911d20abafcda56358536926b7c7e43778bc16969e5844343dba6e5b9f014a430ff8c019c35d6f4f73214340148b2ed80f01a0a0dea8a249f10e163244879817e2f0ca459e3c6a99a641528f74995aa5e25720ffa8e6cfb6a869cc8fe0bb3e3c2ffdb64641ec9656bee723bee5d7a83c37191df5a6c89f4878bf74ad51d25b7b0e7b215cd7181d", &(0x7f0000000040), &(0x7f0000000140), 0x0) 09:31:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xe000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x10000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:27 executing program 1 (fault-call:2 fault-nth:0): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2354.768389][T10388] FAULT_INJECTION: forcing a failure. [ 2354.768389][T10388] name failslab, interval 1, probability 0, space 0, times 0 [ 2354.781311][T10388] CPU: 1 PID: 10388 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2354.791561][T10388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2354.801724][T10388] Call Trace: [ 2354.805005][T10388] dump_stack+0x1d8/0x24e [ 2354.809417][T10388] ? devkmsg_release+0x11c/0x11c 09:31:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x11000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:31:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x12000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2354.814352][T10388] ? show_regs_print_info+0x12/0x12 [ 2354.819565][T10388] should_fail+0x6f6/0x860 [ 2354.823974][T10388] ? setup_fault_attr+0x3d0/0x3d0 [ 2354.828988][T10388] ? alloc_workqueue+0x1cb/0x11d0 [ 2354.834028][T10388] should_failslab+0x5/0x20 [ 2354.838515][T10388] kmem_cache_alloc_trace+0x39/0x2b0 [ 2354.843781][T10388] ? alloc_workqueue+0x156/0x11d0 [ 2354.848811][T10388] alloc_workqueue+0x1cb/0x11d0 [ 2354.853651][T10388] ? sprintf+0xd6/0x120 [ 2354.857792][T10388] ? idr_replace+0x230/0x230 [ 2354.862371][T10388] ? vsnprintf+0x1caa/0x1d60 [ 2354.867130][T10388] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2354.873188][T10388] ? h4_open+0x4f/0x140 [ 2354.877346][T10388] hci_register_dev+0x19a/0x710 [ 2354.882183][T10388] ? h4_open+0x60/0x140 [ 2354.886328][T10388] hci_uart_tty_ioctl+0x89e/0xa10 [ 2354.891343][T10388] ? hci_uart_tty_write+0x10/0x10 [ 2354.896345][T10388] tty_ioctl+0xf68/0x1710 [ 2354.900660][T10388] ? tty_do_resize+0x170/0x170 [ 2354.905406][T10388] ? avc_ss_reset+0x3a0/0x3a0 [ 2354.910064][T10388] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2354.916195][T10388] ? refcount_inc_checked+0x50/0x50 [ 2354.921367][T10388] ? memcg_check_events+0x5c/0x5b0 [ 2354.926450][T10388] ? proc_fail_nth_write+0x1d5/0x240 [ 2354.931705][T10388] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2354.936894][T10388] ? __lru_cache_add+0x1c4/0x210 [ 2354.941799][T10388] ? memset+0x1f/0x40 [ 2354.945764][T10388] ? fsnotify+0x1332/0x13f0 [ 2354.950244][T10388] ? tty_do_resize+0x170/0x170 [ 2354.954975][T10388] do_vfs_ioctl+0x76a/0x1720 [ 2354.959537][T10388] ? selinux_file_ioctl+0x72f/0x990 [ 2354.964703][T10388] ? ioctl_preallocate+0x250/0x250 [ 2354.969781][T10388] ? __fget+0x37b/0x3c0 [ 2354.973904][T10388] ? vfs_write+0x422/0x4e0 [ 2354.978290][T10388] ? fget_many+0x20/0x20 [ 2354.982515][T10388] ? debug_smp_processor_id+0x20/0x20 [ 2354.987871][T10388] ? security_file_ioctl+0x9d/0xb0 [ 2354.992947][T10388] __x64_sys_ioctl+0xd4/0x110 [ 2354.997591][T10388] do_syscall_64+0xcb/0x1e0 [ 2355.002070][T10388] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2355.007976][T10388] RIP: 0033:0x4665d9 [ 2355.011841][T10388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2355.031410][T10388] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2355.039788][T10388] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2355.047734][T10388] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2355.055685][T10388] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2355.063652][T10388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2355.071600][T10388] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2355.081359][T10388] Bluetooth: Can't register HCI device 09:31:29 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x2, 0x2) 09:31:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1f000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:29 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:29 executing program 2 (fault-call:2 fault-nth:4): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:30 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2357.761898][T10421] FAULT_INJECTION: forcing a failure. [ 2357.761898][T10421] name failslab, interval 1, probability 0, space 0, times 0 [ 2357.777730][T10421] CPU: 1 PID: 10421 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2357.787962][T10421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2357.798002][T10421] Call Trace: [ 2357.801285][T10421] dump_stack+0x1d8/0x24e [ 2357.805615][T10421] ? devkmsg_release+0x11c/0x11c [ 2357.810526][T10421] ? arch_stack_walk+0xf8/0x140 [ 2357.815355][T10421] ? show_regs_print_info+0x12/0x12 [ 2357.820538][T10421] should_fail+0x6f6/0x860 [ 2357.824924][T10421] ? setup_fault_attr+0x3d0/0x3d0 [ 2357.829914][T10421] ? __unwind_start+0x72f/0x8e0 [ 2357.834767][T10421] ? apply_wqattrs_prepare+0xcb/0x17e0 [ 2357.840209][T10421] should_failslab+0x5/0x20 [ 2357.844696][T10421] kmem_cache_alloc_trace+0x39/0x2b0 [ 2357.849964][T10421] apply_wqattrs_prepare+0xcb/0x17e0 [ 2357.855225][T10421] ? alloc_workqueue+0x1cb/0x11d0 [ 2357.860223][T10421] ? hci_register_dev+0x19a/0x710 [ 2357.865219][T10421] ? hci_uart_tty_ioctl+0x89e/0xa10 [ 2357.870386][T10421] ? tty_ioctl+0xf68/0x1710 [ 2357.874859][T10421] ? do_vfs_ioctl+0x76a/0x1720 [ 2357.879594][T10421] ? __x64_sys_ioctl+0xd4/0x110 [ 2357.884413][T10421] ? do_syscall_64+0xcb/0x1e0 [ 2357.889062][T10421] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2357.895101][T10421] ? format_decode+0xc5c/0x1ab0 [ 2357.900081][T10421] ? cwt_wakefn+0x70/0x70 [ 2357.904392][T10421] ? vsnprintf+0x1d60/0x1d60 [ 2357.909040][T10421] ? string+0x280/0x2c0 [ 2357.913168][T10421] ? widen_string+0x3a/0x340 [ 2357.917742][T10421] ? string+0x280/0x2c0 [ 2357.921869][T10421] apply_workqueue_attrs_locked+0x136/0x6d0 [ 2357.927733][T10421] ? check_preemption_disabled+0x9e/0x330 [ 2357.933420][T10421] ? apply_workqueue_attrs+0x40/0x40 [ 2357.938669][T10421] ? mutex_lock+0xa6/0x110 [ 2357.943055][T10421] ? mutex_trylock+0xb0/0xb0 [ 2357.947613][T10421] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 2357.953261][T10421] alloc_workqueue+0xcc4/0x11d0 [ 2357.958094][T10421] ? sprintf+0xd6/0x120 [ 2357.962240][T10421] ? idr_replace+0x230/0x230 [ 2357.966800][T10421] ? vsnprintf+0x1caa/0x1d60 [ 2357.971362][T10421] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2357.977410][T10421] ? h4_open+0x4f/0x140 [ 2357.981538][T10421] hci_register_dev+0x19a/0x710 [ 2357.986358][T10421] ? h4_open+0x60/0x140 [ 2357.990482][T10421] hci_uart_tty_ioctl+0x89e/0xa10 [ 2357.995522][T10421] ? hci_uart_tty_write+0x10/0x10 [ 2358.000534][T10421] tty_ioctl+0xf68/0x1710 [ 2358.004848][T10421] ? tty_do_resize+0x170/0x170 [ 2358.009593][T10421] ? avc_ss_reset+0x3a0/0x3a0 [ 2358.014246][T10421] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2358.020367][T10421] ? refcount_inc_checked+0x50/0x50 [ 2358.025545][T10421] ? memcg_check_events+0x5c/0x5b0 [ 2358.030638][T10421] ? proc_fail_nth_write+0x1d5/0x240 [ 2358.035891][T10421] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2358.041082][T10421] ? __lru_cache_add+0x1c4/0x210 [ 2358.045987][T10421] ? memset+0x1f/0x40 [ 2358.049935][T10421] ? fsnotify+0x1332/0x13f0 [ 2358.054404][T10421] ? tty_do_resize+0x170/0x170 [ 2358.059151][T10421] do_vfs_ioctl+0x76a/0x1720 [ 2358.063718][T10421] ? selinux_file_ioctl+0x72f/0x990 [ 2358.068888][T10421] ? ioctl_preallocate+0x250/0x250 [ 2358.073974][T10421] ? __fget+0x37b/0x3c0 [ 2358.078095][T10421] ? vfs_write+0x422/0x4e0 [ 2358.082492][T10421] ? fget_many+0x20/0x20 [ 2358.086704][T10421] ? debug_smp_processor_id+0x20/0x20 [ 2358.092044][T10421] ? security_file_ioctl+0x9d/0xb0 [ 2358.097138][T10421] __x64_sys_ioctl+0xd4/0x110 [ 2358.101790][T10421] do_syscall_64+0xcb/0x1e0 [ 2358.106272][T10421] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2358.112132][T10421] RIP: 0033:0x4665d9 [ 2358.116011][T10421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2358.135585][T10421] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2358.143960][T10421] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2358.151902][T10421] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 09:31:30 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4b47, 0x2) 09:31:30 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x20000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:30 executing program 2 (fault-call:2 fault-nth:5): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:30 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2358.159858][T10421] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2358.167800][T10421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2358.175746][T10421] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2358.186690][T10421] Bluetooth: Can't register HCI device 09:31:30 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x25000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4b49, 0x2) 09:31:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2ce602f0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5409, 0x2) [ 2358.235480][T10444] FAULT_INJECTION: forcing a failure. [ 2358.235480][T10444] name failslab, interval 1, probability 0, space 0, times 0 [ 2358.249780][T10444] CPU: 0 PID: 10444 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2358.260008][T10444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2358.270047][T10444] Call Trace: [ 2358.273328][T10444] dump_stack+0x1d8/0x24e [ 2358.277648][T10444] ? devkmsg_release+0x11c/0x11c [ 2358.282574][T10444] ? show_regs_print_info+0x12/0x12 [ 2358.287767][T10444] should_fail+0x6f6/0x860 [ 2358.292173][T10444] ? setup_fault_attr+0x3d0/0x3d0 [ 2358.297186][T10444] ? apply_wqattrs_prepare+0x102/0x17e0 [ 2358.302725][T10444] should_failslab+0x5/0x20 [ 2358.307216][T10444] kmem_cache_alloc_trace+0x39/0x2b0 [ 2358.312482][T10444] ? apply_wqattrs_prepare+0xcb/0x17e0 [ 2358.317911][T10444] apply_wqattrs_prepare+0x102/0x17e0 [ 2358.323250][T10444] ? alloc_workqueue+0x1cb/0x11d0 [ 2358.328244][T10444] ? hci_register_dev+0x19a/0x710 [ 2358.333239][T10444] ? hci_uart_tty_ioctl+0x89e/0xa10 [ 2358.338413][T10444] ? tty_ioctl+0xf68/0x1710 [ 2358.342901][T10444] ? do_vfs_ioctl+0x76a/0x1720 [ 2358.347635][T10444] ? __x64_sys_ioctl+0xd4/0x110 [ 2358.352460][T10444] ? do_syscall_64+0xcb/0x1e0 [ 2358.357217][T10444] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2358.363263][T10444] ? format_decode+0xc5c/0x1ab0 [ 2358.368084][T10444] ? cwt_wakefn+0x70/0x70 [ 2358.372382][T10444] ? vsnprintf+0x1d60/0x1d60 [ 2358.376942][T10444] ? string+0x280/0x2c0 [ 2358.381248][T10444] ? widen_string+0x3a/0x340 [ 2358.385816][T10444] ? string+0x280/0x2c0 [ 2358.389939][T10444] apply_workqueue_attrs_locked+0x136/0x6d0 [ 2358.395799][T10444] ? check_preemption_disabled+0x9e/0x330 [ 2358.401489][T10444] ? apply_workqueue_attrs+0x40/0x40 [ 2358.406740][T10444] ? mutex_lock+0xa6/0x110 [ 2358.411140][T10444] ? mutex_trylock+0xb0/0xb0 [ 2358.415722][T10444] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 2358.421235][T10444] alloc_workqueue+0xcc4/0x11d0 [ 2358.426144][T10444] ? sprintf+0xd6/0x120 [ 2358.430268][T10444] ? idr_replace+0x230/0x230 [ 2358.434824][T10444] ? vsnprintf+0x1caa/0x1d60 [ 2358.439387][T10444] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2358.445428][T10444] ? h4_open+0x4f/0x140 [ 2358.449553][T10444] hci_register_dev+0x19a/0x710 [ 2358.454381][T10444] ? h4_open+0x60/0x140 [ 2358.458509][T10444] hci_uart_tty_ioctl+0x89e/0xa10 [ 2358.463502][T10444] ? hci_uart_tty_write+0x10/0x10 [ 2358.468510][T10444] tty_ioctl+0xf68/0x1710 [ 2358.472809][T10444] ? tty_do_resize+0x170/0x170 [ 2358.477541][T10444] ? avc_ss_reset+0x3a0/0x3a0 [ 2358.482186][T10444] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2358.488308][T10444] ? refcount_inc_checked+0x50/0x50 [ 2358.493473][T10444] ? memcg_check_events+0x5c/0x5b0 [ 2358.498557][T10444] ? proc_fail_nth_write+0x1d5/0x240 [ 2358.503809][T10444] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2358.508993][T10444] ? __lru_cache_add+0x1c4/0x210 [ 2358.513897][T10444] ? memset+0x1f/0x40 [ 2358.517844][T10444] ? fsnotify+0x1332/0x13f0 [ 2358.522314][T10444] ? tty_do_resize+0x170/0x170 [ 2358.527047][T10444] do_vfs_ioctl+0x76a/0x1720 [ 2358.531606][T10444] ? selinux_file_ioctl+0x72f/0x990 [ 2358.536891][T10444] ? ioctl_preallocate+0x250/0x250 [ 2358.541969][T10444] ? __fget+0x37b/0x3c0 [ 2358.546092][T10444] ? vfs_write+0x422/0x4e0 [ 2358.550475][T10444] ? fget_many+0x20/0x20 [ 2358.554685][T10444] ? debug_smp_processor_id+0x20/0x20 [ 2358.560037][T10444] ? security_file_ioctl+0x9d/0xb0 [ 2358.565117][T10444] __x64_sys_ioctl+0xd4/0x110 [ 2358.569770][T10444] do_syscall_64+0xcb/0x1e0 [ 2358.574256][T10444] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2358.580116][T10444] RIP: 0033:0x4665d9 [ 2358.583978][T10444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2358.603548][T10444] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2358.611926][T10444] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2358.619867][T10444] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2358.627819][T10444] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2358.635768][T10444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2358.643709][T10444] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2358.653290][T10444] Bluetooth: Can't register HCI device 09:31:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3f000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:33 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:33 executing program 2 (fault-call:2 fault-nth:6): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540b, 0x2) 09:31:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x40000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540c, 0x2) [ 2361.222780][T10477] FAULT_INJECTION: forcing a failure. [ 2361.222780][T10477] name failslab, interval 1, probability 0, space 0, times 0 [ 2361.236347][T10477] CPU: 0 PID: 10477 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2361.246588][T10477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2361.256627][T10477] Call Trace: [ 2361.259930][T10477] dump_stack+0x1d8/0x24e [ 2361.264243][T10477] ? devkmsg_release+0x11c/0x11c [ 2361.269153][T10477] ? show_regs_print_info+0x12/0x12 [ 2361.274318][T10477] should_fail+0x6f6/0x860 [ 2361.278702][T10477] ? setup_fault_attr+0x3d0/0x3d0 [ 2361.283692][T10477] ? apply_wqattrs_prepare+0x1c0/0x17e0 [ 2361.289204][T10477] should_failslab+0x5/0x20 [ 2361.293708][T10477] kmem_cache_alloc_trace+0x39/0x2b0 [ 2361.299175][T10477] ? apply_wqattrs_prepare+0x102/0x17e0 [ 2361.304697][T10477] apply_wqattrs_prepare+0x1c0/0x17e0 [ 2361.310034][T10477] ? alloc_workqueue+0x1cb/0x11d0 [ 2361.315046][T10477] ? hci_uart_tty_ioctl+0x89e/0xa10 [ 2361.320208][T10477] ? tty_ioctl+0xf68/0x1710 [ 2361.324677][T10477] ? do_vfs_ioctl+0x76a/0x1720 [ 2361.329407][T10477] ? __x64_sys_ioctl+0xd4/0x110 [ 2361.334242][T10477] ? do_syscall_64+0xcb/0x1e0 [ 2361.338883][T10477] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2361.344934][T10477] ? format_decode+0xc5c/0x1ab0 [ 2361.349751][T10477] ? cwt_wakefn+0x70/0x70 [ 2361.354047][T10477] ? vsnprintf+0x1d60/0x1d60 [ 2361.358600][T10477] ? string+0x280/0x2c0 [ 2361.362720][T10477] ? widen_string+0x3a/0x340 [ 2361.367278][T10477] ? string+0x280/0x2c0 [ 2361.371402][T10477] apply_workqueue_attrs_locked+0x136/0x6d0 [ 2361.377270][T10477] ? check_preemption_disabled+0x9e/0x330 [ 2361.382955][T10477] ? apply_workqueue_attrs+0x40/0x40 [ 2361.388218][T10477] ? mutex_lock+0xa6/0x110 [ 2361.392597][T10477] ? mutex_trylock+0xb0/0xb0 [ 2361.397152][T10477] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 2361.402671][T10477] alloc_workqueue+0xcc4/0x11d0 [ 2361.407490][T10477] ? sprintf+0xd6/0x120 [ 2361.411612][T10477] ? idr_replace+0x230/0x230 [ 2361.416165][T10477] ? vsnprintf+0x1caa/0x1d60 [ 2361.420730][T10477] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2361.426764][T10477] ? h4_open+0x4f/0x140 [ 2361.430888][T10477] hci_register_dev+0x19a/0x710 [ 2361.435715][T10477] ? h4_open+0x60/0x140 [ 2361.439925][T10477] hci_uart_tty_ioctl+0x89e/0xa10 [ 2361.444914][T10477] ? hci_uart_tty_write+0x10/0x10 [ 2361.449930][T10477] tty_ioctl+0xf68/0x1710 [ 2361.454226][T10477] ? tty_do_resize+0x170/0x170 [ 2361.458957][T10477] ? avc_ss_reset+0x3a0/0x3a0 [ 2361.463624][T10477] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2361.469743][T10477] ? refcount_inc_checked+0x50/0x50 [ 2361.474908][T10477] ? memcg_check_events+0x5c/0x5b0 [ 2361.480072][T10477] ? proc_fail_nth_write+0x1d5/0x240 [ 2361.485323][T10477] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2361.490489][T10477] ? __lru_cache_add+0x1c4/0x210 [ 2361.495399][T10477] ? memset+0x1f/0x40 [ 2361.499359][T10477] ? fsnotify+0x1332/0x13f0 [ 2361.503830][T10477] ? tty_do_resize+0x170/0x170 [ 2361.508570][T10477] do_vfs_ioctl+0x76a/0x1720 [ 2361.513127][T10477] ? selinux_file_ioctl+0x72f/0x990 [ 2361.518726][T10477] ? ioctl_preallocate+0x250/0x250 [ 2361.523803][T10477] ? __fget+0x37b/0x3c0 [ 2361.527936][T10477] ? debug_smp_processor_id+0x20/0x20 [ 2361.533393][T10477] ? fget_many+0x20/0x20 [ 2361.537603][T10477] ? __fpregs_load_activate+0x1d7/0x3c0 [ 2361.543116][T10477] ? security_file_ioctl+0x9d/0xb0 [ 2361.548203][T10477] __x64_sys_ioctl+0xd4/0x110 [ 2361.552856][T10477] do_syscall_64+0xcb/0x1e0 [ 2361.557327][T10477] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2361.563193][T10477] RIP: 0033:0x4665d9 [ 2361.567054][T10477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2361.586795][T10477] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2361.595182][T10477] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2361.603122][T10477] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2361.611077][T10477] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 09:31:33 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x48000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:33 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540d, 0x2) 09:31:33 executing program 2 (fault-call:2 fault-nth:7): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:33 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2361.619035][T10477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2361.626984][T10477] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2361.636745][T10477] Bluetooth: Can't register HCI device 09:31:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540e, 0x2) [ 2361.697467][T10503] FAULT_INJECTION: forcing a failure. [ 2361.697467][T10503] name failslab, interval 1, probability 0, space 0, times 0 [ 2361.710458][T10503] CPU: 0 PID: 10503 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2361.720668][T10503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2361.730696][T10503] Call Trace: [ 2361.733961][T10503] dump_stack+0x1d8/0x24e [ 2361.738266][T10503] ? devkmsg_release+0x11c/0x11c [ 2361.743195][T10503] ? show_regs_print_info+0x12/0x12 [ 2361.748375][T10503] should_fail+0x6f6/0x860 [ 2361.752765][T10503] ? setup_fault_attr+0x3d0/0x3d0 [ 2361.757762][T10503] ? apply_wqattrs_prepare+0x8a5/0x17e0 [ 2361.763278][T10503] should_failslab+0x5/0x20 [ 2361.767756][T10503] kmem_cache_alloc+0x36/0x290 [ 2361.772495][T10503] apply_wqattrs_prepare+0x8a5/0x17e0 [ 2361.777840][T10503] ? __x64_sys_ioctl+0xd4/0x110 [ 2361.782665][T10503] ? format_decode+0xc5c/0x1ab0 [ 2361.787489][T10503] ? cwt_wakefn+0x70/0x70 [ 2361.791802][T10503] ? vsnprintf+0x1d60/0x1d60 [ 2361.796388][T10503] ? string+0x280/0x2c0 [ 2361.800524][T10503] ? widen_string+0x3a/0x340 [ 2361.805085][T10503] ? string+0x280/0x2c0 [ 2361.809213][T10503] apply_workqueue_attrs_locked+0x136/0x6d0 [ 2361.815091][T10503] ? check_preemption_disabled+0x9e/0x330 [ 2361.820799][T10503] ? apply_workqueue_attrs+0x40/0x40 [ 2361.826054][T10503] ? mutex_lock+0xa6/0x110 [ 2361.830439][T10503] ? mutex_trylock+0xb0/0xb0 [ 2361.835000][T10503] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 2361.840515][T10503] alloc_workqueue+0xcc4/0x11d0 [ 2361.845338][T10503] ? sprintf+0xd6/0x120 [ 2361.849471][T10503] ? idr_replace+0x230/0x230 [ 2361.854038][T10503] ? vsnprintf+0x1caa/0x1d60 [ 2361.858594][T10503] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2361.864629][T10503] ? h4_open+0x4f/0x140 [ 2361.868764][T10503] hci_register_dev+0x19a/0x710 [ 2361.873602][T10503] ? h4_open+0x60/0x140 [ 2361.877733][T10503] hci_uart_tty_ioctl+0x89e/0xa10 [ 2361.882729][T10503] ? hci_uart_tty_write+0x10/0x10 [ 2361.887726][T10503] tty_ioctl+0xf68/0x1710 [ 2361.892034][T10503] ? tty_do_resize+0x170/0x170 [ 2361.896784][T10503] ? avc_ss_reset+0x3a0/0x3a0 [ 2361.901478][T10503] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2361.907610][T10503] ? refcount_inc_checked+0x50/0x50 [ 2361.912788][T10503] ? memcg_check_events+0x5c/0x5b0 [ 2361.917870][T10503] ? proc_fail_nth_write+0x1d5/0x240 [ 2361.923125][T10503] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2361.928291][T10503] ? __lru_cache_add+0x1c4/0x210 [ 2361.933367][T10503] ? memset+0x1f/0x40 [ 2361.937327][T10503] ? fsnotify+0x1332/0x13f0 [ 2361.941803][T10503] ? tty_do_resize+0x170/0x170 [ 2361.946538][T10503] do_vfs_ioctl+0x76a/0x1720 [ 2361.951101][T10503] ? selinux_file_ioctl+0x72f/0x990 [ 2361.956278][T10503] ? ioctl_preallocate+0x250/0x250 [ 2361.961368][T10503] ? __fget+0x37b/0x3c0 [ 2361.965494][T10503] ? vfs_write+0x422/0x4e0 [ 2361.969898][T10503] ? fget_many+0x20/0x20 [ 2361.974119][T10503] ? debug_smp_processor_id+0x20/0x20 [ 2361.979463][T10503] ? security_file_ioctl+0x9d/0xb0 [ 2361.984547][T10503] __x64_sys_ioctl+0xd4/0x110 [ 2361.989195][T10503] do_syscall_64+0xcb/0x1e0 [ 2361.993671][T10503] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2361.999540][T10503] RIP: 0033:0x4665d9 [ 2362.003406][T10503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2362.022986][T10503] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2362.031372][T10503] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2362.039314][T10503] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2362.047256][T10503] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2362.055198][T10503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2362.063143][T10503] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2362.072280][T10503] Bluetooth: Can't register HCI device 09:31:36 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4c000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x540f, 0x2) 09:31:36 executing program 2 (fault-call:2 fault-nth:8): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5410, 0x2) 09:31:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5412, 0x2) [ 2364.219567][T10509] FAULT_INJECTION: forcing a failure. [ 2364.219567][T10509] name failslab, interval 1, probability 0, space 0, times 0 [ 2364.232610][T10509] CPU: 1 PID: 10509 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2364.242839][T10509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2364.252880][T10509] Call Trace: [ 2364.256165][T10509] dump_stack+0x1d8/0x24e [ 2364.260476][T10509] ? devkmsg_release+0x11c/0x11c 09:31:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5413, 0x2) [ 2364.265400][T10509] ? show_regs_print_info+0x12/0x12 [ 2364.270587][T10509] ? kfree+0xe0/0x660 [ 2364.274555][T10509] ? apply_wqattrs_commit+0x3d1/0x730 [ 2364.279910][T10509] should_fail+0x6f6/0x860 [ 2364.284316][T10509] ? setup_fault_attr+0x3d0/0x3d0 [ 2364.289329][T10509] ? check_preemption_disabled+0x9e/0x330 [ 2364.295027][T10509] ? pwq_adjust_max_active+0xc0/0x900 [ 2364.300367][T10509] ? mutex_lock+0xa6/0x110 [ 2364.304751][T10509] ? alloc_workqueue+0x156/0x11d0 [ 2364.309744][T10509] should_failslab+0x5/0x20 [ 2364.314217][T10509] __kmalloc+0x5f/0x2f0 [ 2364.318341][T10509] alloc_workqueue+0x156/0x11d0 [ 2364.323168][T10509] ? sprintf+0xd6/0x120 [ 2364.327292][T10509] ? idr_replace+0x230/0x230 [ 2364.331854][T10509] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2364.337888][T10509] ? h4_open+0x4f/0x140 [ 2364.342012][T10509] hci_register_dev+0x1f2/0x710 [ 2364.346831][T10509] hci_uart_tty_ioctl+0x89e/0xa10 [ 2364.351820][T10509] ? hci_uart_tty_write+0x10/0x10 [ 2364.356818][T10509] tty_ioctl+0xf68/0x1710 [ 2364.361123][T10509] ? tty_do_resize+0x170/0x170 [ 2364.365859][T10509] ? avc_ss_reset+0x3a0/0x3a0 [ 2364.370503][T10509] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2364.376623][T10509] ? refcount_inc_checked+0x50/0x50 [ 2364.381792][T10509] ? memcg_check_events+0x1a2/0x5b0 [ 2364.386966][T10509] ? proc_fail_nth_write+0x1d5/0x240 [ 2364.392222][T10509] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2364.397387][T10509] ? __lru_cache_add+0x1c4/0x210 [ 2364.402330][T10509] ? memset+0x1f/0x40 [ 2364.406279][T10509] ? fsnotify+0x1332/0x13f0 [ 2364.410750][T10509] ? tty_do_resize+0x170/0x170 [ 2364.415480][T10509] do_vfs_ioctl+0x76a/0x1720 [ 2364.420042][T10509] ? selinux_file_ioctl+0x72f/0x990 [ 2364.425223][T10509] ? ioctl_preallocate+0x250/0x250 [ 2364.430303][T10509] ? __fget+0x37b/0x3c0 [ 2364.434431][T10509] ? vfs_write+0x422/0x4e0 [ 2364.438814][T10509] ? fget_many+0x20/0x20 [ 2364.443024][T10509] ? debug_smp_processor_id+0x20/0x20 [ 2364.448367][T10509] ? security_file_ioctl+0x9d/0xb0 [ 2364.453450][T10509] __x64_sys_ioctl+0xd4/0x110 [ 2364.458096][T10509] do_syscall_64+0xcb/0x1e0 [ 2364.462666][T10509] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2364.468526][T10509] RIP: 0033:0x4665d9 [ 2364.472390][T10509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2364.491963][T10509] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2364.500344][T10509] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2364.508284][T10509] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2364.516227][T10509] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2364.524173][T10509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2364.532121][T10509] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2364.543523][T10509] Bluetooth: Can't register HCI device 09:31:36 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) tkill(r0, 0x40) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5414, 0x2) 09:31:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x60000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:36 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:36 executing program 2 (fault-call:2 fault-nth:9): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2364.691116][T10538] FAULT_INJECTION: forcing a failure. [ 2364.691116][T10538] name failslab, interval 1, probability 0, space 0, times 0 [ 2364.704094][T10538] CPU: 1 PID: 10538 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2364.714309][T10538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2364.725156][T10538] Call Trace: [ 2364.728429][T10538] dump_stack+0x1d8/0x24e [ 2364.732730][T10538] ? devkmsg_release+0x11c/0x11c [ 2364.737643][T10538] ? show_regs_print_info+0x12/0x12 [ 2364.742875][T10538] should_fail+0x6f6/0x860 [ 2364.747261][T10538] ? setup_fault_attr+0x3d0/0x3d0 [ 2364.752256][T10538] ? mutex_lock+0xa6/0x110 [ 2364.756642][T10538] ? alloc_workqueue+0x1cb/0x11d0 [ 2364.761637][T10538] should_failslab+0x5/0x20 [ 2364.766115][T10538] kmem_cache_alloc_trace+0x39/0x2b0 [ 2364.771368][T10538] ? alloc_workqueue+0x156/0x11d0 [ 2364.776388][T10538] alloc_workqueue+0x1cb/0x11d0 [ 2364.781213][T10538] ? sprintf+0xd6/0x120 [ 2364.785337][T10538] ? idr_replace+0x230/0x230 [ 2364.789897][T10538] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2364.795942][T10538] ? h4_open+0x4f/0x140 [ 2364.800158][T10538] hci_register_dev+0x1f2/0x710 [ 2364.804976][T10538] hci_uart_tty_ioctl+0x89e/0xa10 [ 2364.809974][T10538] ? hci_uart_tty_write+0x10/0x10 [ 2364.815087][T10538] tty_ioctl+0xf68/0x1710 [ 2364.819396][T10538] ? tty_do_resize+0x170/0x170 [ 2364.824136][T10538] ? avc_ss_reset+0x3a0/0x3a0 [ 2364.828779][T10538] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2364.834920][T10538] ? refcount_inc_checked+0x50/0x50 [ 2364.840108][T10538] ? memcg_check_events+0x5c/0x5b0 [ 2364.845205][T10538] ? proc_fail_nth_write+0x1d5/0x240 [ 2364.850493][T10538] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2364.855686][T10538] ? __lru_cache_add+0x1c4/0x210 [ 2364.860693][T10538] ? memset+0x1f/0x40 [ 2364.864646][T10538] ? fsnotify+0x1332/0x13f0 [ 2364.869118][T10538] ? tty_do_resize+0x170/0x170 [ 2364.873855][T10538] do_vfs_ioctl+0x76a/0x1720 [ 2364.878417][T10538] ? selinux_file_ioctl+0x72f/0x990 [ 2364.883587][T10538] ? ioctl_preallocate+0x250/0x250 [ 2364.888666][T10538] ? __fget+0x37b/0x3c0 [ 2364.892808][T10538] ? vfs_write+0x422/0x4e0 [ 2364.897194][T10538] ? fget_many+0x20/0x20 [ 2364.901754][T10538] ? debug_smp_processor_id+0x20/0x20 [ 2364.907198][T10538] ? security_file_ioctl+0x9d/0xb0 [ 2364.912285][T10538] __x64_sys_ioctl+0xd4/0x110 [ 2364.916936][T10538] do_syscall_64+0xcb/0x1e0 [ 2364.921410][T10538] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2364.927271][T10538] RIP: 0033:0x4665d9 [ 2364.931140][T10538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2364.950734][T10538] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2364.959109][T10538] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2364.967066][T10538] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2364.975017][T10538] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2364.983059][T10538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2364.991258][T10538] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2365.000456][T10538] Bluetooth: Can't register HCI device 09:31:39 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5415, 0x2) 09:31:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x68000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:39 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:39 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:39 executing program 2 (fault-call:2 fault-nth:10): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:39 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:39 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2367.247656][T10551] FAULT_INJECTION: forcing a failure. [ 2367.247656][T10551] name failslab, interval 1, probability 0, space 0, times 0 [ 2367.263881][T10551] CPU: 1 PID: 10551 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2367.274114][T10551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2367.284154][T10551] Call Trace: [ 2367.287424][T10551] dump_stack+0x1d8/0x24e [ 2367.291737][T10551] ? devkmsg_release+0x11c/0x11c [ 2367.296644][T10551] ? arch_stack_walk+0xf8/0x140 [ 2367.301510][T10551] ? show_regs_print_info+0x12/0x12 [ 2367.306780][T10551] should_fail+0x6f6/0x860 [ 2367.311182][T10551] ? setup_fault_attr+0x3d0/0x3d0 [ 2367.316190][T10551] ? apply_wqattrs_prepare+0xcb/0x17e0 [ 2367.321618][T10551] should_failslab+0x5/0x20 [ 2367.326229][T10551] kmem_cache_alloc_trace+0x39/0x2b0 [ 2367.331503][T10551] apply_wqattrs_prepare+0xcb/0x17e0 [ 2367.336759][T10551] ? alloc_workqueue+0x1cb/0x11d0 [ 2367.341750][T10551] ? hci_register_dev+0x1f2/0x710 [ 2367.346740][T10551] ? hci_uart_tty_ioctl+0x89e/0xa10 [ 2367.351902][T10551] ? tty_ioctl+0xf68/0x1710 [ 2367.356374][T10551] ? do_vfs_ioctl+0x76a/0x1720 [ 2367.361106][T10551] ? __x64_sys_ioctl+0xd4/0x110 [ 2367.366043][T10551] ? do_syscall_64+0xcb/0x1e0 [ 2367.370698][T10551] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2367.376832][T10551] ? format_decode+0xc5c/0x1ab0 [ 2367.381654][T10551] ? cwt_wakefn+0x70/0x70 [ 2367.385968][T10551] ? vsnprintf+0x1d60/0x1d60 [ 2367.390547][T10551] ? string+0x280/0x2c0 [ 2367.394712][T10551] ? widen_string+0x3a/0x340 [ 2367.399313][T10551] ? string+0x280/0x2c0 [ 2367.403439][T10551] apply_workqueue_attrs_locked+0x136/0x6d0 [ 2367.409304][T10551] ? check_preemption_disabled+0x9e/0x330 [ 2367.415012][T10551] ? apply_workqueue_attrs+0x40/0x40 [ 2367.420279][T10551] ? mutex_lock+0xa6/0x110 [ 2367.424665][T10551] ? mutex_trylock+0xb0/0xb0 [ 2367.429226][T10551] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 2367.434740][T10551] alloc_workqueue+0xcc4/0x11d0 [ 2367.439649][T10551] ? sprintf+0xd6/0x120 [ 2367.443771][T10551] ? idr_replace+0x230/0x230 [ 2367.448331][T10551] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2367.454374][T10551] ? h4_open+0x4f/0x140 [ 2367.458510][T10551] hci_register_dev+0x1f2/0x710 [ 2367.463339][T10551] hci_uart_tty_ioctl+0x89e/0xa10 [ 2367.468330][T10551] ? hci_uart_tty_write+0x10/0x10 [ 2367.473849][T10551] tty_ioctl+0xf68/0x1710 [ 2367.478156][T10551] ? tty_do_resize+0x170/0x170 [ 2367.482883][T10551] ? avc_ss_reset+0x3a0/0x3a0 [ 2367.487532][T10551] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2367.493650][T10551] ? refcount_inc_checked+0x50/0x50 [ 2367.498816][T10551] ? memcg_check_events+0x1a2/0x5b0 [ 2367.503988][T10551] ? proc_fail_nth_write+0x1d5/0x240 [ 2367.509419][T10551] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2367.514595][T10551] ? __lru_cache_add+0x1c4/0x210 [ 2367.519498][T10551] ? memset+0x1f/0x40 [ 2367.523450][T10551] ? fsnotify+0x1332/0x13f0 [ 2367.527921][T10551] ? tty_do_resize+0x170/0x170 [ 2367.532653][T10551] do_vfs_ioctl+0x76a/0x1720 [ 2367.537210][T10551] ? selinux_file_ioctl+0x72f/0x990 [ 2367.542383][T10551] ? ioctl_preallocate+0x250/0x250 [ 2367.547468][T10551] ? __fget+0x37b/0x3c0 [ 2367.551587][T10551] ? vfs_write+0x422/0x4e0 [ 2367.555970][T10551] ? fget_many+0x20/0x20 [ 2367.560193][T10551] ? debug_smp_processor_id+0x20/0x20 [ 2367.565620][T10551] ? security_file_ioctl+0x9d/0xb0 [ 2367.570703][T10551] __x64_sys_ioctl+0xd4/0x110 [ 2367.575346][T10551] do_syscall_64+0xcb/0x1e0 [ 2367.579817][T10551] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2367.585677][T10551] RIP: 0033:0x4665d9 [ 2367.589557][T10551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2367.609188][T10551] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2367.617571][T10551] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2367.625514][T10551] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2367.633483][T10551] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2367.641439][T10551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 09:31:39 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:39 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5416, 0x2) 09:31:39 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 09:31:39 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6c000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:39 executing program 2 (fault-call:2 fault-nth:11): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:39 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2367.649477][T10551] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2367.664896][T10551] Bluetooth: Can't register HCI device 09:31:39 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5417, 0x2) 09:31:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x74000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:39 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:39 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2367.708458][T10572] FAULT_INJECTION: forcing a failure. [ 2367.708458][T10572] name failslab, interval 1, probability 0, space 0, times 0 [ 2367.722582][T10572] CPU: 1 PID: 10572 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2367.732814][T10572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2367.742871][T10572] Call Trace: [ 2367.746157][T10572] dump_stack+0x1d8/0x24e [ 2367.750490][T10572] ? devkmsg_release+0x11c/0x11c 09:31:40 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2367.755420][T10572] ? show_regs_print_info+0x12/0x12 [ 2367.760611][T10572] should_fail+0x6f6/0x860 [ 2367.765106][T10572] ? setup_fault_attr+0x3d0/0x3d0 [ 2367.770122][T10572] ? apply_wqattrs_prepare+0x102/0x17e0 [ 2367.775654][T10572] should_failslab+0x5/0x20 [ 2367.780152][T10572] kmem_cache_alloc_trace+0x39/0x2b0 [ 2367.785687][T10572] ? apply_wqattrs_prepare+0xcb/0x17e0 [ 2367.791130][T10572] apply_wqattrs_prepare+0x102/0x17e0 [ 2367.796482][T10572] ? alloc_workqueue+0x1cb/0x11d0 [ 2367.801495][T10572] ? hci_register_dev+0x1f2/0x710 [ 2367.806488][T10572] ? hci_uart_tty_ioctl+0x89e/0xa10 [ 2367.811665][T10572] ? tty_ioctl+0xf68/0x1710 [ 2367.816139][T10572] ? do_vfs_ioctl+0x76a/0x1720 [ 2367.820872][T10572] ? __x64_sys_ioctl+0xd4/0x110 [ 2367.825690][T10572] ? do_syscall_64+0xcb/0x1e0 [ 2367.830335][T10572] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2367.836880][T10572] ? format_decode+0xc5c/0x1ab0 [ 2367.841701][T10572] ? cwt_wakefn+0x70/0x70 [ 2367.845999][T10572] ? vsnprintf+0x1d60/0x1d60 [ 2367.850564][T10572] ? string+0x280/0x2c0 [ 2367.854701][T10572] ? widen_string+0x3a/0x340 [ 2367.859294][T10572] ? string+0x280/0x2c0 [ 2367.863424][T10572] apply_workqueue_attrs_locked+0x136/0x6d0 [ 2367.869292][T10572] ? check_preemption_disabled+0x9e/0x330 [ 2367.874980][T10572] ? apply_workqueue_attrs+0x40/0x40 [ 2367.880239][T10572] ? mutex_lock+0xa6/0x110 [ 2367.884699][T10572] ? mutex_trylock+0xb0/0xb0 [ 2367.889697][T10572] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 2367.895258][T10572] alloc_workqueue+0xcc4/0x11d0 [ 2367.900087][T10572] ? sprintf+0xd6/0x120 [ 2367.904214][T10572] ? idr_replace+0x230/0x230 [ 2367.908775][T10572] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2367.914901][T10572] ? h4_open+0x4f/0x140 [ 2367.919048][T10572] hci_register_dev+0x1f2/0x710 [ 2367.923877][T10572] hci_uart_tty_ioctl+0x89e/0xa10 [ 2367.929055][T10572] ? hci_uart_tty_write+0x10/0x10 [ 2367.934091][T10572] tty_ioctl+0xf68/0x1710 [ 2367.938400][T10572] ? tty_do_resize+0x170/0x170 [ 2367.943145][T10572] ? avc_ss_reset+0x3a0/0x3a0 [ 2367.947794][T10572] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2367.953914][T10572] ? refcount_inc_checked+0x50/0x50 [ 2367.959082][T10572] ? memcg_check_events+0x5c/0x5b0 [ 2367.964173][T10572] ? proc_fail_nth_write+0x1d5/0x240 [ 2367.969429][T10572] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2367.974596][T10572] ? __lru_cache_add+0x1c4/0x210 [ 2367.979502][T10572] ? memset+0x1f/0x40 [ 2367.983457][T10572] ? fsnotify+0x1332/0x13f0 [ 2367.987956][T10572] ? tty_do_resize+0x170/0x170 [ 2367.992692][T10572] do_vfs_ioctl+0x76a/0x1720 [ 2367.997260][T10572] ? selinux_file_ioctl+0x72f/0x990 [ 2368.002449][T10572] ? ioctl_preallocate+0x250/0x250 [ 2368.007535][T10572] ? __fget+0x37b/0x3c0 [ 2368.011850][T10572] ? vfs_write+0x422/0x4e0 [ 2368.016247][T10572] ? fget_many+0x20/0x20 [ 2368.020458][T10572] ? debug_smp_processor_id+0x20/0x20 [ 2368.025804][T10572] ? security_file_ioctl+0x9d/0xb0 [ 2368.030887][T10572] __x64_sys_ioctl+0xd4/0x110 [ 2368.035537][T10572] do_syscall_64+0xcb/0x1e0 [ 2368.040011][T10572] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2368.045872][T10572] RIP: 0033:0x4665d9 [ 2368.049736][T10572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2368.069917][T10572] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2368.078384][T10572] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2368.086324][T10572] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2368.094266][T10572] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2368.102317][T10572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2368.110255][T10572] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2368.120764][T10572] Bluetooth: Can't register HCI device 09:31:42 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:42 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5418, 0x2) 09:31:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x7a000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:42 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:42 executing program 3: clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:42 executing program 2 (fault-call:2 fault-nth:12): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:42 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x97ffffff) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:42 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541b, 0x2) 09:31:42 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:42 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2370.707380][T10605] FAULT_INJECTION: forcing a failure. [ 2370.707380][T10605] name failslab, interval 1, probability 0, space 0, times 0 [ 2370.730829][T10605] CPU: 0 PID: 10605 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2370.741057][T10605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2370.751091][T10605] Call Trace: [ 2370.754366][T10605] dump_stack+0x1d8/0x24e [ 2370.758677][T10605] ? devkmsg_release+0x11c/0x11c [ 2370.763651][T10605] ? show_regs_print_info+0x12/0x12 [ 2370.768818][T10605] should_fail+0x6f6/0x860 [ 2370.773267][T10605] ? setup_fault_attr+0x3d0/0x3d0 [ 2370.778260][T10605] ? apply_wqattrs_prepare+0x1c0/0x17e0 [ 2370.783776][T10605] should_failslab+0x5/0x20 [ 2370.788250][T10605] kmem_cache_alloc_trace+0x39/0x2b0 [ 2370.793519][T10605] ? apply_wqattrs_prepare+0x102/0x17e0 [ 2370.799044][T10605] apply_wqattrs_prepare+0x1c0/0x17e0 [ 2370.804382][T10605] ? alloc_workqueue+0x1cb/0x11d0 [ 2370.809385][T10605] ? hci_uart_tty_ioctl+0x89e/0xa10 [ 2370.814669][T10605] ? tty_ioctl+0xf68/0x1710 [ 2370.819179][T10605] ? do_vfs_ioctl+0x76a/0x1720 [ 2370.823913][T10605] ? __x64_sys_ioctl+0xd4/0x110 [ 2370.828735][T10605] ? do_syscall_64+0xcb/0x1e0 [ 2370.833393][T10605] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2370.839447][T10605] ? format_decode+0xc5c/0x1ab0 [ 2370.844276][T10605] ? cwt_wakefn+0x70/0x70 [ 2370.848577][T10605] ? vsnprintf+0x1d60/0x1d60 [ 2370.853150][T10605] ? string+0x280/0x2c0 [ 2370.857286][T10605] ? widen_string+0x3a/0x340 [ 2370.861847][T10605] ? string+0x280/0x2c0 [ 2370.865972][T10605] apply_workqueue_attrs_locked+0x136/0x6d0 [ 2370.871837][T10605] ? check_preemption_disabled+0x9e/0x330 [ 2370.877552][T10605] ? apply_workqueue_attrs+0x40/0x40 [ 2370.882814][T10605] ? mutex_lock+0xa6/0x110 [ 2370.887199][T10605] ? mutex_trylock+0xb0/0xb0 [ 2370.891770][T10605] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 2370.897293][T10605] alloc_workqueue+0xcc4/0x11d0 [ 2370.902125][T10605] ? sprintf+0xd6/0x120 [ 2370.906251][T10605] ? idr_replace+0x230/0x230 [ 2370.910925][T10605] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2370.916968][T10605] ? h4_open+0x4f/0x140 [ 2370.921113][T10605] hci_register_dev+0x1f2/0x710 [ 2370.925936][T10605] hci_uart_tty_ioctl+0x89e/0xa10 [ 2370.930949][T10605] ? hci_uart_tty_write+0x10/0x10 [ 2370.935945][T10605] tty_ioctl+0xf68/0x1710 [ 2370.940248][T10605] ? tty_do_resize+0x170/0x170 [ 2370.945004][T10605] ? avc_ss_reset+0x3a0/0x3a0 [ 2370.949658][T10605] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2370.955791][T10605] ? refcount_inc_checked+0x50/0x50 [ 2370.960982][T10605] ? memcg_check_events+0x5c/0x5b0 [ 2370.966074][T10605] ? proc_fail_nth_write+0x1d5/0x240 [ 2370.971331][T10605] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2370.977124][T10605] ? __lru_cache_add+0x1c4/0x210 [ 2370.982039][T10605] ? memset+0x1f/0x40 [ 2370.985991][T10605] ? fsnotify+0x1332/0x13f0 [ 2370.990467][T10605] ? tty_do_resize+0x170/0x170 [ 2370.995636][T10605] do_vfs_ioctl+0x76a/0x1720 [ 2371.000199][T10605] ? selinux_file_ioctl+0x72f/0x990 [ 2371.005370][T10605] ? ioctl_preallocate+0x250/0x250 [ 2371.010461][T10605] ? __fget+0x37b/0x3c0 [ 2371.014591][T10605] ? vfs_write+0x422/0x4e0 [ 2371.018994][T10605] ? fget_many+0x20/0x20 [ 2371.023302][T10605] ? debug_smp_processor_id+0x20/0x20 [ 2371.028643][T10605] ? security_file_ioctl+0x9d/0xb0 [ 2371.033723][T10605] __x64_sys_ioctl+0xd4/0x110 [ 2371.038384][T10605] do_syscall_64+0xcb/0x1e0 [ 2371.042859][T10605] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2371.048719][T10605] RIP: 0033:0x4665d9 [ 2371.052585][T10605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2371.072177][T10605] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2371.080566][T10605] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2371.088515][T10605] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2371.096479][T10605] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 09:31:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541d, 0x2) [ 2371.104422][T10605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2371.112387][T10605] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2371.128907][T10605] Bluetooth: Can't register HCI device 09:31:45 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x5, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x9, 0x1, 0x0, 0xffffffffffffffc0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @exit], &(0x7f00000005c0)='syzkaller\x00', 0xa75a, 0x4f, &(0x7f0000000600)=""/79, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x7, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x0, 0x0, 0xc4d2}, 0x10, 0x0, r1}, 0x78) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xf002e62c) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541e, 0x2) 09:31:45 executing program 2 (fault-call:2 fault-nth:13): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:45 executing program 3: clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xfdfdffff) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xfdffffff) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2373.700903][T10638] FAULT_INJECTION: forcing a failure. [ 2373.700903][T10638] name failslab, interval 1, probability 0, space 0, times 0 [ 2373.714347][T10638] CPU: 0 PID: 10638 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2373.724581][T10638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2373.734620][T10638] Call Trace: [ 2373.737902][T10638] dump_stack+0x1d8/0x24e [ 2373.742222][T10638] ? devkmsg_release+0x11c/0x11c 09:31:45 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xffff1f00) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xfffffdfd) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:46 executing program 3: clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2373.747255][T10638] ? show_regs_print_info+0x12/0x12 [ 2373.752444][T10638] should_fail+0x6f6/0x860 [ 2373.756870][T10638] ? setup_fault_attr+0x3d0/0x3d0 [ 2373.761882][T10638] ? apply_wqattrs_prepare+0x8a5/0x17e0 [ 2373.767417][T10638] should_failslab+0x5/0x20 [ 2373.771919][T10638] kmem_cache_alloc+0x36/0x290 [ 2373.776694][T10638] apply_wqattrs_prepare+0x8a5/0x17e0 [ 2373.782056][T10638] ? __x64_sys_ioctl+0xd4/0x110 [ 2373.786898][T10638] ? format_decode+0xc5c/0x1ab0 [ 2373.791736][T10638] ? cwt_wakefn+0x70/0x70 [ 2373.796056][T10638] ? vsnprintf+0x1d60/0x1d60 09:31:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xffffff7f) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2373.800633][T10638] ? string+0x280/0x2c0 [ 2373.804775][T10638] ? widen_string+0x3a/0x340 [ 2373.809356][T10638] ? string+0x280/0x2c0 [ 2373.813502][T10638] apply_workqueue_attrs_locked+0x136/0x6d0 [ 2373.819385][T10638] ? check_preemption_disabled+0x9e/0x330 [ 2373.825096][T10638] ? apply_workqueue_attrs+0x40/0x40 [ 2373.830381][T10638] ? mutex_lock+0xa6/0x110 [ 2373.834769][T10638] ? mutex_trylock+0xb0/0xb0 [ 2373.839335][T10638] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 2373.844854][T10638] alloc_workqueue+0xcc4/0x11d0 [ 2373.849677][T10638] ? sprintf+0xd6/0x120 [ 2373.853804][T10638] ? idr_replace+0x230/0x230 [ 2373.858362][T10638] ? apply_workqueue_attrs_locked+0x6d0/0x6d0 [ 2373.864400][T10638] ? h4_open+0x4f/0x140 [ 2373.868526][T10638] hci_register_dev+0x1f2/0x710 [ 2373.873349][T10638] hci_uart_tty_ioctl+0x89e/0xa10 [ 2373.878347][T10638] ? hci_uart_tty_write+0x10/0x10 [ 2373.883440][T10638] tty_ioctl+0xf68/0x1710 [ 2373.887738][T10638] ? tty_do_resize+0x170/0x170 [ 2373.892483][T10638] ? avc_ss_reset+0x3a0/0x3a0 [ 2373.897150][T10638] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2373.903333][T10638] ? refcount_inc_checked+0x50/0x50 [ 2373.908533][T10638] ? memcg_check_events+0x5c/0x5b0 [ 2373.913721][T10638] ? proc_fail_nth_write+0x1d5/0x240 [ 2373.918978][T10638] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2373.924182][T10638] ? __lru_cache_add+0x1c4/0x210 [ 2373.929097][T10638] ? memset+0x1f/0x40 [ 2373.933098][T10638] ? fsnotify+0x1332/0x13f0 [ 2373.937576][T10638] ? tty_do_resize+0x170/0x170 [ 2373.942311][T10638] do_vfs_ioctl+0x76a/0x1720 [ 2373.946873][T10638] ? selinux_file_ioctl+0x72f/0x990 [ 2373.952047][T10638] ? ioctl_preallocate+0x250/0x250 [ 2373.957130][T10638] ? __fget+0x37b/0x3c0 [ 2373.961280][T10638] ? vfs_write+0x422/0x4e0 [ 2373.965675][T10638] ? fget_many+0x20/0x20 [ 2373.969902][T10638] ? debug_smp_processor_id+0x20/0x20 [ 2373.975258][T10638] ? security_file_ioctl+0x9d/0xb0 [ 2373.980337][T10638] __x64_sys_ioctl+0xd4/0x110 [ 2373.984988][T10638] do_syscall_64+0xcb/0x1e0 [ 2373.989465][T10638] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2373.995326][T10638] RIP: 0033:0x4665d9 [ 2373.999199][T10638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2374.018787][T10638] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2374.027184][T10638] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2374.035130][T10638] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2374.043078][T10638] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2374.051018][T10638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2374.058963][T10638] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2374.071473][T10638] Bluetooth: Can't register HCI device 09:31:48 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) openat$zero(0xffffffffffffff9c, &(0x7f0000000700), 0x101400, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xffffff97) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x541e, 0x2) 09:31:48 executing program 2 (fault-call:2 fault-nth:14): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xfffffffd) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5420, 0x2) 09:31:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x800000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:49 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2376.721763][T10674] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2376.731235][T10674] FAULT_INJECTION: forcing a failure. [ 2376.731235][T10674] name failslab, interval 1, probability 0, space 0, times 0 [ 2376.749886][T10674] CPU: 0 PID: 10674 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2376.760206][T10674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 09:31:49 executing program 3: bpf$PROG_LOAD(0x5, 0x0, 0x0) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2376.770247][T10674] Call Trace: [ 2376.773534][T10674] dump_stack+0x1d8/0x24e [ 2376.775517][ T7] Bluetooth: hci1: Frame reassembly failed (-84) [ 2376.777851][T10674] ? devkmsg_release+0x11c/0x11c [ 2376.777861][T10674] ? show_regs_print_info+0x12/0x12 [ 2376.777876][T10674] ? __irq_work_queue_local+0xd1/0xe0 [ 2376.799627][T10674] ? irq_work_queue+0xfa/0x110 [ 2376.804382][T10674] should_fail+0x6f6/0x860 [ 2376.808787][T10674] ? setup_fault_attr+0x3d0/0x3d0 [ 2376.813810][T10674] ? _raw_spin_lock+0xa3/0x1b0 [ 2376.818558][T10674] ? __rcu_read_lock+0x50/0x50 [ 2376.823296][T10674] ? __d_lookup+0x4b8/0x510 [ 2376.827770][T10674] ? kobject_set_name_vargs+0x5d/0x110 [ 2376.833194][T10674] should_failslab+0x5/0x20 [ 2376.837817][T10674] __kmalloc_track_caller+0x5d/0x2e0 [ 2376.843080][T10674] ? mntput_no_expire+0x32b/0xbd0 [ 2376.848079][T10674] kstrdup_const+0x51/0x90 [ 2376.852469][T10674] kobject_set_name_vargs+0x5d/0x110 [ 2376.857734][T10674] dev_set_name+0xd1/0x120 [ 2376.862137][T10674] ? mntput_no_expire+0x307/0xbd0 [ 2376.867139][T10674] ? get_device+0x30/0x30 [ 2376.871441][T10674] ? h4_open+0x4f/0x140 [ 2376.875569][T10674] hci_register_dev+0x326/0x710 [ 2376.880391][T10674] hci_uart_tty_ioctl+0x89e/0xa10 [ 2376.885388][T10674] ? hci_uart_tty_write+0x10/0x10 [ 2376.890383][T10674] tty_ioctl+0xf68/0x1710 [ 2376.894707][T10674] ? tty_do_resize+0x170/0x170 [ 2376.899449][T10674] ? avc_ss_reset+0x3a0/0x3a0 [ 2376.904092][T10674] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2376.910220][T10674] ? refcount_inc_checked+0x50/0x50 [ 2376.915507][T10674] ? memcg_check_events+0x5c/0x5b0 [ 2376.920598][T10674] ? proc_fail_nth_write+0x1d5/0x240 [ 2376.925854][T10674] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2376.931076][T10674] ? __lru_cache_add+0x1c4/0x210 [ 2376.935978][T10674] ? memset+0x1f/0x40 [ 2376.939928][T10674] ? fsnotify+0x1332/0x13f0 [ 2376.944403][T10674] ? tty_do_resize+0x170/0x170 [ 2376.949136][T10674] do_vfs_ioctl+0x76a/0x1720 [ 2376.953697][T10674] ? selinux_file_ioctl+0x72f/0x990 [ 2376.958865][T10674] ? ioctl_preallocate+0x250/0x250 [ 2376.964057][T10674] ? __fget+0x37b/0x3c0 [ 2376.968185][T10674] ? vfs_write+0x422/0x4e0 [ 2376.972575][T10674] ? fget_many+0x20/0x20 [ 2376.976788][T10674] ? debug_smp_processor_id+0x20/0x20 [ 2376.982128][T10674] ? security_file_ioctl+0x9d/0xb0 [ 2376.987208][T10674] __x64_sys_ioctl+0xd4/0x110 [ 2376.991854][T10674] do_syscall_64+0xcb/0x1e0 [ 2376.996324][T10674] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2377.002184][T10674] RIP: 0033:0x4665d9 [ 2377.006046][T10674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2377.025712][T10674] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2377.034107][T10674] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2377.042048][T10674] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2377.049990][T10674] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2377.057937][T10674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 09:31:49 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5421, 0x2) 09:31:49 executing program 2 (fault-call:2 fault-nth:15): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:49 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5422, 0x2) [ 2377.065898][T10674] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2377.076658][T10674] Bluetooth: Can't register HCI device [ 2377.108303][T10699] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2377.116893][T10699] FAULT_INJECTION: forcing a failure. [ 2377.116893][T10699] name failslab, interval 1, probability 0, space 0, times 0 [ 2377.130966][T10699] CPU: 1 PID: 10699 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2377.141219][T10699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2377.151249][T10699] Call Trace: [ 2377.154513][T10699] dump_stack+0x1d8/0x24e [ 2377.158813][T10699] ? devkmsg_release+0x11c/0x11c [ 2377.163718][T10699] ? show_regs_print_info+0x12/0x12 [ 2377.168886][T10699] should_fail+0x6f6/0x860 [ 2377.173273][T10699] ? setup_fault_attr+0x3d0/0x3d0 [ 2377.178279][T10699] ? refcount_add_checked+0x50/0x50 [ 2377.183444][T10699] ? device_add+0x121/0x18a0 [ 2377.188003][T10699] should_failslab+0x5/0x20 [ 2377.192476][T10699] kmem_cache_alloc_trace+0x39/0x2b0 [ 2377.197731][T10699] device_add+0x121/0x18a0 [ 2377.202161][T10699] ? dev_set_name+0xd1/0x120 [ 2377.206721][T10699] ? get_device+0x30/0x30 [ 2377.211020][T10699] ? virtual_device_parent+0x50/0x50 [ 2377.216290][T10699] ? h4_open+0x4f/0x140 [ 2377.220422][T10699] hci_register_dev+0x32e/0x710 [ 2377.225240][T10699] hci_uart_tty_ioctl+0x89e/0xa10 [ 2377.230229][T10699] ? hci_uart_tty_write+0x10/0x10 [ 2377.235220][T10699] tty_ioctl+0xf68/0x1710 [ 2377.239517][T10699] ? tty_do_resize+0x170/0x170 [ 2377.244264][T10699] ? avc_ss_reset+0x3a0/0x3a0 [ 2377.248918][T10699] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2377.255053][T10699] ? refcount_inc_checked+0x50/0x50 [ 2377.260215][T10699] ? memcg_check_events+0x5c/0x5b0 [ 2377.265291][T10699] ? proc_fail_nth_write+0x1d5/0x240 [ 2377.270562][T10699] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2377.275741][T10699] ? __lru_cache_add+0x1c4/0x210 [ 2377.280668][T10699] ? memset+0x1f/0x40 [ 2377.284616][T10699] ? fsnotify+0x1332/0x13f0 [ 2377.289088][T10699] ? tty_do_resize+0x170/0x170 [ 2377.293818][T10699] do_vfs_ioctl+0x76a/0x1720 [ 2377.298374][T10699] ? selinux_file_ioctl+0x72f/0x990 [ 2377.303553][T10699] ? ioctl_preallocate+0x250/0x250 [ 2377.308632][T10699] ? __fget+0x37b/0x3c0 [ 2377.312753][T10699] ? vfs_write+0x422/0x4e0 [ 2377.317150][T10699] ? fget_many+0x20/0x20 [ 2377.321357][T10699] ? debug_smp_processor_id+0x20/0x20 [ 2377.326723][T10699] ? security_file_ioctl+0x9d/0xb0 [ 2377.331800][T10699] __x64_sys_ioctl+0xd4/0x110 [ 2377.336446][T10699] do_syscall_64+0xcb/0x1e0 [ 2377.340918][T10699] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2377.346786][T10699] RIP: 0033:0x4665d9 [ 2377.350664][T10699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2377.370235][T10699] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2377.378634][T10699] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2377.386576][T10699] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2377.394514][T10699] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2377.402451][T10699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2377.410388][T10699] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2377.420361][T10699] Bluetooth: Can't register HCI device [ 2378.804243][ T7557] Bluetooth: hci1: command 0x1003 tx timeout [ 2378.810421][T11898] Bluetooth: hci1: sending frame failed (-49) 09:31:51 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0}, 0x78) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5423, 0x2) 09:31:51 executing program 2 (fault-call:2 fault-nth:16): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5424, 0x2) 09:31:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5425, 0x2) 09:31:52 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2379.740022][T10712] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2379.748198][T10712] FAULT_INJECTION: forcing a failure. [ 2379.748198][T10712] name failslab, interval 1, probability 0, space 0, times 0 [ 2379.761579][T10712] CPU: 0 PID: 10712 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2379.771804][T10712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2379.782136][T10712] Call Trace: [ 2379.785417][T10712] dump_stack+0x1d8/0x24e [ 2379.789740][T10712] ? devkmsg_release+0x11c/0x11c [ 2379.794661][T10712] ? show_regs_print_info+0x12/0x12 [ 2379.799829][T10712] ? check_preemption_disabled+0x9e/0x330 [ 2379.805517][T10712] ? __rcu_read_lock+0x50/0x50 [ 2379.810247][T10712] ? __unwind_start+0x72f/0x8e0 [ 2379.815079][T10712] should_fail+0x6f6/0x860 [ 2379.819484][T10712] ? setup_fault_attr+0x3d0/0x3d0 [ 2379.824486][T10712] ? stack_trace_save+0x1f0/0x1f0 [ 2379.829480][T10712] ? __kernel_text_address+0x93/0x100 [ 2379.834818][T10712] ? __kernfs_new_node+0x99/0x6d0 [ 2379.839811][T10712] should_failslab+0x5/0x20 [ 2379.844283][T10712] __kmalloc_track_caller+0x5d/0x2e0 [ 2379.850104][T10712] kstrdup_const+0x51/0x90 [ 2379.854502][T10712] __kernfs_new_node+0x99/0x6d0 [ 2379.859324][T10712] ? stack_trace_snprint+0x150/0x150 [ 2379.864584][T10712] ? kernfs_new_node+0x160/0x160 [ 2379.869490][T10712] ? __schedule+0x9b8/0x1170 [ 2379.874069][T10712] ? __kasan_kmalloc+0x1a3/0x1e0 [ 2379.878992][T10712] ? kstrdup_const+0x51/0x90 [ 2379.883577][T10712] kernfs_create_dir_ns+0x90/0x220 [ 2379.888679][T10712] sysfs_create_dir_ns+0x181/0x390 [ 2379.893757][T10712] ? sysfs_warn_dup+0xa0/0xa0 [ 2379.898418][T10712] kobject_add_internal+0x595/0xbd0 [ 2379.903589][T10712] kobject_add+0x14c/0x210 [ 2379.907973][T10712] ? _raw_spin_lock+0xa3/0x1b0 [ 2379.912712][T10712] ? kobject_init+0x1d0/0x1d0 [ 2379.917383][T10712] ? get_device_parent+0x2cd/0x430 [ 2379.922465][T10712] device_add+0x46a/0x18a0 [ 2379.926853][T10712] ? get_device+0x30/0x30 [ 2379.931173][T10712] ? virtual_device_parent+0x50/0x50 [ 2379.936426][T10712] ? h4_open+0x4f/0x140 [ 2379.940570][T10712] hci_register_dev+0x32e/0x710 [ 2379.945394][T10712] hci_uart_tty_ioctl+0x89e/0xa10 [ 2379.950385][T10712] ? hci_uart_tty_write+0x10/0x10 [ 2379.955383][T10712] tty_ioctl+0xf68/0x1710 [ 2379.959689][T10712] ? tty_do_resize+0x170/0x170 [ 2379.964443][T10712] ? avc_ss_reset+0x3a0/0x3a0 [ 2379.969100][T10712] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2379.975248][T10712] ? refcount_inc_checked+0x50/0x50 [ 2379.980453][T10712] ? memcg_check_events+0x5c/0x5b0 [ 2379.985535][T10712] ? proc_fail_nth_write+0x1d5/0x240 [ 2379.990787][T10712] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2379.995966][T10712] ? __lru_cache_add+0x1c4/0x210 [ 2380.000960][T10712] ? memset+0x1f/0x40 [ 2380.004922][T10712] ? fsnotify+0x1332/0x13f0 [ 2380.009419][T10712] ? tty_do_resize+0x170/0x170 [ 2380.014155][T10712] do_vfs_ioctl+0x76a/0x1720 [ 2380.018713][T10712] ? selinux_file_ioctl+0x72f/0x990 [ 2380.023878][T10712] ? ioctl_preallocate+0x250/0x250 [ 2380.028959][T10712] ? __fget+0x37b/0x3c0 [ 2380.033091][T10712] ? vfs_write+0x422/0x4e0 [ 2380.037482][T10712] ? fget_many+0x20/0x20 [ 2380.041725][T10712] ? debug_smp_processor_id+0x20/0x20 [ 2380.047068][T10712] ? security_file_ioctl+0x9d/0xb0 [ 2380.052162][T10712] __x64_sys_ioctl+0xd4/0x110 [ 2380.056807][T10712] do_syscall_64+0xcb/0x1e0 [ 2380.061295][T10712] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2380.067249][T10712] RIP: 0033:0x4665d9 [ 2380.071129][T10712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2380.090785][T10712] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2380.099174][T10712] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2380.107122][T10712] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2380.115096][T10712] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2380.123036][T10712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2380.130988][T10712] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2380.141162][T10712] kobject_add_internal failed for hci0 (error: -12 parent: bluetooth) [ 2380.149796][T10712] Bluetooth: Can't register HCI device [ 2380.884118][ T678] Bluetooth: hci1: command 0x1001 tx timeout [ 2380.890143][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2382.963963][ T678] Bluetooth: hci1: command 0x1009 tx timeout 09:31:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:31:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5427, 0x2) 09:31:59 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:59 executing program 3: bpf$PROG_LOAD(0x5, 0x0, 0x0) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:59 executing program 2 (fault-call:2 fault-nth:17): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:31:59 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:59 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:31:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5428, 0x2) 09:31:59 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2387.306549][T10731] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2387.319469][T10731] FAULT_INJECTION: forcing a failure. [ 2387.319469][T10731] name failslab, interval 1, probability 0, space 0, times 0 [ 2387.340610][T10731] CPU: 1 PID: 10731 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2387.350847][T10731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2387.360920][T10731] Call Trace: [ 2387.364189][T10731] dump_stack+0x1d8/0x24e [ 2387.368665][T10731] ? devkmsg_release+0x11c/0x11c [ 2387.373572][T10731] ? show_regs_print_info+0x12/0x12 [ 2387.378739][T10731] should_fail+0x6f6/0x860 [ 2387.383576][T10731] ? setup_fault_attr+0x3d0/0x3d0 [ 2387.388574][T10731] ? __kernel_text_address+0x93/0x100 [ 2387.393916][T10731] ? __kernfs_new_node+0xdb/0x6d0 [ 2387.399031][T10731] should_failslab+0x5/0x20 [ 2387.403507][T10731] kmem_cache_alloc+0x36/0x290 [ 2387.408696][T10731] ? memcpy+0x38/0x50 [ 2387.412650][T10731] __kernfs_new_node+0xdb/0x6d0 [ 2387.417473][T10731] ? stack_trace_snprint+0x150/0x150 [ 2387.422726][T10731] ? kernfs_new_node+0x160/0x160 [ 2387.427635][T10731] ? finish_task_switch+0x130/0x550 [ 2387.432823][T10731] ? __kasan_kmalloc+0x1a3/0x1e0 [ 2387.437734][T10731] ? kstrdup_const+0x51/0x90 [ 2387.442293][T10731] kernfs_create_dir_ns+0x90/0x220 [ 2387.447377][T10731] sysfs_create_dir_ns+0x181/0x390 [ 2387.452459][T10731] ? sysfs_warn_dup+0xa0/0xa0 [ 2387.457138][T10731] kobject_add_internal+0x595/0xbd0 [ 2387.462333][T10731] kobject_add+0x14c/0x210 [ 2387.466739][T10731] ? _raw_spin_lock+0xa3/0x1b0 [ 2387.471474][T10731] ? kobject_init+0x1d0/0x1d0 [ 2387.476149][T10731] ? get_device_parent+0x2cd/0x430 [ 2387.481235][T10731] device_add+0x46a/0x18a0 [ 2387.485635][T10731] ? get_device+0x30/0x30 [ 2387.489946][T10731] ? virtual_device_parent+0x50/0x50 [ 2387.495199][T10731] ? h4_open+0x4f/0x140 [ 2387.499325][T10731] hci_register_dev+0x32e/0x710 [ 2387.504148][T10731] hci_uart_tty_ioctl+0x89e/0xa10 [ 2387.509155][T10731] ? hci_uart_tty_write+0x10/0x10 [ 2387.514151][T10731] tty_ioctl+0xf68/0x1710 [ 2387.518549][T10731] ? tty_do_resize+0x170/0x170 [ 2387.523301][T10731] ? avc_ss_reset+0x3a0/0x3a0 [ 2387.527944][T10731] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2387.534066][T10731] ? refcount_inc_checked+0x50/0x50 [ 2387.539233][T10731] ? memcg_check_events+0x5c/0x5b0 [ 2387.544312][T10731] ? proc_fail_nth_write+0x1d5/0x240 [ 2387.549566][T10731] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2387.554737][T10731] ? __lru_cache_add+0x1c4/0x210 [ 2387.559646][T10731] ? memset+0x1f/0x40 [ 2387.563605][T10731] ? fsnotify+0x1332/0x13f0 [ 2387.568074][T10731] ? tty_do_resize+0x170/0x170 [ 2387.572807][T10731] do_vfs_ioctl+0x76a/0x1720 [ 2387.577383][T10731] ? selinux_file_ioctl+0x72f/0x990 [ 2387.582555][T10731] ? ioctl_preallocate+0x250/0x250 [ 2387.587634][T10731] ? __fget+0x37b/0x3c0 [ 2387.591800][T10731] ? vfs_write+0x422/0x4e0 [ 2387.596191][T10731] ? fget_many+0x20/0x20 [ 2387.600415][T10731] ? debug_smp_processor_id+0x20/0x20 [ 2387.605774][T10731] ? security_file_ioctl+0x9d/0xb0 [ 2387.610859][T10731] __x64_sys_ioctl+0xd4/0x110 [ 2387.615529][T10731] do_syscall_64+0xcb/0x1e0 [ 2387.620025][T10731] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2387.625886][T10731] RIP: 0033:0x4665d9 [ 2387.629782][T10731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2387.649644][T10731] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 09:31:59 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 09:31:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5429, 0x2) [ 2387.658033][T10731] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2387.665974][T10731] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2387.673933][T10731] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2387.682046][T10731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2387.690421][T10731] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 09:31:59 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2387.711049][T10731] kobject_add_internal failed for hci0 (error: -12 parent: bluetooth) [ 2387.723738][T10731] Bluetooth: Can't register HCI device [ 2389.363415][ T7557] Bluetooth: hci1: command 0x1003 tx timeout [ 2389.369518][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2391.443341][ T678] Bluetooth: hci1: command 0x1001 tx timeout [ 2391.449353][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2393.523175][ T678] Bluetooth: hci1: command 0x1009 tx timeout 09:32:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x100000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:32:09 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x2) 09:32:09 executing program 2 (fault-call:2 fault-nth:18): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:32:09 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:09 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:09 executing program 3: bpf$PROG_LOAD(0x5, 0x0, 0x0) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:09 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5441, 0x2) 09:32:09 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:09 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5450, 0x2) [ 2397.553517][T10770] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2397.562136][T10770] FAULT_INJECTION: forcing a failure. [ 2397.562136][T10770] name failslab, interval 1, probability 0, space 0, times 0 [ 2397.577343][ T7986] Bluetooth: hci1: Frame reassembly failed (-84) [ 2397.582102][T10770] CPU: 0 PID: 10770 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2397.593888][T10770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 09:32:09 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5451, 0x2) 09:32:09 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:09 executing program 5: clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2397.603933][T10770] Call Trace: [ 2397.607226][T10770] dump_stack+0x1d8/0x24e [ 2397.611563][T10770] ? devkmsg_release+0x11c/0x11c [ 2397.617019][T10770] ? show_regs_print_info+0x12/0x12 [ 2397.622213][T10770] ? _raw_spin_lock+0xa3/0x1b0 [ 2397.626983][T10770] should_fail+0x6f6/0x860 [ 2397.631395][T10770] ? setup_fault_attr+0x3d0/0x3d0 [ 2397.636407][T10770] ? mutex_lock+0xa6/0x110 [ 2397.640817][T10770] ? mutex_trylock+0xb0/0xb0 [ 2397.645401][T10770] ? __kernfs_new_node+0xdb/0x6d0 [ 2397.650421][T10770] should_failslab+0x5/0x20 [ 2397.654916][T10770] kmem_cache_alloc+0x36/0x290 [ 2397.659673][T10770] __kernfs_new_node+0xdb/0x6d0 [ 2397.664546][T10770] ? mutex_unlock+0x19/0x40 [ 2397.669023][T10770] ? kernfs_new_node+0x160/0x160 [ 2397.673936][T10770] ? kernfs_create_dir_ns+0x1df/0x220 [ 2397.679283][T10770] ? sysfs_create_dir_ns+0x181/0x390 [ 2397.684545][T10770] ? sysfs_create_dir_ns+0x1c7/0x390 [ 2397.689848][T10770] ? sysfs_warn_dup+0xa0/0xa0 [ 2397.694497][T10770] kernfs_new_node+0x95/0x160 [ 2397.699147][T10770] __kernfs_create_file+0x45/0x260 [ 2397.704244][T10770] sysfs_add_file_mode_ns+0x293/0x340 [ 2397.709612][T10770] sysfs_create_file_ns+0x18c/0x2b0 [ 2397.714893][T10770] ? sysfs_add_file_mode_ns+0x340/0x340 [ 2397.720413][T10770] ? device_create_file+0xe2/0x1a0 [ 2397.725498][T10770] device_add+0x64c/0x18a0 [ 2397.729885][T10770] ? get_device+0x30/0x30 [ 2397.734238][T10770] ? virtual_device_parent+0x50/0x50 [ 2397.739514][T10770] ? h4_open+0x4f/0x140 [ 2397.743655][T10770] hci_register_dev+0x32e/0x710 [ 2397.748478][T10770] hci_uart_tty_ioctl+0x89e/0xa10 [ 2397.753475][T10770] ? hci_uart_tty_write+0x10/0x10 [ 2397.758607][T10770] tty_ioctl+0xf68/0x1710 [ 2397.762917][T10770] ? tty_do_resize+0x170/0x170 [ 2397.767652][T10770] ? avc_ss_reset+0x3a0/0x3a0 [ 2397.772301][T10770] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2397.778431][T10770] ? refcount_inc_checked+0x50/0x50 [ 2397.783600][T10770] ? memcg_check_events+0x5c/0x5b0 [ 2397.788687][T10770] ? proc_fail_nth_write+0x1d5/0x240 [ 2397.793950][T10770] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2397.799117][T10770] ? __lru_cache_add+0x1c4/0x210 [ 2397.804029][T10770] ? memset+0x1f/0x40 [ 2397.807984][T10770] ? fsnotify+0x1332/0x13f0 [ 2397.812454][T10770] ? tty_do_resize+0x170/0x170 [ 2397.817187][T10770] do_vfs_ioctl+0x76a/0x1720 [ 2397.821749][T10770] ? selinux_file_ioctl+0x72f/0x990 [ 2397.826923][T10770] ? ioctl_preallocate+0x250/0x250 [ 2397.832031][T10770] ? __fget+0x37b/0x3c0 [ 2397.836156][T10770] ? vfs_write+0x422/0x4e0 [ 2397.840544][T10770] ? fget_many+0x20/0x20 [ 2397.844758][T10770] ? debug_smp_processor_id+0x20/0x20 [ 2397.850099][T10770] ? security_file_ioctl+0x9d/0xb0 [ 2397.855180][T10770] __x64_sys_ioctl+0xd4/0x110 [ 2397.859832][T10770] do_syscall_64+0xcb/0x1e0 [ 2397.864309][T10770] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2397.870186][T10770] RIP: 0033:0x4665d9 [ 2397.874053][T10770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2397.893809][T10770] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2397.902199][T10770] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2397.910325][T10770] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2397.918273][T10770] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2397.926218][T10770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2397.934166][T10770] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2397.942876][T10770] Bluetooth: Can't register HCI device [ 2399.602683][ T678] Bluetooth: hci1: command 0x1003 tx timeout [ 2399.608825][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2401.682540][ T678] Bluetooth: hci1: command 0x1001 tx timeout [ 2401.688572][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2403.762394][ T678] Bluetooth: hci1: command 0x1009 tx timeout 09:32:20 executing program 2 (fault-call:2 fault-nth:19): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:32:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5452, 0x2) 09:32:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:32:20 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:20 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:20 executing program 5: clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x545d, 0x2) [ 2407.783845][T10802] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2407.792739][T10801] FAULT_INJECTION: forcing a failure. [ 2407.792739][T10801] name failslab, interval 1, probability 0, space 0, times 0 [ 2407.793187][T12254] Bluetooth: hci0: Frame reassembly failed (-84) [ 2407.808397][T10801] CPU: 0 PID: 10801 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2407.821953][T10801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 09:32:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x5460, 0x2) 09:32:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40045431, 0x2) 09:32:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40045436, 0x2) 09:32:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x2) [ 2407.832186][T10801] Call Trace: [ 2407.835472][T10801] dump_stack+0x1d8/0x24e [ 2407.839792][T10801] ? devkmsg_release+0x11c/0x11c [ 2407.844732][T10801] ? show_regs_print_info+0x12/0x12 [ 2407.849929][T10801] ? lockref_put_or_lock+0x1cd/0x340 [ 2407.855217][T10801] should_fail+0x6f6/0x860 [ 2407.859632][T10801] ? setup_fault_attr+0x3d0/0x3d0 [ 2407.864651][T10801] ? kobject_set_name_vargs+0x5d/0x110 [ 2407.870100][T10801] should_failslab+0x5/0x20 [ 2407.874599][T10801] __kmalloc_track_caller+0x5d/0x2e0 09:32:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40049409, 0x2) [ 2407.880004][T10801] kstrdup_const+0x51/0x90 [ 2407.884591][T10801] kobject_set_name_vargs+0x5d/0x110 [ 2407.889869][T10801] dev_set_name+0xd1/0x120 [ 2407.894280][T10801] ? up_read+0x10/0x10 [ 2407.898341][T10801] ? up_write+0xa6/0x270 [ 2407.902575][T10801] ? get_device+0x30/0x30 [ 2407.906898][T10801] hci_register_dev+0x326/0x710 [ 2407.911746][T10801] hci_uart_tty_ioctl+0x89e/0xa10 [ 2407.916750][T10801] ? hci_uart_tty_write+0x10/0x10 [ 2407.921748][T10801] tty_ioctl+0xf68/0x1710 [ 2407.926048][T10801] ? tty_do_resize+0x170/0x170 [ 2407.930782][T10801] ? avc_ss_reset+0x3a0/0x3a0 [ 2407.935789][T10801] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2407.941910][T10801] ? refcount_inc_checked+0x50/0x50 [ 2407.947082][T10801] ? memcg_check_events+0x5c/0x5b0 [ 2407.952162][T10801] ? proc_fail_nth_write+0x1d5/0x240 [ 2407.957416][T10801] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2407.962582][T10801] ? __lru_cache_add+0x1c4/0x210 [ 2407.967488][T10801] ? memset+0x1f/0x40 [ 2407.971446][T10801] ? fsnotify+0x1332/0x13f0 [ 2407.975932][T10801] ? tty_do_resize+0x170/0x170 [ 2407.980674][T10801] do_vfs_ioctl+0x76a/0x1720 [ 2407.985408][T10801] ? selinux_file_ioctl+0x72f/0x990 [ 2407.990581][T10801] ? ioctl_preallocate+0x250/0x250 [ 2407.995675][T10801] ? __fget+0x37b/0x3c0 [ 2407.999796][T10801] ? vfs_write+0x422/0x4e0 [ 2408.004276][T10801] ? fget_many+0x20/0x20 [ 2408.008490][T10801] ? debug_smp_processor_id+0x20/0x20 [ 2408.013845][T10801] ? security_file_ioctl+0x9d/0xb0 [ 2408.019012][T10801] __x64_sys_ioctl+0xd4/0x110 [ 2408.023746][T10801] do_syscall_64+0xcb/0x1e0 [ 2408.028220][T10801] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2408.034094][T10801] RIP: 0033:0x4665d9 [ 2408.037961][T10801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2408.057538][T10801] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2408.065920][T10801] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2408.073918][T10801] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 09:32:20 executing program 2 (fault-call:2 fault-nth:20): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:32:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40086602, 0x2) [ 2408.081945][T10801] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2408.089942][T10801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2408.097884][T10801] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2408.110573][T10801] Bluetooth: Can't register HCI device [ 2408.131452][T10833] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2408.140057][T10833] FAULT_INJECTION: forcing a failure. [ 2408.140057][T10833] name failslab, interval 1, probability 0, space 0, times 0 [ 2408.153025][T10833] CPU: 0 PID: 10833 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2408.163286][T10833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2408.173316][T10833] Call Trace: [ 2408.176586][T10833] dump_stack+0x1d8/0x24e [ 2408.180884][T10833] ? devkmsg_release+0x11c/0x11c [ 2408.185788][T10833] ? show_regs_print_info+0x12/0x12 [ 2408.191127][T10833] ? mutex_unlock+0x19/0x40 [ 2408.195596][T10833] ? kernfs_xattr_get+0x81/0x90 [ 2408.200425][T10833] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2408.206455][T10833] should_fail+0x6f6/0x860 [ 2408.211012][T10833] ? setup_fault_attr+0x3d0/0x3d0 [ 2408.216018][T10833] ? __kernfs_new_node+0x99/0x6d0 [ 2408.221007][T10833] should_failslab+0x5/0x20 [ 2408.225478][T10833] __kmalloc_track_caller+0x5d/0x2e0 [ 2408.230742][T10833] kstrdup_const+0x51/0x90 [ 2408.235124][T10833] __kernfs_new_node+0x99/0x6d0 [ 2408.239950][T10833] ? mutex_lock+0xa6/0x110 [ 2408.244337][T10833] ? kernfs_new_node+0x160/0x160 [ 2408.249259][T10833] ? kernfs_activate+0x3fc/0x420 [ 2408.254164][T10833] kernfs_new_node+0x95/0x160 [ 2408.258818][T10833] kernfs_create_link+0x9c/0x1f0 [ 2408.263719][T10833] sysfs_do_create_link_sd+0x85/0x100 [ 2408.269081][T10833] device_add+0x989/0x18a0 [ 2408.273468][T10833] ? get_device+0x30/0x30 [ 2408.277762][T10833] ? virtual_device_parent+0x50/0x50 [ 2408.283035][T10833] ? h4_open+0x4f/0x140 [ 2408.287159][T10833] hci_register_dev+0x32e/0x710 [ 2408.291988][T10833] hci_uart_tty_ioctl+0x89e/0xa10 [ 2408.296979][T10833] ? hci_uart_tty_write+0x10/0x10 [ 2408.301969][T10833] tty_ioctl+0xf68/0x1710 [ 2408.306263][T10833] ? tty_do_resize+0x170/0x170 [ 2408.311008][T10833] ? avc_ss_reset+0x3a0/0x3a0 [ 2408.315660][T10833] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2408.321866][T10833] ? refcount_inc_checked+0x50/0x50 [ 2408.327029][T10833] ? memcg_check_events+0x5c/0x5b0 [ 2408.332121][T10833] ? proc_fail_nth_write+0x1d5/0x240 [ 2408.337369][T10833] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2408.342532][T10833] ? __lru_cache_add+0x1c4/0x210 [ 2408.347443][T10833] ? memset+0x1f/0x40 [ 2408.351392][T10833] ? fsnotify+0x1332/0x13f0 [ 2408.355859][T10833] ? tty_do_resize+0x170/0x170 [ 2408.360587][T10833] do_vfs_ioctl+0x76a/0x1720 [ 2408.365144][T10833] ? selinux_file_ioctl+0x72f/0x990 [ 2408.370312][T10833] ? ioctl_preallocate+0x250/0x250 [ 2408.375391][T10833] ? __fget+0x37b/0x3c0 [ 2408.379511][T10833] ? vfs_write+0x422/0x4e0 [ 2408.383914][T10833] ? fget_many+0x20/0x20 [ 2408.388124][T10833] ? debug_smp_processor_id+0x20/0x20 [ 2408.393463][T10833] ? security_file_ioctl+0x9d/0xb0 [ 2408.398539][T10833] __x64_sys_ioctl+0xd4/0x110 [ 2408.403182][T10833] do_syscall_64+0xcb/0x1e0 [ 2408.407650][T10833] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2408.413506][T10833] RIP: 0033:0x4665d9 [ 2408.417374][T10833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2408.436943][T10833] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2408.445319][T10833] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2408.453271][T10833] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2408.461220][T10833] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2408.469159][T10833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2408.477103][T10833] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2408.486218][T10833] Bluetooth: Can't register HCI device [ 2409.841936][ T2255] Bluetooth: hci0: command 0x1003 tx timeout [ 2409.847945][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2411.921777][ T678] Bluetooth: hci0: command 0x1001 tx timeout [ 2411.927845][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2414.001635][ T678] Bluetooth: hci0: command 0x1009 tx timeout 09:32:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x100000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:32:30 executing program 5: clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x40087602, 0x2) 09:32:30 executing program 2 (fault-call:2 fault-nth:21): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:32:30 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:30 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:30 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x4020940d, 0x2) [ 2418.028058][T10849] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2418.043327][T10853] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2418.043402][T10849] FAULT_INJECTION: forcing a failure. [ 2418.043402][T10849] name failslab, interval 1, probability 0, space 0, times 0 [ 2418.067119][T10849] CPU: 1 PID: 10849 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2418.077357][T10849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2418.087416][T10849] Call Trace: [ 2418.090699][T10849] dump_stack+0x1d8/0x24e [ 2418.095006][T10849] ? devkmsg_release+0x11c/0x11c [ 2418.099916][T10849] ? show_regs_print_info+0x12/0x12 [ 2418.105105][T10849] ? mutex_unlock+0x19/0x40 [ 2418.109576][T10849] ? kernfs_xattr_get+0x81/0x90 [ 2418.114395][T10849] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2418.120433][T10849] should_fail+0x6f6/0x860 [ 2418.124818][T10849] ? setup_fault_attr+0x3d0/0x3d0 [ 2418.129837][T10849] ? __kernfs_new_node+0x99/0x6d0 [ 2418.134890][T10849] should_failslab+0x5/0x20 [ 2418.139370][T10849] __kmalloc_track_caller+0x5d/0x2e0 [ 2418.144630][T10849] kstrdup_const+0x51/0x90 [ 2418.149017][T10849] __kernfs_new_node+0x99/0x6d0 [ 2418.153845][T10849] ? mutex_lock+0xa6/0x110 [ 2418.158229][T10849] ? kernfs_new_node+0x160/0x160 [ 2418.163136][T10849] ? kernfs_activate+0x3fc/0x420 [ 2418.168042][T10849] kernfs_new_node+0x95/0x160 [ 2418.172691][T10849] kernfs_create_link+0x9c/0x1f0 [ 2418.177619][T10849] sysfs_do_create_link_sd+0x85/0x100 [ 2418.182991][T10849] device_add+0x989/0x18a0 [ 2418.187402][T10849] ? get_device+0x30/0x30 [ 2418.191705][T10849] ? virtual_device_parent+0x50/0x50 [ 2418.196968][T10849] ? h4_open+0x4f/0x140 [ 2418.201102][T10849] hci_register_dev+0x32e/0x710 [ 2418.205926][T10849] hci_uart_tty_ioctl+0x89e/0xa10 [ 2418.210934][T10849] ? hci_uart_tty_write+0x10/0x10 [ 2418.215937][T10849] tty_ioctl+0xf68/0x1710 [ 2418.220238][T10849] ? tty_do_resize+0x170/0x170 [ 2418.225039][T10849] ? avc_ss_reset+0x3a0/0x3a0 [ 2418.229692][T10849] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2418.235816][T10849] ? refcount_inc_checked+0x50/0x50 [ 2418.240987][T10849] ? memcg_check_events+0x5c/0x5b0 [ 2418.246072][T10849] ? proc_fail_nth_write+0x1d5/0x240 [ 2418.251364][T10849] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2418.256532][T10849] ? __lru_cache_add+0x1c4/0x210 [ 2418.261457][T10849] ? memset+0x1f/0x40 [ 2418.265408][T10849] ? fsnotify+0x1332/0x13f0 [ 2418.269882][T10849] ? tty_do_resize+0x170/0x170 [ 2418.274618][T10849] do_vfs_ioctl+0x76a/0x1720 [ 2418.279196][T10849] ? selinux_file_ioctl+0x72f/0x990 [ 2418.284365][T10849] ? ioctl_preallocate+0x250/0x250 [ 2418.289456][T10849] ? __fget+0x37b/0x3c0 [ 2418.293579][T10849] ? vfs_write+0x422/0x4e0 [ 2418.298116][T10849] ? fget_many+0x20/0x20 [ 2418.302454][T10849] ? debug_smp_processor_id+0x20/0x20 [ 2418.307943][T10849] ? security_file_ioctl+0x9d/0xb0 [ 2418.313082][T10849] __x64_sys_ioctl+0xd4/0x110 [ 2418.317736][T10849] do_syscall_64+0xcb/0x1e0 [ 2418.322211][T10849] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2418.328073][T10849] RIP: 0033:0x4665d9 [ 2418.331977][T10849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2418.351552][T10849] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2418.359930][T10849] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2418.367912][T10849] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 09:32:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045430, 0x2) 09:32:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045432, 0x2) 09:32:30 executing program 2 (fault-call:2 fault-nth:22): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2418.375852][T10849] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2418.383791][T10849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2418.391734][T10849] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2418.410603][T10849] Bluetooth: Can't register HCI device [ 2418.420269][T10867] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 09:32:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045438, 0x2) [ 2418.436848][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) [ 2418.448802][T10872] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2418.457110][T10872] FAULT_INJECTION: forcing a failure. [ 2418.457110][T10872] name failslab, interval 1, probability 0, space 0, times 0 [ 2418.470499][T10872] CPU: 1 PID: 10872 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2418.480725][T10872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2418.490764][T10872] Call Trace: [ 2418.494043][T10872] dump_stack+0x1d8/0x24e [ 2418.498352][T10872] ? devkmsg_release+0x11c/0x11c [ 2418.503443][T10872] ? show_regs_print_info+0x12/0x12 [ 2418.508625][T10872] should_fail+0x6f6/0x860 [ 2418.513013][T10872] ? setup_fault_attr+0x3d0/0x3d0 [ 2418.518009][T10872] ? __kernfs_new_node+0xdb/0x6d0 [ 2418.523008][T10872] should_failslab+0x5/0x20 [ 2418.527504][T10872] kmem_cache_alloc+0x36/0x290 [ 2418.532239][T10872] ? memcpy+0x38/0x50 [ 2418.536191][T10872] __kernfs_new_node+0xdb/0x6d0 [ 2418.541030][T10872] ? mutex_lock+0xa6/0x110 [ 2418.545444][T10872] ? kernfs_new_node+0x160/0x160 [ 2418.550358][T10872] ? kernfs_activate+0x3fc/0x420 [ 2418.555266][T10872] kernfs_new_node+0x95/0x160 [ 2418.559912][T10872] kernfs_create_link+0x9c/0x1f0 [ 2418.564825][T10872] sysfs_do_create_link_sd+0x85/0x100 [ 2418.570172][T10872] device_add+0x989/0x18a0 [ 2418.574582][T10872] ? get_device+0x30/0x30 [ 2418.578880][T10872] ? virtual_device_parent+0x50/0x50 [ 2418.584144][T10872] ? h4_open+0x4f/0x140 [ 2418.588275][T10872] hci_register_dev+0x32e/0x710 [ 2418.593103][T10872] hci_uart_tty_ioctl+0x89e/0xa10 [ 2418.598095][T10872] ? hci_uart_tty_write+0x10/0x10 [ 2418.603089][T10872] tty_ioctl+0xf68/0x1710 [ 2418.607390][T10872] ? tty_do_resize+0x170/0x170 [ 2418.612144][T10872] ? avc_ss_reset+0x3a0/0x3a0 [ 2418.616796][T10872] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2418.622918][T10872] ? refcount_inc_checked+0x50/0x50 [ 2418.628175][T10872] ? memcg_check_events+0x5c/0x5b0 [ 2418.633258][T10872] ? proc_fail_nth_write+0x1d5/0x240 [ 2418.638513][T10872] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2418.643680][T10872] ? __lru_cache_add+0x1c4/0x210 [ 2418.648584][T10872] ? memset+0x1f/0x40 [ 2418.652625][T10872] ? fsnotify+0x1332/0x13f0 [ 2418.657098][T10872] ? tty_do_resize+0x170/0x170 [ 2418.661858][T10872] do_vfs_ioctl+0x76a/0x1720 [ 2418.666418][T10872] ? selinux_file_ioctl+0x72f/0x990 [ 2418.671590][T10872] ? ioctl_preallocate+0x250/0x250 [ 2418.676672][T10872] ? __fget+0x37b/0x3c0 [ 2418.680796][T10872] ? vfs_write+0x422/0x4e0 [ 2418.685183][T10872] ? fget_many+0x20/0x20 [ 2418.689402][T10872] ? debug_smp_processor_id+0x20/0x20 [ 2418.694768][T10872] ? security_file_ioctl+0x9d/0xb0 [ 2418.699869][T10872] __x64_sys_ioctl+0xd4/0x110 [ 2418.704641][T10872] do_syscall_64+0xcb/0x1e0 [ 2418.709123][T10872] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2418.715005][T10872] RIP: 0033:0x4665d9 [ 2418.718872][T10872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2418.738450][T10872] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2418.746928][T10872] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2418.755032][T10872] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2418.762978][T10872] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2418.770923][T10872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2418.778879][T10872] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2418.790836][T10872] Bluetooth: Can't register HCI device [ 2420.481064][ T7557] Bluetooth: hci0: command 0x1003 tx timeout [ 2420.488544][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2422.560939][ T678] Bluetooth: hci0: command 0x1001 tx timeout [ 2422.567100][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2424.640794][ T678] Bluetooth: hci0: command 0x1009 tx timeout 09:32:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x200000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:32:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045439, 0x2) 09:32:41 executing program 2 (fault-call:2 fault-nth:23): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:32:41 executing program 5: bpf$PROG_LOAD(0x5, 0x0, 0x0) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:41 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:41 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80045440, 0x2) 09:32:41 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:41 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2428.898256][T10888] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2428.911911][T10893] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2428.913903][T10888] FAULT_INJECTION: forcing a failure. [ 2428.913903][T10888] name failslab, interval 1, probability 0, space 0, times 0 [ 2428.936120][T10888] CPU: 1 PID: 10888 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 09:32:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x800455c9, 0x2) 09:32:41 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x800455ca, 0x2) [ 2428.946611][T10888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2428.957344][T10888] Call Trace: [ 2428.960634][T10888] dump_stack+0x1d8/0x24e [ 2428.964957][T10888] ? devkmsg_release+0x11c/0x11c [ 2428.969894][T10888] ? __kasan_kmalloc+0x1a3/0x1e0 [ 2428.974823][T10888] ? show_regs_print_info+0x12/0x12 [ 2428.980012][T10888] ? kmem_cache_alloc+0x115/0x290 [ 2428.985028][T10888] ? __kernfs_new_node+0xdb/0x6d0 [ 2428.990053][T10888] ? kernfs_new_node+0x95/0x160 [ 2428.994892][T10888] ? sysfs_do_create_link_sd+0x85/0x100 [ 2429.000436][T10888] should_fail+0x6f6/0x860 [ 2429.004839][T10888] ? setup_fault_attr+0x3d0/0x3d0 [ 2429.009937][T10888] ? mutex_unlock+0x19/0x40 [ 2429.014522][T10888] ? kernfs_xattr_get+0x81/0x90 [ 2429.019447][T10888] ? __kernfs_new_node+0xdb/0x6d0 [ 2429.024441][T10888] should_failslab+0x5/0x20 [ 2429.029145][T10888] kmem_cache_alloc+0x36/0x290 [ 2429.033882][T10888] __kernfs_new_node+0xdb/0x6d0 [ 2429.038705][T10888] ? kernfs_new_node+0x160/0x160 [ 2429.043611][T10888] ? _raw_spin_lock+0xa3/0x1b0 [ 2429.048346][T10888] ? security_kernfs_init_security+0x9a/0xb0 [ 2429.054296][T10888] ? __kernfs_new_node+0x50b/0x6d0 [ 2429.059378][T10888] kernfs_new_node+0x95/0x160 [ 2429.064039][T10888] __kernfs_create_file+0x45/0x260 [ 2429.069130][T10888] sysfs_add_file_mode_ns+0x293/0x340 [ 2429.074475][T10888] sysfs_create_file_ns+0x18c/0x2b0 [ 2429.079660][T10888] ? sysfs_add_file_mode_ns+0x340/0x340 [ 2429.085176][T10888] ? device_create_file+0xe2/0x1a0 [ 2429.090262][T10888] device_add+0xc44/0x18a0 [ 2429.094657][T10888] ? virtual_device_parent+0x50/0x50 [ 2429.099914][T10888] ? h4_open+0x4f/0x140 [ 2429.104046][T10888] hci_register_dev+0x32e/0x710 [ 2429.108881][T10888] hci_uart_tty_ioctl+0x89e/0xa10 [ 2429.113878][T10888] ? hci_uart_tty_write+0x10/0x10 [ 2429.118968][T10888] tty_ioctl+0xf68/0x1710 [ 2429.123268][T10888] ? tty_do_resize+0x170/0x170 [ 2429.128042][T10888] ? avc_ss_reset+0x3a0/0x3a0 [ 2429.132689][T10888] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2429.138831][T10888] ? refcount_inc_checked+0x50/0x50 [ 2429.144002][T10888] ? memcg_check_events+0x5c/0x5b0 [ 2429.149093][T10888] ? proc_fail_nth_write+0x1d5/0x240 [ 2429.154375][T10888] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2429.159544][T10888] ? __lru_cache_add+0x1c4/0x210 [ 2429.164470][T10888] ? memset+0x1f/0x40 [ 2429.168530][T10888] ? fsnotify+0x1332/0x13f0 [ 2429.173087][T10888] ? tty_do_resize+0x170/0x170 [ 2429.177821][T10888] do_vfs_ioctl+0x76a/0x1720 [ 2429.182381][T10888] ? selinux_file_ioctl+0x72f/0x990 [ 2429.187554][T10888] ? ioctl_preallocate+0x250/0x250 [ 2429.192637][T10888] ? __fget+0x37b/0x3c0 [ 2429.196761][T10888] ? vfs_write+0x422/0x4e0 [ 2429.201147][T10888] ? fget_many+0x20/0x20 [ 2429.205385][T10888] ? debug_smp_processor_id+0x20/0x20 [ 2429.210833][T10888] ? security_file_ioctl+0x9d/0xb0 [ 2429.215922][T10888] __x64_sys_ioctl+0xd4/0x110 [ 2429.220665][T10888] do_syscall_64+0xcb/0x1e0 [ 2429.225139][T10888] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2429.231004][T10888] RIP: 0033:0x4665d9 [ 2429.234889][T10888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2429.254596][T10888] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2429.263434][T10888] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2429.271374][T10888] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2429.279329][T10888] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2429.287278][T10888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2429.295217][T10888] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2429.307282][T10888] Bluetooth: Can't register HCI device [ 2429.313000][T10919] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2429.331798][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 2431.360195][ T678] Bluetooth: hci0: command 0x1003 tx timeout [ 2431.366247][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2433.440137][ T678] Bluetooth: hci0: command 0x1001 tx timeout [ 2433.446168][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2435.519976][ T678] Bluetooth: hci0: command 0x1009 tx timeout 09:32:52 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x2) 09:32:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x300000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:32:52 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:52 executing program 5: bpf$PROG_LOAD(0x5, 0x0, 0x0) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:52 executing program 2 (fault-call:2 fault-nth:24): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:32:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80086601, 0x2) [ 2439.781313][T10930] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2439.789843][T10930] FAULT_INJECTION: forcing a failure. [ 2439.789843][T10930] name failslab, interval 1, probability 0, space 0, times 0 [ 2439.795539][T10939] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2439.811028][T10930] CPU: 0 PID: 10930 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 09:32:52 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2439.821251][T10930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2439.832176][T10930] Call Trace: [ 2439.835456][T10930] dump_stack+0x1d8/0x24e [ 2439.839769][T10930] ? devkmsg_release+0x11c/0x11c [ 2439.844693][T10930] ? mutex_unlock+0x19/0x40 [ 2439.849193][T10930] ? show_regs_print_info+0x12/0x12 [ 2439.854379][T10930] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2439.860432][T10930] should_fail+0x6f6/0x860 [ 2439.864828][T10930] ? setup_fault_attr+0x3d0/0x3d0 [ 2439.869825][T10930] ? _raw_spin_lock+0xa3/0x1b0 [ 2439.874656][T10930] ? __kernfs_new_node+0xdb/0x6d0 09:32:52 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:52 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2439.879686][T10930] should_failslab+0x5/0x20 [ 2439.884174][T10930] kmem_cache_alloc+0x36/0x290 [ 2439.888921][T10930] __kernfs_new_node+0xdb/0x6d0 [ 2439.893745][T10930] ? mutex_lock+0xa6/0x110 [ 2439.898133][T10930] ? kernfs_new_node+0x160/0x160 [ 2439.903042][T10930] ? _raw_spin_lock+0xa3/0x1b0 [ 2439.907789][T10930] ? kernfs_activate+0x3fc/0x420 [ 2439.912722][T10930] kernfs_create_dir_ns+0x90/0x220 [ 2439.917824][T10930] internal_create_group+0x294/0xf10 [ 2439.923094][T10930] ? sysfs_create_group+0x20/0x20 09:32:52 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:32:52 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2439.928104][T10930] ? sysfs_add_file_mode_ns+0x340/0x340 [ 2439.933630][T10930] ? bus_add_device+0x92/0x3f0 [ 2439.938386][T10930] dpm_sysfs_add+0x59/0x260 [ 2439.942879][T10930] device_add+0xde7/0x18a0 [ 2439.947284][T10930] ? virtual_device_parent+0x50/0x50 [ 2439.952558][T10930] ? h4_open+0x4f/0x140 [ 2439.956731][T10930] hci_register_dev+0x32e/0x710 [ 2439.961559][T10930] hci_uart_tty_ioctl+0x89e/0xa10 [ 2439.966555][T10930] ? hci_uart_tty_write+0x10/0x10 [ 2439.971548][T10930] tty_ioctl+0xf68/0x1710 [ 2439.975855][T10930] ? tty_do_resize+0x170/0x170 [ 2439.980589][T10930] ? avc_ss_reset+0x3a0/0x3a0 [ 2439.985243][T10930] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2439.991364][T10930] ? refcount_inc_checked+0x50/0x50 [ 2439.996530][T10930] ? memcg_check_events+0x5c/0x5b0 [ 2440.001626][T10930] ? proc_fail_nth_write+0x1d5/0x240 [ 2440.006914][T10930] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2440.012080][T10930] ? __lru_cache_add+0x1c4/0x210 [ 2440.017003][T10930] ? memset+0x1f/0x40 [ 2440.020969][T10930] ? fsnotify+0x1332/0x13f0 [ 2440.025439][T10930] ? tty_do_resize+0x170/0x170 [ 2440.030176][T10930] do_vfs_ioctl+0x76a/0x1720 [ 2440.034751][T10930] ? selinux_file_ioctl+0x72f/0x990 [ 2440.039918][T10930] ? ioctl_preallocate+0x250/0x250 [ 2440.045005][T10930] ? __fget+0x37b/0x3c0 [ 2440.049129][T10930] ? vfs_write+0x422/0x4e0 [ 2440.053512][T10930] ? fget_many+0x20/0x20 [ 2440.057727][T10930] ? debug_smp_processor_id+0x20/0x20 [ 2440.063069][T10930] ? security_file_ioctl+0x9d/0xb0 [ 2440.068153][T10930] __x64_sys_ioctl+0xd4/0x110 [ 2440.072810][T10930] do_syscall_64+0xcb/0x1e0 [ 2440.077543][T10930] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2440.083460][T10930] RIP: 0033:0x4665d9 [ 2440.087347][T10930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2440.106916][T10930] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2440.115291][T10930] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2440.123232][T10930] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 09:32:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x80087601, 0x2) [ 2440.131175][T10930] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2440.139114][T10930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2440.147055][T10930] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2440.158425][T10930] Bluetooth: Can't register HCI device [ 2441.839400][ T2255] Bluetooth: hci1: command 0x1003 tx timeout [ 2441.845461][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2443.919318][ T2255] Bluetooth: hci1: command 0x1001 tx timeout [ 2443.925958][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2445.999188][ T2255] Bluetooth: hci1: command 0x1009 tx timeout 09:33:02 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x400000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:33:02 executing program 2 (fault-call:2 fault-nth:25): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:33:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0045878, 0x2) 09:33:02 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:02 executing program 5: bpf$PROG_LOAD(0x5, 0x0, 0x0) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:02 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0045878, 0x2) 09:33:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc0189436, 0x2) [ 2450.019505][T10969] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2450.030790][T10975] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2450.032124][T10969] FAULT_INJECTION: forcing a failure. [ 2450.032124][T10969] name failslab, interval 1, probability 0, space 0, times 0 [ 2450.054506][ T7986] Bluetooth: hci1: Frame reassembly failed (-84) 09:33:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0xc020660b, 0x2) 09:33:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xb) 09:33:02 executing program 1: ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000200)={'syztnl1\x00', 0x0, 0x2f, 0x1, 0x1f, 0x753, 0x8, @local, @loopback, 0x7, 0x81, 0x0, 0x9}}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000080)="0a495104e237a17b329ae7715dd891552d6c7e06692fc4236e8316af22d54ad7294879fa104344c2d16cc4b5e6ab31974c5258207564db1be9197d596230230ce33ae4eaccf39d8d2c2b6f1476efc0002ca97d33b21363a64fef47cb3f45fe634617e48870ff4fca6b5688030cd79f6d461ad7d7a45b0f7bb0b54b38de55", 0x7e}, {&(0x7f0000000100)="126fc0dbdd723b3fcb0732c8071b57cb660b92e71fb7a5866a33cf4c44d5f02c1c5cbf2eb99a2b24f9e61a590ca25298f9394cf3f579a600f4e44d3809620e5970a327cceb1a36fedbf9b10df077c3aa367f659d059b65d7d288380c108958d6ccd07caaa97de27edf43f24caca9ff93fda6b009f4", 0x75}], 0x2, &(0x7f00000002c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r0, @private=0xa010100, @loopback}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8001}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1ff}}], 0x80}, 0x240001c0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x2) [ 2450.061374][T10969] CPU: 1 PID: 10969 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2450.071607][T10969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2450.081743][T10969] Call Trace: [ 2450.085033][T10969] dump_stack+0x1d8/0x24e [ 2450.089376][T10969] ? devkmsg_release+0x11c/0x11c [ 2450.094312][T10969] ? show_regs_print_info+0x12/0x12 [ 2450.099511][T10969] ? mutex_unlock+0x19/0x40 [ 2450.104015][T10969] should_fail+0x6f6/0x860 [ 2450.108431][T10969] ? setup_fault_attr+0x3d0/0x3d0 [ 2450.113453][T10969] ? selinux_path_notify+0x6c0/0x6c0 09:33:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x0, 0x80000001, 0x3f, 0x2, 0xb, "e5bc67cac7efc7c227eec4871e62fdfcf1f246"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) [ 2450.118736][T10969] ? __kernfs_new_node+0xdb/0x6d0 [ 2450.123756][T10969] should_failslab+0x5/0x20 [ 2450.128350][T10969] kmem_cache_alloc+0x36/0x290 [ 2450.133116][T10969] ? _raw_spin_lock+0xa3/0x1b0 [ 2450.133125][T10969] __kernfs_new_node+0xdb/0x6d0 [ 2450.133139][T10969] ? kernfs_new_node+0x160/0x160 [ 2450.147762][T10969] ? mutex_lock+0xa6/0x110 [ 2450.147771][T10969] ? mutex_trylock+0xb0/0xb0 [ 2450.147784][T10969] ? kernfs_activate+0x3fc/0x420 [ 2450.147793][T10969] kernfs_new_node+0x95/0x160 [ 2450.147803][T10969] __kernfs_create_file+0x45/0x260 [ 2450.147816][T10969] sysfs_add_file_mode_ns+0x293/0x340 [ 2450.176805][T10969] sysfs_merge_group+0x204/0x440 [ 2450.176813][T10969] ? sysfs_remove_groups+0xb0/0xb0 [ 2450.176828][T10969] ? sysfs_add_file_mode_ns+0x340/0x340 [ 2450.192352][T10969] ? bus_add_device+0x92/0x3f0 [ 2450.192361][T10969] dpm_sysfs_add+0xbd/0x260 [ 2450.192372][T10969] device_add+0xde7/0x18a0 [ 2450.205978][T10969] ? virtual_device_parent+0x50/0x50 [ 2450.211237][T10969] ? h4_open+0x4f/0x140 [ 2450.215366][T10969] hci_register_dev+0x32e/0x710 [ 2450.220200][T10969] hci_uart_tty_ioctl+0x89e/0xa10 [ 2450.225283][T10969] ? hci_uart_tty_write+0x10/0x10 [ 2450.230279][T10969] tty_ioctl+0xf68/0x1710 [ 2450.234580][T10969] ? tty_do_resize+0x170/0x170 [ 2450.239315][T10969] ? avc_ss_reset+0x3a0/0x3a0 [ 2450.243963][T10969] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2450.250101][T10969] ? refcount_inc_checked+0x50/0x50 [ 2450.255272][T10969] ? memcg_check_events+0x5c/0x5b0 [ 2450.260355][T10969] ? proc_fail_nth_write+0x1d5/0x240 [ 2450.265718][T10969] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2450.270912][T10969] ? __lru_cache_add+0x1c4/0x210 [ 2450.275864][T10969] ? memset+0x1f/0x40 [ 2450.279823][T10969] ? fsnotify+0x1332/0x13f0 [ 2450.284298][T10969] ? tty_do_resize+0x170/0x170 [ 2450.289034][T10969] do_vfs_ioctl+0x76a/0x1720 [ 2450.293859][T10969] ? selinux_file_ioctl+0x72f/0x990 [ 2450.299028][T10969] ? ioctl_preallocate+0x250/0x250 [ 2450.304132][T10969] ? __fget+0x37b/0x3c0 [ 2450.308259][T10969] ? vfs_write+0x422/0x4e0 [ 2450.312645][T10969] ? fget_many+0x20/0x20 [ 2450.316860][T10969] ? debug_smp_processor_id+0x20/0x20 [ 2450.322202][T10969] ? security_file_ioctl+0x9d/0xb0 [ 2450.327313][T10969] __x64_sys_ioctl+0xd4/0x110 [ 2450.331961][T10969] do_syscall_64+0xcb/0x1e0 [ 2450.336434][T10969] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2450.342296][T10969] RIP: 0033:0x4665d9 [ 2450.346187][T10969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2450.365797][T10969] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2450.374874][T10969] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2450.382821][T10969] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2450.390763][T10969] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2450.398710][T10969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2450.406659][T10969] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2450.416180][T10969] Bluetooth: Can't register HCI device [ 2452.078611][ T7557] Bluetooth: hci1: command 0x1003 tx timeout [ 2452.084681][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2454.158529][ T7557] Bluetooth: hci1: command 0x1001 tx timeout [ 2454.164567][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2456.238280][ T7557] Bluetooth: hci1: command 0x1009 tx timeout 09:33:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x500000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:33:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x668481, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TIOCCBRK(r1, 0x5428) r2 = dup3(r0, r0, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000000)={0x8, 0x9, 0xe511, 0x8000, 0x9, "79f9559af451edca"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f00000001c0)={0x0, 0xffffffff, 0x20c8f520}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) ioctl$TCFLSH(r0, 0x540b, 0x2) ioctl$HIDIOCGUSAGES(r3, 0xd01c4813, &(0x7f00000005c0)={{0x3, 0x3, 0x6, 0x2d, 0x80000001, 0x9}, 0x86, [0xfffffffd, 0x8, 0xfffffc01, 0x4, 0x1000, 0x5, 0xbe87, 0x2, 0x7, 0x101, 0x7, 0x9, 0x9, 0x3f, 0x8, 0x7, 0x8b5, 0x5, 0x8, 0x6, 0x7ff, 0x10000, 0x5, 0x1, 0xfffff000, 0x7, 0x100, 0xfffffff8, 0x8001, 0x6b3, 0x4, 0xcd7, 0x400, 0x4, 0x0, 0x800, 0x3, 0xffff, 0x4, 0x3, 0x8, 0xffffff14, 0x80000001, 0x7, 0x20, 0x5ac1, 0x4, 0x3ff, 0xd6e, 0x1000, 0x6, 0x7ff, 0x1000, 0xc92d, 0x4, 0x7ff, 0x800, 0x8, 0x1, 0x7cef, 0x3f, 0x8001, 0x5, 0x6, 0xffffffff, 0x7, 0x0, 0x4, 0x100, 0xff, 0x5f, 0x1069, 0xffff, 0x7ff, 0x9, 0x2, 0x40, 0x0, 0x72, 0x4, 0x81, 0xff, 0x80, 0x0, 0xbc9, 0x7fffffff, 0x4d121636, 0x3ff, 0x2, 0x7, 0x8, 0x6, 0x4, 0x800, 0x1ff, 0x812c, 0x401, 0x81, 0x8000, 0x8, 0x2, 0x5, 0x7, 0x8, 0x3, 0x1, 0x6a, 0x13f4, 0x3, 0x3, 0xab2, 0x7, 0x0, 0x1, 0x101, 0x7ff, 0x1, 0x3, 0x1, 0x6, 0xa000000, 0x0, 0x3f, 0x401, 0x20, 0x80000000, 0x1f, 0x7f, 0xfffff36f, 0x9f, 0x5, 0x1ff, 0xef78, 0x6, 0x8, 0xbc, 0x5, 0x968, 0x5, 0x0, 0x7ff, 0x6, 0x0, 0x4, 0x0, 0xe7, 0x7ff, 0x3, 0x2, 0xffffffff, 0x13c, 0x5, 0x400, 0x3, 0x8, 0x8, 0xfff, 0x9, 0x20, 0x0, 0xfffffe01, 0x3, 0x2, 0xfffffff7, 0x400, 0x9, 0x2, 0xb2, 0x3, 0x9, 0x7c9, 0x4, 0x8001, 0x8d, 0x8, 0x5, 0x3, 0xfffffffd, 0xfff, 0xaf3, 0x8, 0x7f, 0x1, 0x9, 0x0, 0x10001, 0x8, 0xfffffffd, 0x81, 0x33, 0x0, 0x0, 0x1329, 0x1, 0x8000, 0x8001, 0x4, 0x0, 0x6, 0x3, 0x5ec, 0x1, 0x9, 0x6, 0x6f854b83, 0x8, 0x9, 0x6, 0x1, 0x9, 0x8, 0x2, 0x0, 0x3ff, 0x7b, 0x1, 0x3ff, 0x7, 0x1d6, 0x0, 0x6, 0x6, 0x314, 0x4, 0x3ff, 0x800, 0x0, 0x7bad, 0x7c500eab, 0x8, 0x7b6, 0xfffffff7, 0x105b, 0x8, 0x10001, 0x101, 0x9, 0x80000001, 0xa3b, 0x6, 0x3, 0x5, 0x800, 0x800, 0x0, 0x1, 0x1, 0x80000001, 0x1, 0x4f, 0xffffffff, 0x3, 0x3, 0x3, 0x592e28d4, 0x400, 0x3f, 0x7, 0xc0, 0x3, 0x6, 0x0, 0x6, 0x2, 0x40, 0x6, 0xe7db, 0x972, 0x400, 0x4b1, 0x9, 0xa901, 0x3, 0x6, 0xfffffffa, 0x4, 0x3, 0x10001, 0x1200000, 0x8001, 0x3f, 0x1, 0x5, 0x180, 0x5, 0x0, 0x981, 0x3, 0x3, 0x3, 0x8000, 0x1, 0x4, 0x8, 0x0, 0x0, 0x1, 0x2, 0x6, 0x8, 0x2, 0x8, 0x2, 0x9, 0x5, 0x100, 0xab8, 0xfff, 0xfffffffa, 0x9, 0xed5, 0x2, 0xffff, 0x5, 0x0, 0x1, 0x2, 0x9, 0x7, 0x4, 0x3f, 0x7fffffff, 0xa3, 0xffffffc1, 0x1, 0x24, 0x101, 0x8, 0x7fff, 0x923e, 0x8, 0x8, 0xee, 0x7, 0x36f89786, 0x3, 0x7, 0x1, 0x9, 0xeb, 0x0, 0x3, 0x200, 0x5, 0x1, 0x0, 0x0, 0x9, 0xffffffff, 0x7fffffff, 0x9, 0x2, 0x8, 0x5, 0x40, 0x3, 0x2, 0x2d, 0xffff, 0x200, 0x10001, 0x8, 0x2, 0x5, 0x0, 0x5, 0x9, 0x3, 0x9, 0x1f, 0x7, 0x0, 0x9, 0x2, 0x7fff, 0x200, 0x0, 0x1, 0x3, 0x277, 0xc945, 0x156, 0x6, 0x1, 0x1, 0x1d, 0x4, 0x1, 0x0, 0x3, 0x8, 0x5, 0x7, 0x80, 0x7, 0xffff, 0x1a1, 0x2, 0x40000000, 0x6, 0x33, 0x6, 0xfffff4e2, 0x6, 0x2, 0xf763, 0x8, 0x0, 0x3, 0x9, 0xffffffff, 0x4, 0x8, 0x1, 0x10000, 0x0, 0x9, 0x5, 0x0, 0x9, 0x9, 0x77e, 0x400, 0x8, 0x2, 0x7fff, 0x5, 0x3, 0x3f, 0x8, 0x2, 0x5, 0xf1b0, 0x1, 0x3, 0x3, 0x2573a524, 0xffff, 0x1, 0x3, 0x7f, 0x6, 0x80000001, 0x40, 0x4, 0x5, 0x996, 0xfffffffb, 0x10001, 0x7fff, 0x8000, 0x9, 0x0, 0xffffffff, 0xde, 0x8001, 0x1, 0x8, 0xfffff001, 0x1, 0x0, 0x8000, 0x1f, 0x1000, 0x0, 0xffff3353, 0x7d8, 0x0, 0x10b3c305, 0xffffffff, 0x0, 0x3c, 0x0, 0x9, 0x8, 0x0, 0x8000, 0x0, 0x10000, 0x8, 0x0, 0x4, 0xfffffffc, 0x4, 0x4, 0x3f, 0x100, 0x1, 0x6, 0x5, 0x8, 0x4, 0x7, 0x3a, 0x0, 0x2, 0x1000, 0x9, 0x2, 0x8, 0x4, 0xc0000000, 0x8000, 0xffffffff, 0x6, 0x5, 0x0, 0x4, 0x7, 0x1, 0xfff, 0xffff, 0x0, 0x401, 0x6, 0x5, 0xff, 0x4, 0x4, 0x9, 0xfffffffc, 0x280, 0x7fffffff, 0x1ff, 0x9, 0x9, 0x7, 0xc8, 0x4, 0x9, 0x1, 0x52, 0x0, 0x10000, 0x49a7, 0x6, 0x7fff, 0x5, 0x4, 0x7, 0x6, 0x3ff, 0x7, 0xff, 0x3, 0x5, 0x8, 0x3ff, 0xc30f, 0x6, 0x200, 0x3, 0x7f, 0x64, 0x20, 0x6149, 0x924, 0x2649, 0x1, 0x0, 0x1, 0x2, 0x8001, 0x3, 0x5, 0x0, 0x3333, 0x4, 0xff, 0x8, 0x15, 0x800, 0x7, 0x1, 0x5, 0x7, 0x8, 0x10000, 0x0, 0x7, 0x8, 0x0, 0x7, 0x6, 0x100, 0x8, 0x6, 0x19, 0x0, 0x1000, 0x6e8, 0x3, 0x2e, 0x1ff, 0x1, 0x0, 0x0, 0x7, 0x0, 0x4, 0x1, 0x9, 0x200, 0x6, 0x3, 0x9, 0x8, 0x9, 0x9, 0xffff, 0x3f, 0x2, 0x8000, 0x6, 0x8, 0x6, 0x3ff, 0xc7a, 0x1, 0xffff3721, 0x4, 0x10000, 0x7, 0x3, 0x1, 0x401, 0x5, 0x10001, 0x101, 0x30000, 0x1f, 0x20, 0x78a, 0x6, 0x9, 0x10000, 0x6, 0x6, 0x5, 0x800, 0x9, 0x15f, 0x3, 0xffffffff, 0xfffffff9, 0x2, 0x6, 0x1f, 0x9, 0x6, 0xffffffff, 0xfffffffd, 0x0, 0x6, 0x6, 0xc0000000, 0xfffffffb, 0xa0, 0x5, 0x8, 0x1000, 0x7, 0x40, 0x5, 0x100, 0x16a5, 0x4, 0xffffffff, 0x80000001, 0x1, 0xffff, 0x10000, 0x8089, 0x1, 0x10001, 0x3a, 0x9, 0x6, 0x80, 0x8001, 0x401, 0x3f, 0x9, 0x5, 0x9, 0xbd, 0x7, 0x400, 0x7ff, 0x89, 0x6, 0xffffffff, 0x7, 0x1f, 0x20, 0x7ff, 0x8001, 0x8, 0x0, 0x4, 0x3, 0x4, 0x6, 0x1, 0x80, 0x1ff, 0x7, 0x181e, 0x4, 0x3ff, 0x7, 0x11f, 0x40, 0xf6, 0x0, 0x1, 0xfffffff9, 0x6, 0x39, 0x2, 0x7, 0xffffff80, 0x40, 0x0, 0x4, 0x1, 0xfffffff9, 0xffffffff, 0x9, 0x10000, 0x100, 0x9, 0x0, 0xffffff00, 0x7, 0xffffffff, 0x2, 0x4a, 0x0, 0x81, 0x0, 0x7fff, 0x4, 0x4, 0x0, 0x2, 0xe5, 0x9, 0x8, 0x17, 0x100, 0x4, 0x1, 0x7fffffff, 0x80000001, 0xff, 0x9, 0x6, 0x1000, 0x8, 0x6, 0x6842, 0x5, 0x6, 0x9, 0x5, 0x0, 0x1, 0x100, 0x8000, 0x101, 0x2, 0x7588, 0x2, 0x1ff, 0xffffffff, 0x0, 0x1, 0x80, 0x2, 0x1, 0x0, 0x5ab, 0x7, 0x5, 0x5, 0x101, 0x80, 0x8, 0x400, 0xffffffc1, 0x7, 0x1ff, 0x400, 0x81, 0xffffffff, 0x6, 0x6, 0x6, 0x2, 0x80000001, 0x1, 0xb66, 0x4, 0x3, 0x1, 0x7c, 0x4, 0x101, 0xbd, 0x8000, 0x8001, 0x30, 0x7, 0x1, 0xad, 0x8000, 0x0, 0x500000, 0x8, 0xfffffff7, 0x1f, 0x4, 0x916, 0xffffff80, 0x8000, 0x5290, 0x6, 0x2, 0xed98, 0xb1, 0x3, 0x3, 0x3f, 0x299e, 0xffff, 0xe7b, 0x8, 0xeb9, 0x6, 0x647000, 0x7, 0xabe, 0x8, 0x2, 0x1000, 0x40, 0x1, 0x17a, 0x80, 0x401, 0x5, 0x4, 0x6e, 0x6f01, 0x0, 0x9, 0xffff, 0x7, 0x1, 0x1, 0x80000001, 0x80000000, 0x401, 0x7, 0x100, 0x7, 0x2, 0x2, 0x6, 0x75000, 0x736, 0x8000, 0x47, 0x40, 0x0, 0x8, 0x0, 0x3ff, 0x2, 0x80000000, 0x1, 0x4, 0xffffffff, 0x122, 0x2, 0xb0, 0x1, 0x3ff, 0x9, 0x9, 0x44, 0x5, 0x1ff, 0xfffffc01, 0x7, 0x5, 0x3, 0x5, 0x9, 0x0, 0x8, 0x2, 0x3f, 0x9, 0xe769, 0x5, 0x7a7, 0xffffff7f, 0xc000, 0xc13b, 0x3, 0xe4b, 0x2, 0x9, 0x400, 0x8000, 0x6, 0xfffffffb, 0x5, 0xff, 0x4ac, 0x6, 0x100, 0x1, 0x6, 0x9d, 0x7f, 0x4, 0x80000000, 0x2000000, 0x7d, 0xffffffff, 0x6, 0xfffeffff, 0x80, 0x0, 0x6, 0x0, 0x7ff, 0x3, 0x3f, 0x1, 0x9, 0x80, 0x800, 0xf74, 0x80000001, 0x800, 0x53, 0x7, 0x5, 0x0, 0x8, 0x7ff, 0x9, 0x3ff, 0x8, 0x5, 0x3, 0xc0, 0x1, 0x3, 0x4, 0x0, 0xd, 0x8001, 0x5, 0x8, 0x1, 0xfffffffe, 0x4, 0x1, 0xf2d4, 0xd2, 0x10001, 0x3, 0x4000, 0x81, 0x55f6, 0x7fffffff, 0x2, 0x7, 0x8, 0x9, 0x800000, 0x1, 0x8, 0x10001, 0x1, 0xfffffffb, 0x6, 0x8, 0x1a, 0x3f, 0x7, 0x0, 0x7743, 0x6, 0x7fffffff, 0x3, 0x8, 0x9, 0x6, 0x1c000000, 0x9, 0x8000, 0xd3, 0xfffffffe, 0x2f6b, 0x7, 0x61, 0x5, 0x2, 0x132, 0x1, 0x4, 0x4, 0xa8a, 0x6, 0x10000, 0x8, 0x5, 0xfff]}) 09:33:12 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:12 executing program 2 (fault-call:2 fault-nth:26): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:33:12 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:12 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:12 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2460.261480][T11013] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2460.270275][T11011] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2460.273060][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 2460.278952][T11011] FAULT_INJECTION: forcing a failure. [ 2460.278952][T11011] name failslab, interval 1, probability 0, space 0, times 0 [ 2460.297791][T11011] CPU: 1 PID: 11011 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 09:33:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x10000, 0x1000, 0x6, 0x2, 0x13, "e11ef8a8177ec71a873468817c842285fb17df"}) ioctl$TCFLSH(r0, 0x540b, 0xffffffffffffffff) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000080)={0x6, 0x0, 0xfffb, 0x8, 0x5, "8d1380a9216fbc8e"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:33:12 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000000)=r1) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:33:12 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2460.308014][T11011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2460.318053][T11011] Call Trace: [ 2460.321341][T11011] dump_stack+0x1d8/0x24e [ 2460.325662][T11011] ? devkmsg_release+0x11c/0x11c [ 2460.330600][T11011] ? mutex_unlock+0x19/0x40 [ 2460.335094][T11011] ? show_regs_print_info+0x12/0x12 [ 2460.340278][T11011] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2460.346342][T11011] should_fail+0x6f6/0x860 [ 2460.350745][T11011] ? setup_fault_attr+0x3d0/0x3d0 [ 2460.355759][T11011] ? _raw_spin_lock+0xa3/0x1b0 09:33:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x3) [ 2460.360511][T11011] ? __kernfs_new_node+0xdb/0x6d0 [ 2460.365520][T11011] should_failslab+0x5/0x20 [ 2460.370011][T11011] kmem_cache_alloc+0x36/0x290 [ 2460.374766][T11011] __kernfs_new_node+0xdb/0x6d0 [ 2460.379607][T11011] ? mutex_lock+0xa6/0x110 [ 2460.384081][T11011] ? kernfs_new_node+0x160/0x160 [ 2460.389000][T11011] ? mutex_lock+0xa6/0x110 [ 2460.393396][T11011] ? kernfs_activate+0x3fc/0x420 [ 2460.398374][T11011] kernfs_new_node+0x95/0x160 [ 2460.403031][T11011] __kernfs_create_file+0x45/0x260 [ 2460.408118][T11011] sysfs_add_file_mode_ns+0x293/0x340 [ 2460.413460][T11011] sysfs_merge_group+0x204/0x440 [ 2460.418375][T11011] ? sysfs_remove_groups+0xb0/0xb0 [ 2460.423475][T11011] ? sysfs_add_file_mode_ns+0x340/0x340 [ 2460.429004][T11011] ? bus_add_device+0x92/0x3f0 [ 2460.433745][T11011] dpm_sysfs_add+0xbd/0x260 [ 2460.438224][T11011] device_add+0xde7/0x18a0 [ 2460.442616][T11011] ? virtual_device_parent+0x50/0x50 [ 2460.447874][T11011] ? h4_open+0x4f/0x140 [ 2460.452048][T11011] hci_register_dev+0x32e/0x710 [ 2460.456926][T11011] hci_uart_tty_ioctl+0x89e/0xa10 [ 2460.461927][T11011] ? hci_uart_tty_write+0x10/0x10 [ 2460.467049][T11011] tty_ioctl+0xf68/0x1710 [ 2460.471351][T11011] ? tty_do_resize+0x170/0x170 [ 2460.476093][T11011] ? avc_ss_reset+0x3a0/0x3a0 [ 2460.480745][T11011] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2460.486935][T11011] ? refcount_inc_checked+0x50/0x50 [ 2460.492112][T11011] ? memcg_check_events+0x5c/0x5b0 [ 2460.497200][T11011] ? proc_fail_nth_write+0x1d5/0x240 [ 2460.502631][T11011] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2460.507806][T11011] ? __lru_cache_add+0x1c4/0x210 [ 2460.512799][T11011] ? memset+0x1f/0x40 [ 2460.516754][T11011] ? fsnotify+0x1332/0x13f0 [ 2460.521231][T11011] ? tty_do_resize+0x170/0x170 [ 2460.525964][T11011] do_vfs_ioctl+0x76a/0x1720 [ 2460.530529][T11011] ? selinux_file_ioctl+0x72f/0x990 [ 2460.535705][T11011] ? ioctl_preallocate+0x250/0x250 [ 2460.540789][T11011] ? __fget+0x37b/0x3c0 [ 2460.544913][T11011] ? vfs_write+0x422/0x4e0 [ 2460.549299][T11011] ? fget_many+0x20/0x20 [ 2460.553511][T11011] ? debug_smp_processor_id+0x20/0x20 [ 2460.558852][T11011] ? security_file_ioctl+0x9d/0xb0 [ 2460.563931][T11011] __x64_sys_ioctl+0xd4/0x110 [ 2460.568578][T11011] do_syscall_64+0xcb/0x1e0 [ 2460.573055][T11011] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2460.578921][T11011] RIP: 0033:0x4665d9 [ 2460.582795][T11011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2460.602404][T11011] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2460.610786][T11011] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2460.618747][T11011] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2460.626698][T11011] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2460.634672][T11011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2460.642620][T11011] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2460.660712][T11011] Bluetooth: Can't register HCI device [ 2462.317817][ T2661] Bluetooth: hci0: command 0x1003 tx timeout [ 2462.323865][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2464.397648][ T8460] Bluetooth: hci0: command 0x1001 tx timeout [ 2464.403664][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2466.477586][ T8460] Bluetooth: hci0: command 0x1009 tx timeout 09:33:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TCXONC(r0, 0x540a, 0x3) 09:33:22 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 09:33:22 executing program 2 (fault-call:2 fault-nth:27): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:33:22 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:22 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x600000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:33:22 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 09:33:22 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:22 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:22 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:22 executing program 1: fadvise64(0xffffffffffffffff, 0x6, 0x2, 0x2) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) syz_open_pts(r0, 0x50003) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2470.500928][T11053] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2470.512718][T11056] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2470.521625][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2470.533346][T11056] FAULT_INJECTION: forcing a failure. [ 2470.533346][T11056] name failslab, interval 1, probability 0, space 0, times 0 09:33:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000500)={0x5, 0x40000000, 0x7, 0x0, 0x1, "d4c6559f5d814ef200bc9e052a997c3b3cdd63"}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xc008ae09, 0x400000) ioctl$KVM_CREATE_VM(r3, 0xc008ae09, 0x400000) vmsplice(r2, &(0x7f0000000480)=[{&(0x7f0000000540)="6d27a9dd8f3c1553398e072937f482849b8e9ee0a68b1b9ccbf353d0d00aca1f25857a411978b18f8009af4d0a280bc5fb0adad7f5ac9065774b45112cb070894cc7979ff12e8dc053f873f03884addabca6ff343ae0e3b96113811a76aa1d034ff61c86d3a71256", 0x68}, {&(0x7f0000000100)="9dd479746a6f5a380e04002e32dd8cfe27b18b3be616d0cceef19b4b77236fedd982ac6b8aef97f9347f77b43e9c1be967e8ce1041b5ea0b76ae69f3476287b14d76fc18ccf6a15f85e0027ed6a9341404d0a31bc67e6edacfd5f5e735bbcad83bde18222d06d59affea02b9c8ca0cbde139306d0ba119c6fefc22a14ab28d3eb0c9684285629f7f52a360b94f86df7a37c1d64053a67ecd9d7c9afdee7677bc55a82590dc7ba5faa7df2bb3803a99d19e4153122c477d28b0fae396f02374e2bfb4c7de1a0ffddd5a5840a06a9cc5f6a887e1a2645eca04227eb19203081a35b3052a93442d2acb", 0xe8}, {&(0x7f0000000200)="95f70d0c764f0c19cafec8e98ace6f3f1e0f1c624784a207db", 0x19}, {&(0x7f00000005c0)="b00ad79b1dfc34ddfb2a50296ea788055c18410bc7f2c5ec4071092f845ffa9dde3b082936feeda3d1c5d2633fb6f59fb573a02d3ae7e075f087b639aebf232c6927ac047e3afbac6deb950c16349a4f66c2085ea61fa0f9843ae1a1bd058a589e11daa20f381a370e47bf9983bf748740f3be8254028c825a382a3d97ae43087b72b78b5ffd25cdd729d9948a0a1d4aebf199748e02904153f1b64e25dd554d182739f62470f927fb88618cf91a2c017d560cb1c342478e854ad573a964fe58ad9b6de4f3eb", 0xc6}, {&(0x7f0000000240)="c4d84f930a8637109603b46d9539ac9914ea6956b5b47b2c3d236563889925eea0495593006cd6085b97dc6dce440136ad448fa0d24d20ca305a8adcea0370", 0x3f}, {&(0x7f00000003c0)="6c270040e508c982892b9d06e42a06525cee69b162dc51c4d2703e3e0afe6c2179b9d126913cd06995e989f7609309497f3dfc5cf5d4f05484e79cfb628f6731d43cfdb640b23ccebe5b55fee34942640977868ed25d6ac3369184ab9e2036c61d87d3d656478fac261a33a8081090f32b2372566ebbbf6a72c0f01e75e943073b7f4c984e7e2adbaad3c284d61a4e", 0x8f}], 0x6, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = creat(&(0x7f0000000240)='./bus\x00', 0x0) r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r6, &(0x7f0000000180)=ANY=[], 0xfffffd28) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r6, r7, 0x0, 0xffffffffffff4b95) fallocate(r5, 0x0, 0x0, 0x1fbfd) close(r4) splice(r1, 0x0, r4, 0x0, 0x80000001, 0x0) syz_open_pts(r1, 0x40) ioctl$KDADDIO(r1, 0x400455c8, 0x6) [ 2470.548560][T11056] CPU: 1 PID: 11056 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2470.559048][T11056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2470.569119][T11056] Call Trace: [ 2470.572398][T11056] dump_stack+0x1d8/0x24e [ 2470.576719][T11056] ? devkmsg_release+0x11c/0x11c [ 2470.581643][T11056] ? mutex_unlock+0x19/0x40 [ 2470.586145][T11056] ? show_regs_print_info+0x12/0x12 [ 2470.591336][T11056] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2470.597407][T11056] should_fail+0x6f6/0x860 [ 2470.601810][T11056] ? setup_fault_attr+0x3d0/0x3d0 [ 2470.606816][T11056] ? _raw_spin_lock+0xa3/0x1b0 [ 2470.611571][T11056] ? __kernfs_new_node+0xdb/0x6d0 [ 2470.616581][T11056] should_failslab+0x5/0x20 [ 2470.621075][T11056] kmem_cache_alloc+0x36/0x290 [ 2470.625827][T11056] __kernfs_new_node+0xdb/0x6d0 [ 2470.630665][T11056] ? mutex_lock+0xa6/0x110 [ 2470.635065][T11056] ? kernfs_new_node+0x160/0x160 [ 2470.639985][T11056] ? mutex_lock+0xa6/0x110 [ 2470.644388][T11056] ? kernfs_activate+0x3fc/0x420 [ 2470.649313][T11056] kernfs_new_node+0x95/0x160 [ 2470.653982][T11056] __kernfs_create_file+0x45/0x260 [ 2470.659097][T11056] sysfs_add_file_mode_ns+0x293/0x340 [ 2470.664452][T11056] sysfs_merge_group+0x204/0x440 [ 2470.669376][T11056] ? sysfs_remove_groups+0xb0/0xb0 [ 2470.674481][T11056] ? sysfs_add_file_mode_ns+0x340/0x340 [ 2470.680106][T11056] ? bus_add_device+0x92/0x3f0 [ 2470.684872][T11056] dpm_sysfs_add+0xbd/0x260 [ 2470.689362][T11056] device_add+0xde7/0x18a0 [ 2470.693862][T11056] ? virtual_device_parent+0x50/0x50 [ 2470.699145][T11056] ? h4_open+0x4f/0x140 [ 2470.703388][T11056] hci_register_dev+0x32e/0x710 [ 2470.708328][T11056] hci_uart_tty_ioctl+0x89e/0xa10 [ 2470.713351][T11056] ? hci_uart_tty_write+0x10/0x10 [ 2470.718449][T11056] tty_ioctl+0xf68/0x1710 [ 2470.722770][T11056] ? tty_do_resize+0x170/0x170 [ 2470.727513][T11056] ? avc_ss_reset+0x3a0/0x3a0 [ 2470.732171][T11056] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2470.738297][T11056] ? refcount_inc_checked+0x50/0x50 [ 2470.743468][T11056] ? proc_fail_nth_write+0x1d5/0x240 [ 2470.748721][T11056] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2470.753898][T11056] ? __lru_cache_add+0x1c4/0x210 [ 2470.758839][T11056] ? memset+0x1f/0x40 [ 2470.762792][T11056] ? fsnotify+0x1332/0x13f0 [ 2470.767268][T11056] ? tty_do_resize+0x170/0x170 [ 2470.772020][T11056] do_vfs_ioctl+0x76a/0x1720 [ 2470.776579][T11056] ? selinux_file_ioctl+0x72f/0x990 [ 2470.781763][T11056] ? ioctl_preallocate+0x250/0x250 [ 2470.786842][T11056] ? __fget+0x37b/0x3c0 [ 2470.790967][T11056] ? vfs_write+0x422/0x4e0 [ 2470.795351][T11056] ? fget_many+0x20/0x20 [ 2470.799563][T11056] ? debug_smp_processor_id+0x20/0x20 [ 2470.804903][T11056] ? security_file_ioctl+0x9d/0xb0 [ 2470.809984][T11056] __x64_sys_ioctl+0xd4/0x110 [ 2470.814631][T11056] do_syscall_64+0xcb/0x1e0 [ 2470.819111][T11056] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2470.824976][T11056] RIP: 0033:0x4665d9 [ 2470.828840][T11056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2470.848415][T11056] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2470.856804][T11056] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2470.864747][T11056] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2470.872694][T11056] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2470.880638][T11056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2470.888590][T11056] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 09:33:23 executing program 0: clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:23 executing program 2 (fault-call:2 fault-nth:28): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2470.906518][T11056] Bluetooth: Can't register HCI device [ 2470.940896][T11080] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2470.956781][T11080] FAULT_INJECTION: forcing a failure. [ 2470.956781][T11080] name failslab, interval 1, probability 0, space 0, times 0 [ 2470.970886][T11080] CPU: 1 PID: 11080 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2470.981123][T11080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2470.991271][T11080] Call Trace: [ 2470.995057][T11080] dump_stack+0x1d8/0x24e [ 2470.999391][T11080] ? devkmsg_release+0x11c/0x11c [ 2471.004300][T11080] ? mutex_unlock+0x19/0x40 [ 2471.008861][T11080] ? show_regs_print_info+0x12/0x12 [ 2471.014089][T11080] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2471.020127][T11080] should_fail+0x6f6/0x860 [ 2471.024514][T11080] ? setup_fault_attr+0x3d0/0x3d0 [ 2471.029509][T11080] ? _raw_spin_lock+0xa3/0x1b0 [ 2471.034252][T11080] ? __kernfs_new_node+0xdb/0x6d0 [ 2471.039254][T11080] should_failslab+0x5/0x20 [ 2471.043725][T11080] kmem_cache_alloc+0x36/0x290 [ 2471.048459][T11080] __kernfs_new_node+0xdb/0x6d0 [ 2471.053277][T11080] ? mutex_lock+0xa6/0x110 [ 2471.057658][T11080] ? kernfs_new_node+0x160/0x160 [ 2471.062564][T11080] ? mutex_lock+0xa6/0x110 [ 2471.066950][T11080] ? kernfs_activate+0x3fc/0x420 [ 2471.071855][T11080] kernfs_new_node+0x95/0x160 [ 2471.076517][T11080] __kernfs_create_file+0x45/0x260 [ 2471.081596][T11080] sysfs_add_file_mode_ns+0x293/0x340 [ 2471.086934][T11080] sysfs_merge_group+0x204/0x440 [ 2471.091840][T11080] ? sysfs_remove_groups+0xb0/0xb0 [ 2471.096919][T11080] ? sysfs_add_file_mode_ns+0x340/0x340 [ 2471.102428][T11080] ? bus_add_device+0x92/0x3f0 [ 2471.107160][T11080] dpm_sysfs_add+0xbd/0x260 [ 2471.111630][T11080] device_add+0xde7/0x18a0 [ 2471.116014][T11080] ? virtual_device_parent+0x50/0x50 [ 2471.121366][T11080] ? h4_open+0x4f/0x140 [ 2471.125491][T11080] hci_register_dev+0x32e/0x710 [ 2471.130311][T11080] hci_uart_tty_ioctl+0x89e/0xa10 [ 2471.135314][T11080] ? hci_uart_tty_write+0x10/0x10 [ 2471.140324][T11080] tty_ioctl+0xf68/0x1710 [ 2471.145070][T11080] ? tty_do_resize+0x170/0x170 [ 2471.149800][T11080] ? avc_ss_reset+0x3a0/0x3a0 [ 2471.154444][T11080] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2471.160563][T11080] ? refcount_inc_checked+0x50/0x50 [ 2471.165749][T11080] ? memcg_check_events+0x5c/0x5b0 [ 2471.170828][T11080] ? proc_fail_nth_write+0x1d5/0x240 [ 2471.176078][T11080] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2471.181243][T11080] ? __lru_cache_add+0x1c4/0x210 [ 2471.186149][T11080] ? memset+0x1f/0x40 [ 2471.190102][T11080] ? fsnotify+0x1332/0x13f0 [ 2471.194570][T11080] ? tty_do_resize+0x170/0x170 [ 2471.199301][T11080] do_vfs_ioctl+0x76a/0x1720 [ 2471.203858][T11080] ? selinux_file_ioctl+0x72f/0x990 [ 2471.209023][T11080] ? ioctl_preallocate+0x250/0x250 [ 2471.214101][T11080] ? __fget+0x37b/0x3c0 [ 2471.218229][T11080] ? vfs_write+0x422/0x4e0 [ 2471.222610][T11080] ? fget_many+0x20/0x20 [ 2471.226818][T11080] ? debug_smp_processor_id+0x20/0x20 [ 2471.232157][T11080] ? security_file_ioctl+0x9d/0xb0 [ 2471.237244][T11080] __x64_sys_ioctl+0xd4/0x110 [ 2471.241887][T11080] do_syscall_64+0xcb/0x1e0 [ 2471.246357][T11080] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2471.252244][T11080] RIP: 0033:0x4665d9 [ 2471.256107][T11080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2471.275684][T11080] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2471.284059][T11080] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2471.291999][T11080] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2471.300026][T11080] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 09:33:23 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) preadv2(r0, &(0x7f0000000400)=[{&(0x7f0000000080)=""/137, 0x89}, {&(0x7f0000000000)=""/52, 0x34}, {&(0x7f0000000140)=""/12, 0xc}, {&(0x7f00000001c0)=""/138, 0x8a}, {&(0x7f0000000280)=""/181, 0xb5}, {&(0x7f0000000340)=""/143, 0x8f}], 0x6, 0x200, 0xfffffffe, 0x1d) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2471.307962][T11080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2471.315938][T11080] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2471.332705][T11080] Bluetooth: Can't register HCI device [ 2472.557013][ T8460] Bluetooth: hci0: command 0x1003 tx timeout [ 2472.563081][T11898] Bluetooth: hci0: sending frame failed (-49) 09:33:25 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:25 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2474.636895][ T2306] Bluetooth: hci0: command 0x1001 tx timeout [ 2474.643209][T11898] Bluetooth: hci0: sending frame failed (-49) [ 2476.716780][ T8460] Bluetooth: hci0: command 0x1009 tx timeout 09:33:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x700000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:33:32 executing program 2 (fault-call:2 fault-nth:29): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:33:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xc) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:33:32 executing program 0: clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:32 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:32 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2480.739726][T11102] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2480.748103][T11102] FAULT_INJECTION: forcing a failure. [ 2480.748103][T11102] name failslab, interval 1, probability 0, space 0, times 0 [ 2480.748308][T11105] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2480.761661][T11102] CPU: 0 PID: 11102 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2480.776787][T12254] Bluetooth: hci1: Frame reassembly failed (-84) 09:33:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2480.779028][T11102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2480.779032][T11102] Call Trace: [ 2480.779047][T11102] dump_stack+0x1d8/0x24e [ 2480.779061][T11102] ? devkmsg_release+0x11c/0x11c [ 2480.807882][T11102] ? mutex_unlock+0x19/0x40 [ 2480.812413][T11102] ? show_regs_print_info+0x12/0x12 [ 2480.817597][T11102] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2480.823641][T11102] should_fail+0x6f6/0x860 [ 2480.828029][T11102] ? setup_fault_attr+0x3d0/0x3d0 [ 2480.833033][T11102] ? _raw_spin_lock+0xa3/0x1b0 09:33:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2480.837779][T11102] ? __kernfs_new_node+0xdb/0x6d0 [ 2480.842825][T11102] should_failslab+0x5/0x20 [ 2480.847304][T11102] kmem_cache_alloc+0x36/0x290 [ 2480.852039][T11102] __kernfs_new_node+0xdb/0x6d0 [ 2480.856864][T11102] ? mutex_lock+0xa6/0x110 [ 2480.861258][T11102] ? kernfs_new_node+0x160/0x160 [ 2480.866181][T11102] ? mutex_lock+0xa6/0x110 [ 2480.870590][T11102] ? kernfs_activate+0x3fc/0x420 [ 2480.875562][T11102] kernfs_new_node+0x95/0x160 [ 2480.880226][T11102] __kernfs_create_file+0x45/0x260 [ 2480.885321][T11102] sysfs_add_file_mode_ns+0x293/0x340 [ 2480.890686][T11102] sysfs_merge_group+0x204/0x440 [ 2480.895778][T11102] ? sysfs_remove_groups+0xb0/0xb0 [ 2480.900878][T11102] ? sysfs_add_file_mode_ns+0x340/0x340 [ 2480.906403][T11102] ? bus_add_device+0x92/0x3f0 [ 2480.911166][T11102] dpm_sysfs_add+0xbd/0x260 [ 2480.915647][T11102] device_add+0xde7/0x18a0 [ 2480.920038][T11102] ? virtual_device_parent+0x50/0x50 [ 2480.925296][T11102] ? h4_open+0x4f/0x140 [ 2480.929438][T11102] hci_register_dev+0x32e/0x710 [ 2480.934283][T11102] hci_uart_tty_ioctl+0x89e/0xa10 09:33:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:33 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2480.939296][T11102] ? hci_uart_tty_write+0x10/0x10 [ 2480.944317][T11102] tty_ioctl+0xf68/0x1710 [ 2480.948654][T11102] ? tty_do_resize+0x170/0x170 [ 2480.953403][T11102] ? avc_ss_reset+0x3a0/0x3a0 [ 2480.958064][T11102] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2480.964203][T11102] ? refcount_inc_checked+0x50/0x50 [ 2480.969397][T11102] ? memcg_check_events+0x5c/0x5b0 [ 2480.974503][T11102] ? proc_fail_nth_write+0x1d5/0x240 [ 2480.979782][T11102] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2480.984966][T11102] ? __lru_cache_add+0x1c4/0x210 [ 2480.989877][T11102] ? memset+0x1f/0x40 [ 2480.993832][T11102] ? fsnotify+0x1332/0x13f0 [ 2480.998311][T11102] ? tty_do_resize+0x170/0x170 [ 2481.003053][T11102] do_vfs_ioctl+0x76a/0x1720 [ 2481.007706][T11102] ? selinux_file_ioctl+0x72f/0x990 [ 2481.012879][T11102] ? ioctl_preallocate+0x250/0x250 [ 2481.017973][T11102] ? __fget+0x37b/0x3c0 [ 2481.022192][T11102] ? vfs_write+0x422/0x4e0 [ 2481.026580][T11102] ? fget_many+0x20/0x20 [ 2481.030803][T11102] ? debug_smp_processor_id+0x20/0x20 [ 2481.036151][T11102] ? security_file_ioctl+0x9d/0xb0 [ 2481.041238][T11102] __x64_sys_ioctl+0xd4/0x110 [ 2481.045884][T11102] do_syscall_64+0xcb/0x1e0 [ 2481.050360][T11102] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2481.056241][T11102] RIP: 0033:0x4665d9 [ 2481.060137][T11102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2481.079860][T11102] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2481.088270][T11102] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2481.096211][T11102] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2481.104158][T11102] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2481.112383][T11102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2481.120339][T11102] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2481.132784][T11102] Bluetooth: Can't register HCI device [ 2482.796278][ T7557] Bluetooth: hci1: command 0x1003 tx timeout [ 2482.802319][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2484.876210][ T2255] Bluetooth: hci1: command 0x1001 tx timeout [ 2484.882344][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2486.956328][ T2255] Bluetooth: hci1: command 0x1009 tx timeout 09:33:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x800000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:33:43 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TCSBRK(r0, 0x5409, 0xfffffffffffffe00) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xe) ioctl$KDADDIO(r1, 0x400455c8, 0x2) 09:33:43 executing program 2 (fault-call:2 fault-nth:30): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:33:43 executing program 0: clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:43 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:43 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) r1 = dup2(r0, r0) ioctl$TCFLSH(r1, 0x540b, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2490.979711][T11147] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2490.988264][T11147] FAULT_INJECTION: forcing a failure. [ 2490.988264][T11147] name failslab, interval 1, probability 0, space 0, times 0 [ 2490.991690][T11144] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2491.002613][T11147] CPU: 0 PID: 11147 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2491.012585][ T7986] Bluetooth: hci1: Frame reassembly failed (-84) 09:33:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x400100, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x0, 0xffffffff, 0xfffffffa, 0x7, 0x1, "c977d90fdad65220fadf676a14a876496fe267", 0x1c94, 0x2}) 09:33:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x2, 0x3, &(0x7f0000000240)=[{&(0x7f00000000c0)="7a743e33f2c5005052500ab8c5d6b0de71f4236e85ef4c7cebc14a3ec9ae8b8413e06cb17ca3aa3fa8390fb138e8dfe1d97ce93dd4e8b1696fef7652a137cf521c068e6a8f14401b051b5bdfb959ff0fc6c5a40c499712cef3f5c8bbdfb3365a86dfd4eef8fe7ee671", 0x69, 0x7b1877a00}, {&(0x7f00000001c0)="e70cdfac740376a2d7b33ce95d63b0399860bcc4a972919d99b21e260b919690071d63382ba907320a264d5e0815a7139a508798777d4a2874a2cbc6ac07cade102b47fc70c2b133c3b016742e94434f46879befd2c60e5e46b8516d5edf0305ff437198f6", 0x65, 0x40}, {&(0x7f0000000140)='\t', 0x1, 0x8}], 0x80410, &(0x7f00000002c0)={[{@min_batch_time={'min_batch_time', 0x3d, 0x3}}], [{@euid_gt={'euid>', 0xffffffffffffffff}}]}) r2 = syz_io_uring_complete(0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xc008ae09, 0x400000) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000480)={0x5, 0x2, 0x6000, 0x1000, &(0x7f0000ff5000/0x1000)=nil}) r6 = ioctl$KVM_CREATE_VM(r4, 0xc008ae09, 0x400000) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r8 = socket$inet_udp(0x2, 0x2, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xc008ae09, 0x400000) splice(r6, &(0x7f0000000400)=0x40, r9, &(0x7f0000000440)=0x5, 0x2, 0x0) close(r8) splice(r1, 0x0, r8, 0x0, 0x80000000, 0xc) syz_kvm_setup_cpu$x86(r7, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000380)=[@text16={0x10, &(0x7f0000000340)="0f01c90f060f5ed30f67b4086064660f388248000f3801af96640f20e06635000010000f22e00fc79a409eb84c000f00d8440f20c0663501000000440f22c0", 0x3f}], 0x1, 0x3a, &(0x7f00000003c0)=[@vmwrite={0x8, 0x0, 0xa, 0x0, 0x3, 0x0, 0x3, 0x0, 0x401}], 0x1) poll(&(0x7f0000000300)=[{r0, 0x30}, {r1, 0x5400}, {r0, 0x120}, {r2}, {r0, 0x8}, {r0, 0xc5c0}, {r3, 0x2080}], 0x7, 0x22b) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2491.019247][T11147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2491.019251][T11147] Call Trace: [ 2491.019267][T11147] dump_stack+0x1d8/0x24e [ 2491.019276][T11147] ? devkmsg_release+0x11c/0x11c [ 2491.019284][T11147] ? mutex_unlock+0x19/0x40 [ 2491.019292][T11147] ? show_regs_print_info+0x12/0x12 [ 2491.019307][T11147] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2491.063805][T11147] should_fail+0x6f6/0x860 [ 2491.068216][T11147] ? setup_fault_attr+0x3d0/0x3d0 [ 2491.073227][T11147] ? _raw_spin_lock+0xa3/0x1b0 [ 2491.077980][T11147] ? __kernfs_new_node+0xdb/0x6d0 [ 2491.082994][T11147] should_failslab+0x5/0x20 [ 2491.087477][T11147] kmem_cache_alloc+0x36/0x290 [ 2491.092212][T11147] __kernfs_new_node+0xdb/0x6d0 [ 2491.097036][T11147] ? mutex_lock+0xa6/0x110 [ 2491.101484][T11147] ? kernfs_new_node+0x160/0x160 [ 2491.106467][T11147] ? mutex_lock+0xa6/0x110 [ 2491.110863][T11147] ? kernfs_activate+0x3fc/0x420 [ 2491.115779][T11147] kernfs_new_node+0x95/0x160 [ 2491.120433][T11147] __kernfs_create_file+0x45/0x260 [ 2491.125515][T11147] sysfs_add_file_mode_ns+0x293/0x340 [ 2491.130947][T11147] sysfs_merge_group+0x204/0x440 [ 2491.135867][T11147] ? sysfs_remove_groups+0xb0/0xb0 [ 2491.140995][T11147] ? sysfs_add_file_mode_ns+0x340/0x340 [ 2491.146513][T11147] ? bus_add_device+0x92/0x3f0 [ 2491.151246][T11147] dpm_sysfs_add+0xbd/0x260 [ 2491.155720][T11147] device_add+0xde7/0x18a0 [ 2491.160212][T11147] ? virtual_device_parent+0x50/0x50 [ 2491.165469][T11147] ? h4_open+0x4f/0x140 [ 2491.169615][T11147] hci_register_dev+0x32e/0x710 [ 2491.174445][T11147] hci_uart_tty_ioctl+0x89e/0xa10 [ 2491.179440][T11147] ? hci_uart_tty_write+0x10/0x10 [ 2491.184451][T11147] tty_ioctl+0xf68/0x1710 [ 2491.188765][T11147] ? tty_do_resize+0x170/0x170 [ 2491.193508][T11147] ? avc_ss_reset+0x3a0/0x3a0 [ 2491.198155][T11147] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2491.204813][T11147] ? refcount_inc_checked+0x50/0x50 [ 2491.209984][T11147] ? memcg_check_events+0x5c/0x5b0 [ 2491.215273][T11147] ? proc_fail_nth_write+0x1d5/0x240 [ 2491.220544][T11147] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2491.225717][T11147] ? __lru_cache_add+0x1c4/0x210 [ 2491.230639][T11147] ? memset+0x1f/0x40 [ 2491.234598][T11147] ? fsnotify+0x1332/0x13f0 [ 2491.239112][T11147] ? tty_do_resize+0x170/0x170 [ 2491.243847][T11147] do_vfs_ioctl+0x76a/0x1720 [ 2491.248411][T11147] ? selinux_file_ioctl+0x72f/0x990 [ 2491.253580][T11147] ? ioctl_preallocate+0x250/0x250 [ 2491.258669][T11147] ? __fget+0x37b/0x3c0 [ 2491.262793][T11147] ? vfs_write+0x422/0x4e0 [ 2491.267214][T11147] ? fget_many+0x20/0x20 [ 2491.271445][T11147] ? debug_smp_processor_id+0x20/0x20 [ 2491.276790][T11147] ? security_file_ioctl+0x9d/0xb0 [ 2491.281872][T11147] __x64_sys_ioctl+0xd4/0x110 [ 2491.286525][T11147] do_syscall_64+0xcb/0x1e0 [ 2491.291021][T11147] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2491.296887][T11147] RIP: 0033:0x4665d9 [ 2491.300758][T11147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2491.320417][T11147] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 09:33:43 executing program 2 (fault-call:2 fault-nth:31): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 2491.328818][T11147] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2491.336774][T11147] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2491.344723][T11147] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2491.352664][T11147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2491.360605][T11147] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2491.369359][T11147] Bluetooth: Can't register HCI device [ 2491.397972][T11167] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2491.409598][T11167] FAULT_INJECTION: forcing a failure. [ 2491.409598][T11167] name failslab, interval 1, probability 0, space 0, times 0 [ 2491.422322][T11167] CPU: 1 PID: 11167 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2491.432540][T11167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2491.442571][T11167] Call Trace: [ 2491.445836][T11167] dump_stack+0x1d8/0x24e [ 2491.450162][T11167] ? devkmsg_release+0x11c/0x11c [ 2491.455071][T11167] ? show_regs_print_info+0x12/0x12 [ 2491.460262][T11167] ? vsnprintf+0x1cb4/0x1d60 [ 2491.464840][T11167] should_fail+0x6f6/0x860 [ 2491.469233][T11167] ? setup_fault_attr+0x3d0/0x3d0 [ 2491.474407][T11167] ? __alloc_skb+0x75/0x4d0 [ 2491.478995][T11167] should_failslab+0x5/0x20 [ 2491.483472][T11167] kmem_cache_alloc+0x36/0x290 [ 2491.488206][T11167] ? mutex_lock+0xa6/0x110 [ 2491.492598][T11167] __alloc_skb+0x75/0x4d0 [ 2491.496904][T11167] alloc_uevent_skb+0x73/0x220 [ 2491.501666][T11167] kobject_uevent_env+0xaee/0x1000 [ 2491.506767][T11167] device_add+0xf42/0x18a0 [ 2491.511153][T11167] ? virtual_device_parent+0x50/0x50 [ 2491.516416][T11167] ? h4_open+0x4f/0x140 [ 2491.520540][T11167] hci_register_dev+0x32e/0x710 [ 2491.525361][T11167] hci_uart_tty_ioctl+0x89e/0xa10 [ 2491.530356][T11167] ? hci_uart_tty_write+0x10/0x10 [ 2491.535351][T11167] tty_ioctl+0xf68/0x1710 [ 2491.539653][T11167] ? tty_do_resize+0x170/0x170 [ 2491.544384][T11167] ? avc_ss_reset+0x3a0/0x3a0 [ 2491.549032][T11167] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2491.555157][T11167] ? refcount_inc_checked+0x50/0x50 [ 2491.560327][T11167] ? memcg_check_events+0x5c/0x5b0 [ 2491.565428][T11167] ? proc_fail_nth_write+0x1d5/0x240 [ 2491.570689][T11167] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2491.575866][T11167] ? __lru_cache_add+0x1c4/0x210 [ 2491.580775][T11167] ? memset+0x1f/0x40 [ 2491.584730][T11167] ? fsnotify+0x1332/0x13f0 [ 2491.589224][T11167] ? tty_do_resize+0x170/0x170 [ 2491.593959][T11167] do_vfs_ioctl+0x76a/0x1720 [ 2491.598522][T11167] ? selinux_file_ioctl+0x72f/0x990 [ 2491.603689][T11167] ? ioctl_preallocate+0x250/0x250 [ 2491.608770][T11167] ? __fget+0x37b/0x3c0 [ 2491.612894][T11167] ? vfs_write+0x422/0x4e0 [ 2491.617295][T11167] ? fget_many+0x20/0x20 [ 2491.621503][T11167] ? debug_smp_processor_id+0x20/0x20 [ 2491.626841][T11167] ? security_file_ioctl+0x9d/0xb0 [ 2491.631923][T11167] __x64_sys_ioctl+0xd4/0x110 [ 2491.636571][T11167] do_syscall_64+0xcb/0x1e0 [ 2491.641064][T11167] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2491.646937][T11167] RIP: 0033:0x4665d9 [ 2491.650802][T11167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2491.670474][T11167] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2491.678851][T11167] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2491.686791][T11167] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2491.694732][T11167] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2491.702683][T11167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2491.710665][T11167] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2491.722601][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) 09:33:44 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000ac0)=@ipv4_newrule={0x58, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_IIFNAME={0x14, 0x3, 'lo\x00'}, @FRA_DST={0x8, 0x1, @remote}, @FRA_FLOW={0x8, 0xb, 0x9}, @FRA_DST={0x8, 0x1, @multicast1}, @FRA_DST={0x8, 0x1, @private=0xa010102}, @FRA_FLOW={0x8, 0xb, 0xaa2}]}, 0x58}}, 0x0) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10010040}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10001}]}, 0x28}}, 0x8041) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) sendmmsg$sock(r2, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="251ff2919275d61ebad811eb024b75ccd6d4c488bca2a9b835f5b0ad6902cf20173a58e8ad08210c3380adbbc146f80f17834efb44aa83b33ebda2c485c8d7fd8893207a7abf9a7ac0e99cd2ff9c58d3bbd780c443c51afae6c0d39693a77087f1a371", 0x63}, {&(0x7f0000000240)="fa0eb86078874cab9b326d90df555750a3dc0f35429edd4eaaa8d576c8c41ec5b17722f46063169166ba5cbd3af2c9fb79d783f0dfe2b933fd0640b2b9f1e2b89002032e412b9615b01104bb7812a072419eb61d411b5784414e701ca2444ec393bdc095553a87974ca1b41938e24f99b2fc9c81e75eefa555bb9442dbd2f2a3876250476c899d8be832faa64dd459caaa8ed9a8ca49f37528923dededc8b0de0952c2fe8b4b0cb192", 0xa9}], 0x2}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000300)="8b60095c6bb7156820202165e75882ba38fb5e6be1d7133d2f782212e25a19a5ab2f7557d7e3195eecbd4a1e0c2adbcc5a19ec8433487d0d47041ab46b7746920401eb188a48341b646a3e6c96a3176965790e95f477bc5e263955c434f99616aecf5dc82b4ceb3d3b181c118259397380121a61cb5643902caefb35a6d5cdef951f1052dddbc4ab8a", 0x89}, {&(0x7f00000003c0)="d603b39b7b999a27138f1e912c8c84c932ae3bf5d6dff6e181733104bc5e85df7911a61f35c4899ea3b962112c2fa87d032c35e451cb9188f6e0f837b88ba189a4680498b39ea963d090cb2632865fc76ec7e771b0807fe2301ad2042b7b5f3521dd0c375008cc", 0x67}, {&(0x7f0000000440)="60362ec030524bf716f085e436e5b6ec68b686050e9cc62311008f9edd28b65d892a292dc3e90020b621a439f59f8792cdb67ad65cdcbdd1bd9f9139b928185adf7e4f5dc0f6e96ff7600479d506f170ee39706d230c46fdec1cb1bfd9fc038d94a9e73a3e03f55346c0219b6ebe435d7a8c7f3d73adace201b722e2500b83ec92e44c539c6b0dc604bc26becfbc26501f1b8db5411bb021956769", 0x9b}, {&(0x7f0000000500)="25dc771c7f45a4b12b19c8ce95625a6dbea7378f191d30f5ddad5835048e3f6e68ce1fcc362aef6434d06149fc44f9cb3d80070db901a5704122f2e65b74bff2ec0d715ef21548db7b6d647e6f368e89468ac3c82c733918b951807873b4aec00ec62f83153036d748c24f4dd506250d829d20a2849edcd2979abbaaad467a8b203d84b5573a1f467f16bdc4fd2b20c586a603dfe6be709ebcf3c43e83f4816129251eb5e8747caab0169b682e", 0xad}, {&(0x7f00000005c0)="720bd007118c4badbf994e00b2c6776051fd2281e00b3f6013f987787dba1c44b418f5b4ca09a0265b770d7ebc7f075096569ba904a2505608c588ade6983928ee9c4a7fa19771a995e9935ed513420305a35d661fa76aac93f7b49968556e93f559f8dc86bdb23b5542822e47a4f74ee57a055dc96ee264ef73c4060561576bba540b", 0x83}, {&(0x7f0000000680)="3b72be6e44e15c17a6c422811034bbb4374c460e1188066cc79dceb0b9fc2c237c1edf2f08df17095ea218651bef55b13c6cc7f54757576a9530343fcaece29a0fafe9eee285115ea5c8c6e4ae4cd12c1ce0ff", 0x53}, {&(0x7f0000000700)="753fce716c19753d40f8c3c3", 0xc}, {&(0x7f0000000740)="7062a68ff15552cc36654686df66a46474be03d7b17cfc2a4a3047aa9e87bd4dec71fad1281fd242ffc841df96a5d68ad3e5e9ac2e4cb9b4a887eea8058425f916175be2d2a23e431fe18ef3a0471299b2b8b21f8fe3630c157f607e0e27c66519e7a0c05182cd1b9adc628e5b198c4997d7aa193374f3ddced442b4b1aa80146559425271218903e017c5c1a88e9c03a4cab6633bac5f07859b3c1c8e47f12ae7e8566dda574d3858ae81be4939", 0xae}, {&(0x7f0000000800)="9f2cd3cd14419c9deafcd0e86ddb757bde0f19ec7945cd3842d0d5a838a8fe9e4172771c494ff4350d85a61a1a1f2a4ce697d8fefe530b0116d1ff44804a37deca0b2ae249cef2674e779c5d02f1b3da813532bb7fde78675289d43f3112021da7f12fd57b181af9a99f5f", 0x6b}, {&(0x7f0000000880)="1cd7296dc4e577ab803f7a671ff260d60a23f2960754c53f74c69ea5137630608037196075cd6bd06f0ce2a634271b42e9f64138206978a51d2ade512cb0930b501da7391449b40119f58afc0a2f25c22e9383c923325d53d52c26280f4df5678dfc5e4f0b6a319674bdd913a3c7aa31f991207586068a173dcdeab7ec1d209c1bc023d106f99247080b27ec922453cf9f1180217e5b77a2ccdaef202a5332cc21007ee22fd87172a8bb4555a964e02275ded04ca30f45722154f6f50c2aeabad7464239c15c974eacbea4f0ea968ddf2630ae3d0293520aaef0545243bdb2c52b94f570d04c63", 0xe7}], 0xa}}], 0x2, 0x804) ioctl$KDADDIO(r1, 0x400455c8, 0x2) 09:33:44 executing program 1: syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f0000000080)={0x1}) syz_emit_ethernet(0x58, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaa12bbbbbbbbbbbb0805028dff11ec03482945ce361e5bdd58332fba4ed3724360ea5c9e5d886ca5fabaeab9e886b140730129923da93c7d7c43e07b64f8ab9816a3cc4e407cfdf90654e4f487ce20bc3cc49849"], &(0x7f00000001c0)={0x0, 0x2, [0x5f4, 0x99d, 0x9a, 0x966]}) syz_extract_tcp_res$synack(&(0x7f00000000c0), 0x1, 0x0) [ 2493.035426][ T2255] Bluetooth: hci1: command 0x1003 tx timeout [ 2493.041459][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2493.755369][ T2255] Bluetooth: hci0: command 0x1003 tx timeout [ 2493.761503][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2495.115346][ T2255] Bluetooth: hci1: command 0x1001 tx timeout [ 2495.121500][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2495.835307][ T2255] Bluetooth: hci0: command 0x1001 tx timeout [ 2495.841375][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2497.195172][ T2255] Bluetooth: hci1: command 0x1009 tx timeout [ 2497.915134][ T2255] Bluetooth: hci0: command 0x1009 tx timeout 09:33:53 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x80000001, 0x0) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x4) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r1, 0x0, r4, 0x0, 0x80000001, 0x0) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000000)={0x9, 0x7, 0x84b, 0x3, 0xb, "aba0cfb8a599aa19d204e9f38d8546fbae2451"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:33:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x900000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:33:53 executing program 0: bpf$PROG_LOAD(0x5, 0x0, 0x0) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:53 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TCFLSH(r0, 0x540b, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KDADDIO(r1, 0x400455c8, 0x2) 09:33:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000000)={0x401, 0x9, 0xff0d, 0xdc1d, 0xc, "daaf6a6b23ffb15e"}) 09:33:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2501.217215][T11190] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2501.230982][ T7] Bluetooth: hci1: Frame reassembly failed (-84) 09:33:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xc008ae09, 0x400000) read(r3, &(0x7f00000001c0)=""/138, 0x8a) ioctl$VT_RELDISP(r2, 0x5605) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r1, 0x0, r4, 0x0, 0x80000001, 0x0) ioctl$GIO_FONT(r1, 0x4b60, &(0x7f0000000080)=""/71) 09:33:54 executing program 2 (fault-call:2 fault-nth:32): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:33:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xb) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x8, 0x9, 0xfffffff9, 0x45, 0x1a, "9a03b0fee3e93a85c862f6e73b7c59f1e5c6ff"}) 09:33:54 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/ldiscs\x00', 0x0, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x180) fchownat(r2, &(0x7f00000008c0)='./file0\x00', 0xee00, 0xffffffffffffffff, 0x1000) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r2) sendmsg$NL80211_CMD_SET_BSS(r2, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2400004}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="40000002", @ANYRES16=r3, @ANYBLOB="000228bd7000fcdbdf251900000008000300", @ANYRESDEC=r3, @ANYBLOB="0c009900010100eb53000000050060000000006436b4b943b0d84631000000000000ab8d32b64a321ab05ce6972c3ff4326f0622c092177ecf772d9b51550517770b059e6b60fe983be46590bba38e199b5c9f255949a09ac3dc1deeb68efe137d0d8dcf4bd87b3c7a8eebd487a380346a27e4221dbaaf8442daa182b0e0847011cbaa37d4e19fde00e43732cb64f14d0098"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4004095) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan1\x00'}) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NL80211_CMD_GET_INTERFACE(r4, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000640)={0x20, r3, 0x400, 0x70bd29, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x4, 0x2b}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4004000}, 0x800) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r5, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r5, &(0x7f0000000040)=ANY=[], 0xa) writev(r5, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r5, &(0x7f0000000140)=ANY=[], 0xfef0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000480)={{{@in=@multicast1, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@loopback}}, &(0x7f00000001c0)=0xe8) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000280)={'syztnl2\x00', &(0x7f0000000580)=ANY=[@ANYBLOB='erspan0\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r6, @ANYBLOB="0010001100003b9d0000000840b80040002000150290780a0101d20750a42e01e0000804000000aaac1414bbffffffffac14141a000000000a010102ac14143e00009b6c2635"]}) sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r3, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1, 0x27}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x58}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x3f}]}, 0x38}, 0x1, 0x0, 0x0, 0x44801}, 0x8000) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r7, 0x400455c8, 0x2) [ 2501.856292][T11221] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2501.867234][T11221] FAULT_INJECTION: forcing a failure. [ 2501.867234][T11221] name failslab, interval 1, probability 0, space 0, times 0 [ 2501.880878][T11221] CPU: 1 PID: 11221 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2501.891256][T11221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2501.901296][T11221] Call Trace: [ 2501.904569][T11221] dump_stack+0x1d8/0x24e [ 2501.908874][T11221] ? devkmsg_release+0x11c/0x11c [ 2501.913784][T11221] ? show_regs_print_info+0x12/0x12 [ 2501.918957][T11221] ? vsnprintf+0x1cb4/0x1d60 [ 2501.923522][T11221] should_fail+0x6f6/0x860 [ 2501.927976][T11221] ? setup_fault_attr+0x3d0/0x3d0 [ 2501.933001][T11221] ? __alloc_skb+0x75/0x4d0 [ 2501.937610][T11221] should_failslab+0x5/0x20 [ 2501.942094][T11221] kmem_cache_alloc+0x36/0x290 [ 2501.946855][T11221] ? mutex_lock+0xa6/0x110 [ 2501.951258][T11221] __alloc_skb+0x75/0x4d0 [ 2501.955585][T11221] alloc_uevent_skb+0x73/0x220 [ 2501.960319][T11221] kobject_uevent_env+0xaee/0x1000 [ 2501.965408][T11221] device_add+0xf42/0x18a0 [ 2501.969843][T11221] ? virtual_device_parent+0x50/0x50 [ 2501.975183][T11221] ? h4_open+0x4f/0x140 [ 2501.979329][T11221] hci_register_dev+0x32e/0x710 [ 2501.984153][T11221] hci_uart_tty_ioctl+0x89e/0xa10 [ 2501.989169][T11221] ? hci_uart_tty_write+0x10/0x10 [ 2501.994165][T11221] tty_ioctl+0xf68/0x1710 [ 2501.998484][T11221] ? tty_do_resize+0x170/0x170 [ 2502.003217][T11221] ? avc_ss_reset+0x3a0/0x3a0 [ 2502.007864][T11221] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2502.014004][T11221] ? refcount_inc_checked+0x50/0x50 [ 2502.019180][T11221] ? memcg_check_events+0x5c/0x5b0 [ 2502.024279][T11221] ? proc_fail_nth_write+0x1d5/0x240 [ 2502.029545][T11221] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2502.034717][T11221] ? __lru_cache_add+0x1c4/0x210 [ 2502.039736][T11221] ? memset+0x1f/0x40 [ 2502.043689][T11221] ? fsnotify+0x1332/0x13f0 [ 2502.048162][T11221] ? tty_do_resize+0x170/0x170 [ 2502.052894][T11221] do_vfs_ioctl+0x76a/0x1720 [ 2502.057470][T11221] ? selinux_file_ioctl+0x72f/0x990 [ 2502.062651][T11221] ? ioctl_preallocate+0x250/0x250 [ 2502.067734][T11221] ? __fget+0x37b/0x3c0 [ 2502.071856][T11221] ? vfs_write+0x422/0x4e0 [ 2502.076240][T11221] ? fget_many+0x20/0x20 [ 2502.080452][T11221] ? debug_smp_processor_id+0x20/0x20 [ 2502.085790][T11221] ? security_file_ioctl+0x9d/0xb0 [ 2502.090870][T11221] __x64_sys_ioctl+0xd4/0x110 [ 2502.095515][T11221] do_syscall_64+0xcb/0x1e0 [ 2502.099985][T11221] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2502.105854][T11221] RIP: 0033:0x4665d9 [ 2502.109765][T11221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2502.129347][T11221] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2502.137755][T11221] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2502.145705][T11221] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2502.153666][T11221] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2502.161611][T11221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2502.169590][T11221] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2502.188641][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 2503.274635][ T7557] Bluetooth: hci1: command 0x1003 tx timeout [ 2503.280739][T11169] Bluetooth: hci1: sending frame failed (-49) 09:33:56 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:33:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x623c0, 0x0) ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000001c0)={0x6d, "69bc437d290c95edf20768950e90c68446dd18abf91ca6009a8056b358bb69575823d1389d5897bd3088a6fbb5aef60c4928555248e98c58365c7a7ec9d22b56eae27725ae68314ead9f9077e8d080903f75cd8bd81a5358cba336a5b4f3fe0f724c18be9bba152f32029db25d7e16f8433c7bfcd1df0e3bcb11d75559c29c3aebb1059f81b2d6438e724313ac9bebe3bf351db560ab26e5ffe20b12a37804768a9c3ab939181bb3927107b5e8b28225e430d3921db92ab33f1c1ca3585119cb497d05c4f163b68dc813177dc256119eeada2ca98844d966db4d88418910a3543bc3ff30fad8df0f54735ceb1807e5926996b23b1a09fd0a42e6798df28aa85761a731acde46bdb2ab0eeb12a09679b43c839dedc001bd18231976cc8ae364a4d204982b1c7f81863687bba9f01fc7f7a20689bf3042e606018eacbd28447f81428b3f332dc0899fdb15c866f9b8897633dc5ffcefaacb42139fcbb0a23193e234d6b97c0003e73d6cb8d5c9c1f9e3101e1f57b1f0de38b724c52bb164cd52ec7bae88ceeee9452ae998159885356d7f95523c9152957c168f22f920541ea255ef2828076894a1ce62f41d0c4a2b87c039a8348992fe098fa4a48e67f9e5ef3ad26fff33f8d47feb0da1c6773c4e71095c7f6a597ab37ffc8125fdb4156868ddeb926f74757b3d12d16d85ce0201a4167ce99303be71c9f3b12f82da0dbf58de"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xc008ae09, 0x400000) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000080)) r3 = socket$pptp(0x18, 0x1, 0x2) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000000, 0x10010, r3, 0xb496b000) [ 2504.244538][ T2661] Bluetooth: hci0: command 0x1003 tx timeout [ 2504.250566][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2505.354472][ T2661] Bluetooth: hci1: command 0x1001 tx timeout [ 2505.360673][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2506.314441][ T2661] Bluetooth: hci0: command 0x1001 tx timeout [ 2506.320460][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2507.434379][ T2661] Bluetooth: hci1: command 0x1009 tx timeout [ 2508.394306][ T2661] Bluetooth: hci0: command 0x1009 tx timeout 09:34:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xa00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:34:03 executing program 0: bpf$PROG_LOAD(0x5, 0x0, 0x0) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:03 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xc008ae09, 0x400000) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/183, 0xb7}], 0x1, 0x8, 0x401) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x341040, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x2) 09:34:03 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) syz_open_pts(r0, 0x400000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14}, 0x14}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x52, &(0x7f00000000c0)={&(0x7f0000000000)=@bridge_setlink={0x94, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@IFLA_AF_SPEC={0x8, 0xc, 0x0, 0x0, [@AF_BRIDGE={0x4e00}]}, @IFLA_AF_SPEC={0x6c, 0x1a, 0x0, 0x1, [@AF_INET6={0x54, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}, @IFLA_INET6_TOKEN={0xffffffffffffff92, 0x7, @private1}, @IFLA_INET6_TOKEN={0x14, 0x7, @dev}, @IFLA_INET6_ADDR_GEN_MODE]}, @AF_BRIDGE={0x4}, @AF_INET6={0xc}, @AF_MPLS={0x4}]}]}, 0x94}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x140) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f00000001c0)={'gretap0\x00', &(0x7f0000000140)={'erspan0\x00', r3, 0x20, 0x700, 0x5, 0x3, {{0x5, 0x4, 0x1, 0x7, 0x14, 0x64, 0x0, 0x8, 0x4, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000200)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x45, r6}) ioctl$KDADDIO(r5, 0x400455c8, 0x870) [ 2511.457477][T11243] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2511.477348][T11251] bridge0: port 1(bridge_slave_0) entered disabled state 09:34:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000080)={0x7, 0x8, 0x1, 0x4, 0x1f, "1e4e74c808abfd04849cae5eb708c0a0e67035", 0xfff, 0xe7}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2511.512602][T11253] bridge0: port 1(bridge_slave_0) entered disabled state 09:34:04 executing program 2 (fault-call:2 fault-nth:33): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:34:04 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x12) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:34:05 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r2, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0xa) writev(r2, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfef0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x14) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x80000001, 0x0) r5 = openat(r3, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f00003d4000/0x2000)=nil, 0x2000, 0x0, 0x12, r5, 0x78f4f000) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) fcntl$setownex(r0, 0xf, &(0x7f0000000100)={0x0, 0xffffffffffffffff}) getsockopt$inet6_tcp_buf(r1, 0x6, 0x2, 0x0, &(0x7f00000005c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:34:05 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = syz_open_pts(r0, 0x602000) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x9, 0x9, 0x1, 0x3, 0x8, "2849043b60866c9b083756b1fad47a4dd5c460"}) r2 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000100)={0x4, 0x9, 0x9b2, 0x40, 0x13, "a9a7b4eacbbe28c4f309bb718587a7cf95861f"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r3 = syz_open_dev$vcsu(&(0x7f0000000000), 0x4, 0x503583) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r3, 0x8008f512, &(0x7f0000000080)) [ 2512.734363][T11264] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2512.742875][T11264] FAULT_INJECTION: forcing a failure. [ 2512.742875][T11264] name failslab, interval 1, probability 0, space 0, times 0 [ 2512.758488][T11264] CPU: 1 PID: 11264 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2512.768727][T11264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2512.778773][T11264] Call Trace: 09:34:05 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r2, 0x50009417, &(0x7f00000001c0)={{r2}, 0x0, 0xc, @unused=[0x9, 0x1, 0x2], @devid}) r4 = syz_open_dev$vcsn(&(0x7f0000000080), 0x6, 0x14400) r5 = socket$packet(0x11, 0x2, 0x300) ppoll(&(0x7f00000000c0)=[{r1, 0x28}, {r3, 0x8000}, {r4, 0x1080}, {r5, 0x2}], 0x4, &(0x7f0000000100), &(0x7f0000000140)={[0x60]}, 0x8) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2512.782058][T11264] dump_stack+0x1d8/0x24e [ 2512.786389][T11264] ? devkmsg_release+0x11c/0x11c [ 2512.791325][T11264] ? show_regs_print_info+0x12/0x12 [ 2512.796520][T11264] ? vsnprintf+0x1d60/0x1d60 [ 2512.801106][T11264] should_fail+0x6f6/0x860 [ 2512.805521][T11264] ? setup_fault_attr+0x3d0/0x3d0 [ 2512.810540][T11264] ? vsnprintf+0x1cb4/0x1d60 [ 2512.815113][T11264] ? skb_clone+0x1b2/0x360 [ 2512.819502][T11264] should_failslab+0x5/0x20 [ 2512.823976][T11264] kmem_cache_alloc+0x36/0x290 [ 2512.828766][T11264] skb_clone+0x1b2/0x360 [ 2512.832994][T11264] netlink_broadcast_filtered+0x5d1/0x10a0 [ 2512.838780][T11264] netlink_broadcast+0x35/0x50 [ 2512.843522][T11264] kobject_uevent_env+0xb1f/0x1000 [ 2512.848667][T11264] device_add+0xf42/0x18a0 [ 2512.853058][T11264] ? virtual_device_parent+0x50/0x50 [ 2512.858313][T11264] ? h4_open+0x4f/0x140 [ 2512.862608][T11264] hci_register_dev+0x32e/0x710 [ 2512.867485][T11264] hci_uart_tty_ioctl+0x89e/0xa10 [ 2512.872488][T11264] ? hci_uart_tty_write+0x10/0x10 [ 2512.877489][T11264] tty_ioctl+0xf68/0x1710 [ 2512.881790][T11264] ? tty_do_resize+0x170/0x170 [ 2512.886530][T11264] ? avc_ss_reset+0x3a0/0x3a0 [ 2512.891292][T11264] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2512.897438][T11264] ? refcount_inc_checked+0x50/0x50 [ 2512.902640][T11264] ? memcg_check_events+0x5c/0x5b0 [ 2512.907726][T11264] ? proc_fail_nth_write+0x1d5/0x240 [ 2512.913019][T11264] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2512.918194][T11264] ? __lru_cache_add+0x1c4/0x210 [ 2512.923108][T11264] ? memset+0x1f/0x40 [ 2512.927063][T11264] ? fsnotify+0x1332/0x13f0 [ 2512.931536][T11264] ? tty_do_resize+0x170/0x170 [ 2512.936273][T11264] do_vfs_ioctl+0x76a/0x1720 [ 2512.940839][T11264] ? selinux_file_ioctl+0x72f/0x990 [ 2512.946009][T11264] ? ioctl_preallocate+0x250/0x250 [ 2512.951094][T11264] ? __fget+0x37b/0x3c0 [ 2512.955222][T11264] ? vfs_write+0x422/0x4e0 [ 2512.959619][T11264] ? fget_many+0x20/0x20 [ 2512.963849][T11264] ? debug_smp_processor_id+0x20/0x20 [ 2512.969193][T11264] ? security_file_ioctl+0x9d/0xb0 [ 2512.974282][T11264] __x64_sys_ioctl+0xd4/0x110 [ 2512.979137][T11264] do_syscall_64+0xcb/0x1e0 [ 2512.983613][T11264] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2512.989478][T11264] RIP: 0033:0x4665d9 [ 2512.993360][T11264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2513.012933][T11264] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2513.021329][T11264] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2513.029378][T11264] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2513.037326][T11264] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2513.045272][T11264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2513.053214][T11264] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2513.513813][ T8460] Bluetooth: hci1: command 0x1003 tx timeout [ 2513.520306][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2515.113728][ T8460] Bluetooth: hci0: command 0x1003 tx timeout [ 2515.119774][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2515.593670][ T2255] Bluetooth: hci1: command 0x1001 tx timeout [ 2515.599764][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2517.194050][ T2255] Bluetooth: hci0: command 0x1001 tx timeout [ 2517.200073][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2517.673612][ T2255] Bluetooth: hci1: command 0x1009 tx timeout [ 2519.273476][ T7557] Bluetooth: hci0: command 0x1009 tx timeout 09:34:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xb00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:34:13 executing program 1: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000080)={0x2, 0x13, 0x3, 0x4, 0x0, 0x7}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x2) 09:34:13 executing program 0: bpf$PROG_LOAD(0x5, 0x0, 0x0) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:13 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:13 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:13 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) syz_open_pts(r1, 0x0) r2 = syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x401, 0x6, &(0x7f0000001400)=[{&(0x7f00000000c0)="ef3b056f70538f2066374697ff3faacc322c907bc8f0", 0x16, 0x7}, {&(0x7f00000001c0)="c77d6b1b5f05d63aab97370a724bdcf6b12de65284d159df156b05474aeddd2dde2df901efa7b61b9e9dacc752a2c0367b49f89950baa4e9eb0a9bcbcd67f2341b5e57838d5dc4876802701902260818943b5b068e22b5c3c8fb9022d7174ddfa38407f16b5540460b4618cca78e4d7d23d11837f509db01e49de1d66f687e6b2f2142f600df4aa9d3cac0e02ca98814c138b832c3901bfbc07202aea31ba19a4bfbebc37e2e11fd13f1eb8a8a22de89cd480d55718ed31c3986d987f204c046866968db627bca5bffc49918e3346acf8f231277c118719227b2b860544f4285274f87e98a30", 0xe6, 0x20}, {&(0x7f0000000100)="795adaad94e34aed3d368c164da2d2ae1d1a8e10cd474aaefeed24bf3dcc0e507d4e9c1423ada5a3a736763dabb4e8d9edd627a38268a17e70007d5e1e07ad5888549af7a019ed2d60a64150bb1c3bcecd2e92b07fd705716a51f6f5d828fd75", 0x60, 0x8}, {&(0x7f00000002c0)="daded7f217d1ec613f38b2b749d031d77f03bbe2ecf31ad16a4e486a532e03fa8b929bdf34346d0cfb004bc7cba44ffcab7d044f0fc832eef3b8659880ccc4e96fa179feab2aba08dbc9835bb27da6911acfd2fa3a3bfcb539d5d1b50dd34d019a3c2b60ac49a44ba63e204f1c039eeb75b2873666983fc6b6d596cdd76b390129b482ac238422b619a6c031fe5cb56e7959dc629c834f37648c887b4d5224a6f554fb80be1e1962936919cc0304acf477013acf82a97ed84a731822c855fbe31d2b83a04bc4953bacd20590a0429e2bb4a6ff3910bdf60bd4eae98cd2ac94319df389321eb9df0a1c03ec6a8932a5885e81f0c6a88701b33b0e77fac5dd1052cd6227152bc0bdf8e33c73ca1c3827ed9485750ffc891cc958f165990acda18ab7946fc12a37e0f8ff497b426b43d6ba15292f47a686d72e42764a43611b5ff4e597879f1add2f25220f16bc1c0d298870d7a3ea17ad50c3217005de6241a05c55e3cb621c11524994dc59d9a679288e47a682432d54d7f2c9ca0f3886110c79ec594f690cd501bd31e6f6d8c4d74a84abfd7e428c4f2eaacadadf7863c1ecd06a39ccdf10409ef1d1b087733ecb8036a40845e70a4841f7ec61b1262175937f10b087145775ae3f1fd1dd81fe2bd1c63e1cef1cb82ff9ff0a3bf61808615a10bedc58b79a640c3990fb3a71765cdc87931c7db6fa4c50408377dd9aff6d7d93c5950e06134b5aafd1569c88c70c28be51bb87e753f7cf0e7532d988edc9decb94cbfcb3bbb172f6b62f18091c736e1ffbb811cddf31e4398053e373e28430031bbb6b8002c2c2a5fc7009fac33820d15e378d7d7842daa51b8010f0de3268036647cababb040f90fbd3274eae93191f5f10c5b85636e3bd98dd46ad07aa73b420e285b6779b61d2f31491dbddd60db8f7f1a85f313fc4f576977f77a588c0ba2524fb2a6d47580a734d3691f60a5307a03c33071a0cf5d8c6a36594468ccd1b72cf69f230af94e7350cb0ce2abf60083198e7edad963b6414b69fb4ec382dfb7ac1c812a1dae512a6cb6df474bdd0d46a9a3ff53ae99b71c5197787c39b03d2dc8f9c3cd413afe3aa9d44e19eab61f494006490b09123a423e97965ddc3f045ead45bd2abe8327be17bc279ca8cf5937193050c71b1bc46e1a0bbeab5b0a40c1385eb3086bf3c013c6dbe6ca5880d8f840b8214080476feb3736bced8d48bee34864cb93d363bbee28e4a2c290520fd89dc56c744d8cd6881616d311c501ed1b4cfd2f0ef372fe206141fb2f0dd6588dd502a2b3d4ecaa3493d58f2f63dcbf34f7e90c33c6065e6048d539b84cf113191c90e13d8bd0a797a792c99d39667a8ea6b9f50196c5689b41f7c0c0e6f1a14c2f412964607a25db1454437e037394c628101f4c3ae536d4b0b8f648c37bdd8f8f9045562cf85afec8544d1b6608e3b0d36794f35d9da6d224c8cb65344d1a7db2176a784160a9b455bc46556322b72a51c15bc055ed14376006a7791af892f61daf11401a4e83db7d793cadb259cb370ca4aa0717deb4d411b11324792383828903ce57cd7ffbf781a07bdd9221cd3249212955f62b347544ffc33db0093dca9bb6d9fb00d44b1f0bc1638f608d0b4c985901278b6ce84979a6a89a58a6f1a89c69cb121d370af35e987023621e1804449d02dee00f4c61452381b2b170e292adcfb090516068067147d32ceedd278785b84ca17e84d054da1c7da2cedb5c7b9af23f587fc29ef67facc83b681233bf747ab8a31a8da95714320220eeeef303d0be0323388a3c904ca8234ec4df1e2fcf423719cbbd9f9fd22173adc09682e78413d935c2bb1a11087e1d342215f43774413a75719fd40a7f52aee25b63a5d0a8c0ac25241c3e5f916b557b0beaa04f02aed92eee6b68f0924cc0788acf9064dafbf858a0defb067b8a3d4cd4b6514c8c5cc11f92bbbaa5cbdfba6693a17b1d38923c2278307d731cdb4d9f7cb467db1058d1888e389252cb235e1c4eb9b4147cf9201c435fcaf245385203a4997839f75f623715ed5ad1df3552d8b44b0668bc65dd93165fea73a802110f0b60642af7795393f41d5e80eb241a638eeea5c55cf22c9a2e550cf66bbd3e32a4bbe6a968c9f122db6de300386adbd611b09018c2273e9d9fb4b23d3ca35175fd9e23eafcece1d93986ea85758660703fe7e83ac0b07fc2ea735537229bbead043b25299179156ffb3b465c08d94ef435d3521388ada5aaef977af85ec2d0a255f039ddf0c80ce71a5ae0ef1887a418f6d96a3fdf4804f627396a3144df5826817e7063dc7fff55e657b11fdf36ef6189ef340363f6d512704c70005202352d895adbccde9452921f9c67dd79c45468981fba857a2198fbd712140fdbf7d1106619f0c0c926f047faf833eca3586cdb37382c014dc5a73fa711d4ec824b02f50a817d4f99e5cbd3be5ad53f736b4fc118393affd1c17464684f2c5a425ea37ae09a3b3e2e5e19b807069e86ad145786e9a654730333dc1e69d6613198a89e3de439c4e4b5d4f62e9cdc260760be5612e6d020d1baad8d4349919d6bcd48a34f4d676f7df30d51fe47cac83f53904e8d7860b6c01bd0d185329a21b608d104a7066992d69e4140c03898ee9f2a60e3bf9148f41a8bf3eb456146fb2d973bc678e814f939721651d0b3c6c93c52c88d28cd04560477a5a5c200f068c99dec7b11778e26a844ae6c46b24446ff6300f490813f2b848d8ab976be5dec0948cf4f5043485ebd34435087674002a65c9c606beff67edbccb17f9116f5feaf66d09531918874b86e1ed549eb51b7a0bc4cb1a696759eb5d1d61844042bcde21ac10acc8570044b58b35a029cfaa1e78da06ae234a4bea8274e7a5d17d208d3beff27fc2061e05bd2656af1fbb4a83066fb715288eaa2814a93680c7e875fce0971cd51734b0b284b1e4171509822788fe7bc223de32cbc602f97704344b133ec91d2f3396f1a2f8a1cf3acf3159a5a20d4a72667a68254fdccdee074ead61b328bd6d15db533f1076ddd14dc5bcc60a3f7ac0650c04fb9e9f1d94c4408fdfbc811759153f22df77d9d15a0fd575c7192dcd0a0e4d991bf55ea595bde2d4ca5c233b34a80bb0d1c4c9a61c3d19f4d0480ece83629ad783e05394977b0c1715785b4c2e1da606a4b4bcc0755e8d805cde656421f20c59bd8af333145866b6219b2e16a3af172327d4a247837d07c0947a66f2992dc30058e7ce1bf3124b10a7ddf6ec0c10c257577df178675555bbeac2c1bda6f245c732e1179951213d0912a7b79e07bd3f63a3c671667165753b6c3295942d59abe4aecf9cf82b9c07ce274c72352accc69114b0a89d79e86d1db6e583428cc999de21d53663b6d8354573302cf129b603c8b3829e3eb7bccaaf236d9989ebdb17e86fe9e84a116b669b799b95746e96db03e32c74be021071c38518c16aefe020ac249c85f22484b1f1d5542a783e71a87b03ff096aa81e4cccc6706a5f3449384d5991027efc31adcccd4305765c05b22d6ea545709fd3e89fdc41002dd9fe63064e1f0f18e1856419193ba5167c9ad577dd0770b79e399cd5ac51aa771eb7a2cf6cff803ab2695cc754216f5cf6cdb3afd39c1cd6916712757571a3fcaa0b78b0142294eb8ad6b540b258cc15d6be7a904d14cf6c38073cb714d672d2086f172ac0c128f5a7b421535d1942415c8559f09939053c22fa462546025221597417b11489984e6ff708fb58a5d8030592e89f9b482ce6827222b84ce2e84119b7602bdd5cb81f069f31c690bb896fa1208bca6d21ce00601aee8e23771658974cc8a7cae526ecc2365c85014e36f09e85d1c2a5c56cc0c156dd5793e39f9ddfb9d9cdcbe0cdf872f6cbae7fee2ed874109c775dcf6ed4ccc2ee74d70dbdc5db6909aecc0ec2d935df63c75c5e5859431920427e27f16927b6fb2b334709b025c934f06c3cac0675810d6731d08ddf202a68749336a69d77cc5d2c1063eff2bf91a5368f2730b4529d7e28edd1bdd21a51121d64d0e30a491756121e17bced08e318381b4047e3c49fbd5e5343ed16821f923eff6308ab72ae74b5cec30bdc6e1f85b1d76855f84e6d0bed023dee5f311ccc6e2e0502ffa4c4b2f3bd1a637ef54a5a1a80b3e27e07c07b35600381f0ff591a04f24fc32a847bdb9ef8254fb6c84c0539990919f99c67e816db96ad40245ededd587383a0d43053126a8490c3ba3763f298dc282398f69b5188c0d4c853e2828d506a1e84b43ca6ef1b18781ab48cf80c61451a7f40335d670f6d812c5cb66cedda40ccc4eaa6a2e9e01dc8473a63c545df031915edd9a7d0805ebf4721cd4437f076a65524c14dd3d89c2fc1285878c10596b4a3ce25982b6f15d94cf771be14dbd597d0883b3d5b69eefe97d07d57603c73e8c590ae31704dc42e3988dd5bf5408cf8e61d61746ab0febb0ccd24efff3e7f9ebb14cf76c9d73d2002a922cf594ef43fe65f61e2815ea63a996aa9cce091c3f18cd55904644b89303a3d70dba72f4f1f1b854477900cd3d6895f1683dbc61a446adea6cf38b83b67ac3c213d9e739e463bf4e28d2f182db806b53c10f266f0c1f397dd2bacb842889656a2d6fe3bc4c2ab95baafe7347102ee80b40e5fea09892524e60336aaa488193a3f56662d2f457b992ec181df26c51979255e37d3012d8ffb462ca438170e66cd0b266a0a4cc3db6ccb313bb420fb9f01fb9b0f17bd6e194bf070cdc20675a4d1c5cfd591746b8165bd9970382ddbb4b501208b229eafcdafec039ab9c24841b0f1c0d5872edd0f7b8bda65b856745302bccec731ed926d682ac8a63a3ddddb3635988335e41d168772fb862cc630df934e585e807fa99284de89d0521c7854ea7cc630b075ce3aa42c6b237c0877381d55a8f6e87633e4ba43a2cbd3f9e958a9f255833fcec6b719535c9efcc317d6ccc2d31407c89695a8ffcf906c078ce92381ab3ff869ef65b749d0e9c71bc17de0b0bd57b11d43c96b10f00febb56101479ab901aead330ea1ff85fb5bfa5b50663f79f06f4628e2e382449c188c66ea785802b6aa56a102c04f599629c9dac89e30febf46336f5bd1071db9fc89e84f818388eb7a36422356f1df8be63a202930cad1311bacf3abb4c324a8ddba5a376b22eefaccee63997452d5e4b8820a82a57536a0d9a044cbe9235c5ac3779e962147f3be3ed842b72fb5fea1436aff0633aef79e1aea88ec3b209d6b9b0612285052623433184f31cec239f3be51b349d242dd03a4983a5ee8d69db8e7aa41ff15784ae982e05d50452fad52c98f05b77c99f19403dd89da868f1c33db1cc6c1f89b1b210947aff6f68b802e36a6a1f793ef613c03eaf5c5bebcae1c73f855feeebb57eca7d138c80de3a1fce3c13fc118cb767f1cf31812b470373d37c2a79872a3deec8eb6811cc470b15dcad0931c26884b69a66c4938dfecfc11d9b15f306a742f398409de051681ee512afe77680390e373f5035c660a59288a306e545b698730ff6061278dda754404cea3d3d35cc959c2fcf97e5fe0a0f70dfbc6e9d78ecce041ec9c7bb0971a5f107abe179f91bc570a7cadf18ea79f83c1a7b90ed1cb03848812856beda9d490d69877bbc72a70dd85d2e2e5ff1dd15cf3b60692633a9217643181a8b6eac33b550f5cfe44bbe3407bd6144ec57b0ed6e88fa76a3ced151c277920f3104c821649f90cfb591051f99ca0b2da33d5805cd34baffb8c745a2012b2d1249af22adf2a25eb30735397b23f63dab5f20cb0ae75f6cd19e9b46e4fb54d", 0x1000, 0x29c0}, {&(0x7f00000012c0)="5a46b8e6b5254b2a1c94001e6557bab69ed1c844d296d10182afd5c42d9b2f3fe027cce157c7d34a150791d9078c00bf03bc9291202911fd658f5583858cbeba9ae277a04589430a0f1f125d91358d4b2b5f8003189dfb3eae393720d6d58f87088c8b27745cf84db7b4d35b99630d99231aa8", 0x73, 0x1}, {&(0x7f0000001340)="2a69fcc7e23f9b9d349f3405311fb0ce7c6e90f2ae27e9196ba973367c5951f3b51576c18938d97132f005754d92da461dfecdadf21f8cafa27e5418cb7d7b7aaf19528ead9eebe5b33611010d2e31e9edb1500c354cab73852db4f0e4a8f50e741a24fef8cdce515dc4abed300d708fe2c7d566ea46ec9e803420c02bfb22ba027804fb859683", 0x87, 0xfffffffffffff801}], 0x806000, &(0x7f00000014c0)={[{@quota}], [{@dont_appraise}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@audit}, {@euid_eq={'euid', 0x3d, 0xee01}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@appraise}]}) openat(r2, &(0x7f0000001540)='./file0\x00', 0x4000, 0x102) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:34:13 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCGPTPEER(r0, 0x5441, 0x3f) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2521.697283][T11290] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2521.712262][ T7986] Bluetooth: hci1: Frame reassembly failed (-84) 09:34:15 executing program 2 (fault-call:2 fault-nth:34): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:34:15 executing program 1: pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0xa) writev(r0, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r0, &(0x7f0000000140)=ANY=[], 0xfef0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3, 0x80, 0x87}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@deltclass={0x54, 0x29, 0x400, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xa, 0xffff}, {0xb, 0xe}, {0xb, 0xfffd}}, [@TCA_RATE={0x6, 0x5, {0x80, 0x2}}, @tclass_kind_options=@c_ingress={0xc}, @tclass_kind_options=@c_clsact={0xb}, @tclass_kind_options=@c_cbs={0x8}, @TCA_RATE={0x6, 0x5, {0x81, 0x7}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000060}, 0x4040000) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0xe) ioctl$KDADDIO(r4, 0x400455c8, 0x2) 09:34:15 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe) ioctl$KDADDIO(r0, 0x400455c8, 0x2) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xa) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xc008ae09, 0x400000) writev(r2, &(0x7f0000000080), 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) ioctl$TCGETS(r1, 0x5401, &(0x7f0000000040)) [ 2523.613382][T11308] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2523.624198][T11308] FAULT_INJECTION: forcing a failure. [ 2523.624198][T11308] name failslab, interval 1, probability 0, space 0, times 0 [ 2523.640816][T11308] CPU: 1 PID: 11308 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2523.651048][T11308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 09:34:15 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 09:34:15 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) syz_open_pts(r0, 0x220040) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x2) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/arp\x00') ioctl$KDGETKEYCODE(r1, 0x4b4c, &(0x7f0000000080)={0xfffffffc, 0x5}) [ 2523.661099][T11308] Call Trace: [ 2523.664381][T11308] dump_stack+0x1d8/0x24e [ 2523.668701][T11308] ? devkmsg_release+0x11c/0x11c [ 2523.673637][T11308] ? show_regs_print_info+0x12/0x12 [ 2523.678831][T11308] ? vsnprintf+0x1d60/0x1d60 [ 2523.683414][T11308] should_fail+0x6f6/0x860 [ 2523.687826][T11308] ? setup_fault_attr+0x3d0/0x3d0 [ 2523.692840][T11308] ? vsnprintf+0x1cb4/0x1d60 [ 2523.697420][T11308] ? skb_clone+0x1b2/0x360 [ 2523.701827][T11308] should_failslab+0x5/0x20 [ 2523.706309][T11308] kmem_cache_alloc+0x36/0x290 [ 2523.711050][T11308] skb_clone+0x1b2/0x360 [ 2523.715266][T11308] netlink_broadcast_filtered+0x5d1/0x10a0 [ 2523.721049][T11308] netlink_broadcast+0x35/0x50 [ 2523.725780][T11308] kobject_uevent_env+0xb1f/0x1000 [ 2523.730862][T11308] device_add+0xf42/0x18a0 [ 2523.735249][T11308] ? virtual_device_parent+0x50/0x50 [ 2523.740503][T11308] ? h4_open+0x4f/0x140 [ 2523.744628][T11308] hci_register_dev+0x32e/0x710 [ 2523.749448][T11308] hci_uart_tty_ioctl+0x89e/0xa10 [ 2523.754454][T11308] ? hci_uart_tty_write+0x10/0x10 [ 2523.759449][T11308] tty_ioctl+0xf68/0x1710 [ 2523.763757][T11308] ? tty_do_resize+0x170/0x170 [ 2523.768490][T11308] ? avc_ss_reset+0x3a0/0x3a0 [ 2523.773140][T11308] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2523.779296][T11308] ? refcount_inc_checked+0x50/0x50 [ 2523.784469][T11308] ? memcg_check_events+0x5c/0x5b0 [ 2523.789671][T11308] ? proc_fail_nth_write+0x1d5/0x240 [ 2523.794968][T11308] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2523.800173][T11308] ? __lru_cache_add+0x1c4/0x210 [ 2523.805082][T11308] ? memset+0x1f/0x40 [ 2523.809040][T11308] ? fsnotify+0x1332/0x13f0 [ 2523.813513][T11308] ? tty_do_resize+0x170/0x170 [ 2523.818277][T11308] do_vfs_ioctl+0x76a/0x1720 [ 2523.822846][T11308] ? selinux_file_ioctl+0x72f/0x990 [ 2523.828098][T11308] ? ioctl_preallocate+0x250/0x250 [ 2523.833184][T11308] ? __fget+0x37b/0x3c0 [ 2523.837440][T11308] ? vfs_write+0x422/0x4e0 [ 2523.841826][T11308] ? fget_many+0x20/0x20 [ 2523.846215][T11308] ? debug_smp_processor_id+0x20/0x20 [ 2523.851556][T11308] ? security_file_ioctl+0x9d/0xb0 [ 2523.856642][T11308] __x64_sys_ioctl+0xd4/0x110 [ 2523.861291][T11308] do_syscall_64+0xcb/0x1e0 [ 2523.865770][T11308] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2523.871638][T11308] RIP: 0033:0x4665d9 [ 2523.875513][T11308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2523.895548][T11308] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2523.903946][T11308] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2523.911897][T11308] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2523.919877][T11308] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2523.927839][T11308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2523.935867][T11308] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2523.944509][ T7557] Bluetooth: hci1: command 0x1003 tx timeout [ 2523.951214][T11898] Bluetooth: hci1: sending frame failed (-49) [ 2525.992870][ T2255] Bluetooth: hci0: command 0x1003 tx timeout [ 2525.998898][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2526.005823][ T2255] Bluetooth: hci1: command 0x1001 tx timeout [ 2526.011814][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2528.072790][ T2255] Bluetooth: hci1: command 0x1009 tx timeout [ 2528.078956][ T2255] Bluetooth: hci0: command 0x1001 tx timeout [ 2528.085724][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2530.152562][ T2255] Bluetooth: hci0: command 0x1009 tx timeout 09:34:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xc00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:34:24 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000080)={0x18, 0x5, 0x6, 0x400, 0x97}) 09:34:24 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:24 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:24 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:24 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x8, 0x100003, 0x400001ff, 0x6, 0x9b, "6196416fe284592f882951e2d9ae73cd310428"}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2800, 0x0) ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000080)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:34:24 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) dup2(r0, r1) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2531.932482][T11330] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2531.942918][ T2257] Bluetooth: hci1: Frame reassembly failed (-84) [ 2533.992216][ T7557] Bluetooth: hci1: command 0x1003 tx timeout [ 2533.998271][T11169] Bluetooth: hci1: sending frame failed (-49) 09:34:26 executing program 2 (fault-call:2 fault-nth:35): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:34:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x7) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x9, 0x1, 0x81, 0x7, 0x6, "e45af45ba0e38a3cd821bc0bc75fff3463db6b"}) r1 = accept(0xffffffffffffffff, &(0x7f0000000080)=@nl, &(0x7f0000000100)=0x80) preadv(r1, &(0x7f00000017c0)=[{&(0x7f00000001c0)=""/92, 0x5c}, {&(0x7f0000000240)=""/243, 0xf3}, {&(0x7f0000000340)=""/249, 0xf9}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/240, 0xf0}, {&(0x7f0000001540)=""/193, 0xc1}, {&(0x7f0000001640)=""/96, 0x60}, {&(0x7f00000016c0)=""/185, 0xb9}, {&(0x7f0000000140)=""/29, 0x1d}, {&(0x7f0000001780)=""/38, 0x26}], 0xa, 0x20, 0x3) 09:34:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) pipe(&(0x7f0000000080)={0xffffffffffffffff}) preadv(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/4096, 0x1000}], 0x2, 0x1, 0x8) [ 2534.488643][T11352] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2534.499452][T11352] FAULT_INJECTION: forcing a failure. [ 2534.499452][T11352] name failslab, interval 1, probability 0, space 0, times 0 [ 2534.513621][T11352] CPU: 1 PID: 11352 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2534.523855][T11352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2534.533896][T11352] Call Trace: 09:34:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1a) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f00000000c0), 0x100000000000026b, 0xdbf, 0xfffffffd) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000080)={0x7ffd, 0x7ff, 0x80000000, 0x9ae9, 0xb, "7048dabf5607010000000100f2c3073400"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2534.537181][T11352] dump_stack+0x1d8/0x24e [ 2534.541507][T11352] ? devkmsg_release+0x11c/0x11c [ 2534.546443][T11352] ? show_regs_print_info+0x12/0x12 [ 2534.551639][T11352] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2534.557781][T11352] should_fail+0x6f6/0x860 [ 2534.562193][T11352] ? setup_fault_attr+0x3d0/0x3d0 [ 2534.567230][T11352] ? kobject_put+0xb4/0xe0 [ 2534.571634][T11352] ? device_add+0x5d8/0x18a0 [ 2534.576221][T11352] ? kzalloc+0x16/0x20 [ 2534.580280][T11352] should_failslab+0x5/0x20 [ 2534.584771][T11352] __kmalloc+0x5f/0x2f0 09:34:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0x800, 0x9, 0x200, 0x3, 0x7, "416be5f47b0df98df50b3f82df7c4e98ae6ff9"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2534.588920][T11352] kzalloc+0x16/0x20 [ 2534.592806][T11352] rfkill_alloc+0x94/0x250 [ 2534.597214][T11352] ? h4_open+0x4f/0x140 [ 2534.601358][T11352] hci_register_dev+0x360/0x710 [ 2534.606206][T11352] hci_uart_tty_ioctl+0x89e/0xa10 [ 2534.611229][T11352] ? hci_uart_tty_write+0x10/0x10 [ 2534.616252][T11352] tty_ioctl+0xf68/0x1710 [ 2534.620571][T11352] ? tty_do_resize+0x170/0x170 [ 2534.625333][T11352] ? avc_ss_reset+0x3a0/0x3a0 [ 2534.630010][T11352] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2534.636141][T11352] ? refcount_inc_checked+0x50/0x50 [ 2534.641309][T11352] ? memcg_check_events+0x5c/0x5b0 [ 2534.646400][T11352] ? proc_fail_nth_write+0x1d5/0x240 [ 2534.651664][T11352] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2534.656831][T11352] ? __lru_cache_add+0x1c4/0x210 [ 2534.661736][T11352] ? memset+0x1f/0x40 [ 2534.665685][T11352] ? fsnotify+0x1332/0x13f0 [ 2534.670155][T11352] ? tty_do_resize+0x170/0x170 [ 2534.674889][T11352] do_vfs_ioctl+0x76a/0x1720 [ 2534.679465][T11352] ? selinux_file_ioctl+0x72f/0x990 [ 2534.684649][T11352] ? ioctl_preallocate+0x250/0x250 [ 2534.689734][T11352] ? __fget+0x37b/0x3c0 [ 2534.693947][T11352] ? vfs_write+0x422/0x4e0 [ 2534.698334][T11352] ? fget_many+0x20/0x20 [ 2534.702569][T11352] ? debug_smp_processor_id+0x20/0x20 [ 2534.707951][T11352] ? security_file_ioctl+0x9d/0xb0 [ 2534.713036][T11352] __x64_sys_ioctl+0xd4/0x110 [ 2534.717684][T11352] do_syscall_64+0xcb/0x1e0 [ 2534.722159][T11352] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2534.728025][T11352] RIP: 0033:0x4665d9 [ 2534.731940][T11352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2534.751514][T11352] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2534.759903][T11352] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2534.767851][T11352] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2534.775793][T11352] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2534.783736][T11352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2534.791678][T11352] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2534.800914][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) [ 2536.072073][ T7557] Bluetooth: hci1: command 0x1001 tx timeout [ 2536.078164][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2536.872051][ T7557] Bluetooth: hci0: command 0x1003 tx timeout [ 2536.878147][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2538.151951][ T8460] Bluetooth: hci1: command 0x1009 tx timeout [ 2538.951959][ T8460] Bluetooth: hci0: command 0x1001 tx timeout [ 2538.958353][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2541.031706][ T8460] Bluetooth: hci0: command 0x1009 tx timeout 09:34:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xd00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:34:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x402000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:34:34 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:34 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:34 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:34 executing program 1: r0 = socket(0x10, 0x3, 0x0) r1 = open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x180) fchownat(r1, &(0x7f00000008c0)='./file0\x00', 0xee00, 0xffffffffffffffff, 0x1000) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1) sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[@ANYBLOB="40000002", @ANYRES16=r2, @ANYBLOB="000228bd7000fcdbdf251900000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900010100eb53000000050060000000006436b4b943b0d84631000000000000ab8d32b64a321ab05ce6972c3ff4326f0622c092177ecf772d9b51550517770b059e6b60fe983be46590bba38e199b5c9f255949a09ac3dc1deeb68efe137d0d8dcf4bd87b3c7a8eebd487a380346a27e4221dbaaf8442daa182b0e0847011cbaa37d4e19fde00e43732cb64f14d0098"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4004095) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r2, 0x400, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004000}, 0x804) sendmsg$NL80211_CMD_GET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x20, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x80000001, 0x6f}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20040000}, 0x4000800) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r4, 0x400455c8, 0x2) [ 2542.166576][T11372] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2542.176366][ T7986] Bluetooth: hci1: Frame reassembly failed (-84) 09:34:34 executing program 1: pipe(&(0x7f0000000280)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) splice(r0, 0x0, r1, 0x0, 0x80000001, 0x0) ioctl$sock_netdev_private(r0, 0x89f0, &(0x7f0000000080)="c1292ec4ed39d583db0514b9ba9a76ea70c02f295484ca27805442c4b04fb495217b7c0690133d8e967ac9763efef5bdae666abddd7ac7a293cc9091c13b6ba638618700867c20d1d3e209a252bc504c2aecb8a618a2") r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x2) [ 2542.205455][T11385] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=11385 comm=syz-executor.1 [ 2542.220473][T11386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=11386 comm=syz-executor.1 [ 2544.231487][ T2255] Bluetooth: hci1: command 0x1003 tx timeout [ 2544.237568][T11169] Bluetooth: hci1: sending frame failed (-49) 09:34:37 executing program 2 (fault-call:2 fault-nth:36): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:34:37 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x17) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x10201, 0x10) 09:34:37 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:37 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:37 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2545.383540][T11406] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2545.397992][T11406] FAULT_INJECTION: forcing a failure. [ 2545.397992][T11406] name failslab, interval 1, probability 0, space 0, times 0 [ 2545.410914][T11406] CPU: 0 PID: 11406 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2545.421186][T11406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2545.431215][T11406] Call Trace: [ 2545.434486][T11406] dump_stack+0x1d8/0x24e [ 2545.438792][T11406] ? devkmsg_release+0x11c/0x11c [ 2545.443699][T11406] ? show_regs_print_info+0x12/0x12 [ 2545.448869][T11406] should_fail+0x6f6/0x860 [ 2545.453257][T11406] ? setup_fault_attr+0x3d0/0x3d0 [ 2545.458289][T11406] ? kobject_set_name_vargs+0x5d/0x110 [ 2545.463756][T11406] should_failslab+0x5/0x20 [ 2545.468233][T11406] __kmalloc_track_caller+0x5d/0x2e0 [ 2545.473527][T11406] kvasprintf+0xd6/0x180 [ 2545.477745][T11406] ? asan.module_ctor+0x10/0x10 [ 2545.482567][T11406] ? kvasprintf_const+0x4d/0x170 [ 2545.487473][T11406] kobject_set_name_vargs+0x5d/0x110 [ 2545.492728][T11406] dev_set_name+0xd1/0x120 [ 2545.497110][T11406] ? memset+0x1f/0x40 [ 2545.501065][T11406] ? rfkill_register+0x53/0x720 [ 2545.505940][T11406] ? get_device+0x30/0x30 [ 2545.510236][T11406] ? mutex_lock+0xa6/0x110 [ 2545.514634][T11406] ? device_initialize+0x1d3/0x3e0 [ 2545.519712][T11406] rfkill_register+0xb8/0x720 [ 2545.524363][T11406] hci_register_dev+0x398/0x710 [ 2545.529185][T11406] hci_uart_tty_ioctl+0x89e/0xa10 [ 2545.534178][T11406] ? hci_uart_tty_write+0x10/0x10 [ 2545.539172][T11406] tty_ioctl+0xf68/0x1710 [ 2545.543469][T11406] ? tty_do_resize+0x170/0x170 [ 2545.548199][T11406] ? avc_ss_reset+0x3a0/0x3a0 [ 2545.552843][T11406] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2545.558966][T11406] ? refcount_inc_checked+0x50/0x50 [ 2545.564130][T11406] ? memcg_check_events+0x5c/0x5b0 [ 2545.569211][T11406] ? proc_fail_nth_write+0x1d5/0x240 [ 2545.574507][T11406] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2545.579671][T11406] ? __lru_cache_add+0x1c4/0x210 [ 2545.584575][T11406] ? memset+0x1f/0x40 [ 2545.588524][T11406] ? fsnotify+0x1332/0x13f0 [ 2545.592995][T11406] ? tty_do_resize+0x170/0x170 [ 2545.597744][T11406] do_vfs_ioctl+0x76a/0x1720 [ 2545.602310][T11406] ? selinux_file_ioctl+0x72f/0x990 [ 2545.607484][T11406] ? ioctl_preallocate+0x250/0x250 [ 2545.612565][T11406] ? __fget+0x37b/0x3c0 [ 2545.616688][T11406] ? vfs_write+0x422/0x4e0 [ 2545.621073][T11406] ? fget_many+0x20/0x20 [ 2545.625289][T11406] ? debug_smp_processor_id+0x20/0x20 [ 2545.630639][T11406] ? security_file_ioctl+0x9d/0xb0 [ 2545.635717][T11406] __x64_sys_ioctl+0xd4/0x110 [ 2545.640362][T11406] do_syscall_64+0xcb/0x1e0 [ 2545.644836][T11406] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2545.650715][T11406] RIP: 0033:0x4665d9 [ 2545.654578][T11406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2545.674151][T11406] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2545.682548][T11406] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2545.690487][T11406] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2545.698426][T11406] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2545.706382][T11406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2545.714371][T11406] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2546.311334][ T7557] Bluetooth: hci1: command 0x1001 tx timeout [ 2546.317475][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2547.751118][ T2255] Bluetooth: hci0: command 0x1003 tx timeout [ 2547.757172][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2548.391144][ T2255] Bluetooth: hci1: command 0x1009 tx timeout [ 2549.831294][ T2255] Bluetooth: hci0: command 0x1001 tx timeout [ 2549.837347][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2551.910865][ T2255] Bluetooth: hci0: command 0x1009 tx timeout 09:34:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xe00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:34:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/11}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) ioctl$KDSKBLED(r1, 0x4b65, 0xfffffffffffffffc) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:34:44 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:44 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:44 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xa) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) ioctl$TCSBRK(r1, 0x5409, 0x1) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TCGETS(r0, 0x5401, &(0x7f0000000000)) r2 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x4) 09:34:44 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2552.412124][T11416] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2552.428366][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2554.470606][ T8460] Bluetooth: hci1: command 0x1003 tx timeout [ 2554.476667][T11169] Bluetooth: hci1: sending frame failed (-49) 09:34:48 executing program 2 (fault-call:2 fault-nth:37): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:34:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x80100, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:34:48 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:48 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:48 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2556.254421][T11441] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2556.265252][T11441] FAULT_INJECTION: forcing a failure. [ 2556.265252][T11441] name failslab, interval 1, probability 0, space 0, times 0 [ 2556.280532][T11441] CPU: 0 PID: 11441 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2556.290802][T11441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2556.300835][T11441] Call Trace: [ 2556.304104][T11441] dump_stack+0x1d8/0x24e [ 2556.308406][T11441] ? devkmsg_release+0x11c/0x11c [ 2556.313519][T11441] ? show_regs_print_info+0x12/0x12 [ 2556.318715][T11441] ? ptr_to_hashval+0x60/0x60 [ 2556.323373][T11441] ? __kmalloc_track_caller+0x13a/0x2e0 [ 2556.328893][T11441] should_fail+0x6f6/0x860 [ 2556.333281][T11441] ? setup_fault_attr+0x3d0/0x3d0 [ 2556.338314][T11441] ? refcount_add_checked+0x50/0x50 [ 2556.343480][T11441] ? device_add+0x121/0x18a0 [ 2556.348038][T11441] should_failslab+0x5/0x20 [ 2556.352510][T11441] kmem_cache_alloc_trace+0x39/0x2b0 [ 2556.357764][T11441] device_add+0x121/0x18a0 [ 2556.362149][T11441] ? dev_set_name+0xd1/0x120 [ 2556.366706][T11441] ? memset+0x1f/0x40 [ 2556.370658][T11441] ? get_device+0x30/0x30 [ 2556.374956][T11441] ? mutex_lock+0xa6/0x110 [ 2556.379339][T11441] ? virtual_device_parent+0x50/0x50 [ 2556.384707][T11441] ? device_initialize+0x1d3/0x3e0 [ 2556.389800][T11441] rfkill_register+0x180/0x720 [ 2556.394539][T11441] hci_register_dev+0x398/0x710 [ 2556.399364][T11441] hci_uart_tty_ioctl+0x89e/0xa10 [ 2556.404381][T11441] ? hci_uart_tty_write+0x10/0x10 [ 2556.409375][T11441] tty_ioctl+0xf68/0x1710 [ 2556.413688][T11441] ? tty_do_resize+0x170/0x170 [ 2556.418527][T11441] ? avc_ss_reset+0x3a0/0x3a0 [ 2556.423169][T11441] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2556.429293][T11441] ? refcount_inc_checked+0x50/0x50 [ 2556.434481][T11441] ? memcg_check_events+0x5c/0x5b0 [ 2556.439799][T11441] ? proc_fail_nth_write+0x1d5/0x240 [ 2556.445311][T11441] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2556.450477][T11441] ? __lru_cache_add+0x1c4/0x210 [ 2556.455381][T11441] ? memset+0x1f/0x40 [ 2556.459328][T11441] ? fsnotify+0x1332/0x13f0 [ 2556.463797][T11441] ? tty_do_resize+0x170/0x170 [ 2556.468573][T11441] do_vfs_ioctl+0x76a/0x1720 [ 2556.473134][T11441] ? selinux_file_ioctl+0x72f/0x990 [ 2556.478299][T11441] ? ioctl_preallocate+0x250/0x250 [ 2556.483381][T11441] ? __fget+0x37b/0x3c0 [ 2556.487545][T11441] ? vfs_write+0x422/0x4e0 [ 2556.491932][T11441] ? fget_many+0x20/0x20 [ 2556.496140][T11441] ? debug_smp_processor_id+0x20/0x20 [ 2556.501479][T11441] ? security_file_ioctl+0x9d/0xb0 [ 2556.506556][T11441] __x64_sys_ioctl+0xd4/0x110 [ 2556.511202][T11441] do_syscall_64+0xcb/0x1e0 [ 2556.515682][T11441] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2556.521543][T11441] RIP: 0033:0x4665d9 [ 2556.525411][T11441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2556.544994][T11441] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2556.553380][T11441] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2556.561326][T11441] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2556.569291][T11441] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2556.577232][T11441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2556.585172][T11441] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2556.596933][ T8460] Bluetooth: hci1: command 0x1001 tx timeout [ 2556.612566][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2558.630312][ T2306] Bluetooth: hci1: command 0x1009 tx timeout [ 2558.636380][ T2306] Bluetooth: hci0: command 0x1003 tx timeout [ 2558.642667][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2560.710254][ T2306] Bluetooth: hci0: command 0x1001 tx timeout [ 2560.716298][T11169] Bluetooth: hci0: sending frame failed (-49) 09:34:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1000000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:34:54 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x80, 0x8) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f00000001c0)={0x1f, 0x6, 0x4, 0xd4, 0x11, "baa3981f06cea08812e6310cf0d385ce437c2b"}) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x80000001, 0x0) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000000)={0x3, 0x9, 0x2, 0x7fff, 0x7, "fef4e62bde5d85b2"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r4 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x8000000, 0x220040) ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000100)={0x7fff, 0x6, 0x9, 0x6, 0x8, "7e2c8c43afbcefc04b3b8717fbc2b8b0368008"}) r5 = socket$key(0xf, 0x3, 0x2) close(r5) 09:34:54 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:54 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:54 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:54 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2562.651051][T11461] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2562.662260][ T7] Bluetooth: hci1: Frame reassembly failed (-84) [ 2562.789993][ T2306] Bluetooth: hci0: command 0x1009 tx timeout [ 2564.709797][ T8460] Bluetooth: hci1: command 0x1003 tx timeout [ 2564.715845][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2566.789696][ T8460] Bluetooth: hci1: command 0x1001 tx timeout [ 2566.795925][T11169] Bluetooth: hci1: sending frame failed (-49) 09:34:59 executing program 2 (fault-call:2 fault-nth:38): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:34:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x204180, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xa) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0x95, 0x7, 0x1994, 0x7, 0x18, "faa3adbfd534b23685070818f9dd5bfc97e18c"}) 09:34:59 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:59 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:34:59 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2567.138694][T11483] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2567.156446][T11483] FAULT_INJECTION: forcing a failure. [ 2567.156446][T11483] name failslab, interval 1, probability 0, space 0, times 0 [ 2567.170484][T11483] CPU: 1 PID: 11483 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2567.180714][T11483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2567.190766][T11483] Call Trace: [ 2567.194034][T11483] dump_stack+0x1d8/0x24e [ 2567.198337][T11483] ? devkmsg_release+0x11c/0x11c [ 2567.203244][T11483] ? stack_trace_save+0x1f0/0x1f0 [ 2567.208239][T11483] ? show_regs_print_info+0x12/0x12 [ 2567.213417][T11483] ? check_preemption_disabled+0x9e/0x330 [ 2567.219113][T11483] ? __rcu_read_lock+0x50/0x50 [ 2567.223847][T11483] ? __unwind_start+0x72f/0x8e0 [ 2567.228666][T11483] should_fail+0x6f6/0x860 [ 2567.233049][T11483] ? setup_fault_attr+0x3d0/0x3d0 [ 2567.238041][T11483] ? stack_trace_save+0x1f0/0x1f0 [ 2567.243038][T11483] ? __kernel_text_address+0x93/0x100 [ 2567.248378][T11483] ? __kernfs_new_node+0x99/0x6d0 [ 2567.253369][T11483] should_failslab+0x5/0x20 [ 2567.257863][T11483] __kmalloc_track_caller+0x5d/0x2e0 [ 2567.263122][T11483] kstrdup_const+0x51/0x90 [ 2567.267506][T11483] __kernfs_new_node+0x99/0x6d0 [ 2567.272325][T11483] ? __kasan_kmalloc+0x137/0x1e0 [ 2567.277228][T11483] ? kernfs_new_node+0x160/0x160 [ 2567.282134][T11483] ? number+0xea3/0x1300 [ 2567.286342][T11483] ? __kasan_kmalloc+0x1a3/0x1e0 [ 2567.291244][T11483] kernfs_create_dir_ns+0x90/0x220 [ 2567.296322][T11483] sysfs_create_dir_ns+0x181/0x390 [ 2567.301401][T11483] ? sysfs_warn_dup+0xa0/0xa0 [ 2567.306048][T11483] kobject_add_internal+0x595/0xbd0 [ 2567.311214][T11483] kobject_add+0x14c/0x210 [ 2567.315625][T11483] ? refcount_inc_not_zero_checked+0x18d/0x280 [ 2567.321769][T11483] ? kobject_init+0x1d0/0x1d0 [ 2567.326415][T11483] ? get_device_parent+0x11a/0x430 [ 2567.331500][T11483] device_add+0x46a/0x18a0 [ 2567.335886][T11483] ? get_device+0x30/0x30 [ 2567.340183][T11483] ? mutex_lock+0xa6/0x110 [ 2567.344593][T11483] ? virtual_device_parent+0x50/0x50 [ 2567.349851][T11483] ? device_initialize+0x1d3/0x3e0 [ 2567.354939][T11483] rfkill_register+0x180/0x720 [ 2567.359681][T11483] hci_register_dev+0x398/0x710 [ 2567.364504][T11483] hci_uart_tty_ioctl+0x89e/0xa10 [ 2567.369506][T11483] ? hci_uart_tty_write+0x10/0x10 [ 2567.374504][T11483] tty_ioctl+0xf68/0x1710 [ 2567.378820][T11483] ? tty_do_resize+0x170/0x170 [ 2567.383552][T11483] ? avc_ss_reset+0x3a0/0x3a0 [ 2567.388195][T11483] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2567.394318][T11483] ? refcount_inc_checked+0x50/0x50 [ 2567.399491][T11483] ? proc_fail_nth_write+0x1d5/0x240 [ 2567.404745][T11483] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2567.409908][T11483] ? __lru_cache_add+0x1c4/0x210 [ 2567.414812][T11483] ? memset+0x1f/0x40 [ 2567.418764][T11483] ? fsnotify+0x1332/0x13f0 [ 2567.423234][T11483] ? tty_do_resize+0x170/0x170 [ 2567.427968][T11483] do_vfs_ioctl+0x76a/0x1720 [ 2567.432528][T11483] ? selinux_file_ioctl+0x72f/0x990 [ 2567.437704][T11483] ? ioctl_preallocate+0x250/0x250 [ 2567.442787][T11483] ? __fget+0x37b/0x3c0 [ 2567.446911][T11483] ? vfs_write+0x422/0x4e0 [ 2567.451299][T11483] ? fget_many+0x20/0x20 [ 2567.455508][T11483] ? debug_smp_processor_id+0x20/0x20 [ 2567.460848][T11483] ? security_file_ioctl+0x9d/0xb0 [ 2567.465926][T11483] __x64_sys_ioctl+0xd4/0x110 [ 2567.470591][T11483] do_syscall_64+0xcb/0x1e0 [ 2567.475074][T11483] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2567.480932][T11483] RIP: 0033:0x4665d9 [ 2567.484809][T11483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2567.504384][T11483] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2567.512763][T11483] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2567.520720][T11483] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2567.528662][T11483] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2567.536610][T11483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2567.544580][T11483] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2567.554154][T11483] kobject_add_internal failed for rfkill97 (error: -12 parent: hci0) [ 2567.563172][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) [ 2568.869457][ T8460] Bluetooth: hci1: command 0x1009 tx timeout [ 2569.589449][ T8460] Bluetooth: hci0: command 0x1003 tx timeout [ 2569.595484][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2571.669322][ T8460] Bluetooth: hci0: command 0x1001 tx timeout [ 2571.675335][T11169] Bluetooth: hci0: sending frame failed (-49) 09:35:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1100000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:35:05 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:05 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa5, 0xa5, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xc3}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:05 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$bt_l2cap(r0, &(0x7f00000007c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x2, 0x2}, 0xe) r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0) lseek(r1, 0x400009, 0x0) io_setup(0x81, &(0x7f0000000100)=0x0) write$FUSE_ATTR(r1, &(0x7f0000000180)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78) fcntl$setstatus(r1, 0x4, 0x6800) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x200a00}]) r3 = creat(&(0x7f0000000300)='./bus\x00', 0x0) io_setup(0x81, &(0x7f0000000100)=0x0) write$FUSE_ATTR(r3, &(0x7f0000000180)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x4}}}, 0x78) fcntl$setstatus(r3, 0x4, 0x6800) io_submit(r4, 0x1, &(0x7f0000000540)=[0x0]) recvmmsg(r3, &(0x7f0000001500)=[{{&(0x7f0000000200)=@qipcrtr, 0x80, &(0x7f0000000900)=[{&(0x7f0000000340)=""/165, 0xa5}, {&(0x7f0000000400)=""/255, 0xff}, {&(0x7f0000000580)=""/191, 0xbf}, {&(0x7f0000000800)=""/123, 0x7b}, {&(0x7f00000006c0)=""/71, 0x47}, {&(0x7f0000000740)=""/76, 0x4c}, {&(0x7f0000000000)=""/31, 0x1f}, {&(0x7f0000000ec0)=""/109, 0x6d}], 0x8, &(0x7f00000009c0)=""/244, 0xf4}, 0x3}, {{&(0x7f0000000ac0)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000140)=""/53, 0x35}], 0x1, &(0x7f0000000b40)=""/26, 0x1a}, 0xff09}, {{&(0x7f0000000b80)=@in={0x2, 0x0, @empty}, 0x80, &(0x7f0000000d00)=[{&(0x7f0000000c00)=""/75, 0x4b}, {&(0x7f0000000640)=""/20, 0x14}, {&(0x7f0000000cc0)=""/42, 0x2a}], 0x3, &(0x7f0000000d40)=""/212, 0xd4}, 0x1}, {{&(0x7f0000000e40)=@xdp, 0x80, &(0x7f0000001180)=[{&(0x7f0000001640)=""/136, 0x88}, {&(0x7f0000000f80)=""/193, 0xc1}, {&(0x7f0000001080)=""/215, 0xd7}], 0x3, &(0x7f00000011c0)=""/178, 0xb2}}, {{0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000001300)=""/184, 0xb8}, {&(0x7f0000001400)=""/171, 0xab}], 0x2, &(0x7f0000001740)=""/4096, 0x1000}}], 0x5, 0x2, 0x0) shutdown(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000300), 0x4) io_setup(0x0, &(0x7f0000000100)) io_submit(0x0, 0x0, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}, 0x0) 09:35:05 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:05 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:05 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2572.898119][T11505] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2572.912261][ T7] Bluetooth: hci1: Frame reassembly failed (-84) [ 2573.749129][ T2306] Bluetooth: hci0: command 0x1009 tx timeout [ 2574.949007][ T2306] Bluetooth: hci1: command 0x1003 tx timeout [ 2574.955025][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2577.028856][ T2306] Bluetooth: hci1: command 0x1001 tx timeout [ 2577.034882][T11169] Bluetooth: hci1: sending frame failed (-49) 09:35:10 executing program 2 (fault-call:2 fault-nth:39): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:35:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x298942, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0)=0xf8) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r2 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x40) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000000)={0xea, 0x1, 0x1, 0xfe, 0x10, "aadefc64b3da295caf085d1fe6b66cf2392d84"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:35:10 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:10 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:10 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2578.018934][T11533] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2578.027347][T11533] FAULT_INJECTION: forcing a failure. [ 2578.027347][T11533] name failslab, interval 1, probability 0, space 0, times 0 [ 2578.040985][T11533] CPU: 0 PID: 11533 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2578.051392][T11533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2578.061438][T11533] Call Trace: [ 2578.064869][T11533] dump_stack+0x1d8/0x24e [ 2578.069178][T11533] ? devkmsg_release+0x11c/0x11c [ 2578.074147][T11533] ? show_regs_print_info+0x12/0x12 [ 2578.079319][T11533] should_fail+0x6f6/0x860 [ 2578.083725][T11533] ? setup_fault_attr+0x3d0/0x3d0 [ 2578.088722][T11533] ? __kernel_text_address+0x93/0x100 [ 2578.094067][T11533] ? __kernfs_new_node+0xdb/0x6d0 [ 2578.099102][T11533] should_failslab+0x5/0x20 [ 2578.103573][T11533] kmem_cache_alloc+0x36/0x290 [ 2578.108306][T11533] ? memcpy+0x38/0x50 [ 2578.112276][T11533] __kernfs_new_node+0xdb/0x6d0 [ 2578.117097][T11533] ? __kasan_kmalloc+0x137/0x1e0 [ 2578.122047][T11533] ? kernfs_new_node+0x160/0x160 [ 2578.126952][T11533] ? number+0xea3/0x1300 [ 2578.131161][T11533] ? __kasan_kmalloc+0x1a3/0x1e0 [ 2578.136065][T11533] kernfs_create_dir_ns+0x90/0x220 [ 2578.141158][T11533] sysfs_create_dir_ns+0x181/0x390 [ 2578.146237][T11533] ? sysfs_warn_dup+0xa0/0xa0 [ 2578.150893][T11533] kobject_add_internal+0x595/0xbd0 [ 2578.156094][T11533] kobject_add+0x14c/0x210 [ 2578.160483][T11533] ? refcount_inc_not_zero_checked+0x18d/0x280 [ 2578.166604][T11533] ? kobject_init+0x1d0/0x1d0 [ 2578.171258][T11533] ? get_device_parent+0x11a/0x430 [ 2578.176340][T11533] device_add+0x46a/0x18a0 [ 2578.180757][T11533] ? get_device+0x30/0x30 [ 2578.185074][T11533] ? mutex_lock+0xa6/0x110 [ 2578.189474][T11533] ? virtual_device_parent+0x50/0x50 [ 2578.194741][T11533] ? device_initialize+0x1d3/0x3e0 [ 2578.199841][T11533] rfkill_register+0x180/0x720 [ 2578.204576][T11533] hci_register_dev+0x398/0x710 [ 2578.209400][T11533] hci_uart_tty_ioctl+0x89e/0xa10 [ 2578.214408][T11533] ? hci_uart_tty_write+0x10/0x10 [ 2578.219414][T11533] tty_ioctl+0xf68/0x1710 [ 2578.223726][T11533] ? tty_do_resize+0x170/0x170 [ 2578.228456][T11533] ? avc_ss_reset+0x3a0/0x3a0 [ 2578.233101][T11533] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2578.239220][T11533] ? refcount_inc_checked+0x50/0x50 [ 2578.244387][T11533] ? memcg_check_events+0x5c/0x5b0 [ 2578.249467][T11533] ? proc_fail_nth_write+0x1d5/0x240 [ 2578.254734][T11533] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2578.259912][T11533] ? __lru_cache_add+0x1c4/0x210 [ 2578.264830][T11533] ? memset+0x1f/0x40 [ 2578.268797][T11533] ? fsnotify+0x1332/0x13f0 [ 2578.273267][T11533] ? tty_do_resize+0x170/0x170 [ 2578.278114][T11533] do_vfs_ioctl+0x76a/0x1720 [ 2578.282672][T11533] ? selinux_file_ioctl+0x72f/0x990 [ 2578.287842][T11533] ? ioctl_preallocate+0x250/0x250 [ 2578.292925][T11533] ? __fget+0x37b/0x3c0 [ 2578.297169][T11533] ? vfs_write+0x422/0x4e0 [ 2578.301657][T11533] ? fget_many+0x20/0x20 [ 2578.305869][T11533] ? debug_smp_processor_id+0x20/0x20 [ 2578.311209][T11533] ? security_file_ioctl+0x9d/0xb0 [ 2578.316290][T11533] __x64_sys_ioctl+0xd4/0x110 [ 2578.320937][T11533] do_syscall_64+0xcb/0x1e0 [ 2578.325409][T11533] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2578.331270][T11533] RIP: 0033:0x4665d9 [ 2578.335142][T11533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2578.354716][T11533] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2578.363092][T11533] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2578.371031][T11533] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2578.378972][T11533] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2578.386914][T11533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2578.394853][T11533] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2578.404748][T11533] kobject_add_internal failed for rfkill99 (error: -12 parent: hci0) [ 2578.413424][ T2257] Bluetooth: hci0: Frame reassembly failed (-84) [ 2579.108636][ T8460] Bluetooth: hci1: command 0x1009 tx timeout [ 2580.468567][ T8460] Bluetooth: hci0: command 0x1003 tx timeout [ 2580.474598][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2582.548425][ T8460] Bluetooth: hci0: command 0x1001 tx timeout [ 2582.554494][T11169] Bluetooth: hci0: sending frame failed (-49) 09:35:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1200000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:35:15 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x9) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:35:15 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:15 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:15 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:15 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:15 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000080)) [ 2583.129831][T11544] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2583.151962][ T2257] Bluetooth: hci1: Frame reassembly failed (-84) [ 2584.628212][ T8460] Bluetooth: hci0: command 0x1009 tx timeout [ 2585.188181][ T8460] Bluetooth: hci1: command 0x1003 tx timeout [ 2585.194210][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2587.268057][ T8460] Bluetooth: hci1: command 0x1001 tx timeout [ 2587.274441][T11169] Bluetooth: hci1: sending frame failed (-49) 09:35:21 executing program 2 (fault-call:2 fault-nth:40): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:35:21 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:21 executing program 1: pwritev2(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000000080)="fc02545bd3f0af3112940f25b74c53bc36e1e43c19e6293c87e2110dddefaeb923021053105c6898bb80cdfa8c04e6c7f6024f30c151935419a9dcc4437e175568fe97a8823a5b05", 0x48}, {&(0x7f00000001c0)="faa3f7bd8065824639fc1335709e303be381031f9c93a6bf566cf8252efbc035803a0e7c9ee138cdd4a54e8402b4934c187be247f3d6a7270d7585a6df08d0beaaf94b5a4b380d8096373109a3ee37a0d69734ecd9001da42bf960dbc227811934e930fb6c65fed7289faf67a0baa7afcabd8729c9e6aea4eefd61e6e2c393231626afe734f271c314", 0x89}, {&(0x7f0000000100)="74bc09b37589fe5a2bc46e0a99054f82e38d0224d5b3ce14e78afb8ec09e86fa9dd0267019b638da10e63c35a2c11e8ffae219a55b65aab016c6ee98c6bf130e1e86a84ed5c55b0652b2fff809d399957b57d0f4ed187776ecf3", 0x5a}, {&(0x7f0000000500)="0c7449bc6e79ed301b356c27f4d9f67cfe2442d8df040c37d30ac469b9c59886d84348bd584993ebf120d216c3dd40ce4696e2439ef0e8a90d641ebb0f7274734ece5f7463020b68319464683fb949c7ef4c2bf5de6d170fa1a380f9684d16131ce6216139e2c831b2740c12eff5b11519a8869741280edf70d8cc8691d06f64e83f8c4befd4a7506d0f0d7ef47f29855a1409930178dcd3896866252d9988cd4aac6a4401aa4a90095fdd6ceb098bdd822998712d2a0baf450c621122126f9a6058752d1388ea98c77f0c5caa7c7b53f5e7522e7edf", 0xd6}, {&(0x7f0000000380)="315d3fbb4f550c72a3951f7cdc2317cc42b27c6a55484edf6e0b50b68b4faaa9bd642187b2199e099387e614f18bb8759b5d309a991e7a8e3f6cfa6be11efcf017fcd3bc079ef474237f495fd6e878313153c06c0d216c7688745a52676f4b3844dc08f7a81959b470d36a26b0fdc699bc1e41be1fc584d0b6671af531fd976d175c5b6a8ee90a1883a1449fba315b8eb8f9e9f7fff6984d77ebdffac3dd6c296ff57194362fae284e1924c87a0b8fe38f74602d5127dc5d0e6e880b2454e15feaaeeeb7c153ced3de17bd264d9058b5d15b3ccc54a7fe53f08c7214c05544db64ab26796b9fc30f8c", 0xe9}], 0x5, 0x1ff, 0x8, 0x19) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) splice(r0, &(0x7f00000002c0)=0x6, 0xffffffffffffffff, &(0x7f0000000300)=0x35c, 0x57b, 0xa) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) write$binfmt_misc(r1, &(0x7f0000000340)={'syz0', "9dfe2378bee040a70c001df30f9cebbd9f0a673423973be679bb563613affe6a4123d530450dc9826707f17f442be813de08"}, 0x36) openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x80600, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000000)={0x7, 0x54a0, 0x2, 0x800, 0x1b, "3c20dcfbd435cb28e310f2a95f13031e626204"}) 09:35:21 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:21 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2588.895201][T11567] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2588.924251][T11567] FAULT_INJECTION: forcing a failure. [ 2588.924251][T11567] name failslab, interval 1, probability 0, space 0, times 0 [ 2588.937387][T11567] CPU: 0 PID: 11567 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2588.947618][T11567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2588.957657][T11567] Call Trace: [ 2588.960927][T11567] dump_stack+0x1d8/0x24e [ 2588.965227][T11567] ? devkmsg_release+0x11c/0x11c [ 2588.970132][T11567] ? show_regs_print_info+0x12/0x12 [ 2588.975297][T11567] should_fail+0x6f6/0x860 [ 2588.979678][T11567] ? setup_fault_attr+0x3d0/0x3d0 [ 2588.984665][T11567] ? __kernel_text_address+0x93/0x100 [ 2588.990002][T11567] ? __kernfs_new_node+0xdb/0x6d0 [ 2588.995036][T11567] should_failslab+0x5/0x20 [ 2588.999504][T11567] kmem_cache_alloc+0x36/0x290 [ 2589.004231][T11567] ? memcpy+0x38/0x50 [ 2589.008179][T11567] __kernfs_new_node+0xdb/0x6d0 [ 2589.012993][T11567] ? __kasan_kmalloc+0x137/0x1e0 [ 2589.017899][T11567] ? kernfs_new_node+0x160/0x160 [ 2589.022827][T11567] ? number+0xea3/0x1300 [ 2589.027037][T11567] ? __kasan_kmalloc+0x1a3/0x1e0 [ 2589.031939][T11567] kernfs_create_dir_ns+0x90/0x220 [ 2589.037013][T11567] sysfs_create_dir_ns+0x181/0x390 [ 2589.042090][T11567] ? sysfs_warn_dup+0xa0/0xa0 [ 2589.046735][T11567] kobject_add_internal+0x595/0xbd0 [ 2589.051902][T11567] kobject_add+0x14c/0x210 [ 2589.056284][T11567] ? refcount_inc_not_zero_checked+0x18d/0x280 [ 2589.062443][T11567] ? kobject_init+0x1d0/0x1d0 [ 2589.067085][T11567] ? get_device_parent+0x11a/0x430 [ 2589.072159][T11567] device_add+0x46a/0x18a0 [ 2589.076542][T11567] ? get_device+0x30/0x30 [ 2589.080836][T11567] ? mutex_lock+0xa6/0x110 [ 2589.085217][T11567] ? virtual_device_parent+0x50/0x50 [ 2589.090465][T11567] ? device_initialize+0x1d3/0x3e0 [ 2589.095541][T11567] rfkill_register+0x180/0x720 [ 2589.100272][T11567] hci_register_dev+0x398/0x710 [ 2589.105088][T11567] hci_uart_tty_ioctl+0x89e/0xa10 [ 2589.110079][T11567] ? hci_uart_tty_write+0x10/0x10 [ 2589.115069][T11567] tty_ioctl+0xf68/0x1710 [ 2589.119363][T11567] ? tty_do_resize+0x170/0x170 [ 2589.124089][T11567] ? avc_ss_reset+0x3a0/0x3a0 [ 2589.128735][T11567] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2589.134854][T11567] ? refcount_inc_checked+0x50/0x50 [ 2589.140015][T11567] ? memcg_check_events+0x5c/0x5b0 [ 2589.145095][T11567] ? proc_fail_nth_write+0x1d5/0x240 [ 2589.150347][T11567] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2589.155509][T11567] ? __lru_cache_add+0x1c4/0x210 [ 2589.160408][T11567] ? memset+0x1f/0x40 [ 2589.164354][T11567] ? fsnotify+0x1332/0x13f0 [ 2589.168823][T11567] ? tty_do_resize+0x170/0x170 [ 2589.173552][T11567] do_vfs_ioctl+0x76a/0x1720 [ 2589.178108][T11567] ? selinux_file_ioctl+0x72f/0x990 [ 2589.183306][T11567] ? ioctl_preallocate+0x250/0x250 [ 2589.188384][T11567] ? __fget+0x37b/0x3c0 [ 2589.192542][T11567] ? vfs_write+0x422/0x4e0 [ 2589.197059][T11567] ? fget_many+0x20/0x20 [ 2589.201268][T11567] ? debug_smp_processor_id+0x20/0x20 [ 2589.206612][T11567] ? security_file_ioctl+0x9d/0xb0 [ 2589.211692][T11567] __x64_sys_ioctl+0xd4/0x110 [ 2589.216337][T11567] do_syscall_64+0xcb/0x1e0 [ 2589.220808][T11567] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2589.226667][T11567] RIP: 0033:0x4665d9 [ 2589.230527][T11567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2589.250194][T11567] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2589.258583][T11567] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2589.266539][T11567] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2589.274482][T11567] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2589.282419][T11567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2589.290367][T11567] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2589.299946][T11567] kobject_add_internal failed for rfkill101 (error: -12 parent: hci0) [ 2589.308495][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) [ 2589.347839][ T8460] Bluetooth: hci1: command 0x1009 tx timeout [ 2591.347757][ T8460] Bluetooth: hci0: command 0x1003 tx timeout [ 2591.353793][T11169] Bluetooth: hci0: sending frame failed (-49) 09:35:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1f00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:35:25 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x4128050, r3, 0x5bbcd000) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TIOCGPTPEER(r3, 0x5441, 0xfffffffffffffffc) syz_open_dev$mouse(&(0x7f0000000040), 0x8, 0x200000) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r4, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r4, &(0x7f0000000040)=ANY=[], 0xa) writev(r4, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r4, &(0x7f0000000140)=ANY=[], 0xfef0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000100)=0x18) ioctl$KDADDIO(r0, 0x400455c8, 0x1ff) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) ioctl$TIOCNXCL(r6, 0x540d) 09:35:25 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:25 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:25 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TCFLSH(r0, 0x540b, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) [ 2593.364541][T11584] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2593.378863][ T7] Bluetooth: hci1: Frame reassembly failed (-84) [ 2593.427559][ T8460] Bluetooth: hci0: command 0x1001 tx timeout [ 2593.433630][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2595.427360][ T2661] Bluetooth: hci1: command 0x1003 tx timeout [ 2595.433413][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2595.507329][ T678] Bluetooth: hci0: command 0x1009 tx timeout [ 2597.507262][ T2255] Bluetooth: hci1: command 0x1001 tx timeout [ 2597.513291][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2599.587087][ T2255] Bluetooth: hci1: command 0x1009 tx timeout 09:35:32 executing program 2 (fault-call:2 fault-nth:41): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:35:32 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x6) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xc) r3 = ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xc008ae09, 0x400000) r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r6, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r6, &(0x7f0000000040)=ANY=[], 0xa) writev(r6, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r6, &(0x7f0000000140)=ANY=[], 0xfef0) ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000100)={0x9, 0x9, 0x3, 0x101, 0x2, "a0debc9da3e601206026667d58158cfe2b1e7d"}) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = dup2(r1, r4) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x200000) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) 09:35:32 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:32 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2599.764923][T11609] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2599.779865][T11609] FAULT_INJECTION: forcing a failure. [ 2599.779865][T11609] name failslab, interval 1, probability 0, space 0, times 0 [ 2599.793166][T11609] CPU: 0 PID: 11609 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2599.803541][T11609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2599.813578][T11609] Call Trace: [ 2599.816853][T11609] dump_stack+0x1d8/0x24e [ 2599.821153][T11609] ? devkmsg_release+0x11c/0x11c [ 2599.826058][T11609] ? __mutex_lock+0xce5/0x1080 [ 2599.830790][T11609] ? show_regs_print_info+0x12/0x12 [ 2599.835955][T11609] ? _raw_spin_lock+0xa3/0x1b0 [ 2599.840709][T11609] should_fail+0x6f6/0x860 [ 2599.845206][T11609] ? setup_fault_attr+0x3d0/0x3d0 [ 2599.850228][T11609] ? mutex_lock+0xa6/0x110 [ 2599.854640][T11609] ? mutex_trylock+0xb0/0xb0 [ 2599.859210][T11609] ? __kernfs_new_node+0xdb/0x6d0 [ 2599.864225][T11609] should_failslab+0x5/0x20 [ 2599.868713][T11609] kmem_cache_alloc+0x36/0x290 [ 2599.873468][T11609] __kernfs_new_node+0xdb/0x6d0 [ 2599.878303][T11609] ? kernfs_add_one+0x49e/0x5c0 [ 2599.883121][T11609] ? kernfs_new_node+0x160/0x160 [ 2599.888028][T11609] ? __kernfs_create_file+0x1f1/0x260 [ 2599.893381][T11609] ? sysfs_add_file_mode_ns+0x293/0x340 [ 2599.898902][T11609] ? sysfs_add_file_mode_ns+0x2b4/0x340 [ 2599.904422][T11609] kernfs_new_node+0x95/0x160 [ 2599.909073][T11609] kernfs_create_link+0x9c/0x1f0 [ 2599.913985][T11609] sysfs_do_create_link_sd+0x85/0x100 [ 2599.919327][T11609] device_add+0x74b/0x18a0 [ 2599.923714][T11609] ? get_device+0x30/0x30 [ 2599.928014][T11609] ? mutex_lock+0xa6/0x110 [ 2599.932411][T11609] ? virtual_device_parent+0x50/0x50 [ 2599.937664][T11609] ? device_initialize+0x1d3/0x3e0 [ 2599.942755][T11609] rfkill_register+0x180/0x720 [ 2599.947498][T11609] hci_register_dev+0x398/0x710 [ 2599.952318][T11609] hci_uart_tty_ioctl+0x89e/0xa10 [ 2599.957322][T11609] ? hci_uart_tty_write+0x10/0x10 [ 2599.962316][T11609] tty_ioctl+0xf68/0x1710 [ 2599.966615][T11609] ? tty_do_resize+0x170/0x170 [ 2599.971356][T11609] ? avc_ss_reset+0x3a0/0x3a0 [ 2599.976020][T11609] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2599.982410][T11609] ? refcount_inc_checked+0x50/0x50 [ 2599.987579][T11609] ? memcg_check_events+0x5c/0x5b0 [ 2599.992672][T11609] ? proc_fail_nth_write+0x1d5/0x240 [ 2599.997925][T11609] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2600.003094][T11609] ? __lru_cache_add+0x1c4/0x210 [ 2600.008002][T11609] ? memset+0x1f/0x40 [ 2600.011950][T11609] ? fsnotify+0x1332/0x13f0 [ 2600.016420][T11609] ? tty_do_resize+0x170/0x170 [ 2600.021155][T11609] do_vfs_ioctl+0x76a/0x1720 [ 2600.025716][T11609] ? selinux_file_ioctl+0x72f/0x990 [ 2600.030882][T11609] ? ioctl_preallocate+0x250/0x250 [ 2600.035963][T11609] ? __fget+0x37b/0x3c0 [ 2600.040095][T11609] ? vfs_write+0x422/0x4e0 [ 2600.044480][T11609] ? fget_many+0x20/0x20 [ 2600.048788][T11609] ? debug_smp_processor_id+0x20/0x20 [ 2600.054129][T11609] ? security_file_ioctl+0x9d/0xb0 [ 2600.059210][T11609] __x64_sys_ioctl+0xd4/0x110 [ 2600.063863][T11609] do_syscall_64+0xcb/0x1e0 [ 2600.068338][T11609] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2600.074284][T11609] RIP: 0033:0x4665d9 [ 2600.078236][T11609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2600.097815][T11609] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2600.106193][T11609] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2600.114134][T11609] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2600.122074][T11609] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2600.130023][T11609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2600.137975][T11609] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2600.167116][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 2602.226817][ T2661] Bluetooth: hci0: command 0x1003 tx timeout [ 2602.232934][T11169] Bluetooth: hci0: sending frame failed (-49) 09:35:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2000000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:35:35 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:35 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = signalfd(r0, &(0x7f0000000000)={[0x3]}, 0x8) ioctl$TIOCGPTPEER(r1, 0x5441, 0x80) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:35:35 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int]}, {0x0, [0x0]}}, 0x0, 0x6b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:35 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:35 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xa) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000100)={0x200000, 0x8, 0xfffffff9, 0x6, 0xe, "fa49304ebec1484bf0000eafcdffe6ca5ad3c3"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xc008ae09, 0x400000) writev(r3, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0xa) writev(r2, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfef0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xe) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x7, 0x7, 0x0, 0x34, 0x18, "78e0f4f116c86a2f937bebeeba568e29543364"}) [ 2603.603910][T11628] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2603.615914][ T7] Bluetooth: hci1: Frame reassembly failed (-84) 09:35:35 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x10142, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x0, 0xd9f, 0x9) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000080)=0x14) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r2, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0xa) writev(r2, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r2, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES64=r2, @ANYRES16], 0xfef0) r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0xc00, 0x0) fcntl$setpipe(r3, 0x407, 0x5) ioctl$KDADDIO(r2, 0x400455c8, 0x2) [ 2604.306635][ T2661] Bluetooth: hci0: command 0x1001 tx timeout [ 2604.312671][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2605.666508][ T2661] Bluetooth: hci1: command 0x1003 tx timeout [ 2605.672627][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2606.386457][ T2661] Bluetooth: hci0: command 0x1009 tx timeout [ 2607.746449][ T2661] Bluetooth: hci1: command 0x1001 tx timeout [ 2607.752473][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2609.826344][ T2661] Bluetooth: hci1: command 0x1009 tx timeout 09:35:42 executing program 2 (fault-call:2 fault-nth:42): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:35:42 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x165103, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x14040, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000080)={0x1fd, 0x0, 0x7, 0x8, 0x1b, "a42bacf50727cfbc77b4172763d12976bad977"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:35:42 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:42 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:42 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int]}, {0x0, [0x0]}}, 0x0, 0x6b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2610.653669][T11658] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2610.669020][T11658] FAULT_INJECTION: forcing a failure. [ 2610.669020][T11658] name failslab, interval 1, probability 0, space 0, times 0 [ 2610.682046][T11658] CPU: 0 PID: 11658 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2610.692279][T11658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2610.702463][T11658] Call Trace: [ 2610.705732][T11658] dump_stack+0x1d8/0x24e [ 2610.710035][T11658] ? devkmsg_release+0x11c/0x11c [ 2610.714943][T11658] ? mutex_unlock+0x19/0x40 [ 2610.719461][T11658] ? show_regs_print_info+0x12/0x12 [ 2610.724635][T11658] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2610.730690][T11658] should_fail+0x6f6/0x860 [ 2610.735088][T11658] ? setup_fault_attr+0x3d0/0x3d0 [ 2610.740089][T11658] ? _raw_spin_lock+0xa3/0x1b0 [ 2610.744829][T11658] ? __kernfs_new_node+0xdb/0x6d0 [ 2610.749823][T11658] should_failslab+0x5/0x20 [ 2610.754300][T11658] kmem_cache_alloc+0x36/0x290 [ 2610.759035][T11658] __kernfs_new_node+0xdb/0x6d0 [ 2610.763983][T11658] ? mutex_lock+0xa6/0x110 [ 2610.768381][T11658] ? kernfs_new_node+0x160/0x160 [ 2610.773291][T11658] ? kernfs_activate+0x3fc/0x420 [ 2610.778373][T11658] kernfs_new_node+0x95/0x160 [ 2610.783033][T11658] kernfs_create_link+0x9c/0x1f0 [ 2610.787943][T11658] sysfs_do_create_link_sd+0x85/0x100 [ 2610.793287][T11658] device_add+0x873/0x18a0 [ 2610.797677][T11658] ? get_device+0x30/0x30 [ 2610.801975][T11658] ? mutex_lock+0xa6/0x110 [ 2610.806362][T11658] ? virtual_device_parent+0x50/0x50 [ 2610.811618][T11658] ? device_initialize+0x1d3/0x3e0 [ 2610.816698][T11658] rfkill_register+0x180/0x720 [ 2610.821431][T11658] hci_register_dev+0x398/0x710 [ 2610.826257][T11658] hci_uart_tty_ioctl+0x89e/0xa10 [ 2610.831249][T11658] ? hci_uart_tty_write+0x10/0x10 [ 2610.836244][T11658] tty_ioctl+0xf68/0x1710 [ 2610.840569][T11658] ? tty_do_resize+0x170/0x170 [ 2610.845318][T11658] ? avc_ss_reset+0x3a0/0x3a0 [ 2610.849978][T11658] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2610.856120][T11658] ? refcount_inc_checked+0x50/0x50 [ 2610.861296][T11658] ? memcg_check_events+0x5c/0x5b0 [ 2610.866413][T11658] ? proc_fail_nth_write+0x1d5/0x240 [ 2610.871817][T11658] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2610.876990][T11658] ? __lru_cache_add+0x1c4/0x210 [ 2610.882141][T11658] ? memset+0x1f/0x40 [ 2610.886117][T11658] ? fsnotify+0x1332/0x13f0 [ 2610.890599][T11658] ? tty_do_resize+0x170/0x170 [ 2610.895344][T11658] do_vfs_ioctl+0x76a/0x1720 [ 2610.899930][T11658] ? selinux_file_ioctl+0x72f/0x990 [ 2610.905114][T11658] ? ioctl_preallocate+0x250/0x250 [ 2610.910204][T11658] ? __fget+0x37b/0x3c0 [ 2610.914340][T11658] ? vfs_write+0x422/0x4e0 [ 2610.918727][T11658] ? fget_many+0x20/0x20 [ 2610.922939][T11658] ? debug_smp_processor_id+0x20/0x20 [ 2610.928299][T11658] ? security_file_ioctl+0x9d/0xb0 [ 2610.933379][T11658] __x64_sys_ioctl+0xd4/0x110 [ 2610.938044][T11658] do_syscall_64+0xcb/0x1e0 [ 2610.942518][T11658] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2610.948389][T11658] RIP: 0033:0x4665d9 [ 2610.952255][T11658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2610.971847][T11658] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2610.980226][T11658] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2610.988174][T11658] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2610.996119][T11658] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2611.004071][T11658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2611.012026][T11658] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2611.026593][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) [ 2613.025927][ T2661] Bluetooth: hci0: command 0x1003 tx timeout [ 2613.032121][T11169] Bluetooth: hci0: sending frame failed (-49) 09:35:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2500000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:35:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:35:46 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:46 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int]}, {0x0, [0x0]}}, 0x0, 0x6b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:46 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={0xffffffffffffffff}, 0x4) fcntl$setstatus(r1, 0x4, 0x40400) ioctl$KDADDIO(r0, 0x400455c8, 0x2) fcntl$setflags(0xffffffffffffffff, 0x2, 0x1) 09:35:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x80) ioctl$KDADDIO(r0, 0x400455c8, 0x2) splice(r0, &(0x7f0000000080)=0xc9d, r0, &(0x7f00000000c0), 0x5, 0x8) [ 2613.847517][T11674] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2613.867293][ T2257] Bluetooth: hci1: Frame reassembly failed (-84) [ 2615.105773][ T8460] Bluetooth: hci0: command 0x1001 tx timeout [ 2615.111813][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2615.905791][ T8460] Bluetooth: hci1: command 0x1003 tx timeout [ 2615.911826][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2617.185649][ T8460] Bluetooth: hci0: command 0x1009 tx timeout [ 2617.985620][ T8460] Bluetooth: hci1: command 0x1001 tx timeout [ 2617.991646][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2620.065411][ T8460] Bluetooth: hci1: command 0x1009 tx timeout 09:35:53 executing program 2 (fault-call:2 fault-nth:43): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:35:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_pts(r1, 0x200) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x80000001, 0x0) ioctl$GIO_FONT(r2, 0x4b60, &(0x7f0000000000)=""/18) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xc008ae09, 0x400000) ioctl$F2FS_IOC_FLUSH_DEVICE(r4, 0x4008f50a, &(0x7f00000000c0)={0x2, 0x5}) 09:35:53 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:53 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:35:53 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2621.531645][T11701] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2621.540324][T11701] FAULT_INJECTION: forcing a failure. [ 2621.540324][T11701] name failslab, interval 1, probability 0, space 0, times 0 [ 2621.553815][T11701] CPU: 0 PID: 11701 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2621.564064][T11701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2621.574101][T11701] Call Trace: [ 2621.577367][T11701] dump_stack+0x1d8/0x24e [ 2621.581755][T11701] ? devkmsg_release+0x11c/0x11c [ 2621.586663][T11701] ? mutex_unlock+0x19/0x40 [ 2621.591138][T11701] ? show_regs_print_info+0x12/0x12 [ 2621.596309][T11701] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2621.602344][T11701] should_fail+0x6f6/0x860 [ 2621.606745][T11701] ? setup_fault_attr+0x3d0/0x3d0 [ 2621.611738][T11701] ? _raw_spin_lock+0xa3/0x1b0 [ 2621.616483][T11701] ? __kernfs_new_node+0xdb/0x6d0 [ 2621.621475][T11701] should_failslab+0x5/0x20 [ 2621.626008][T11701] kmem_cache_alloc+0x36/0x290 [ 2621.630782][T11701] __kernfs_new_node+0xdb/0x6d0 [ 2621.636064][T11701] ? mutex_lock+0xa6/0x110 [ 2621.640464][T11701] ? kernfs_new_node+0x160/0x160 [ 2621.645371][T11701] ? kernfs_activate+0x3fc/0x420 [ 2621.650289][T11701] kernfs_new_node+0x95/0x160 [ 2621.654936][T11701] kernfs_create_link+0x9c/0x1f0 [ 2621.659840][T11701] sysfs_do_create_link_sd+0x85/0x100 [ 2621.665180][T11701] device_add+0x873/0x18a0 [ 2621.669588][T11701] ? get_device+0x30/0x30 [ 2621.673886][T11701] ? mutex_lock+0xa6/0x110 [ 2621.678277][T11701] ? virtual_device_parent+0x50/0x50 [ 2621.683534][T11701] ? device_initialize+0x1d3/0x3e0 [ 2621.688617][T11701] rfkill_register+0x180/0x720 [ 2621.693351][T11701] hci_register_dev+0x398/0x710 [ 2621.698171][T11701] hci_uart_tty_ioctl+0x89e/0xa10 [ 2621.703162][T11701] ? hci_uart_tty_write+0x10/0x10 [ 2621.708155][T11701] tty_ioctl+0xf68/0x1710 [ 2621.712469][T11701] ? tty_do_resize+0x170/0x170 [ 2621.717208][T11701] ? avc_ss_reset+0x3a0/0x3a0 [ 2621.721855][T11701] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2621.727977][T11701] ? refcount_inc_checked+0x50/0x50 [ 2621.733146][T11701] ? memcg_check_events+0x5c/0x5b0 [ 2621.738225][T11701] ? proc_fail_nth_write+0x1d5/0x240 [ 2621.743480][T11701] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2621.748645][T11701] ? __lru_cache_add+0x1c4/0x210 [ 2621.753551][T11701] ? memset+0x1f/0x40 [ 2621.757500][T11701] ? fsnotify+0x1332/0x13f0 [ 2621.761970][T11701] ? tty_do_resize+0x170/0x170 [ 2621.766702][T11701] do_vfs_ioctl+0x76a/0x1720 [ 2621.771261][T11701] ? selinux_file_ioctl+0x72f/0x990 [ 2621.776446][T11701] ? ioctl_preallocate+0x250/0x250 [ 2621.781526][T11701] ? __fget+0x37b/0x3c0 [ 2621.785650][T11701] ? vfs_write+0x422/0x4e0 [ 2621.790039][T11701] ? fget_many+0x20/0x20 [ 2621.794256][T11701] ? debug_smp_processor_id+0x20/0x20 [ 2621.799603][T11701] ? security_file_ioctl+0x9d/0xb0 [ 2621.804680][T11701] __x64_sys_ioctl+0xd4/0x110 [ 2621.809327][T11701] do_syscall_64+0xcb/0x1e0 [ 2621.813808][T11701] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2621.819682][T11701] RIP: 0033:0x4665d9 [ 2621.823549][T11701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2621.843139][T11701] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2621.851514][T11701] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2621.859454][T11701] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2621.867394][T11701] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2621.875335][T11701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2621.883499][T11701] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2621.895249][ T2257] Bluetooth: hci0: Frame reassembly failed (-84) [ 2623.905111][ T2661] Bluetooth: hci0: command 0x1003 tx timeout [ 2623.911268][T11169] Bluetooth: hci0: sending frame failed (-49) 09:35:56 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2ce602f000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:35:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f0000000080)={0x5, 0x6, 0x75, 0x1, 0x81}) 09:35:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3000000, 0x1010, r0, 0xc669000) r1 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0x3ff, 0x2, 0xff, 0x1, 0x6, "75bca17f874f89ea3a67b951e3ee4b330f6449"}) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x19) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:35:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = syz_open_pts(r0, 0x501800) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1a) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:35:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) open$dir(&(0x7f0000000100)='./file0\x00', 0x470400, 0x61) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xe) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x600, 0x0) read(r1, &(0x7f00000001c0)=""/251, 0xfb) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2624.080110][T11716] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2624.089961][ T2257] Bluetooth: hci1: Frame reassembly failed (-84) 09:35:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x80000001, 0x0) ioctl$KDADDIO(r3, 0x400455c8, 0x3) 09:35:56 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) ioctl$FIGETBSZ(r1, 0x2, &(0x7f0000000000)) [ 2625.984988][ T2661] Bluetooth: hci0: command 0x1001 tx timeout [ 2625.991010][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2626.144881][ T2661] Bluetooth: hci1: command 0x1003 tx timeout [ 2626.150937][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2628.064855][ T2661] Bluetooth: hci0: command 0x1009 tx timeout [ 2628.224767][ T2661] Bluetooth: hci1: command 0x1001 tx timeout [ 2628.230784][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2630.304591][ T2661] Bluetooth: hci1: command 0x1009 tx timeout 09:36:04 executing program 2 (fault-call:2 fault-nth:44): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:36:04 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) syz_open_pts(r0, 0x8000) r1 = syz_open_pts(r0, 0xf00) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x80000001, 0x0) ioctl$KDFONTOP_COPY(r2, 0x4b72, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x8, 0x22, &(0x7f00000001c0)}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:36:04 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:04 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:04 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2632.412754][T11753] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2632.421347][T11753] FAULT_INJECTION: forcing a failure. [ 2632.421347][T11753] name failslab, interval 1, probability 0, space 0, times 0 [ 2632.435302][T11753] CPU: 1 PID: 11753 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2632.445531][T11753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2632.455571][T11753] Call Trace: [ 2632.458843][T11753] dump_stack+0x1d8/0x24e [ 2632.463146][T11753] ? devkmsg_release+0x11c/0x11c [ 2632.468054][T11753] ? show_regs_print_info+0x12/0x12 [ 2632.473224][T11753] should_fail+0x6f6/0x860 [ 2632.477611][T11753] ? setup_fault_attr+0x3d0/0x3d0 [ 2632.482608][T11753] ? __kernfs_new_node+0xdb/0x6d0 [ 2632.487780][T11753] should_failslab+0x5/0x20 [ 2632.492297][T11753] kmem_cache_alloc+0x36/0x290 [ 2632.497057][T11753] ? memcpy+0x38/0x50 [ 2632.501079][T11753] __kernfs_new_node+0xdb/0x6d0 [ 2632.505905][T11753] ? mutex_lock+0xa6/0x110 [ 2632.510340][T11753] ? kernfs_new_node+0x160/0x160 [ 2632.515250][T11753] ? kernfs_activate+0x3fc/0x420 [ 2632.520158][T11753] kernfs_new_node+0x95/0x160 [ 2632.524806][T11753] kernfs_create_link+0x9c/0x1f0 [ 2632.529714][T11753] sysfs_do_create_link_sd+0x85/0x100 [ 2632.535055][T11753] device_add+0x989/0x18a0 [ 2632.539447][T11753] ? get_device+0x30/0x30 [ 2632.543745][T11753] ? mutex_lock+0xa6/0x110 [ 2632.548127][T11753] ? virtual_device_parent+0x50/0x50 [ 2632.553422][T11753] ? device_initialize+0x1d3/0x3e0 [ 2632.558518][T11753] rfkill_register+0x180/0x720 [ 2632.563270][T11753] hci_register_dev+0x398/0x710 [ 2632.568089][T11753] hci_uart_tty_ioctl+0x89e/0xa10 [ 2632.573098][T11753] ? hci_uart_tty_write+0x10/0x10 [ 2632.578099][T11753] tty_ioctl+0xf68/0x1710 [ 2632.582410][T11753] ? tty_do_resize+0x170/0x170 [ 2632.587151][T11753] ? avc_ss_reset+0x3a0/0x3a0 [ 2632.591794][T11753] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2632.597911][T11753] ? refcount_inc_checked+0x50/0x50 [ 2632.603082][T11753] ? memcg_check_events+0x5c/0x5b0 [ 2632.608166][T11753] ? proc_fail_nth_write+0x1d5/0x240 [ 2632.613419][T11753] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2632.618582][T11753] ? __lru_cache_add+0x1c4/0x210 [ 2632.623485][T11753] ? memset+0x1f/0x40 [ 2632.627436][T11753] ? fsnotify+0x1332/0x13f0 [ 2632.631915][T11753] ? tty_do_resize+0x170/0x170 [ 2632.636683][T11753] do_vfs_ioctl+0x76a/0x1720 [ 2632.641304][T11753] ? selinux_file_ioctl+0x72f/0x990 [ 2632.646484][T11753] ? ioctl_preallocate+0x250/0x250 [ 2632.651582][T11753] ? __fget+0x37b/0x3c0 [ 2632.655707][T11753] ? vfs_write+0x422/0x4e0 [ 2632.660095][T11753] ? fget_many+0x20/0x20 [ 2632.664315][T11753] ? debug_smp_processor_id+0x20/0x20 [ 2632.669659][T11753] ? security_file_ioctl+0x9d/0xb0 [ 2632.674738][T11753] __x64_sys_ioctl+0xd4/0x110 [ 2632.679387][T11753] do_syscall_64+0xcb/0x1e0 [ 2632.683865][T11753] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2632.689726][T11753] RIP: 0033:0x4665d9 [ 2632.693600][T11753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2632.713176][T11753] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2632.721578][T11753] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2632.729518][T11753] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2632.737460][T11753] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2632.745411][T11753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2632.753367][T11753] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2632.765479][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 09:36:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3f00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:36:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TCGETS(r0, 0x5401, &(0x7f0000000000)) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x0, 0x0) syz_open_pts(r1, 0x4000) r2 = fsmount(r1, 0x0, 0x72) ioctl$KDDELIO(r2, 0x4b35, 0x7c) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x2, 0x5, 0x1f, 0x8000, 0x7, "1aedea907e68f4165b8d85729caed8d730b5b8"}) 09:36:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x80000001, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000100)=0x3f) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='xprtrdma_op_set_cto\x00'}, 0x10) ioctl$FS_IOC_GETFLAGS(r3, 0x80086601, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:36:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = accept$unix(0xffffffffffffffff, &(0x7f0000000100), &(0x7f00000001c0)=0x6e) r2 = epoll_create1(0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r3, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r3, &(0x7f0000000040)=ANY=[], 0xa) writev(r3, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0xfef0) write$P9_RREMOVE(r3, &(0x7f0000000240)={0x7, 0x7b, 0x1}, 0x7) r4 = fsmount(0xffffffffffffffff, 0x0, 0x4) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000080)={0x40002004}) dup3(r1, r2, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r5 = syz_open_dev$vcsn(&(0x7f0000000000), 0x1, 0x42840) ioctl$TIOCGICOUNT(r5, 0x545d, 0x0) [ 2634.321545][T11767] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2634.341448][ T7] Bluetooth: hci1: Frame reassembly failed (-84) [ 2634.784212][ T2306] Bluetooth: hci0: command 0x1003 tx timeout [ 2634.790244][T11169] Bluetooth: hci0: sending frame failed (-49) 09:36:07 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$F2FS_IOC_FLUSH_DEVICE(r1, 0x4008f50a, &(0x7f0000000000)={0x3ff}) 09:36:07 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x8) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = creat(&(0x7f00000001c0)='./file0\x00', 0xa0) openat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x800, 0x48) writev(r4, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x0) write$binfmt_elf64(r3, &(0x7f0000000040)=ANY=[], 0xa) writev(r3, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0xfef0) sendmsg$nl_generic(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffff}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x54, 0x28, 0x200, 0x70bd25, 0x25dfdbfe, {0x20}, [@typed={0xd, 0x25, 0x0, 0x0, @str='/dev/vcs\x00'}, @generic="abfdc558189017ef3acabc887401dec76be6718e253c020a1527cfba64329640b4089649e938b2bcfddb35916ba0"]}, 0x54}, 0x1, 0x0, 0x0, 0x1000}, 0x0) writev(r2, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0xa) r5 = timerfd_create(0x5, 0x80800) ioctl$F2FS_IOC_RESIZE_FS(r5, 0x4008f510, &(0x7f0000000240)=0x7) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000340)}], 0x1) writev(r2, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0xfef0) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x902, 0x0) ioctl$KDADDIO(r6, 0x400455c8, 0xc9abc96) 09:36:07 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000080), 0x3e, 0x58d282) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x13) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0x7, 0xaf9, 0xef5d, 0x3, 0x2, "a4b74d861433f2526907e4cb55393d77c1de69"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2636.384093][ T2306] Bluetooth: hci1: command 0x1003 tx timeout [ 2636.390108][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2636.864035][ T2306] Bluetooth: hci0: command 0x1001 tx timeout [ 2636.870175][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2638.464066][ T2306] Bluetooth: hci1: command 0x1001 tx timeout [ 2638.470359][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2638.943920][ T2306] Bluetooth: hci0: command 0x1009 tx timeout [ 2640.543855][ T2306] Bluetooth: hci1: command 0x1009 tx timeout 09:36:15 executing program 2 (fault-call:2 fault-nth:45): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:36:15 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/class/bdi', 0x40000, 0x10a) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xc) r1 = signalfd4(r0, &(0x7f00000000c0)={[0x2020000000000000]}, 0x8, 0x80c00) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x8) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) syz_open_pts(r2, 0x8000) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xa0c40, 0x0) ioctl$TCSETS(r3, 0x5402, &(0x7f0000000080)={0x200, 0x2, 0x80000000, 0x4, 0x6, "17f30970688d2044165b22bee97d9e3ca24e3f"}) 09:36:15 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:15 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:15 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2643.287746][T11798] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2643.296356][T11798] FAULT_INJECTION: forcing a failure. [ 2643.296356][T11798] name failslab, interval 1, probability 0, space 0, times 0 [ 2643.309629][T11798] CPU: 0 PID: 11798 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2643.319872][T11798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2643.319876][T11798] Call Trace: [ 2643.319893][T11798] dump_stack+0x1d8/0x24e [ 2643.319909][T11798] ? devkmsg_release+0x11c/0x11c [ 2643.342607][T11798] ? show_regs_print_info+0x12/0x12 [ 2643.342622][T11798] ? mutex_lock+0xa6/0x110 [ 2643.352184][T11798] should_fail+0x6f6/0x860 [ 2643.356587][T11798] ? setup_fault_attr+0x3d0/0x3d0 [ 2643.361580][T11798] ? kernfs_new_node+0x95/0x160 [ 2643.366398][T11798] ? kernfs_create_link+0x9c/0x1f0 [ 2643.371477][T11798] ? sysfs_do_create_link_sd+0x85/0x100 [ 2643.376992][T11798] ? mutex_lock+0xa6/0x110 [ 2643.381375][T11798] ? __kernfs_new_node+0xdb/0x6d0 [ 2643.386369][T11798] should_failslab+0x5/0x20 [ 2643.390905][T11798] kmem_cache_alloc+0x36/0x290 [ 2643.395650][T11798] __kernfs_new_node+0xdb/0x6d0 [ 2643.400479][T11798] ? kernfs_new_node+0x160/0x160 [ 2643.405428][T11798] ? selinux_path_notify+0x6c0/0x6c0 [ 2643.410687][T11798] ? _raw_spin_lock+0xa3/0x1b0 [ 2643.415425][T11798] kernfs_new_node+0x95/0x160 [ 2643.420080][T11798] __kernfs_create_file+0x45/0x260 [ 2643.425170][T11798] sysfs_add_file_mode_ns+0x293/0x340 [ 2643.430509][T11798] internal_create_group+0x560/0xf10 [ 2643.435761][T11798] ? sysfs_create_group+0x20/0x20 [ 2643.440761][T11798] sysfs_create_groups+0x5d/0x130 [ 2643.445793][T11798] device_add+0xa51/0x18a0 [ 2643.450183][T11798] ? get_device+0x30/0x30 [ 2643.454479][T11798] ? mutex_lock+0xa6/0x110 [ 2643.458866][T11798] ? virtual_device_parent+0x50/0x50 [ 2643.464125][T11798] ? device_initialize+0x1d3/0x3e0 [ 2643.469212][T11798] rfkill_register+0x180/0x720 [ 2643.473952][T11798] hci_register_dev+0x398/0x710 [ 2643.478779][T11798] hci_uart_tty_ioctl+0x89e/0xa10 [ 2643.483790][T11798] ? hci_uart_tty_write+0x10/0x10 [ 2643.488781][T11798] tty_ioctl+0xf68/0x1710 [ 2643.493191][T11798] ? tty_do_resize+0x170/0x170 [ 2643.497923][T11798] ? avc_ss_reset+0x3a0/0x3a0 [ 2643.502569][T11798] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2643.508711][T11798] ? refcount_inc_checked+0x50/0x50 [ 2643.513879][T11798] ? memcg_check_events+0x5c/0x5b0 [ 2643.518966][T11798] ? proc_fail_nth_write+0x1d5/0x240 [ 2643.524297][T11798] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2643.529476][T11798] ? __lru_cache_add+0x1c4/0x210 [ 2643.534475][T11798] ? memset+0x1f/0x40 [ 2643.538439][T11798] ? fsnotify+0x1332/0x13f0 [ 2643.542911][T11798] ? tty_do_resize+0x170/0x170 [ 2643.547659][T11798] do_vfs_ioctl+0x76a/0x1720 [ 2643.552235][T11798] ? selinux_file_ioctl+0x72f/0x990 [ 2643.557409][T11798] ? ioctl_preallocate+0x250/0x250 [ 2643.562490][T11798] ? __fget+0x37b/0x3c0 [ 2643.566629][T11798] ? vfs_write+0x422/0x4e0 [ 2643.571034][T11798] ? fget_many+0x20/0x20 [ 2643.575258][T11798] ? debug_smp_processor_id+0x20/0x20 [ 2643.580605][T11798] ? security_file_ioctl+0x9d/0xb0 [ 2643.585710][T11798] __x64_sys_ioctl+0xd4/0x110 [ 2643.590355][T11798] do_syscall_64+0xcb/0x1e0 [ 2643.594831][T11798] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2643.600690][T11798] RIP: 0033:0x4665d9 [ 2643.604623][T11798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2643.624332][T11798] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2643.632745][T11798] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2643.640686][T11798] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2643.648636][T11798] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2643.656575][T11798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2643.664520][T11798] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2643.677948][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) 09:36:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4000000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:36:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCMIWAIT(r0, 0x545c, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TCXONC(r0, 0x540a, 0x1) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f00000000c0)={0x1, 0x3, 0x5, 0x3f, 0xd, "6e1152c13cdfeabd19ef1d1c2e1c622b29206c"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:36:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x301001, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0xc0, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000308c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000305c0)={0xa}, 0x8, 0x10, 0x0, 0x0, r2}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x1b, 0x9, &(0x7f00000010c0)=@raw=[@btf_id={0x18, 0x5, 0x3, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x85}, @map={0x18, 0x6, 0x1, 0x0, r1}, @exit, @generic={0x1f, 0x9, 0x6, 0x6, 0x1}, @map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}], &(0x7f0000001140)='GPL\x00', 0x7, 0x6c, &(0x7f0000001180)=""/108, 0x41100, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, &(0x7f0000001200)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000001240)={0x0, 0x1, 0x1, 0xfffffffd}, 0x10, r2}, 0x78) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xc008ae09, 0x400000) preadv(r3, &(0x7f0000001080)=[{&(0x7f0000000080)=""/4096, 0x1000}], 0x1, 0x1ff, 0x1) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:36:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0xfffffc01, 0x10000, 0x43, 0x8, 0x15, "f97042f45fdebfdccaeb60636471392e4dc37d"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/rtc', 0x400900, 0x1e) ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0x800, 0xa8, 0x1, 0x1fa, 0x10, "4b9efd8a2382d4c9"}) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000100)={0x0, 0x3f, 0x7, 0x3, 0x18, "1822e9ee657e2a6d923922a2bb2a9e436c09d8"}) [ 2644.556457][T11812] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2644.565435][ T7] Bluetooth: hci1: Frame reassembly failed (-84) 09:36:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x84000, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0x8, 0x0, 0x4, 0x5, 0x19, "41efd5e94d13f09befc3008b1f819b20f9d92c"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f00000003c0)) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xc008ae09, 0x400000) preadv(r3, &(0x7f0000000380)=[{&(0x7f00000000c0)=""/132, 0x84}, {&(0x7f00000001c0)=""/216, 0xd8}, {&(0x7f00000002c0)=""/131, 0x83}], 0x3, 0x9, 0x4) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(0xffffffffffffffff, 0x0, r4, 0x0, 0x80000001, 0x0) ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f0000000400)) ioctl$KDADDIO(r1, 0x400455c8, 0x200008000008000) ioctl$TIOCSBRK(r0, 0x5427) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xc008ae09, 0x400000) pwritev2(r5, &(0x7f0000000500)=[{&(0x7f0000000540)="064456ff0a4b0890e855de11950fb1851388de9787ee2da144b0ea4c558bf6070086fa117a1e9580ca63a5f660b4e439ffb678f85e1538f42cd8ed441dc5603814b54f440a85436627aacbef3cdff463fc141d72151f0dd408e9e9457af37111334d9016348d89e88704a2da7e78e3988b93b636d9351048ba07fc4b4265f475ee7734ca31d244d3385a4f1e350d7dede2003298f2da2e1e94ee6a72bc2faf7374ab7ba2fdcc2293471886a60e5a51eb28db", 0xb2}, {&(0x7f0000000480)="8482a116b08b7ebeb4f74f50310bd3946f1094542a636291ca097e5fc5fc6166809d7a32f6baced577fb87020926654a3c40269c21ffa5696d4135ae58364125202c9f963342afdc85e45e0872bbe5c115dd0056c0aa7164e336ce06ecbc930068f827e9bb024b7e8fd1eb588a6bbe9424328f37dd0b076eb364dc43ed9f0858", 0x80}], 0x2, 0x9, 0x400009, 0x0) 09:36:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x9, 0x2010, r0, 0xaf461000) syz_open_pts(r0, 0x2000) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:36:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000000)=0x7) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) [ 2645.743343][ T2306] Bluetooth: hci0: command 0x1003 tx timeout [ 2645.749535][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2646.623241][ T2306] Bluetooth: hci1: command 0x1003 tx timeout [ 2646.629650][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2647.823175][ T2306] Bluetooth: hci0: command 0x1001 tx timeout [ 2647.829237][T11169] Bluetooth: hci0: sending frame failed (-49) [ 2648.703172][ T2306] Bluetooth: hci1: command 0x1001 tx timeout [ 2648.709265][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2649.903023][ T2306] Bluetooth: hci0: command 0x1009 tx timeout [ 2650.783413][ T2306] Bluetooth: hci1: command 0x1009 tx timeout 09:36:26 executing program 2 (fault-call:2 fault-nth:46): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:36:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000080)={0x29, 0x3, 0x4, 0x2ed, 0x0, "b82ad6f60efca445ef4cac30d361a9b2e0d292"}) 09:36:26 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:26 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:26 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2654.175034][T11846] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2654.185030][T11846] FAULT_INJECTION: forcing a failure. [ 2654.185030][T11846] name failslab, interval 1, probability 0, space 0, times 0 [ 2654.197748][T11846] CPU: 1 PID: 11846 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2654.207969][T11846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2654.218003][T11846] Call Trace: [ 2654.221272][T11846] dump_stack+0x1d8/0x24e [ 2654.225711][T11846] ? devkmsg_release+0x11c/0x11c [ 2654.230715][T11846] ? mutex_unlock+0x19/0x40 [ 2654.235212][T11846] ? show_regs_print_info+0x12/0x12 [ 2654.240378][T11846] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2654.246414][T11846] should_fail+0x6f6/0x860 [ 2654.250859][T11846] ? setup_fault_attr+0x3d0/0x3d0 [ 2654.255858][T11846] ? _raw_spin_lock+0xa3/0x1b0 [ 2654.260590][T11846] ? __kernfs_new_node+0xdb/0x6d0 [ 2654.265708][T11846] should_failslab+0x5/0x20 [ 2654.270226][T11846] kmem_cache_alloc+0x36/0x290 [ 2654.274983][T11846] __kernfs_new_node+0xdb/0x6d0 [ 2654.279808][T11846] ? mutex_lock+0xa6/0x110 [ 2654.284192][T11846] ? kernfs_new_node+0x160/0x160 [ 2654.289106][T11846] ? kernfs_activate+0x3fc/0x420 [ 2654.294013][T11846] kernfs_new_node+0x95/0x160 [ 2654.298670][T11846] __kernfs_create_file+0x45/0x260 [ 2654.303772][T11846] sysfs_add_file_mode_ns+0x293/0x340 [ 2654.309203][T11846] internal_create_group+0x560/0xf10 [ 2654.314459][T11846] ? sysfs_create_group+0x20/0x20 [ 2654.319467][T11846] sysfs_create_groups+0x5d/0x130 [ 2654.324463][T11846] device_add+0xa51/0x18a0 [ 2654.328853][T11846] ? get_device+0x30/0x30 [ 2654.333153][T11846] ? mutex_lock+0xa6/0x110 [ 2654.337556][T11846] ? virtual_device_parent+0x50/0x50 [ 2654.342807][T11846] ? device_initialize+0x1d3/0x3e0 [ 2654.347888][T11846] rfkill_register+0x180/0x720 [ 2654.352620][T11846] hci_register_dev+0x398/0x710 [ 2654.357455][T11846] hci_uart_tty_ioctl+0x89e/0xa10 [ 2654.362448][T11846] ? hci_uart_tty_write+0x10/0x10 [ 2654.367454][T11846] tty_ioctl+0xf68/0x1710 [ 2654.371754][T11846] ? tty_do_resize+0x170/0x170 [ 2654.376486][T11846] ? avc_ss_reset+0x3a0/0x3a0 [ 2654.381130][T11846] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2654.387269][T11846] ? refcount_inc_checked+0x50/0x50 [ 2654.392439][T11846] ? proc_fail_nth_write+0x1d5/0x240 [ 2654.397724][T11846] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2654.402892][T11846] ? preempt_schedule_irq+0xef/0x140 [ 2654.408164][T11846] ? __lru_cache_add+0x1c4/0x210 [ 2654.413068][T11846] ? memset+0x1f/0x40 [ 2654.417039][T11846] ? fsnotify+0x1332/0x13f0 [ 2654.421519][T11846] ? tty_do_resize+0x170/0x170 [ 2654.426258][T11846] do_vfs_ioctl+0x76a/0x1720 [ 2654.430833][T11846] ? selinux_file_ioctl+0x72f/0x990 [ 2654.436001][T11846] ? ioctl_preallocate+0x250/0x250 [ 2654.441090][T11846] ? __fget+0x37b/0x3c0 [ 2654.445214][T11846] ? debug_smp_processor_id+0x20/0x20 [ 2654.450557][T11846] ? fget_many+0x20/0x20 [ 2654.454789][T11846] ? __fpregs_load_activate+0x1d7/0x3c0 [ 2654.460305][T11846] ? security_file_ioctl+0x9d/0xb0 [ 2654.465404][T11846] __x64_sys_ioctl+0xd4/0x110 [ 2654.470051][T11846] do_syscall_64+0xcb/0x1e0 [ 2654.474544][T11846] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2654.480404][T11846] RIP: 0033:0x4665d9 [ 2654.484266][T11846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2654.503854][T11846] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2654.512248][T11846] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2654.520197][T11846] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2654.528229][T11846] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2654.536180][T11846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2654.544213][T11846] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2654.553352][ T7986] Bluetooth: hci0: Frame reassembly failed (-84) 09:36:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x9, 0xc20, 0x1, 0x8, 0x18, "75473123a5dd2c28e66f87b5f3d125dc55cf24"}) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xa) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) ioctl$TIOCGRS485(r1, 0x542e, &(0x7f0000000140)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) write$binfmt_misc(r0, &(0x7f00000000c0)={'syz1', "06c5f0c43f9afa0170e5ccd70c723dc781bdcb01f57ac111dfe877c019ff2a11f65852d24cb6d1fd542e3dd41fa58feb83401369d174b3708d3c4658aed53a74563d8cf4c6c70235f724542b15170d8a38af623e974bec18920df185505200d71d02e186172d4e49e32da321f81a"}, 0x72) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000080)=0x2) write(r0, &(0x7f00000001c0)="6f07921030f4a031c6ff5d693fe510b47b99826edcb833c934c64e677a32e29e4dbe76fd183f9e1748637f9c86606feb6987d50be5b7ea9e639d80439061f753e2b12729ea4e3df05891e9aacdf9aa2a35a5eb0ace8be013b795745168c8f8b12b69691dc1e1e4c6621a2f7593351bc13fa9f8008ef42f4eb7ac8c95dccb818febabb8a177ebd3cd93b701924d6127244e7fc01caee575ef59c6d024a6e18f563803767e70dbe5b4b4287e226b459272", 0xb0) 09:36:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4800000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2654.795338][T11858] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2654.804995][T11169] Bluetooth: hci1: sending frame failed (-49) [ 2654.811371][ T7] Bluetooth: hci2: Frame reassembly failed (-84) [ 2656.622412][ T2661] Bluetooth: hci0: command 0x1003 tx timeout [ 2656.628570][T11862] Bluetooth: hci0: sending frame failed (-49) [ 2656.862394][ T2661] Bluetooth: hci2: command 0x1003 tx timeout [ 2656.868457][T11862] Bluetooth: hci2: sending frame failed (-49) [ 2656.874808][ T2661] Bluetooth: hci1: command 0x1003 tx timeout [ 2656.880894][T11862] Bluetooth: hci1: sending frame failed (-49) 09:36:29 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:29 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:29 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2658.702232][ T2661] Bluetooth: hci0: command 0x1001 tx timeout [ 2658.708288][T11862] Bluetooth: hci0: sending frame failed (-49) [ 2658.942242][ T7557] Bluetooth: hci1: command 0x1001 tx timeout [ 2658.942247][ T2661] Bluetooth: hci2: command 0x1001 tx timeout [ 2658.942306][T11862] Bluetooth: hci2: sending frame failed (-49) [ 2658.948360][T11861] Bluetooth: hci1: sending frame failed (-49) 09:36:32 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:32 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2660.782079][ T2255] Bluetooth: hci0: command 0x1009 tx timeout [ 2661.022096][ T2661] Bluetooth: hci2: command 0x1009 tx timeout [ 2661.022100][ T2255] Bluetooth: hci1: command 0x1009 tx timeout 09:36:37 executing program 2 (fault-call:2 fault-nth:47): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:36:37 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:37 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:37 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:37 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x12041, &(0x7f00000000c0)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r0, &(0x7f0000000480)=[{&(0x7f0000000140)=""/33, 0x21}, {&(0x7f00000001c0)=""/138, 0x8a}, {&(0x7f0000000280)=""/163, 0xa3}, {&(0x7f0000000340)=""/57, 0x39}, {&(0x7f0000000380)=""/11, 0xb}, {&(0x7f00000003c0)=""/63, 0x3f}, {&(0x7f0000000440)=""/33, 0x21}], 0x7) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x1) write(r1, &(0x7f0000000100)="6a99522b03352b042e15185139821b770e5842fc2b858f2307a4211e9fe8d28cc3fb8c9b740664", 0x27) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x85) ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x541c, &(0x7f0000000500)) 09:36:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4c00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2665.062595][T11891] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2665.072457][T11892] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2665.081059][T11891] FAULT_INJECTION: forcing a failure. [ 2665.081059][T11891] name failslab, interval 1, probability 0, space 0, times 0 [ 2665.094827][T11891] CPU: 0 PID: 11891 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2665.105054][T11891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2665.115085][T11891] Call Trace: [ 2665.118356][T11891] dump_stack+0x1d8/0x24e [ 2665.122669][T11891] ? devkmsg_release+0x11c/0x11c [ 2665.127585][T11891] ? mutex_unlock+0x19/0x40 [ 2665.132061][T11891] ? show_regs_print_info+0x12/0x12 [ 2665.137243][T11891] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2665.143291][T11891] should_fail+0x6f6/0x860 [ 2665.147688][T11891] ? setup_fault_attr+0x3d0/0x3d0 [ 2665.152714][T11891] ? _raw_spin_lock+0xa3/0x1b0 [ 2665.157460][T11891] ? __kernfs_new_node+0xdb/0x6d0 [ 2665.162465][T11891] should_failslab+0x5/0x20 [ 2665.166976][T11891] kmem_cache_alloc+0x36/0x290 [ 2665.171717][T11891] __kernfs_new_node+0xdb/0x6d0 [ 2665.176546][T11891] ? mutex_lock+0xa6/0x110 [ 2665.180933][T11891] ? kernfs_new_node+0x160/0x160 [ 2665.185843][T11891] ? kernfs_activate+0x3fc/0x420 [ 2665.190752][T11891] kernfs_new_node+0x95/0x160 [ 2665.195413][T11891] __kernfs_create_file+0x45/0x260 [ 2665.200496][T11891] sysfs_add_file_mode_ns+0x293/0x340 [ 2665.205851][T11891] internal_create_group+0x560/0xf10 [ 2665.211109][T11891] ? sysfs_create_group+0x20/0x20 [ 2665.216101][T11891] sysfs_create_groups+0x5d/0x130 [ 2665.221093][T11891] device_add+0xa51/0x18a0 [ 2665.225478][T11891] ? get_device+0x30/0x30 [ 2665.229775][T11891] ? mutex_lock+0xa6/0x110 [ 2665.234161][T11891] ? virtual_device_parent+0x50/0x50 [ 2665.239415][T11891] ? device_initialize+0x1d3/0x3e0 [ 2665.244498][T11891] rfkill_register+0x180/0x720 [ 2665.249230][T11891] hci_register_dev+0x398/0x710 [ 2665.254050][T11891] hci_uart_tty_ioctl+0x89e/0xa10 [ 2665.259059][T11891] ? hci_uart_tty_write+0x10/0x10 [ 2665.264050][T11891] tty_ioctl+0xf68/0x1710 [ 2665.268350][T11891] ? tty_do_resize+0x170/0x170 [ 2665.273082][T11891] ? avc_ss_reset+0x3a0/0x3a0 [ 2665.277727][T11891] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2665.283848][T11891] ? refcount_inc_checked+0x50/0x50 [ 2665.289020][T11891] ? memcg_check_events+0x5c/0x5b0 [ 2665.294373][T11891] ? proc_fail_nth_write+0x1d5/0x240 [ 2665.299653][T11891] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2665.304821][T11891] ? __lru_cache_add+0x1c4/0x210 [ 2665.309738][T11891] ? memset+0x1f/0x40 [ 2665.313698][T11891] ? fsnotify+0x1332/0x13f0 [ 2665.318189][T11891] ? tty_do_resize+0x170/0x170 [ 2665.322931][T11891] do_vfs_ioctl+0x76a/0x1720 [ 2665.327498][T11891] ? selinux_file_ioctl+0x72f/0x990 [ 2665.332666][T11891] ? ioctl_preallocate+0x250/0x250 [ 2665.337747][T11891] ? __fget+0x37b/0x3c0 [ 2665.341874][T11891] ? vfs_write+0x422/0x4e0 [ 2665.346260][T11891] ? fget_many+0x20/0x20 [ 2665.350471][T11891] ? debug_smp_processor_id+0x20/0x20 [ 2665.355822][T11891] ? security_file_ioctl+0x9d/0xb0 [ 2665.360926][T11891] __x64_sys_ioctl+0xd4/0x110 [ 2665.365575][T11891] do_syscall_64+0xcb/0x1e0 [ 2665.370056][T11891] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2665.375925][T11891] RIP: 0033:0x4665d9 [ 2665.379793][T11891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2665.399368][T11891] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2665.407769][T11891] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2665.415716][T11891] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2665.423658][T11891] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2665.431598][T11891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2665.439564][T11891] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2665.449163][ T2257] Bluetooth: hci0: Frame reassembly failed (-84) [ 2665.455650][ T87] Bluetooth: hci1: sending frame failed (-49) 09:36:37 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000000000), 0x6, 0x900) ioctl$TIOCGPTPEER(r1, 0x5441, 0x7) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:36:37 executing program 1: setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000000), 0x4) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:36:37 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x400801, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xc008ae09, 0x400000) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xc008ae09, 0x400000) splice(r0, &(0x7f00000000c0)=0x7c2cdf3d, r2, &(0x7f0000000100)=0x80000000, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xc008ae09, 0x400000) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r4, 0x0, r5, 0x0, 0x80000001, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfef0) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000140)={0x7, 0x7b, 0x2}, 0x7) ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000080)={0x9, 0x3, 0x6, 0x81, 0x8, "8faebc2d3deb2b0f51e12a1d2924f536997a62"}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xc008ae09, 0x400000) dup3(r3, r6, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 09:36:37 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x400840, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) syz_open_pts(r0, 0x48400) 09:36:37 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xa) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0x3, 0xf00, 0x8, 0x4, 0xc, "48cd148a441b88bf7a6bea63aca59e97f046cd"}) 09:36:37 executing program 1: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "bb4c269ba6fcf33d196d8742d9ed968cceb2005f91f7b340ae882139d5dfe636e7486ad48f0cb09287ba2985d22b8485f62e5c8d5b5f0b50fdf2a3af92a58e1f", 0x2f}, 0x48, 0xfffffffffffffffb) keyctl$link(0x8, r0, 0xfffffffffffffffc) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x2) fcntl$addseals(0xffffffffffffffff, 0x409, 0x6) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, r2) keyctl$clear(0x7, r2) [ 2667.501552][ T2661] Bluetooth: hci1: command 0x1003 tx timeout [ 2667.507685][ T2661] Bluetooth: hci0: command 0x1003 tx timeout [ 2667.507716][ T87] Bluetooth: hci1: sending frame failed (-49) [ 2667.514787][T11861] Bluetooth: hci0: sending frame failed (-49) [ 2669.581447][ T2255] Bluetooth: hci1: command 0x1001 tx timeout [ 2669.581452][ T2661] Bluetooth: hci0: command 0x1001 tx timeout [ 2669.581505][T11861] Bluetooth: hci0: sending frame failed (-49) [ 2669.587476][ T87] Bluetooth: hci1: sending frame failed (-49) [ 2671.661298][ T2306] Bluetooth: hci0: command 0x1009 tx timeout [ 2671.661312][ T2255] Bluetooth: hci1: command 0x1009 tx timeout 09:36:48 executing program 2 (fault-call:2 fault-nth:48): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:36:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/class/bdi', 0x40000, 0x10a) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xc) r1 = signalfd4(r0, &(0x7f00000000c0)={[0x2020000000000000]}, 0x8, 0x80c00) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x8) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) syz_open_pts(r2, 0x8000) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xa0c40, 0x0) ioctl$TCSETS(r3, 0x5402, &(0x7f0000000080)={0x200, 0x2, 0x80000000, 0x4, 0x6, "17f30970688d2044165b22bee97d9e3ca24e3f"}) 09:36:48 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:48 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:48 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6000000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:36:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4c00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2675.944073][T11947] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2675.953270][T11948] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2675.962696][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 2675.977967][T11948] FAULT_INJECTION: forcing a failure. [ 2675.977967][T11948] name failslab, interval 1, probability 0, space 0, times 0 [ 2675.991553][T11948] CPU: 0 PID: 11948 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2676.002000][T11948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2676.012045][T11948] Call Trace: [ 2676.015327][T11948] dump_stack+0x1d8/0x24e [ 2676.019764][T11948] ? devkmsg_release+0x11c/0x11c [ 2676.024690][T11948] ? mutex_unlock+0x19/0x40 [ 2676.029192][T11948] ? show_regs_print_info+0x12/0x12 [ 2676.034374][T11948] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2676.040854][T11948] should_fail+0x6f6/0x860 [ 2676.045245][T11948] ? setup_fault_attr+0x3d0/0x3d0 [ 2676.050256][T11948] ? _raw_spin_lock+0xa3/0x1b0 [ 2676.055035][T11948] ? __kernfs_new_node+0xdb/0x6d0 [ 2676.060034][T11948] should_failslab+0x5/0x20 [ 2676.064518][T11948] kmem_cache_alloc+0x36/0x290 [ 2676.069254][T11948] __kernfs_new_node+0xdb/0x6d0 [ 2676.074092][T11948] ? mutex_lock+0xa6/0x110 [ 2676.078488][T11948] ? kernfs_new_node+0x160/0x160 [ 2676.083528][T11948] ? kernfs_activate+0x3fc/0x420 [ 2676.088445][T11948] kernfs_new_node+0x95/0x160 [ 2676.093117][T11948] __kernfs_create_file+0x45/0x260 [ 2676.098206][T11948] sysfs_add_file_mode_ns+0x293/0x340 [ 2676.103577][T11948] internal_create_group+0x560/0xf10 [ 2676.108837][T11948] ? sysfs_create_group+0x20/0x20 [ 2676.113837][T11948] sysfs_create_groups+0x5d/0x130 [ 2676.118837][T11948] device_add+0xa51/0x18a0 [ 2676.123238][T11948] ? get_device+0x30/0x30 [ 2676.127564][T11948] ? mutex_lock+0xa6/0x110 [ 2676.131966][T11948] ? virtual_device_parent+0x50/0x50 [ 2676.137241][T11948] ? device_initialize+0x1d3/0x3e0 [ 2676.142468][T11948] rfkill_register+0x180/0x720 [ 2676.147212][T11948] hci_register_dev+0x398/0x710 [ 2676.152038][T11948] hci_uart_tty_ioctl+0x89e/0xa10 [ 2676.157033][T11948] ? hci_uart_tty_write+0x10/0x10 [ 2676.162045][T11948] tty_ioctl+0xf68/0x1710 [ 2676.166345][T11948] ? tty_do_resize+0x170/0x170 [ 2676.171076][T11948] ? avc_ss_reset+0x3a0/0x3a0 [ 2676.175724][T11948] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2676.181849][T11948] ? refcount_inc_checked+0x50/0x50 [ 2676.187018][T11948] ? memcg_check_events+0x5c/0x5b0 [ 2676.192108][T11948] ? proc_fail_nth_write+0x1d5/0x240 [ 2676.197368][T11948] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2676.202533][T11948] ? __lru_cache_add+0x1c4/0x210 [ 2676.207442][T11948] ? memset+0x1f/0x40 [ 2676.211392][T11948] ? fsnotify+0x1332/0x13f0 [ 2676.216029][T11948] ? tty_do_resize+0x170/0x170 [ 2676.220771][T11948] do_vfs_ioctl+0x76a/0x1720 [ 2676.225336][T11948] ? selinux_file_ioctl+0x72f/0x990 [ 2676.230508][T11948] ? ioctl_preallocate+0x250/0x250 [ 2676.235594][T11948] ? __fget+0x37b/0x3c0 [ 2676.239720][T11948] ? vfs_write+0x422/0x4e0 [ 2676.244128][T11948] ? fget_many+0x20/0x20 [ 2676.248357][T11948] ? debug_smp_processor_id+0x20/0x20 [ 2676.253702][T11948] ? security_file_ioctl+0x9d/0xb0 [ 2676.258791][T11948] __x64_sys_ioctl+0xd4/0x110 [ 2676.263536][T11948] do_syscall_64+0xcb/0x1e0 [ 2676.268110][T11948] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2676.273986][T11948] RIP: 0033:0x4665d9 [ 2676.277872][T11948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2676.297448][T11948] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2676.305835][T11948] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2676.313792][T11948] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2676.321739][T11948] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2676.329685][T11948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2676.337665][T11948] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2676.349570][ T7] Bluetooth: hci2: Frame reassembly failed (-84) [ 2676.356039][ T2257] Bluetooth: hci1: Frame reassembly failed (-84) [ 2677.980719][ T2661] Bluetooth: hci0: command 0x1003 tx timeout [ 2677.986746][T11861] Bluetooth: hci0: sending frame failed (-49) [ 2678.380664][ T2661] Bluetooth: hci1: command 0x1003 tx timeout [ 2678.386812][T11861] Bluetooth: hci1: sending frame failed (-49) [ 2678.393348][ T2661] Bluetooth: hci2: command 0x1003 tx timeout [ 2678.399558][T11861] Bluetooth: hci2: sending frame failed (-49) 09:36:51 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:51 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:51 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(0x0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:51 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:51 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2680.060535][ T2661] Bluetooth: hci0: command 0x1001 tx timeout [ 2680.066598][T11861] Bluetooth: hci0: sending frame failed (-49) [ 2680.460533][ T2661] Bluetooth: hci2: command 0x1001 tx timeout [ 2680.466573][ T2661] Bluetooth: hci1: command 0x1001 tx timeout [ 2680.466609][T11861] Bluetooth: hci2: sending frame failed (-49) [ 2680.472837][T11862] Bluetooth: hci1: sending frame failed (-49) [ 2682.140393][ T2661] Bluetooth: hci0: command 0x1009 tx timeout [ 2682.540380][ T2255] Bluetooth: hci2: command 0x1009 tx timeout [ 2682.540385][ T2661] Bluetooth: hci1: command 0x1009 tx timeout 09:36:59 executing program 2 (fault-call:2 fault-nth:49): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:36:59 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:59 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:59 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6800000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:36:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4c00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:36:59 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:36:59 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x127, 0x127, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0x143}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2686.812465][T11985] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2686.824800][ T2257] Bluetooth: hci0: Frame reassembly failed (-84) [ 2686.826990][T11983] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2686.843007][ T2257] Bluetooth: hci2: Frame reassembly failed (-84) 09:36:59 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2686.858028][T11983] FAULT_INJECTION: forcing a failure. [ 2686.858028][T11983] name failslab, interval 1, probability 0, space 0, times 0 [ 2686.871223][T11983] CPU: 0 PID: 11983 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2686.881487][T11983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2686.891516][T11983] Call Trace: [ 2686.894789][T11983] dump_stack+0x1d8/0x24e [ 2686.899503][T11983] ? devkmsg_release+0x11c/0x11c [ 2686.904429][T11983] ? mutex_unlock+0x19/0x40 [ 2686.908917][T11983] ? show_regs_print_info+0x12/0x12 [ 2686.914090][T11983] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2686.920139][T11983] should_fail+0x6f6/0x860 [ 2686.924579][T11983] ? setup_fault_attr+0x3d0/0x3d0 [ 2686.929576][T11983] ? _raw_spin_lock+0xa3/0x1b0 [ 2686.934310][T11983] ? __kernfs_new_node+0xdb/0x6d0 [ 2686.939305][T11983] should_failslab+0x5/0x20 [ 2686.943796][T11983] kmem_cache_alloc+0x36/0x290 [ 2686.948531][T11983] __kernfs_new_node+0xdb/0x6d0 [ 2686.953356][T11983] ? mutex_lock+0xa6/0x110 [ 2686.957752][T11983] ? kernfs_new_node+0x160/0x160 [ 2686.962658][T11983] ? kernfs_activate+0x3fc/0x420 [ 2686.967570][T11983] kernfs_new_node+0x95/0x160 [ 2686.972216][T11983] __kernfs_create_file+0x45/0x260 [ 2686.977314][T11983] sysfs_add_file_mode_ns+0x293/0x340 [ 2686.982673][T11983] internal_create_group+0x560/0xf10 [ 2686.987936][T11983] ? sysfs_create_group+0x20/0x20 [ 2686.992936][T11983] sysfs_create_groups+0x5d/0x130 [ 2686.997932][T11983] device_add+0xa51/0x18a0 [ 2687.002337][T11983] ? get_device+0x30/0x30 [ 2687.006660][T11983] ? mutex_lock+0xa6/0x110 [ 2687.011056][T11983] ? virtual_device_parent+0x50/0x50 [ 2687.016314][T11983] ? device_initialize+0x1d3/0x3e0 [ 2687.021414][T11983] rfkill_register+0x180/0x720 [ 2687.026148][T11983] hci_register_dev+0x398/0x710 [ 2687.030969][T11983] hci_uart_tty_ioctl+0x89e/0xa10 [ 2687.035971][T11983] ? hci_uart_tty_write+0x10/0x10 [ 2687.040980][T11983] tty_ioctl+0xf68/0x1710 [ 2687.045277][T11983] ? tty_do_resize+0x170/0x170 [ 2687.050011][T11983] ? avc_ss_reset+0x3a0/0x3a0 [ 2687.054659][T11983] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2687.060800][T11983] ? refcount_inc_checked+0x50/0x50 [ 2687.065995][T11983] ? memcg_check_events+0x5c/0x5b0 [ 2687.071081][T11983] ? proc_fail_nth_write+0x1d5/0x240 [ 2687.076342][T11983] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2687.081514][T11983] ? __lru_cache_add+0x1c4/0x210 [ 2687.086420][T11983] ? memset+0x1f/0x40 [ 2687.090379][T11983] ? fsnotify+0x1332/0x13f0 [ 2687.095035][T11983] ? tty_do_resize+0x170/0x170 [ 2687.099781][T11983] do_vfs_ioctl+0x76a/0x1720 [ 2687.104344][T11983] ? selinux_file_ioctl+0x72f/0x990 [ 2687.109512][T11983] ? ioctl_preallocate+0x250/0x250 [ 2687.114591][T11983] ? __fget+0x37b/0x3c0 [ 2687.118720][T11983] ? vfs_write+0x422/0x4e0 [ 2687.123116][T11983] ? fget_many+0x20/0x20 [ 2687.127337][T11983] ? debug_smp_processor_id+0x20/0x20 [ 2687.132686][T11983] ? security_file_ioctl+0x9d/0xb0 [ 2687.137773][T11983] __x64_sys_ioctl+0xd4/0x110 [ 2687.142423][T11983] do_syscall_64+0xcb/0x1e0 [ 2687.146901][T11983] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2687.152764][T11983] RIP: 0033:0x4665d9 [ 2687.156635][T11983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2687.176215][T11983] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2687.184595][T11983] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2687.192537][T11983] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2687.200481][T11983] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2687.208430][T11983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2687.216378][T11983] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2687.225370][ T2257] Bluetooth: hci1: Frame reassembly failed (-84) [ 2688.859816][ T2255] Bluetooth: hci2: command 0x1003 tx timeout [ 2688.859820][ T8460] Bluetooth: hci0: command 0x1003 tx timeout [ 2688.866751][T11862] Bluetooth: hci0: sending frame failed (-49) [ 2688.872157][T11861] Bluetooth: hci2: sending frame failed (-49) [ 2689.259792][ T8460] Bluetooth: hci1: command 0x1003 tx timeout [ 2689.265860][T11861] Bluetooth: hci1: sending frame failed (-49) 09:37:02 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:02 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:02 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2690.939673][ T678] Bluetooth: hci2: command 0x1001 tx timeout [ 2690.939678][ T8460] Bluetooth: hci0: command 0x1001 tx timeout [ 2690.939804][T11861] Bluetooth: hci0: sending frame failed (-49) [ 2690.945880][T11862] Bluetooth: hci2: sending frame failed (-49) [ 2691.339601][ T678] Bluetooth: hci1: command 0x1001 tx timeout [ 2691.345659][T11862] Bluetooth: hci1: sending frame failed (-49) [ 2693.019534][ T7557] Bluetooth: hci2: command 0x1009 tx timeout [ 2693.019538][ T2306] Bluetooth: hci0: command 0x1009 tx timeout [ 2693.419530][ T7557] Bluetooth: hci1: command 0x1009 tx timeout 09:37:09 executing program 2 (fault-call:2 fault-nth:50): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:37:09 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:09 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:09 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6c00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:37:09 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xa00000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2697.681124][T12022] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2697.693448][ T2257] Bluetooth: hci0: Frame reassembly failed (-84) [ 2697.708062][T12027] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2697.722237][T12028] FAULT_INJECTION: forcing a failure. [ 2697.722237][T12028] name failslab, interval 1, probability 0, space 0, times 0 [ 2697.737545][T12028] CPU: 0 PID: 12028 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2697.747782][T12028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2697.757826][T12028] Call Trace: [ 2697.761121][T12028] dump_stack+0x1d8/0x24e [ 2697.765450][T12028] ? devkmsg_release+0x11c/0x11c [ 2697.770385][T12028] ? mutex_unlock+0x19/0x40 [ 2697.774885][T12028] ? show_regs_print_info+0x12/0x12 [ 2697.780078][T12028] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2697.786142][T12028] should_fail+0x6f6/0x860 [ 2697.790558][T12028] ? setup_fault_attr+0x3d0/0x3d0 [ 2697.795577][T12028] ? _raw_spin_lock+0xa3/0x1b0 [ 2697.800331][T12028] ? __kernfs_new_node+0xdb/0x6d0 [ 2697.805348][T12028] should_failslab+0x5/0x20 [ 2697.809849][T12028] kmem_cache_alloc+0x36/0x290 [ 2697.814611][T12028] __kernfs_new_node+0xdb/0x6d0 [ 2697.819456][T12028] ? mutex_lock+0xa6/0x110 [ 2697.823871][T12028] ? kernfs_new_node+0x160/0x160 [ 2697.828803][T12028] ? kernfs_activate+0x3fc/0x420 [ 2697.833737][T12028] kernfs_new_node+0x95/0x160 [ 2697.838426][T12028] __kernfs_create_file+0x45/0x260 [ 2697.843537][T12028] sysfs_add_file_mode_ns+0x293/0x340 [ 2697.848902][T12028] internal_create_group+0x560/0xf10 [ 2697.854186][T12028] ? sysfs_create_group+0x20/0x20 [ 2697.859276][T12028] sysfs_create_groups+0x5d/0x130 [ 2697.864293][T12028] device_add+0xa51/0x18a0 [ 2697.868710][T12028] ? get_device+0x30/0x30 [ 2697.873033][T12028] ? mutex_lock+0xa6/0x110 [ 2697.877442][T12028] ? virtual_device_parent+0x50/0x50 [ 2697.882845][T12028] ? device_initialize+0x1d3/0x3e0 [ 2697.887950][T12028] rfkill_register+0x180/0x720 [ 2697.892710][T12028] hci_register_dev+0x398/0x710 [ 2697.897562][T12028] hci_uart_tty_ioctl+0x89e/0xa10 [ 2697.902587][T12028] ? hci_uart_tty_write+0x10/0x10 [ 2697.907717][T12028] tty_ioctl+0xf68/0x1710 [ 2697.912052][T12028] ? tty_do_resize+0x170/0x170 [ 2697.916894][T12028] ? avc_ss_reset+0x3a0/0x3a0 [ 2697.921564][T12028] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2697.927713][T12028] ? refcount_inc_checked+0x50/0x50 [ 2697.932907][T12028] ? memcg_check_events+0x5c/0x5b0 [ 2697.938016][T12028] ? proc_fail_nth_write+0x1d5/0x240 [ 2697.943297][T12028] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2697.948511][T12028] ? __lru_cache_add+0x1c4/0x210 [ 2697.953444][T12028] ? memset+0x1f/0x40 [ 2697.957421][T12028] ? fsnotify+0x1332/0x13f0 [ 2697.961926][T12028] ? tty_do_resize+0x170/0x170 [ 2697.966769][T12028] do_vfs_ioctl+0x76a/0x1720 [ 2697.971531][T12028] ? selinux_file_ioctl+0x72f/0x990 [ 2697.977157][T12028] ? ioctl_preallocate+0x250/0x250 [ 2697.982279][T12028] ? __fget+0x37b/0x3c0 [ 2697.986430][T12028] ? vfs_write+0x422/0x4e0 [ 2697.990839][T12028] ? fget_many+0x20/0x20 [ 2697.995074][T12028] ? debug_smp_processor_id+0x20/0x20 [ 2698.000442][T12028] ? security_file_ioctl+0x9d/0xb0 [ 2698.005552][T12028] __x64_sys_ioctl+0xd4/0x110 [ 2698.010230][T12028] do_syscall_64+0xcb/0x1e0 [ 2698.014756][T12028] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2698.020639][T12028] RIP: 0033:0x4665d9 [ 2698.024693][T12028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2698.044283][T12028] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2698.052689][T12028] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2698.060653][T12028] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2698.068615][T12028] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2698.076577][T12028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2698.084542][T12028] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2698.350697][ T7986] Bluetooth: hci1: Frame reassembly failed (-84) [ 2698.357348][ T2257] Bluetooth: hci2: Frame reassembly failed (-84) [ 2699.738940][ T2306] Bluetooth: hci0: command 0x1003 tx timeout [ 2699.745080][T11862] Bluetooth: hci0: sending frame failed (-49) [ 2700.378866][ T2306] Bluetooth: hci2: command 0x1003 tx timeout [ 2700.385142][T11862] Bluetooth: hci2: sending frame failed (-49) [ 2700.391377][ T2306] Bluetooth: hci1: command 0x1003 tx timeout [ 2700.397502][T11862] Bluetooth: hci1: sending frame failed (-49) 09:37:12 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:12 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:12 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2701.818769][ T2306] Bluetooth: hci0: command 0x1001 tx timeout [ 2701.824808][T11862] Bluetooth: hci0: sending frame failed (-49) [ 2702.458697][ T2306] Bluetooth: hci1: command 0x1001 tx timeout [ 2702.464763][T11862] Bluetooth: hci1: sending frame failed (-49) [ 2702.471081][ T2306] Bluetooth: hci2: command 0x1001 tx timeout [ 2702.477198][T11862] Bluetooth: hci2: sending frame failed (-49) 09:37:15 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:15 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:15 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2703.898583][ T2306] Bluetooth: hci0: command 0x1009 tx timeout [ 2704.538574][ T2306] Bluetooth: hci2: command 0x1009 tx timeout [ 2704.544594][ T2306] Bluetooth: hci1: command 0x1009 tx timeout [ 2708.538406][T12026] BUG: scheduling while atomic: syz-executor.2/12026/0x00000002 [ 2708.546039][T12026] Modules linked in: [ 2708.550069][T12026] Preemption disabled at: [ 2708.550079][T12026] [<0000000000000000>] 0x0 [ 2708.558838][T12026] CPU: 1 PID: 12026 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2708.569052][T12026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2708.579079][T12026] Call Trace: [ 2708.582343][T12026] dump_stack+0x1d8/0x24e [ 2708.586639][T12026] ? devkmsg_release+0x11c/0x11c [ 2708.591555][T12026] ? show_regs_print_info+0x12/0x12 [ 2708.596729][T12026] ? check_preemption_disabled+0x9e/0x330 [ 2708.602424][T12026] ? debug_smp_processor_id+0x20/0x20 [ 2708.607768][T12026] ? slab_free_freelist_hook+0x7b/0x150 [ 2708.613281][T12026] ? kmem_cache_free+0xb8/0x5f0 [ 2708.618104][T12026] __schedule_bug+0x1af/0x240 [ 2708.622753][T12026] ? __migrate_task+0x160/0x160 [ 2708.627578][T12026] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 2708.633002][T12026] ? _raw_spin_lock+0x1b0/0x1b0 [ 2708.637851][T12026] __schedule+0xa42/0x1170 [ 2708.642241][T12026] ? __pv_queued_spin_unlock_slowpath+0x290/0x290 [ 2708.648634][T12026] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 2708.654425][T12026] ? is_mmconf_reserved+0x420/0x420 [ 2708.659615][T12026] ? check_preemption_disabled+0x9e/0x330 [ 2708.665314][T12026] ? debug_smp_processor_id+0x20/0x20 [ 2708.670655][T12026] schedule+0x13b/0x1d0 [ 2708.674796][T12026] lock_sock_nested+0x1ed/0x310 [ 2708.679644][T12026] ? slab_free_freelist_hook+0x7b/0x150 [ 2708.685158][T12026] ? sock_def_destruct+0x10/0x10 [ 2708.690063][T12026] ? init_wait_entry+0xd0/0xd0 [ 2708.694792][T12026] ? hci_send_to_sock+0x709/0x720 [ 2708.699783][T12026] ? hci_sock_dev_event+0x274/0x570 [ 2708.704946][T12026] hci_sock_dev_event+0x2da/0x570 [ 2708.709943][T12026] hci_unregister_dev+0x2a5/0x13f0 [ 2708.715122][T12026] ? rcu_sync_exit+0xc6/0x1a0 [ 2708.719783][T12026] hci_uart_tty_close+0x1a2/0x220 [ 2708.724776][T12026] ? hci_uart_tty_open+0x2d0/0x2d0 [ 2708.729854][T12026] tty_ldisc_release+0x272/0x600 [ 2708.734759][T12026] tty_release_struct+0x27/0xd0 [ 2708.739604][T12026] tty_release+0xdd7/0x10a0 [ 2708.744094][T12026] ? tty_release_struct+0xd0/0xd0 [ 2708.749083][T12026] __fput+0x27d/0x6c0 [ 2708.753034][T12026] task_work_run+0x186/0x1b0 [ 2708.757614][T12026] prepare_exit_to_usermode+0x2b0/0x310 [ 2708.763130][T12026] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2708.768988][T12026] RIP: 0033:0x4193eb [ 2708.772849][T12026] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 [ 2708.792420][T12026] RSP: 002b:00007ffe3f0ff140 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 2708.800798][T12026] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004193eb [ 2708.808739][T12026] RDX: 0000000000000000 RSI: ffffffff815ce3a2 RDI: 0000000000000003 [ 2708.816678][T12026] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b31220ec8 [ 2708.824631][T12026] R10: 00000000000019c0 R11: 0000000000000293 R12: 000000000056cb00 [ 2708.832598][T12026] R13: 000000000056cb00 R14: 000000000056bf80 R15: 0000000000292bb9 [ 2708.840546][T12026] ? kallsyms_lookup+0x2d2/0x540 [ 2708.845650][T12026] ------------[ cut here ]------------ [ 2708.851139][T12026] DEBUG_LOCKS_WARN_ON(val > preempt_count()) [ 2708.851184][T12026] WARNING: CPU: 1 PID: 12026 at kernel/sched/core.c:4019 preempt_count_sub+0x9c/0x160 [ 2708.866644][T12026] Modules linked in: [ 2708.870515][T12026] CPU: 1 PID: 12026 Comm: syz-executor.2 Tainted: G W 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2708.882100][T12026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2708.892137][T12026] RIP: 0010:preempt_count_sub+0x9c/0x160 [ 2708.897737][T12026] Code: 42 8a 04 30 84 c0 0f 85 89 00 00 00 83 3d 5f a7 00 05 00 75 d3 48 c7 c7 80 cb aa 84 48 c7 c6 20 cc aa 84 31 c0 e8 54 33 f6 ff <0f> 0b eb ba e8 4b f3 de 00 85 c0 74 b1 48 c7 c0 54 3e 47 86 48 c1 [ 2708.917307][T12026] RSP: 0018:ffff8881e5fbfc48 EFLAGS: 00010246 [ 2708.923353][T12026] RAX: e7f470db7c9b0600 RBX: 0000000000000001 RCX: ffff88819e4a0000 [ 2708.931294][T12026] RDX: 0000000000000000 RSI: 00000000000065ed RDI: 0000000000000001 [ 2708.939232][T12026] RBP: 0000000000000001 R08: ffffffff814e8ddf R09: fffffbfff0dc98da [ 2708.947174][T12026] R10: fffffbfff0dc98da R11: 0000000000000000 R12: ffff8881f5e59000 [ 2708.955115][T12026] R13: dffffc0000000000 R14: dffffc0000000000 R15: ffff88819ebe4000 [ 2708.963055][T12026] FS: 0000000002fc2400(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 2708.971965][T12026] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2708.978528][T12026] CR2: 0000000000543978 CR3: 00000001e19e5000 CR4: 00000000001406e0 [ 2708.986643][T12026] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2708.994584][T12026] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2709.002522][T12026] Call Trace: [ 2709.005801][T12026] _raw_read_unlock+0x21/0x40 [ 2709.010457][T12026] hci_unregister_dev+0x2a5/0x13f0 [ 2709.015538][T12026] ? rcu_sync_exit+0xc6/0x1a0 [ 2709.020189][T12026] hci_uart_tty_close+0x1a2/0x220 [ 2709.025263][T12026] ? hci_uart_tty_open+0x2d0/0x2d0 [ 2709.030450][T12026] tty_ldisc_release+0x272/0x600 [ 2709.035374][T12026] tty_release_struct+0x27/0xd0 [ 2709.040209][T12026] tty_release+0xdd7/0x10a0 [ 2709.044686][T12026] ? tty_release_struct+0xd0/0xd0 [ 2709.049698][T12026] __fput+0x27d/0x6c0 [ 2709.053648][T12026] task_work_run+0x186/0x1b0 [ 2709.058208][T12026] prepare_exit_to_usermode+0x2b0/0x310 [ 2709.063725][T12026] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2709.069593][T12026] RIP: 0033:0x4193eb [ 2709.073470][T12026] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 [ 2709.093398][T12026] RSP: 002b:00007ffe3f0ff140 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 2709.101775][T12026] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004193eb [ 2709.109734][T12026] RDX: 0000000000000000 RSI: ffffffff815ce3a2 RDI: 0000000000000003 [ 2709.117758][T12026] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b31220ec8 [ 2709.125796][T12026] R10: 00000000000019c0 R11: 0000000000000293 R12: 000000000056cb00 09:37:21 executing program 2 (fault-call:2 fault-nth:51): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 09:37:21 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:21 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:21 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x7400000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) 09:37:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x800000000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae09, 0x400000) [ 2709.133738][T12026] R13: 000000000056cb00 R14: 000000000056bf80 R15: 0000000000292bb9 [ 2709.141689][T12026] ? kallsyms_lookup+0x2d2/0x540 [ 2709.146591][T12026] ---[ end trace 4f6ebf0c246976a3 ]--- [ 2709.179884][T12067] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 2709.190455][T12071] debugfs: Directory 'hci1' with parent 'bluetooth' already present! [ 2709.198710][ T6196] Bluetooth: hci0: sending frame failed (-49) [ 2709.204248][T12064] FAULT_INJECTION: forcing a failure. [ 2709.204248][T12064] name failslab, interval 1, probability 0, space 0, times 0 [ 2709.217732][T12064] CPU: 0 PID: 12064 Comm: syz-executor.2 Tainted: G W 5.4.125-syzkaller-00243-geaef435f4357 #0 [ 2709.229412][T12064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2709.239464][T12064] Call Trace: [ 2709.242734][T12064] dump_stack+0x1d8/0x24e [ 2709.247044][T12064] ? devkmsg_release+0x11c/0x11c [ 2709.251957][T12064] ? mutex_unlock+0x19/0x40 [ 2709.256453][T12064] ? show_regs_print_info+0x12/0x12 [ 2709.261646][T12064] ? selinux_kernfs_init_security+0x1b2/0x7e0 [ 2709.267697][T12064] should_fail+0x6f6/0x860 [ 2709.272103][T12064] ? setup_fault_attr+0x3d0/0x3d0 [ 2709.277108][T12064] ? _raw_spin_lock+0xa3/0x1b0 [ 2709.281932][T12064] ? __kernfs_new_node+0xdb/0x6d0 [ 2709.286935][T12064] should_failslab+0x5/0x20 [ 2709.291410][T12064] kmem_cache_alloc+0x36/0x290 [ 2709.296148][T12064] __kernfs_new_node+0xdb/0x6d0 [ 2709.300972][T12064] ? mutex_lock+0xa6/0x110 [ 2709.305360][T12064] ? kernfs_new_node+0x160/0x160 [ 2709.310269][T12064] ? kernfs_activate+0x3fc/0x420 [ 2709.315178][T12064] kernfs_new_node+0x95/0x160 [ 2709.319828][T12064] __kernfs_create_file+0x45/0x260 [ 2709.324922][T12064] sysfs_add_file_mode_ns+0x293/0x340 [ 2709.330279][T12064] internal_create_group+0x560/0xf10 [ 2709.335536][T12064] ? sysfs_create_group+0x20/0x20 [ 2709.340532][T12064] sysfs_create_groups+0x5d/0x130 [ 2709.345529][T12064] device_add+0xa51/0x18a0 [ 2709.349921][T12064] ? get_device+0x30/0x30 [ 2709.354220][T12064] ? mutex_lock+0xa6/0x110 [ 2709.358607][T12064] ? virtual_device_parent+0x50/0x50 [ 2709.363858][T12064] ? device_initialize+0x1d3/0x3e0 [ 2709.368940][T12064] rfkill_register+0x180/0x720 [ 2709.373692][T12064] hci_register_dev+0x398/0x710 [ 2709.378515][T12064] hci_uart_tty_ioctl+0x89e/0xa10 [ 2709.383509][T12064] ? hci_uart_tty_write+0x10/0x10 [ 2709.388517][T12064] tty_ioctl+0xf68/0x1710 [ 2709.392818][T12064] ? tty_do_resize+0x170/0x170 [ 2709.397552][T12064] ? avc_ss_reset+0x3a0/0x3a0 [ 2709.402199][T12064] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 2709.408324][T12064] ? refcount_inc_checked+0x50/0x50 [ 2709.413495][T12064] ? memcg_check_events+0x5c/0x5b0 [ 2709.418579][T12064] ? proc_fail_nth_write+0x1d5/0x240 [ 2709.423854][T12064] ? proc_fail_nth_read+0x1c0/0x1c0 [ 2709.429029][T12064] ? __lru_cache_add+0x1c4/0x210 [ 2709.433937][T12064] ? memset+0x1f/0x40 [ 2709.437889][T12064] ? fsnotify+0x1332/0x13f0 [ 2709.442367][T12064] ? tty_do_resize+0x170/0x170 [ 2709.447209][T12064] do_vfs_ioctl+0x76a/0x1720 [ 2709.451770][T12064] ? selinux_file_ioctl+0x72f/0x990 [ 2709.456943][T12064] ? ioctl_preallocate+0x250/0x250 [ 2709.462026][T12064] ? __fget+0x37b/0x3c0 [ 2709.466155][T12064] ? vfs_write+0x422/0x4e0 [ 2709.470543][T12064] ? fget_many+0x20/0x20 [ 2709.474756][T12064] ? debug_smp_processor_id+0x20/0x20 [ 2709.480102][T12064] ? security_file_ioctl+0x9d/0xb0 [ 2709.485196][T12064] __x64_sys_ioctl+0xd4/0x110 [ 2709.489854][T12064] do_syscall_64+0xcb/0x1e0 [ 2709.494340][T12064] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2709.500201][T12064] RIP: 0033:0x4665d9 [ 2709.504071][T12064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2709.523677][T12064] RSP: 002b:00007f1e03459188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2709.532057][T12064] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2709.540000][T12064] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 2709.547944][T12064] RBP: 00007f1e034591d0 R08: 0000000000000000 R09: 0000000000000000 [ 2709.555892][T12064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2709.563848][T12064] R13: 00007ffe3f0ff0df R14: 00007f1e03459300 R15: 0000000000022000 [ 2709.575143][ T7] Bluetooth: hci2: Frame reassembly failed (-84) [ 2711.257986][ T7557] Bluetooth: hci1: command 0x1003 tx timeout [ 2711.264028][ T7557] Bluetooth: hci0: command 0x1003 tx timeout [ 2711.264071][ T6196] Bluetooth: hci1: sending frame failed (-49) [ 2711.271327][T11861] Bluetooth: hci0: sending frame failed (-49) [ 2711.577989][ T7557] Bluetooth: hci2: command 0x1003 tx timeout [ 2711.584020][T11861] Bluetooth: hci2: sending frame failed (-49) 09:37:24 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:24 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:24 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd2, 0xd2, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int]}, {0x0, [0x0]}}, 0x0, 0xef}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2713.337818][ T2306] Bluetooth: hci1: command 0x1001 tx timeout [ 2713.337822][ T7557] Bluetooth: hci0: command 0x1001 tx timeout [ 2713.337871][T11861] Bluetooth: hci0: sending frame failed (-49) [ 2713.343858][ T6196] Bluetooth: hci1: sending frame failed (-49) [ 2713.657806][ T7557] Bluetooth: hci2: command 0x1001 tx timeout [ 2713.663961][ T6196] Bluetooth: hci2: sending frame failed (-49) 09:37:27 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x99, 0x99, 0x3, [@func, @typedef, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0xf2}, @ptr, @const, @int, @datasec={0x0, 0x5, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}], '\t'}]}, {0x0, [0x0]}}, 0x0, 0xb7}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:27 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd2, 0xd2, 0x3, [@datasec={0x8, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x0, 0x3}, {0x7, 0x10000, 0xeeb0}, {0x1, 0x101, 0x6}, {0x5, 0x101, 0x1ff}, {0x4, 0x44000000, 0x2}, {0x3, 0x229, 0x1000}, {0x4}, {0x1, 0x7, 0x4}, {0x1, 0x26, 0x8}, {0x3, 0x51, 0xe1}], "fef3"}, @typedef, @const={0x7}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x1}, @const, @int]}, {0x0, [0x0]}}, 0x0, 0xef}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 09:37:27 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) clone(0x80100d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xfffffffffffffefb, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20) tkill(r0, 0x40) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2715.417648][ T2306] Bluetooth: hci1: command 0x1009 tx timeout [ 2715.417677][ T678] Bluetooth: hci0: command 0x1009 tx timeout [ 2715.737610][ T2306] Bluetooth: hci2: command 0x1009 tx timeout