last executing test programs:

4.309280677s ago: executing program 3 (id=800):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f000000a400)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9a7e5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c64e2645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fa421a39943513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b70fa8eae6fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, 0x0, 0x0)
creat(&(0x7f0000000180)='./file0/file0\x00', 0x0)
mount(0x0, &(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000380)='overlay\x00', 0x10000, &(0x7f0000000400)='workdir')

3.356939664s ago: executing program 3 (id=807):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mremap(&(0x7f0000812000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$char_usb(r0, &(0x7f0000000100)=""/124, 0xfffffd77)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000180)={0x0, <r1=>0x0})
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000040)={0x0, r1})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa05, &(0x7f0000000000)={&(0x7f00001c4000/0x3000)=nil, &(0x7f0000000000/0xc00000)=nil, 0x20000, 0x0, 0x2})

2.058896115s ago: executing program 3 (id=813):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61157800000000006113700000000000bfa000000000000007000000ee0016055e03010000000000640500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000040600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0xc, 0x0)
ioctl$EVIOCREVOKE(r0, 0x40044591, &(0x7f00000000c0)=0x7)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00'], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r4, {}, 0xa}}, 0x26)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sendmsg$NFC_CMD_SE_IO(0xffffffffffffffff, 0x0, 0x4000)
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x12000, 0x0, 0x0)
sendmmsg$inet(r5, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)
r6 = socket$netlink(0x10, 0x3, 0x13)
bind$netlink(r6, 0x0, 0x0)
setsockopt$sock_int(r6, 0x1, 0x8, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f00000002c0)=[{0x0}], 0x1, 0x6, 0x40)
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f00000000c0)=@x86={0x6, 0x0, 0xfe, 0x0, 0x21df, 0x2, 0x3, 0x1, 0x9, 0x6, 0x1, 0x5, 0x0, 0x7, 0x6, 0x1, 0x0, 0x9, 0x9, '\x00', 0xc, 0x2})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200)
socket$nl_route(0x10, 0x3, 0x0)

1.879400312s ago: executing program 2 (id=814):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
socket$rxrpc(0x21, 0x2, 0xa)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
recvfrom$rxrpc(r2, &(0x7f0000000340)=""/103, 0x67, 0x40000001, &(0x7f0000000300)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e20, 0x4, @loopback, 0x5}}, 0x24)
fsmount(r1, 0x0, 0x78)
r3 = socket$inet6(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0xa0f15a6d21a68a81, &(0x7f00000000c0)={0xa, 0x0, 0x4, @local}, 0x1b)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000540)={0x44, r5, 0x1, 0xfffffffc, 0x25dfdbfe, {{}, {@void, @val={0x8, 0x3, r6}, @val={0xc, 0x99, {0xfffffffe}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'ip6gre0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x44}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', <r8=>0x0, 0x29, 0x1, 0x20, 0xd5b, 0x61, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8000, 0x7800, 0x5, 0x8}})
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000f00)=@newqdisc={0x30, 0x24, 0xd0f, 0x0, 0xffffffff, {0x60, 0x0, 0x0, r10, {0x0, 0xffe0}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xffffff7e}}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$PPPIOCSMRU1(0xffffffffffffffff, 0x40047452, &(0x7f0000000100)=0x5)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="ac00200002001000000014000600ac1414aa000000000000000000000000080001000000000004000400060003000000000008000500"/68, @ANYRES32=r8, @ANYBLOB="24000c800600010005000000080002000100000008000300040000000800020009000000140006000a01010000000000000000000000000008000500", @ANYRES32=r10, @ANYBLOB="24000c8008000300ffffffff0800030001000000080003000900000008000200ff010000"], 0xac}}, 0x400c010)

1.879072826s ago: executing program 2 (id=815):
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x18)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000001f80), 0x2, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, 0x0, 0x42)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
openat2$dir(0xffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0)={0x80000, 0x10, 0x4}, 0x18)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card1/oss_mixer\x00', 0x2082, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0xa0702, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x4, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0xa}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee8, 0x110, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r5=>0x0})
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r4, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
readv(r4, &(0x7f0000000c80)=[{&(0x7f0000000580)=""/119, 0x77}], 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa07, &(0x7f0000000500)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)

1.818184209s ago: executing program 0 (id=817):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB])
socket$nl_route(0x10, 0x3, 0x0)
openat$ttyprintk(0xffffff9c, &(0x7f0000000080), 0x20400, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}]}], {0x14}}, 0xb4}}, 0x4004)

1.817901364s ago: executing program 2 (id=818):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='/proc/1/\x00\x82q\xee\xe5\xa0\xbd\xc2\x98#YP\xee\x9c2G\xf0\x81x\x97'}, 0x30)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000200)={0x4, 0x114000, 0x1})
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000600)=""/81})
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000140)={0x1, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x20000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.649099437s ago: executing program 2 (id=820):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x10000000, 0x1, 0xa, 0xb}, {0x1, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r0, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000300), 0xc, &(0x7f0000000500)={&(0x7f0000000680)={0x3f4, r1, 0x200, 0x70bd2b, 0x24dfdbfe, {}, [@ETHTOOL_A_EEE_MODES_OURS={0x2a4, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0xc8, 0x3, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, 'hash:ip,port\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ',-{\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '[+//^\\\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '+(\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, 'hash:ip,port\x00'}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, 'cifs\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ':\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffff8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}]}]}, @ETHTOOL_A_BITSET_VALUE={0x40, 0x4, "48cb1a7fdb02a50dbe79ae381912f4e3584ca574a0af39fa25432aca0e80daa6226a90145a0d0ae32f86ec8d9d6daca95004f88a87ef00e9db9a2b91"}, @ETHTOOL_A_BITSET_MASK={0x44, 0x5, "2ef673459c252b4751f87f52d94975b5e7033424333be3f398811fb65e5e51887c521142ceeefb92705924ccfa2f8d0858458708a81a68add70f30868f543d36"}, @ETHTOOL_A_BITSET_MASK={0xf0, 0x5, "e190d98a4faf78a9bd2a1d821dfcf80f8bac1c81b60680c041bd869a4c7c86497c4c376d1d585db60ad694c9eb83e8d7737626e29d759d88b271bd70f72a618931e3b6b002b8d9deae8e749d6b2ea9fb815513ed6a834995d58ac9bcebd99c5d8fd14dc15ee8afd0edb018e16231ce77b880cd69088ca787737528480aaa01c3095aae7d43b6246e3a61acf46825989e82ab7f67d7905155934086e2be74dc1e06a26c246648d5fe0da194084b7a8b96037d41d0a03118257f90612077beb101d050e8ed6d573aded6102d44847d7e04a1ce0aca825028f7813ea4cdf967bb7a74c8e610fbc6c7984fcd7e00"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x80}, @ETHTOOL_A_BITSET_MASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x52, 0x5, "fe17020ba4246d6b24ae5db8862b25c7bad2a3aac3a24923c0353ad34e6a40ce9783283c749ab25494d042351c30378506a0aaabcedea6f26308a0d8dcece96c10aeb4041984e56a95d18ce521c0"}]}, @ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_MODES_OURS={0x11c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x118, 0x3, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ']%(\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, ':/}\\@(\'\'\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '$]\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10000}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3800}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '+#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '&]}\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, 'hash:ip,port\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffe}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, 'cifs\x00'}]}]}]}]}, 0x3f4}, 0x1, 0x0, 0x0, 0x20040011}, 0x40086)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = userfaultfd(0x801)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r4, &(0x7f0000000100)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
close(r4)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000040)={0x0, 0x1115000, 0x0, 0x0, 0x2}, 0x1c)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8001, &(0x7f0000000000)=0x6, 0x8, 0x0)
ioctl$UFFDIO_CONTINUE(r3, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
fsopen(&(0x7f0000000040)='cifs\x00', 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="54000000090601080000000000000000050000000900020073795274d9fcc25ddd6d0100070000002c000780060004404e21000005000700ff0000000c000180080001400a0101010c00028008000140e0000002"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a50000000090a010100000000000000000700000008000a40fffffffe0900020073797a30000000000900010073797a3000000000080005"], 0x78}}, 0x20050800)

1.559090235s ago: executing program 0 (id=821):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x9135}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$vim2m(&(0x7f0000000400), 0x0, 0x2)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
io_uring_setup(0x696a, &(0x7f0000000340)={0x0, 0x7828, 0x2, 0x3})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_io_uring_setup(0x24fd, 0x0, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[@ANYRES64=r6], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r1})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

1.169357007s ago: executing program 2 (id=822):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b5d090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f38306d090890e0879b0a0ac6e70a9b3348959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYRESOCT=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB])
chdir(&(0x7f00000000c0)='./file0\x00')
r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)

1.168116429s ago: executing program 0 (id=830):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
listen(r3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f00000007c0)={0x10000001})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x8000, 0x80, 0x6, 0x100, r4, 0x80000000, '\x00', 0x0, r1, 0x2, 0x5, 0x4, 0x6, @void, @value, @void, @value}, 0x48)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff0802110000010569ea7fa08e"], 0x398}}, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
sendmsg$inet(r1, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x20000010)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x890b, &(0x7f0000000100))

1.096167928s ago: executing program 0 (id=823):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
listen(r3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f00000007c0)={0x10000001})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x8000, 0x80, 0x6, 0x100, r4, 0x80000000, '\x00', 0x0, r1, 0x2, 0x5, 0x4, 0x6, @void, @value, @void, @value}, 0x48)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c0"], 0x398}}, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
sendmsg$inet(r1, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x20000010)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x890b, &(0x7f0000000100))

1.049347345s ago: executing program 0 (id=824):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
capset(0x0, &(0x7f0000000040))
ioctl$TIOCGPGRP(r1, 0x540f, 0x0)
socket$packet(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300))
socket$netlink(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_dccp(0x2, 0x6, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2a}, 0xa}, 0x20)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3f)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

628.955483ms ago: executing program 1 (id=825):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$tun(r0, &(0x7f0000000000)=ANY=[], 0x38)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x9, 0x10012, r0, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000001440)={0x18, 0x0, {0xfffc, @broadcast, 'erspan0\x00'}}, 0x1e)
ioctl$PPPOEIOCSFWD(r1, 0x40047452, &(0x7f0000000080)={0x18, 0x0, {0x2, @multicast, 'veth0_to_bridge\x00'}})

569.374948ms ago: executing program 1 (id=826):
r0 = socket(0x200000000000011, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000000180)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e22, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x3}}}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000300)=ANY=[@ANYBLOB="e90c630faca20180c20000000800450000240000e0000011"], 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r2 = syz_open_dev$amidi(&(0x7f0000000480), 0x2, 0x80042)
r3 = openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x82080, 0x0)
ioctl$SNDCTL_TMR_SELECT(r3, 0x40045408)
r4 = dup(r2)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getpeername(r5, 0x0, 0x0)
r6 = timerfd_create(0x8, 0x0)
ppoll(&(0x7f0000000140)=[{r6, 0x1000}], 0x1, &(0x7f0000000200), 0x0, 0x0)
fcntl$getown(r4, 0x9)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000733d66642c630064456ab6a9993d", @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',\x00'])

568.980982ms ago: executing program 1 (id=827):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000060000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000058000000060a010400000000000000000100000008000b4000000000300004802c00018008000100636d70002000028008000240000000e30b00038005000100ef00000008000140000000000900010073797a30"], 0xcc}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000340), &(0x7f0000000400)=0x4)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x0, 0x1})
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="79f1773e"])
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000080))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b000000000000fd3eb4f201f1d4ec77d4b5599c73767c0000000000fcffffff00000000", @ANYRES32, @ANYBLOB="ff0f00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000030000000500"/28], 0x50)
r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x121180, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r7, 0x40186f40, 0x20000502)
r8 = getpid()
process_vm_readv(r8, &(0x7f0000008400)=[{0x0}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, &(0x7f00000018c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x1}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0xf}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r9, 0x2000000, 0x92, 0x0, &(0x7f0000000600)="168e43acc18169514039c5bcdb7a44ca7b73908b0e0245bb78fefed08041a1231bdb4729d55fa1e5b413df0c757252630588a43d899a24818d78c9b4b148de20b812fd893157d5046238c9c82df5a649a4781baeac4da0bf1151b932a24f43608a48841f8083e2bf008a0c7a6415d630057bde8c3589ec5aad0876bd342598daa8affb10c0bccb023f824d8e9fdc94ab245a", 0x0, 0xc699, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

299.464301ms ago: executing program 1 (id=828):
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[], 0x420}, 0x1, 0x0, 0x0, 0x8000}, 0x8880)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3400000000080102000000000000000000000000090001007379863000000000040004800600024000000000050003"], 0x34}}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0xfdef)

264.486795ms ago: executing program 2 (id=829):
syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x21, &(0x7f0000000240), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="04040a0000000000005467920034db81e7abdddc259aee6063e57dfee0dab308ac44bd02bae33aa428c21e8527c5b32e2c96d0a0d523936e2a0c48ae51b0"], 0xd)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001500010300000000000000000a"], 0x14}}, 0x40)
readv(r3, &(0x7f0000000340)=[{&(0x7f0000001600)=""/4099, 0x1003}], 0x1)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x17)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x10)
fcntl$notify(r5, 0x402, 0x3)
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r6, 0x402, 0x80000038)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r7, 0x0, 0x0)
sendmsg$can_bcm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="07000000a008"], 0x80}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

158.532985ms ago: executing program 1 (id=831):
io_setup(0x6, &(0x7f0000001380)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x7ff}])
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000140)=@bpf_lsm={0x10, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="7900800000000000790030110d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
connect$can_bcm(r4, &(0x7f0000001ff0)={0x1d, r5}, 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="01000000180800"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x80}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r1)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r6, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r7, 0x300, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x48040)
r8 = open(&(0x7f0000000000)='./file0\x00', 0x1ed842, 0x77)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001ac0)={r8, 0x0, {0x0, 0x0, 0x0, 0x1, 0x800, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000001000000000010f000", [0x0, 0x800000]}})
recvmmsg(r1, &(0x7f0000000240), 0x0, 0x2122, 0x0)

81.731052ms ago: executing program 3 (id=832):
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$inet6(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c00000010080104000000000000020000", @ANYRES32=r0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007"], 0x6c}}, 0x840)

7.676902ms ago: executing program 3 (id=833):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
prctl$PR_SET_SECUREBITS(0x1c, 0x2f) (async, rerun: 64)
faccessat(0xffffffffffffffff, 0x0, 0x5) (async)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100feff000037153e370248018080351700d1bd", 0x33fe0}], 0x1}, 0x0)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vlan0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="4400002010000304000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="00030000000000001c0012800b0001006970766c616e00000c00028006000200010000000800050082294da9da3c013da003c64e274d0c8a12bd5963d6268a5e212cb0459c65a222f89251c345eadf5030b2b99b582a2cfbba110459908b5679bca94be5531d7a75401e67b081cd37b349fc966c7864d2e8beaf2efcea", @ANYRES32=r3, @ANYRESDEC=0x0], 0x44}}, 0x0)

7.009461ms ago: executing program 0 (id=834):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b5d090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f38306d090890e0879b0a0ac6e70a9b3348959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYRESOCT=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dy'])
chdir(&(0x7f00000000c0)='./file0\x00')
r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)

6.747005ms ago: executing program 3 (id=835):
syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x21, &(0x7f0000000240), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
pselect6(0x40, &(0x7f00000001c0)={0x8, 0x8000000000008, 0x4, 0x0, 0xfffffffffffffa5a, 0x4000000000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x4, 0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfff}, 0x0, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="04040a0000000000005467920034db81e7abdddc259aee6063e57dfee0dab308ac44bd02bae33aa428c21e8527c5b32e2c96d0a0d523936e2a0c48ae51b0"], 0xd)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001500010300000000000000000a"], 0x14}}, 0x40)
readv(r3, &(0x7f0000000340)=[{&(0x7f0000001600)=""/4099, 0x1003}], 0x1)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x17)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x10)
fcntl$notify(r5, 0x402, 0x3)
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r6, 0x402, 0x80000038)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="05000000800800"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="00000000010000000000e7ffffff"], 0x80}}, 0x0)
sendmsg$can_bcm(r7, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

0s ago: executing program 1 (id=836):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xe)
mkdir(&(0x7f0000000000)='./file0\x00', 0x4)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000100)={0x10000011})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
munmap(&(0x7f0000400000/0xc00000)=nil, 0xc00002)
r6 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x300000f, 0x12, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000a80)="3dfeb167f3ccc51b8ec0ba896a6d39292279e90f7abfdaee0f52b8a3554c9122ce1f6ed327282ad8c2d74bb1a770183e755b9f37cc301f5392a0e4831635410fe4b2a8e6bdb04d5d", 0x1f00, 0x48)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r9, 0x0)
write$nbd(r8, 0x0, 0x40)
write$P9_RVERSION(r1, &(0x7f0000000140)={0x13, 0x65, 0xffff, 0x0, 0x6, '9P2000'}, 0x13)
capget(&(0x7f00000002c0)={0x19980330}, 0x0)

kernel console output (not intermixed with test programs):

7" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   58.537812][   T39] audit: type=1326 audit(1736915586.222:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   58.544191][   T39] audit: type=1326 audit(1736915586.262:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   59.130802][ T5944] Bluetooth: hci1: command tx timeout
[   59.422066][ T6323] program syz.1.73 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   59.478137][ T6325] ubi: mtd0 is already attached to ubi0
[   59.825316][ T6329] FAULT_INJECTION: forcing a failure.
[   59.825316][ T6329] name failslab, interval 1, probability 0, space 0, times 1
[   59.830172][ T6329] CPU: 3 UID: 0 PID: 6329 Comm: syz.3.75 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[   59.834309][ T6329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.838574][ T6329] Call Trace:
[   59.839928][ T6329]  <TASK>
[   59.841149][ T6329]  dump_stack_lvl+0x16c/0x1f0
[   59.843069][ T6329]  should_fail_ex+0x497/0x5b0
[   59.844998][ T6329]  ? fs_reclaim_acquire+0xae/0x150
[   59.847049][ T6329]  should_failslab+0xc2/0x120
[   59.848949][ T6329]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[   59.851303][ T6329]  ? __alloc_skb+0x2b3/0x380
[   59.853175][ T6329]  __alloc_skb+0x2b3/0x380
[   59.854996][ T6329]  ? __pfx___alloc_skb+0x10/0x10
[   59.857008][ T6329]  ? lock_acquire+0x2f/0xb0
[   59.858841][ T6329]  netlink_alloc_large_skb+0x69/0x130
[   59.860996][ T6329]  netlink_sendmsg+0x689/0xd70
[   59.862929][ T6329]  ? __pfx_netlink_sendmsg+0x10/0x10
[   59.865048][ T6329]  ____sys_sendmsg+0x9ae/0xb40
[   59.866991][ T6329]  ? __pfx_____sys_sendmsg+0x10/0x10
[   59.869123][ T6329]  ? get_compat_msghdr+0x11b/0x170
[   59.871196][ T6329]  ___sys_sendmsg+0x135/0x1e0
[   59.873102][ T6329]  ? __pfx____sys_sendmsg+0x10/0x10
[   59.875223][ T6329]  ? __pfx_lock_release+0x10/0x10
[   59.877269][ T6329]  ? trace_lock_acquire+0x14e/0x1f0
[   59.879389][ T6329]  ? __fget_files+0x206/0x3a0
[   59.881390][ T6329]  __sys_sendmsg+0x16e/0x220
[   59.883391][ T6329]  ? __pfx___sys_sendmsg+0x10/0x10
[   59.885523][ T6329]  __do_fast_syscall_32+0x73/0x120
[   59.887660][ T6329]  do_fast_syscall_32+0x32/0x80
[   59.889645][ T6329]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   59.892202][ T6329] RIP: 0023:0xf7fd6579
[   59.893851][ T6329] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   59.901729][ T6329] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   59.905132][ T6329] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000100
[   59.908308][ T6329] RDX: 0000000000004010 RSI: 0000000000000000 RDI: 0000000000000000
[   59.911627][ T6329] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   59.914924][ T6329] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   59.918269][ T6329] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   59.921528][ T6329]  </TASK>
[   60.701337][ T6341] netlink: 132 bytes leftover after parsing attributes in process `syz.1.78'.
[   60.960924][ T5944] Bluetooth: hci2: command tx timeout
[   61.150903][ T6353] netlink: 24 bytes leftover after parsing attributes in process `syz.2.83'.
[   61.204497][ T5944] Bluetooth: hci1: command tx timeout
[   62.020157][ T6367] program syz.2.85 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   62.080807][ T5944] Bluetooth: hci0: command tx timeout
[   62.090984][ T6369] ubi: mtd0 is already attached to ubi0
[   62.914751][ T6384] FAULT_INJECTION: forcing a failure.
[   62.914751][ T6384] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.923724][ T6384] CPU: 2 UID: 0 PID: 6384 Comm: syz.2.89 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[   62.926707][ T6384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   62.929760][ T6384] Call Trace:
[   62.930729][ T6384]  <TASK>
[   62.931590][ T6384]  dump_stack_lvl+0x16c/0x1f0
[   62.933023][ T6384]  should_fail_ex+0x497/0x5b0
[   62.934374][ T6384]  _copy_to_user+0x32/0xd0
[   62.935675][ T6384]  simple_read_from_buffer+0xd0/0x160
[   62.937231][ T6384]  proc_fail_nth_read+0x198/0x270
[   62.938677][ T6384]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   62.940291][ T6384]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   62.941867][ T6384]  vfs_read+0x1df/0xbe0
[   62.943132][ T6384]  ? __fget_files+0x1fc/0x3a0
[   62.944503][ T6384]  ? __pfx___mutex_lock+0x10/0x10
[   62.945960][ T6384]  ? __pfx_vfs_read+0x10/0x10
[   62.947321][ T6384]  ? __fget_files+0x206/0x3a0
[   62.948719][ T6384]  ksys_read+0x12b/0x250
[   62.949966][ T6384]  ? __pfx_ksys_read+0x10/0x10
[   62.951352][ T6384]  __do_fast_syscall_32+0x73/0x120
[   62.952885][ T6384]  do_fast_syscall_32+0x32/0x80
[   62.954281][ T6384]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   62.956071][ T6384] RIP: 0023:0xf70ee579
[   62.957253][ T6384] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   62.962904][ T6384] RSP: 002b:00000000f50bf590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   62.965285][ T6384] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f50bf620
[   62.967542][ T6384] RDX: 000000000000000f RSI: 00000000f7423ff4 RDI: 0000000000000000
[   62.969965][ T6384] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   62.972218][ T6384] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   62.974617][ T6384] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   62.976891][ T6384]  </TASK>
[   63.079514][ T6386] netlink: 'syz.2.90': attribute type 1 has an invalid length.
[   63.098290][ T6386] bond1: (slave ip6erspan0): making interface the new active one
[   63.104932][ T6386] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[   63.290946][ T5944] Bluetooth: hci1: command tx timeout
[   63.493506][   T39] kauditd_printk_skb: 70 callbacks suppressed
[   63.493517][   T39] audit: type=1326 audit(1736915591.232:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.92" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   63.501597][   T39] audit: type=1326 audit(1736915591.232:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.92" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   63.512620][   T39] audit: type=1326 audit(1736915591.232:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.92" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   63.518727][   T39] audit: type=1326 audit(1736915591.252:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.92" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   63.525050][   T39] audit: type=1326 audit(1736915591.252:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.92" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   63.531662][   T39] audit: type=1326 audit(1736915591.252:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.92" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   63.537720][   T39] audit: type=1326 audit(1736915591.262:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.92" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   63.545281][   T39] audit: type=1326 audit(1736915591.272:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[   63.551548][   T39] audit: type=1326 audit(1736915591.282:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[   63.603437][   T39] audit: type=1326 audit(1736915591.332:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.93" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709e579 code=0x7ffc0000
[   63.878529][ T6409] netlink: 'syz.3.95': attribute type 2 has an invalid length.
[   63.880984][ T6409] netlink: 'syz.3.95': attribute type 2 has an invalid length.
[   64.161409][ T5944] Bluetooth: hci0: command tx timeout
[   64.164040][ T6414] FAULT_INJECTION: forcing a failure.
[   64.164040][ T6414] name failslab, interval 1, probability 0, space 0, times 0
[   64.167665][ T6414] CPU: 3 UID: 0 PID: 6414 Comm: syz.1.97 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[   64.170666][ T6414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   64.173728][ T6414] Call Trace:
[   64.174692][ T6414]  <TASK>
[   64.175555][ T6414]  dump_stack_lvl+0x16c/0x1f0
[   64.176938][ T6414]  should_fail_ex+0x497/0x5b0
[   64.178302][ T6414]  ? fs_reclaim_acquire+0xae/0x150
[   64.179798][ T6414]  should_failslab+0xc2/0x120
[   64.181180][ T6414]  __kmalloc_noprof+0xce/0x4f0
[   64.182564][ T6414]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[   64.184655][ T6414]  ? lockdep_hardirqs_on+0x7c/0x110
[   64.186165][ T6414]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[   64.188240][ T6414]  genl_family_rcv_msg_doit+0xbf/0x2f0
[   64.189818][ T6414]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   64.191551][ T6414]  ? genl_get_cmd+0x195/0x580
[   64.192909][ T6414]  ? bpf_lsm_capable+0x9/0x10
[   64.194255][ T6414]  ? security_capable+0x7e/0x260
[   64.195677][ T6414]  ? ns_capable+0xd7/0x110
[   64.197086][ T6414]  genl_rcv_msg+0x565/0x800
[   64.198416][ T6414]  ? __pfx_genl_rcv_msg+0x10/0x10
[   64.199885][ T6414]  ? __pfx_ovs_flow_cmd_set+0x10/0x10
[   64.201449][ T6414]  netlink_rcv_skb+0x165/0x410
[   64.202837][ T6414]  ? __pfx_genl_rcv_msg+0x10/0x10
[   64.204299][ T6414]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   64.205832][ T6414]  ? down_read+0xc9/0x330
[   64.207170][ T6414]  ? __pfx_down_read+0x10/0x10
[   64.208548][ T6414]  ? netlink_deliver_tap+0x1ae/0xca0
[   64.210054][ T6414]  genl_rcv+0x28/0x40
[   64.211205][ T6414]  netlink_unicast+0x53c/0x7f0
[   64.212585][ T6414]  ? __pfx_netlink_unicast+0x10/0x10
[   64.214099][ T6414]  ? __phys_addr_symbol+0x30/0x80
[   64.215559][ T6414]  ? __check_object_size+0x488/0x710
[   64.217093][ T6414]  netlink_sendmsg+0x8b8/0xd70
[   64.218571][ T6414]  ? __pfx_netlink_sendmsg+0x10/0x10
[   64.220037][ T6414]  ____sys_sendmsg+0x9ae/0xb40
[   64.221430][ T6414]  ? __pfx_____sys_sendmsg+0x10/0x10
[   64.222944][ T6414]  ? get_compat_msghdr+0x11b/0x170
[   64.224426][ T6414]  ___sys_sendmsg+0x135/0x1e0
[   64.225800][ T6414]  ? __pfx____sys_sendmsg+0x10/0x10
[   64.227293][ T6414]  ? __pfx_lock_release+0x10/0x10
[   64.228743][ T6414]  ? trace_lock_acquire+0x14e/0x1f0
[   64.230247][ T6414]  ? __fget_files+0x206/0x3a0
[   64.231610][ T6414]  __sys_sendmsg+0x16e/0x220
[   64.232948][ T6414]  ? __pfx___sys_sendmsg+0x10/0x10
[   64.234413][ T6414]  __do_fast_syscall_32+0x73/0x120
[   64.235899][ T6414]  do_fast_syscall_32+0x32/0x80
[   64.237672][ T6414]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   64.239569][ T6414] RIP: 0023:0xf708e579
[   64.240748][ T6414] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   64.246123][ T6414] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   64.248472][ T6414] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[   64.250696][ T6414] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000
[   64.252961][ T6414] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   64.255218][ T6414] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   64.257624][ T6414] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   64.260001][ T6414]  </TASK>
[   64.647363][ T6425] overlay: Bad value for 'workdir'
[   64.980953][ T6002] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   65.151931][ T6002] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   65.156196][ T6002] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   65.159456][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.177731][ T6002] usb 5-1: config 0 descriptor??
[   65.249525][ T6436] netlink: 12 bytes leftover after parsing attributes in process `syz.2.102'.
[   65.323530][ T6438] Zero length message leads to an empty skb
[   65.385203][ T6002] usbhid 5-1:0.0: can't add hid device: -71
[   65.386919][ T6002] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[   65.395465][ T6002] usb 5-1: USB disconnect, device number 2
[   65.520813][ T5944] Bluetooth: hci3: command tx timeout
[   66.052563][ T6449] block nbd1: shutting down sockets
[   66.062405][ T6449] syz.1.105: attempt to access beyond end of device
[   66.062405][ T6449] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0
[   66.066251][ T6449] syz.1.105: attempt to access beyond end of device
[   66.066251][ T6449] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0
[   66.069939][ T6449] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[   66.073089][ T6449] syz.1.105: attempt to access beyond end of device
[   66.073089][ T6449] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0
[   66.076775][ T6449] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[   66.079950][ T6449] syz.1.105: attempt to access beyond end of device
[   66.079950][ T6449] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0
[   66.084353][ T6449] syz.1.105: attempt to access beyond end of device
[   66.084353][ T6449] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0
[   66.088055][ T6449] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[   66.091319][ T6449] syz.1.105: attempt to access beyond end of device
[   66.091319][ T6449] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0
[   66.095043][ T6449] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[   66.097927][ T6449] syz.1.105: attempt to access beyond end of device
[   66.097927][ T6449] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[   66.100804][ T6002] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   66.101681][ T6449] syz.1.105: attempt to access beyond end of device
[   66.101681][ T6449] nbd1: rw=0, sector=2048, nr_sectors = 8 limit=0
[   66.107443][ T6449] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[   66.110209][ T6449] syz.1.105: attempt to access beyond end of device
[   66.110209][ T6449] nbd1: rw=0, sector=4096, nr_sectors = 8 limit=0
[   66.113999][ T6449] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[   66.116717][ T6449] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[   66.275767][ T6002] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   66.278888][ T6002] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   66.281613][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.285813][ T6002] usb 5-1: config 0 descriptor??
[   66.292978][ T6458] vivid-002: =================  START STATUS  =================
[   66.295280][ T6458] vivid-002: Radio HW Seek Mode: Bounded
[   66.296972][ T6458] vivid-002: Radio Programmable HW Seek: false
[   66.298757][ T6458] vivid-002: RDS Rx I/O Mode: Block I/O
[   66.300381][ T6458] vivid-002: Generate RBDS Instead of RDS: false
[   66.302836][ T6458] vivid-002: RDS Reception: true
[   66.304313][ T6458] vivid-002: RDS Program Type: 0 inactive
[   66.305963][ T6458] vivid-002: RDS PS Name:  inactive
[   66.307476][ T6458] vivid-002: RDS Radio Text:  inactive
[   66.309070][ T6458] vivid-002: RDS Traffic Announcement: false inactive
[   66.311271][ T6458] vivid-002: RDS Traffic Program: false inactive
[   66.313534][ T6458] vivid-002: RDS Music: false inactive
[   66.315159][ T6458] vivid-002: ==================  END STATUS  ==================
[   66.410868][ T5944] Bluetooth: hci2: command tx timeout
[   66.510051][ T6469] netlink: 4 bytes leftover after parsing attributes in process `syz.2.110'.
[   66.574147][ T6002] usbhid 5-1:0.0: can't add hid device: -71
[   66.576031][ T6002] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[   66.579845][ T6002] usb 5-1: USB disconnect, device number 3
[   67.530395][ T6496] vivid-000: =================  START STATUS  =================
[   67.532928][ T6496] vivid-000: Radio HW Seek Mode: Bounded
[   67.534610][ T6496] vivid-000: Radio Programmable HW Seek: false
[   67.536410][ T6496] vivid-000: RDS Rx I/O Mode: Block I/O
[   67.538347][ T6496] vivid-000: Generate RBDS Instead of RDS: false
[   67.539405][ T6499] netlink: 4 bytes leftover after parsing attributes in process `syz.3.119'.
[   67.540221][ T6496] vivid-000: RDS Reception: true
[   67.540242][ T6496] vivid-000: RDS Program Type: 0 inactive
[   67.540257][ T6496] vivid-000: RDS PS Name:  inactive
[   67.548457][ T6496] vivid-000: RDS Radio Text:  inactive
[   67.550065][ T6496] vivid-000: RDS Traffic Announcement: false inactive
[   67.552434][ T6496] vivid-000: RDS Traffic Program: false inactive
[   67.554403][ T6496] vivid-000: RDS Music: false inactive
[   67.555999][ T6496] vivid-000: ==================  END STATUS  ==================
[   67.692216][ T6512] netlink: 28 bytes leftover after parsing attributes in process `syz.0.123'.
[   67.710493][ T6512] nvme_fabrics: unknown parameter or missing value 'À' in ctrl creation request
[   67.722894][ T6512] process 'syz.0.123' launched '/dev/fd/9/./file0' with NULL argv: empty string added
[   67.789758][ T6519] program syz.3.124 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   67.845136][ T6524] ubi: mtd0 is already attached to ubi0
[   68.040471][ T6528] program syz.0.126 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   68.102632][ T6530] ubi: mtd0 is already attached to ubi0
[   68.490856][ T5944] Bluetooth: hci2: command tx timeout
[   68.804157][ T6542] team_slave_0: entered promiscuous mode
[   68.806007][ T6542] team_slave_1: entered promiscuous mode
[   68.809122][ T6542] macsec1: entered promiscuous mode
[   68.812782][ T6542] team0: entered promiscuous mode
[   68.815704][ T6542] macsec1: entered allmulticast mode
[   68.817344][ T6542] team0: entered allmulticast mode
[   68.819011][ T6542] team_slave_0: entered allmulticast mode
[   68.820941][ T6542] team_slave_1: entered allmulticast mode
[   69.000793][ T1486] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   69.170751][ T1486] usb 5-1: Using ep0 maxpacket: 32
[   69.174348][ T1486] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[   69.178121][ T1486] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   69.181992][ T1486] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   69.185445][ T1486] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   69.189445][ T1486] usb 5-1: config 0 interface 0 has no altsetting 0
[   69.195124][ T1486] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   69.198024][ T1486] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   69.201040][ T1486] usb 5-1: Product: syz
[   69.203029][ T1486] usb 5-1: Manufacturer: syz
[   69.204510][ T1486] usb 5-1: SerialNumber: syz
[   69.211050][ T1486] usb 5-1: config 0 descriptor??
[   69.223485][ T1486] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   69.227999][ T1486] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   69.678710][ T6559] team_slave_0: entered promiscuous mode
[   69.680514][ T6559] team_slave_1: entered promiscuous mode
[   69.685652][ T6559] macsec1: entered promiscuous mode
[   69.691432][ T6559] team0: entered promiscuous mode
[   69.695832][ T6559] macsec1: entered allmulticast mode
[   69.697432][ T6559] team0: entered allmulticast mode
[   69.698905][ T6559] team_slave_0: entered allmulticast mode
[   69.700578][ T6559] team_slave_1: entered allmulticast mode
[   69.744520][ T6008] usb 5-1: USB disconnect, device number 4
[   69.748394][ T6008] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[   69.804300][ T6565] syz.1.134: attempt to access beyond end of device
[   69.804300][ T6565] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0
[   69.813156][ T6566] program syz.2.136 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   69.819249][ T6565] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[   69.824958][ T6565] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[   69.829233][ T6565] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[   69.833636][ T6565] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[   69.836971][ T6565] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[   69.839751][ T6565] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[   69.845588][ T6565] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[   69.858839][ T6555] block nbd1: shutting down sockets
[   69.874757][ T6571] ubi: mtd0 is already attached to ubi0
[   70.003263][ T6573] netlink: 'syz.1.138': attribute type 21 has an invalid length.
[   70.005541][ T6573] IPv6: NLM_F_CREATE should be specified when creating new route
[   70.023058][ T6573] netlink: 16 bytes leftover after parsing attributes in process `syz.1.138'.
[   70.025785][ T6573] netlink: 16 bytes leftover after parsing attributes in process `syz.1.138'.
[   70.031121][ T6573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.138'.
[   70.033719][ T6573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.138'.
[   70.056230][ T6577] netlink: 'syz.0.139': attribute type 2 has an invalid length.
[   70.059029][ T6577] netlink: 'syz.0.139': attribute type 2 has an invalid length.
[   70.110592][ T6579] netlink: 4 bytes leftover after parsing attributes in process `syz.1.140'.
[   70.114935][ T6579] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   70.117357][ T6579] batman_adv: batadv0: Removing interface: batadv_slave_0
[   70.120479][ T6579] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   70.123526][ T6579] batman_adv: batadv0: Removing interface: batadv_slave_1
[   70.163331][ T6581] FAULT_INJECTION: forcing a failure.
[   70.163331][ T6581] name failslab, interval 1, probability 0, space 0, times 0
[   70.167416][ T6581] CPU: 1 UID: 0 PID: 6581 Comm: syz.1.140 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[   70.170897][ T6581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.173959][ T6581] Call Trace:
[   70.174932][ T6581]  <TASK>
[   70.175786][ T6581]  dump_stack_lvl+0x16c/0x1f0
[   70.177156][ T6581]  should_fail_ex+0x497/0x5b0
[   70.178533][ T6581]  should_failslab+0xc2/0x120
[   70.179884][ T6581]  kmem_cache_alloc_noprof+0x6e/0x3b0
[   70.181426][ T6581]  ? trace_lock_acquire+0x14e/0x1f0
[   70.182915][ T6581]  ? skb_clone+0x190/0x3f0
[   70.184173][ T6581]  skb_clone+0x190/0x3f0
[   70.185409][ T6581]  dev_queue_xmit_nit+0x38f/0xbc0
[   70.186869][ T6581]  dev_hard_start_xmit+0x283/0x7b0
[   70.188445][ T6581]  __dev_queue_xmit+0x7f0/0x43e0
[   70.189905][ T6581]  ? __pfx___dev_queue_xmit+0x10/0x10
[   70.191465][ T6581]  ? rcu_is_watching+0x12/0xc0
[   70.192855][ T6581]  ? trace_kmem_cache_alloc+0x2d/0xd0
[   70.194395][ T6581]  ? __copy_skb_header+0x2e8/0x5b0
[   70.195878][ T6581]  ? __skb_clone+0x570/0x760
[   70.197228][ T6581]  netlink_deliver_tap+0xa61/0xca0
[   70.198722][ T6581]  netlink_unicast+0x5e1/0x7f0
[   70.200129][ T6581]  ? __pfx_netlink_unicast+0x10/0x10
[   70.201662][ T6581]  ? __phys_addr_symbol+0x30/0x80
[   70.203111][ T6581]  ? __check_object_size+0x488/0x710
[   70.204639][ T6581]  netlink_sendmsg+0x8b8/0xd70
[   70.206018][ T6581]  ? __pfx_netlink_sendmsg+0x10/0x10
[   70.207536][ T6581]  ____sys_sendmsg+0x9ae/0xb40
[   70.208952][ T6581]  ? __pfx_____sys_sendmsg+0x10/0x10
[   70.210585][ T6581]  ? get_compat_msghdr+0x11b/0x170
[   70.212068][ T6581]  ___sys_sendmsg+0x135/0x1e0
[   70.213449][ T6581]  ? __pfx____sys_sendmsg+0x10/0x10
[   70.214963][ T6581]  ? __pfx_lock_release+0x10/0x10
[   70.216422][ T6581]  ? trace_lock_acquire+0x14e/0x1f0
[   70.217951][ T6581]  ? __fget_files+0x206/0x3a0
[   70.219330][ T6581]  __sys_sendmsg+0x16e/0x220
[   70.220664][ T6581]  ? __pfx___sys_sendmsg+0x10/0x10
[   70.222149][ T6581]  __do_fast_syscall_32+0x73/0x120
[   70.223618][ T6581]  do_fast_syscall_32+0x32/0x80
[   70.225029][ T6581]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   70.226829][ T6581] RIP: 0023:0xf708e579
[   70.228021][ T6581] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   70.233492][ T6581] RSP: 002b:00000000f505f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   70.235863][ T6581] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0
[   70.238156][ T6581] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   70.240416][ T6581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   70.242663][ T6581] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   70.244901][ T6581] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   70.247145][ T6581]  </TASK>
[   70.424662][ T6583] capability: warning: `syz.1.141' uses deprecated v2 capabilities in a way that may be insecure
[   70.860775][   T57] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   70.883566][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[   70.886363][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[   71.020753][   T57] usb 7-1: Using ep0 maxpacket: 8
[   71.023772][   T57] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[   71.025949][   T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   71.029156][   T57] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   71.032550][   T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   71.035732][   T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   71.039643][   T57] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[   71.041959][   T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   71.045156][   T57] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   71.048473][   T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   71.051758][   T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   71.055691][   T57] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[   71.057916][   T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   71.061157][   T57] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   71.064476][   T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   71.067578][   T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   71.073738][   T57] usb 7-1: string descriptor 0 read error: -22
[   71.075645][   T57] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   71.078234][   T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.086821][   T57] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[   71.525363][   T39] kauditd_printk_skb: 104 callbacks suppressed
[   71.525374][   T39] audit: type=1326 audit(1736915599.252:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.0.149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[   71.545276][   T39] audit: type=1326 audit(1736915599.262:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.0.149" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709e579 code=0x7ffc0000
[   71.552023][   T39] audit: type=1326 audit(1736915599.262:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.0.149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[   71.558352][   T39] audit: type=1326 audit(1736915599.262:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.0.149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[   71.670890][   T39] audit: type=1326 audit(1736915599.412:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.0.149" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf709e579 code=0x7ffc0000
[   71.717875][   T39] audit: type=1326 audit(1736915599.412:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6617 comm="syz.3.151" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   71.720450][    C0] vkms_vblank_simulate: vblank timer overrun
[   71.735889][   T39] audit: type=1326 audit(1736915599.462:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6617 comm="syz.3.151" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   71.746586][   T39] audit: type=1326 audit(1736915599.462:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6617 comm="syz.3.151" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   71.775976][   T39] audit: type=1326 audit(1736915599.462:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6617 comm="syz.3.151" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   71.780761][    C0] vkms_vblank_simulate: vblank timer overrun
[   71.782144][   T39] audit: type=1326 audit(1736915599.462:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6617 comm="syz.3.151" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   71.822809][    C0] vkms_vblank_simulate: vblank timer overrun
[   71.925232][    C0] vkms_vblank_simulate: vblank timer overrun
[   72.122121][    C0] vkms_vblank_simulate: vblank timer overrun
[   73.043456][ T6647] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.158'.
[   73.095417][ T6648] ./file0: Can't lookup blockdev
[   73.610862][ T5944] Bluetooth: hci2: command tx timeout
[   73.819814][ T6667] program syz.1.164 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   73.832071][   T57] usb 7-1: USB disconnect, device number 2
[   74.179168][ T6672] ubi: mtd0 is already attached to ubi0
[   74.188909][ T6671] netlink: 4 bytes leftover after parsing attributes in process `syz.2.165'.
[   75.378251][ T6699] 9pnet_fd: Insufficient options for proto=fd
[   75.386530][ T6008] IPVS: starting estimator thread 0...
[   75.470975][ T6700] IPVS: using max 40 ests per chain, 96000 per kthread
[   75.690852][ T5944] Bluetooth: hci2: command tx timeout
[   76.522152][ T6719] netlink: 68 bytes leftover after parsing attributes in process `syz.3.178'.
[   77.395360][ T6731] Bluetooth: MGMT ver 1.23
[   77.434074][   T39] kauditd_printk_skb: 139 callbacks suppressed
[   77.434141][   T39] audit: type=1326 audit(1736915605.172:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.453526][   T39] audit: type=1326 audit(1736915605.172:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.459660][   T39] audit: type=1326 audit(1736915605.182:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.465913][   T39] audit: type=1326 audit(1736915605.182:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.472105][   T39] audit: type=1326 audit(1736915605.182:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.478155][   T39] audit: type=1326 audit(1736915605.182:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.484397][   T39] audit: type=1326 audit(1736915605.182:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.490494][   T39] audit: type=1326 audit(1736915605.182:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.496699][   T39] audit: type=1326 audit(1736915605.182:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.530478][   T39] audit: type=1326 audit(1736915605.262:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.1.180" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   77.559387][ T6714] Set syz1 is full, maxelem 65536 reached
[   77.760954][ T5944] Bluetooth: hci2: command tx timeout
[   77.845435][ T6745] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[   77.847459][ T6745] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   77.850606][ T6745] vhci_hcd vhci_hcd.0: Device attached
[   77.913682][ T6748] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   77.964253][ T6745] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(14)
[   77.966664][ T6745] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   77.970831][ T6748] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(19)
[   77.972793][ T6748] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   77.976474][ T6745] vhci_hcd vhci_hcd.0: Device attached
[   77.976879][ T6748] vhci_hcd vhci_hcd.0: Device attached
[   77.979568][ T6756] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   77.999175][ T6745] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   78.011699][ T6745] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   78.015513][ T6745] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   78.029091][ T6745] vhci_hcd vhci_hcd.0: port 0 already used
[   78.050807][ T5985] vhci_hcd: vhci_device speed not set
[   78.110801][ T5985] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[   78.249312][ T6750] vhci_hcd: connection closed
[   78.250814][ T6749] vhci_hcd: connection closed
[   78.253472][ T6746] vhci_hcd: connection reset by peer
[   78.253482][   T82] vhci_hcd: stop threads
[   78.262271][   T82] vhci_hcd: release socket
[   78.264746][   T82] vhci_hcd: disconnect device
[   78.266582][   T82] vhci_hcd: stop threads
[   78.267817][   T82] vhci_hcd: release socket
[   78.269390][   T82] vhci_hcd: disconnect device
[   78.272533][   T82] vhci_hcd: stop threads
[   78.273792][   T82] vhci_hcd: release socket
[   78.275455][   T82] vhci_hcd: disconnect device
[   79.406604][ T6777] netlink: 32 bytes leftover after parsing attributes in process `syz.3.190'.
[   79.410867][ T6777] netlink: 12 bytes leftover after parsing attributes in process `syz.3.190'.
[   79.476979][ T6778] program syz.3.190 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   79.533903][ T6783] ubi: mtd0 is already attached to ubi0
[   79.555103][ T6785] netlink: 32 bytes leftover after parsing attributes in process `syz.0.192'.
[   79.557984][ T6785] netlink: 12 bytes leftover after parsing attributes in process `syz.0.192'.
[   79.655255][ T6787] program syz.0.192 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   79.712695][ T6789] ubi: mtd0 is already attached to ubi0
[   79.841500][ T5944] Bluetooth: hci2: command tx timeout
[   80.157515][ T6793] warning: `syz.1.193' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   80.557781][ T6810] overlayfs: conflicting lowerdir path
[   80.755325][ T6815] netlink: 'syz.0.197': attribute type 2 has an invalid length.
[   80.757515][ T6815] netlink: 'syz.0.197': attribute type 2 has an invalid length.
[   81.132121][ T1327] cfg80211: failed to load regulatory.db
[   81.304652][ T6827] FAULT_INJECTION: forcing a failure.
[   81.304652][ T6827] name failslab, interval 1, probability 0, space 0, times 0
[   81.308424][ T6827] CPU: 1 UID: 0 PID: 6827 Comm: syz.0.199 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[   81.311444][ T6827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.314536][ T6827] Call Trace:
[   81.315515][ T6827]  <TASK>
[   81.316386][ T6827]  dump_stack_lvl+0x16c/0x1f0
[   81.317754][ T6827]  should_fail_ex+0x497/0x5b0
[   81.319118][ T6827]  ? fs_reclaim_acquire+0xae/0x150
[   81.320602][ T6827]  should_failslab+0xc2/0x120
[   81.321974][ T6827]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[   81.323658][ T6827]  ? __pfx_tcp_current_mss+0x10/0x10
[   81.325197][ T6827]  ? __alloc_skb+0x2b3/0x380
[   81.326542][ T6827]  __alloc_skb+0x2b3/0x380
[   81.327841][ T6827]  ? __pfx___alloc_skb+0x10/0x10
[   81.329301][ T6827]  ? hlock_class+0x4e/0x130
[   81.330623][ T6827]  tcp_stream_alloc_skb+0x34/0x570
[   81.332119][ T6827]  tcp_sendmsg_locked+0xed5/0x3770
[   81.333598][ T6827]  ? __pfx___lock_acquire+0x10/0x10
[   81.335111][ T6827]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[   81.336709][ T6827]  ? tcp_sendmsg+0x20/0x50
[   81.338005][ T6827]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   81.339568][ T6827]  ? mark_held_locks+0x9f/0xe0
[   81.340968][ T6827]  ? __local_bh_enable_ip+0xa4/0x120
[   81.342492][ T6827]  tcp_sendmsg+0x2e/0x50
[   81.343722][ T6827]  ? __pfx_tcp_sendmsg+0x10/0x10
[   81.345173][ T6827]  inet_sendmsg+0xb9/0x140
[   81.346471][ T6827]  __sys_sendto+0x42a/0x4f0
[   81.347794][ T6827]  ? __pfx___sys_sendto+0x10/0x10
[   81.349292][ T6827]  ? ksys_write+0x1ba/0x250
[   81.350616][ T6827]  ? __pfx_ksys_write+0x10/0x10
[   81.352028][ T6827]  __ia32_sys_sendto+0xdd/0x1b0
[   81.353482][ T6827]  ? lockdep_hardirqs_on+0x7c/0x110
[   81.354993][ T6827]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   81.356886][ T6827]  __do_fast_syscall_32+0x73/0x120
[   81.358367][ T6827]  do_fast_syscall_32+0x32/0x80
[   81.359796][ T6827]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   81.361622][ T6827] RIP: 0023:0xf709e579
[   81.362821][ T6827] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   81.368341][ T6827] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[   81.370742][ T6827] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000200012c0
[   81.373013][ T6827] RDX: 00000000000020c8 RSI: 0000000000000011 RDI: 0000000000000000
[   81.375278][ T6827] RBP: 0000000000000027 R08: 0000000000000000 R09: 0000000000000000
[   81.377543][ T6827] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   81.379826][ T6827] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.382096][ T6827]  </TASK>
[   81.920836][ T5944] Bluetooth: hci2: command tx timeout
[   82.613943][   T39] kauditd_printk_skb: 134 callbacks suppressed
[   82.613960][   T39] audit: type=1326 audit(1736915610.352:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.0.204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[   82.625240][   T39] audit: type=1326 audit(1736915610.352:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.0.204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[   83.380846][ T5985] vhci_hcd: vhci_device speed not set
[   84.049219][ T6875] netlink: 4 bytes leftover after parsing attributes in process `syz.2.214'.
[   84.177110][ T6881] netlink: 'syz.2.215': attribute type 2 has an invalid length.
[   84.179418][ T6881] netlink: 'syz.2.215': attribute type 2 has an invalid length.
[   84.285417][ T6881] netfs: Couldn't get user pages (rc=-14)
[   84.648770][ T6894] fuse: Unknown parameter 'grou00000000000000000000'
[   84.651658][ T6894] overlay: Unknown parameter 'workdir000000000000'
[   85.210787][ T5944] Bluetooth: hci0: command tx timeout
[   85.450790][ T5944] Bluetooth: hci1: command tx timeout
[   85.461014][   T39] audit: type=1326 audit(1736915613.192:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.3.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   85.470581][   T39] audit: type=1326 audit(1736915613.202:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.3.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   85.478102][   T39] audit: type=1326 audit(1736915613.202:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.3.225" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   85.485153][   T39] audit: type=1326 audit(1736915613.202:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.3.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   85.491435][   T39] audit: type=1326 audit(1736915613.202:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.3.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   85.497509][   T39] audit: type=1326 audit(1736915613.202:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.3.225" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   85.505549][   T39] audit: type=1326 audit(1736915613.202:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.3.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   85.512844][   T39] audit: type=1326 audit(1736915613.202:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.3.225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   85.920813][ T5944] Bluetooth: hci3: command tx timeout
[   87.134370][ T6982] 9pnet_virtio: no channels available for device syz
[   87.522228][ T5944] Bluetooth: hci1: command tx timeout
[   87.674386][ T7005] netlink: 24 bytes leftover after parsing attributes in process `syz.3.238'.
[   87.909312][   T39] kauditd_printk_skb: 18 callbacks suppressed
[   87.909322][   T39] audit: type=1326 audit(1736915615.642:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   87.929609][   T39] audit: type=1326 audit(1736915615.642:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   87.951393][   T39] audit: type=1326 audit(1736915615.662:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[   87.957815][   T39] audit: type=1326 audit(1736915615.662:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   87.964767][   T39] audit: type=1326 audit(1736915615.662:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   87.973355][   T39] audit: type=1326 audit(1736915615.662:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=320 compat=1 ip=0xf708e579 code=0x7ffc0000
[   87.984810][   T39] audit: type=1326 audit(1736915615.672:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   87.998320][   T39] audit: type=1326 audit(1736915615.672:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708e579 code=0x7ffc0000
[   88.018241][   T39] audit: type=1326 audit(1736915615.672:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   88.038128][   T39] audit: type=1326 audit(1736915615.672:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.1.240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[   88.535445][ T5985] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   88.681175][ T5985] usb 6-1: device descriptor read/64, error -71
[   88.716700][ T7035] netlink: 4 bytes leftover after parsing attributes in process `syz.0.246'.
[   88.726506][ T7028] netlink: 28 bytes leftover after parsing attributes in process `syz.2.245'.
[   88.729363][ T7028] netlink: 60 bytes leftover after parsing attributes in process `syz.2.245'.
[   88.742444][ T7028] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   88.924083][ T5985] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   89.050836][ T5985] usb 6-1: device descriptor read/64, error -71
[   89.161109][ T5985] usb usb6-port1: attempt power cycle
[   89.254929][ T7052] vivid-000: disconnect
[   89.540651][ T5985] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   89.561439][ T5985] usb 6-1: device descriptor read/8, error -71
[   89.800799][ T5985] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   89.822050][ T5985] usb 6-1: device descriptor read/8, error -71
[   89.879271][ T7059] netlink: 4 bytes leftover after parsing attributes in process `syz.0.253'.
[   89.932520][ T5985] usb usb6-port1: unable to enumerate USB device
[   89.988370][ T7049] vivid-000: reconnect
[   90.001258][ T7059] trusted_key: encrypted_key: insufficient parameters specified
[   90.535264][ T7072] netlink: 4 bytes leftover after parsing attributes in process `syz.2.255'.
[   91.970012][ T7104] netlink: 4 bytes leftover after parsing attributes in process `syz.2.266'.
[   92.023520][ T7111] netlink: 12 bytes leftover after parsing attributes in process `syz.1.269'.
[   92.091804][ T7115] program syz.1.269 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   92.150537][ T7118] ubi: mtd0 is already attached to ubi0
[   92.549159][ T7123] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[   92.715198][ T7126] binder: BINDER_SET_CONTEXT_MGR already set
[   92.717263][ T7126] binder: 7125:7126 ioctl 4018620d 20000100 returned -16
[   92.720806][ T7126] binder: BINDER_SET_CONTEXT_MGR already set
[   92.723029][ T7126] binder: 7125:7126 ioctl 4018620d 200002c0 returned -16
[   92.779406][ T7127] binder_alloc: 7125: binder_alloc_buf, no vma
[   93.167343][ T7142] netlink: 4 bytes leftover after parsing attributes in process `syz.0.276'.
[   93.850844][ T7162] netlink: 24 bytes leftover after parsing attributes in process `syz.1.284'.
[   93.894127][ T7160] netlink: 184 bytes leftover after parsing attributes in process `syz.0.283'.
[   93.944231][ T7169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.286'.
[   94.026442][ T7178] netlink: 4 bytes leftover after parsing attributes in process `syz.1.289'.
[   94.127827][ T5944] Bluetooth: hci1: unexpected event 0x03 length: 17 > 11
[   94.146802][   T39] kauditd_printk_skb: 27 callbacks suppressed
[   94.146813][   T39] audit: type=1326 audit(1736915621.872:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.159395][   T39] audit: type=1326 audit(1736915621.872:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.160842][ T5944] Bluetooth: hci0: command tx timeout
[   94.168405][   T39] audit: type=1326 audit(1736915621.872:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.176921][   T39] audit: type=1326 audit(1736915621.882:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.187299][   T39] audit: type=1326 audit(1736915621.882:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.456695][   T39] audit: type=1326 audit(1736915621.882:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.462841][   T39] audit: type=1326 audit(1736915621.892:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.469051][   T39] audit: type=1326 audit(1736915621.892:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.475265][   T39] audit: type=1326 audit(1736915621.892:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.549942][   T39] audit: type=1326 audit(1736915622.282:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7175 comm="syz.3.288" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   94.855173][ T7197] netlink: 'syz.0.293': attribute type 2 has an invalid length.
[   94.857444][ T7197] netlink: 'syz.0.293': attribute type 2 has an invalid length.
[   95.827192][ T7205] netlink: 'syz.1.296': attribute type 10 has an invalid length.
[   95.829985][ T7205] syz_tun: entered promiscuous mode
[   95.847241][ T7205] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   97.260921][ T7240] FAULT_INJECTION: forcing a failure.
[   97.260921][ T7240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.264821][ T7240] CPU: 1 UID: 0 PID: 7240 Comm: syz.2.305 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[   97.267891][ T7240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.270983][ T7240] Call Trace:
[   97.272009][ T7240]  <TASK>
[   97.273215][ T7240]  dump_stack_lvl+0x16c/0x1f0
[   97.274943][ T7240]  should_fail_ex+0x497/0x5b0
[   97.276318][ T7240]  _copy_from_user+0x2e/0xd0
[   97.277695][ T7240]  __keyctl_dh_compute+0x1b4/0xf50
[   97.279184][ T7240]  ? __pfx___lock_acquire+0x10/0x10
[   97.280692][ T7240]  ? __pfx___keyctl_dh_compute+0x10/0x10
[   97.282339][ T7240]  ? __pfx_lock_release+0x10/0x10
[   97.283793][ T7240]  ? trace_lock_acquire+0x14e/0x1f0
[   97.285323][ T7240]  compat_keyctl_dh_compute+0x161/0x1d0
[   97.286945][ T7240]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[   97.288748][ T7240]  ? __pfx_mem_cgroup_handle_over_high+0x10/0x10
[   97.290561][ T7240]  ? ksys_write+0x1ba/0x250
[   97.291913][ T7240]  __do_compat_sys_keyctl+0x27b/0x440
[   97.294073][ T7240]  __do_fast_syscall_32+0x73/0x120
[   97.295644][ T7240]  do_fast_syscall_32+0x32/0x80
[   97.297344][ T7240]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.299265][ T7240] RIP: 0023:0xf70ee579
[   97.300506][ T7240] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   97.306050][ T7240] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[   97.308498][ T7240] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000020000200
[   97.310670][ T7240] RDX: 0000000020000040 RSI: 00000000000000d9 RDI: 00000000200001c0
[   97.313449][ T7240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   97.315847][ T7240] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   97.318202][ T7240] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.320474][ T7240]  </TASK>
[   98.320801][ T5944] Bluetooth: hci0: command tx timeout
[   98.857903][ T7275] netlink: 8 bytes leftover after parsing attributes in process `syz.3.315'.
[   98.862338][ T7275] netlink: 4 bytes leftover after parsing attributes in process `syz.3.315'.
[   98.864919][ T7275] netlink: 'syz.3.315': attribute type 13 has an invalid length.
[   98.867113][ T7275] netlink: 'syz.3.315': attribute type 12 has an invalid length.
[   99.225688][   T39] kauditd_printk_skb: 23 callbacks suppressed
[   99.225699][   T39] audit: type=1326 audit(1736915626.962:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   99.233894][   T39] audit: type=1326 audit(1736915626.962:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   99.239942][   T39] audit: type=1326 audit(1736915626.962:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   99.246292][   T39] audit: type=1326 audit(1736915626.962:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   99.253917][   T39] audit: type=1326 audit(1736915626.962:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   99.261206][   T39] audit: type=1326 audit(1736915626.962:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   99.272035][   T39] audit: type=1326 audit(1736915626.962:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   99.278127][   T39] audit: type=1326 audit(1736915626.962:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   99.284350][   T39] audit: type=1326 audit(1736915626.962:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf70ee579 code=0x7ffc0000
[   99.290434][   T39] audit: type=1326 audit(1736915626.982:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7283 comm="syz.2.318" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  100.074547][ T7298] netlink: 4 bytes leftover after parsing attributes in process `syz.0.321'.
[  101.005710][ T7313] netlink: 20 bytes leftover after parsing attributes in process `syz.0.324'.
[  101.189692][ T7323] program syz.1.327 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  101.271354][ T7330] netlink: 4 bytes leftover after parsing attributes in process `syz.3.330'.
[  101.283084][ T7332] ubi: mtd0 is already attached to ubi0
[  101.284712][ T7331] netlink: 'syz.0.328': attribute type 2 has an invalid length.
[  101.287386][ T7331] netlink: 'syz.0.328': attribute type 2 has an invalid length.
[  101.349110][ T7333] program syz.2.329 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  101.356254][ T7336] fuse: Bad value for 'user_id'
[  101.358329][ T7336] fuse: Bad value for 'user_id'
[  101.362139][ T7336] overlay: Unknown parameter 'workdird'
[  101.417284][ T7340] ubi: mtd0 is already attached to ubi0
[  102.096071][ T7356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.335'.
[  102.102092][ T7356] netlink: 104 bytes leftover after parsing attributes in process `syz.2.335'.
[  102.104801][ T7356] netlink: 104 bytes leftover after parsing attributes in process `syz.2.335'.
[  103.121364][ T7374] netlink: 'syz.3.341': attribute type 1 has an invalid length.
[  103.128010][ T7374] bond1: entered promiscuous mode
[  103.129687][ T7374] 8021q: adding VLAN 0 to HW filter on device bond1
[  103.148817][ T7377] binder: BINDER_SET_CONTEXT_MGR already set
[  103.150641][ T7377] binder: 7376:7377 ioctl 4018620d 20000100 returned -16
[  103.156459][ T7377] binder: BINDER_SET_CONTEXT_MGR already set
[  103.158947][ T7377] binder: 7376:7377 ioctl 4018620d 200002c0 returned -16
[  103.159796][ T7374] 8021q: adding VLAN 0 to HW filter on device bond1
[  103.163254][ T7374] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  103.166748][ T7374] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  103.170538][ T7374] bond1: (slave ip6gre1): making interface the new active one
[  103.174141][ T7374] ip6gre1: entered promiscuous mode
[  103.176298][ T7374] bond1: (slave ip6gre1): Enslaving as an active interface with an up link
[  103.497411][ T7383] program syz.3.343 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  103.554237][ T7385] ubi: mtd0 is already attached to ubi0
[  103.918474][ T7387] netlink: 4 bytes leftover after parsing attributes in process `syz.2.344'.
[  103.921905][ T7387] netlink: 4 bytes leftover after parsing attributes in process `syz.2.344'.
[  103.924458][ T7387] netlink: 4 bytes leftover after parsing attributes in process `syz.2.344'.
[  103.943806][ T7387] =======================================================
[  103.943806][ T7387] WARNING: The mand mount option has been deprecated and
[  103.943806][ T7387]          and is ignored by this kernel. Remove the mand
[  103.943806][ T7387]          option from the mount to silence this warning.
[  103.943806][ T7387] =======================================================
[  104.070548][ T7393] FAULT_INJECTION: forcing a failure.
[  104.070548][ T7393] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.075200][ T7393] CPU: 3 UID: 0 PID: 7393 Comm: syz.2.346 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  104.079250][ T7393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.083128][ T7393] Call Trace:
[  104.084446][ T7393]  <TASK>
[  104.085614][ T7393]  dump_stack_lvl+0x16c/0x1f0
[  104.087453][ T7393]  should_fail_ex+0x497/0x5b0
[  104.089311][ T7393]  _copy_to_user+0x32/0xd0
[  104.091061][ T7393]  simple_read_from_buffer+0xd0/0x160
[  104.093159][ T7393]  proc_fail_nth_read+0x198/0x270
[  104.095132][ T7393]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  104.097270][ T7393]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  104.099433][ T7393]  vfs_read+0x1df/0xbe0
[  104.101073][ T7393]  ? __fget_files+0x1fc/0x3a0
[  104.102922][ T7393]  ? __pfx___mutex_lock+0x10/0x10
[  104.104899][ T7393]  ? __pfx_vfs_read+0x10/0x10
[  104.106743][ T7393]  ? __fget_files+0x206/0x3a0
[  104.108582][ T7393]  ksys_read+0x12b/0x250
[  104.110252][ T7393]  ? __pfx_ksys_read+0x10/0x10
[  104.112146][ T7393]  __do_fast_syscall_32+0x73/0x120
[  104.114135][ T7393]  do_fast_syscall_32+0x32/0x80
[  104.116022][ T7393]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  104.118476][ T7393] RIP: 0023:0xf70ee579
[  104.120076][ T7393] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  104.127157][ T7393] RSP: 002b:00000000f50e0590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  104.130468][ T7393] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50e0620
[  104.133660][ T7393] RDX: 000000000000000f RSI: 00000000f7423ff4 RDI: 0000000000000000
[  104.136766][ T7393] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  104.139805][ T7393] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  104.142856][ T7393] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  104.145954][ T7393]  </TASK>
[  105.204890][ T7410] FAULT_INJECTION: forcing a failure.
[  105.204890][ T7410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.208742][ T7410] CPU: 3 UID: 0 PID: 7410 Comm: syz.1.351 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  105.211754][ T7410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  105.214848][ T7410] Call Trace:
[  105.215841][ T7410]  <TASK>
[  105.216712][ T7410]  dump_stack_lvl+0x16c/0x1f0
[  105.218090][ T7410]  should_fail_ex+0x497/0x5b0
[  105.219487][ T7410]  _copy_from_user+0x2e/0xd0
[  105.220851][ T7410]  move_addr_to_kernel+0x68/0x160
[  105.222310][ T7410]  __sys_connect+0xb0/0x170
[  105.223635][ T7410]  ? __pfx___sys_connect+0x10/0x10
[  105.225131][ T7410]  ? __pfx_ksys_write+0x10/0x10
[  105.226545][ T7410]  __ia32_sys_connect+0x71/0xb0
[  105.227969][ T7410]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  105.229871][ T7410]  __do_fast_syscall_32+0x73/0x120
[  105.231353][ T7410]  do_fast_syscall_32+0x32/0x80
[  105.232780][ T7410]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  105.234862][ T7410] RIP: 0023:0xf708e579
[  105.236071][ T7410] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  105.241572][ T7410] RSP: 002b:00000000f505f55c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  105.243947][ T7410] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000000
[  105.246247][ T7410] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000000
[  105.248526][ T7410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  105.250771][ T7410] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  105.252986][ T7410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  105.255108][ T7410]  </TASK>
[  105.401819][   T39] kauditd_printk_skb: 107 callbacks suppressed
[  105.401835][   T39] audit: type=1326 audit(1736915633.142:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.413810][   T39] audit: type=1326 audit(1736915633.142:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.421169][   T39] audit: type=1326 audit(1736915633.142:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.427187][   T39] audit: type=1326 audit(1736915633.142:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.440061][   T39] audit: type=1326 audit(1736915633.142:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.449231][   T39] audit: type=1326 audit(1736915633.142:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.457834][   T39] audit: type=1326 audit(1736915633.142:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.486557][   T39] audit: type=1326 audit(1736915633.142:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.493761][   T39] audit: type=1326 audit(1736915633.152:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.504084][   T39] audit: type=1326 audit(1736915633.152:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz.0.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  105.534751][ T7420] netlink: 4 bytes leftover after parsing attributes in process `syz.2.352'.
[  106.158854][ T7429] netlink: 12 bytes leftover after parsing attributes in process `syz.2.356'.
[  106.360443][ T7434] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  106.573643][ T7441] program syz.2.358 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  106.634875][ T7445] ubi: mtd0 is already attached to ubi0
[  106.813413][ T7454] random: crng reseeded on system resumption
[  106.973443][ T7465] netlink: 52 bytes leftover after parsing attributes in process `syz.1.366'.
[  107.040912][ T7465] syz_tun: entered allmulticast mode
[  107.044003][ T7465] syz_tun: left allmulticast mode
[  107.103550][ T7474] binder: BINDER_SET_CONTEXT_MGR already set
[  107.105408][ T7474] binder: 7473:7474 ioctl 4018620d 20000100 returned -16
[  107.108491][ T7474] binder: BINDER_SET_CONTEXT_MGR already set
[  107.110339][ T7474] binder: 7473:7474 ioctl 4018620d 200002c0 returned -16
[  107.841494][ T7492] netlink: 'syz.0.373': attribute type 1 has an invalid length.
[  107.859459][ T7492] bond2: entered promiscuous mode
[  107.861412][ T7492] 8021q: adding VLAN 0 to HW filter on device bond2
[  107.870963][ T7492] 8021q: adding VLAN 0 to HW filter on device bond2
[  107.873951][ T7492] bond2: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  107.878043][ T7492] bond2: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  107.887290][ T7492] bond2: (slave ip6gre1): making interface the new active one
[  107.890455][ T7492] ip6gre1: entered promiscuous mode
[  107.900330][ T7492] bond2: (slave ip6gre1): Enslaving as an active interface with an up link
[  108.694976][ T7514] netlink: 32 bytes leftover after parsing attributes in process `syz.2.380'.
[  108.776776][ T7516] netlink: 'syz.3.381': attribute type 2 has an invalid length.
[  108.779087][ T7516] netlink: 'syz.3.381': attribute type 2 has an invalid length.
[  108.915875][ T7516] netfs: Couldn't get user pages (rc=-14)
[  108.965183][ T7523] binder: BINDER_SET_CONTEXT_MGR already set
[  108.967818][ T7523] binder: 7521:7523 ioctl 4018620d 20000100 returned -16
[  108.987977][ T7523] binder: BINDER_SET_CONTEXT_MGR already set
[  108.990301][ T7523] binder: 7521:7523 ioctl 4018620d 200002c0 returned -16
[  109.044557][ T7525] netlink: 'syz.2.384': attribute type 1 has an invalid length.
[  109.069114][ T7525] bond2: entered promiscuous mode
[  109.072227][ T7525] 8021q: adding VLAN 0 to HW filter on device bond2
[  109.081621][ T7525] 8021q: adding VLAN 0 to HW filter on device bond2
[  109.083740][ T7525] bond2: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  109.087671][ T7525] bond2: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  109.093209][ T7525] bond2: (slave ip6gre1): making interface the new active one
[  109.096040][ T7525] ip6gre1: entered promiscuous mode
[  109.099122][ T7525] bond2: (slave ip6gre1): Enslaving as an active interface with an up link
[  109.970838][ T7547] binder: BINDER_SET_CONTEXT_MGR already set
[  109.972837][ T7547] binder: 7546:7547 ioctl 4018620d 20000100 returned -16
[  109.976470][ T7547] binder: BINDER_SET_CONTEXT_MGR already set
[  109.978790][ T7547] binder: 7546:7547 ioctl 4018620d 200002c0 returned -16
[  110.018176][ T7550] overlayfs: overlapping lowerdir path
[  110.348304][ T7567] program syz.1.398 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  110.413402][ T7569] ubi: mtd0 is already attached to ubi0
[  110.561053][ T5944] Bluetooth: hci1: command tx timeout
[  110.624819][   T39] kauditd_printk_skb: 44 callbacks suppressed
[  110.624832][   T39] audit: type=1326 audit(1736915638.362:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  110.666105][   T39] audit: type=1326 audit(1736915638.372:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  110.681008][   T39] audit: type=1326 audit(1736915638.392:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  110.701562][   T39] audit: type=1326 audit(1736915638.392:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  110.710903][   T39] audit: type=1326 audit(1736915638.392:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  110.741783][   T39] audit: type=1326 audit(1736915638.392:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  110.750775][   T39] audit: type=1326 audit(1736915638.392:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  110.762119][   T39] audit: type=1326 audit(1736915638.392:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  110.788638][   T39] audit: type=1326 audit(1736915638.392:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  110.800481][   T39] audit: type=1326 audit(1736915638.502:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7572 comm="syz.2.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  111.506636][ T7603] xt_hashlimit: max too large, truncated to 1048576
[  112.208233][ T7617] program syz.2.412 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  112.264571][ T7619] ubi: mtd0 is already attached to ubi0
[  112.549315][ T7625] CUSE: unknown device info ""
[  112.551687][ T7625] CUSE: zero length info key specified
[  112.584609][ T7625] netlink: 'syz.0.415': attribute type 10 has an invalid length.
[  112.635286][ T7625] syz.0.415 (7625) used greatest stack depth: 20880 bytes left
[  112.650987][ T5944] Bluetooth: hci1: command tx timeout
[  112.835900][ T7635] netlink: 'syz.0.417': attribute type 2 has an invalid length.
[  112.838558][ T7635] netlink: 'syz.0.417': attribute type 2 has an invalid length.
[  112.916159][ T7639] 9pnet_fd: Insufficient options for proto=fd
[  113.615230][ T7653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.425'.
[  113.825866][ T7658] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  113.935829][ T7662] Illegal XDP return value 4294967274 on prog  (id 75) dev N/A, expect packet loss!
[  114.010973][ T5944] Bluetooth: hci3: command tx timeout
[  114.171991][ T7675] program syz.2.431 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  114.245264][ T7680] random: crng reseeded on system resumption
[  114.279906][ T7682] ubi: mtd0 is already attached to ubi0
[  115.450862][ T5944] Bluetooth: hci0: command tx timeout
[  116.176412][ T7719] »»»»»» speed is unknown, defaulting to 1000
[  116.702555][ T7742] »»»»»» speed is unknown, defaulting to 1000
[  117.629143][ T7763] binder: BINDER_SET_CONTEXT_MGR already set
[  117.633098][ T7763] binder: 7762:7763 ioctl 4018620d 20000100 returned -16
[  117.765765][   T39] kauditd_printk_skb: 73 callbacks suppressed
[  117.765775][   T39] audit: type=1326 audit(1736915645.502:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.457" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  117.773877][   T39] audit: type=1326 audit(1736915645.502:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.457" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  117.779993][   T39] audit: type=1326 audit(1736915645.512:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.457" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  117.786072][   T39] audit: type=1326 audit(1736915645.512:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.457" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  117.792323][   T39] audit: type=1326 audit(1736915645.512:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.457" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  117.798770][   T39] audit: type=1326 audit(1736915645.512:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.457" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  117.805267][   T39] audit: type=1326 audit(1736915645.512:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.457" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  117.812970][   T39] audit: type=1326 audit(1736915645.512:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.457" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  117.820840][   T39] audit: type=1326 audit(1736915645.532:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.0.458" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  117.827905][   T39] audit: type=1326 audit(1736915645.542:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.0.458" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  117.840855][ T5952] Bluetooth: hci3: command tx timeout
[  118.065557][ T7753] block nbd2: shutting down sockets
[  118.480875][ T5944] Bluetooth: hci0: command tx timeout
[  118.749318][ T7782] netlink: 'syz.0.460': attribute type 1 has an invalid length.
[  119.610099][ T7811] openvswitch: netlink: IP tunnel dst address not specified
[  119.920802][ T5944] Bluetooth: hci3: command tx timeout
[  120.028991][ T7825] binder: BINDER_SET_CONTEXT_MGR already set
[  120.032068][ T7825] binder: 7824:7825 ioctl 4018620d 20000100 returned -16
[  120.386910][ T7834] fuse: Bad value for 'fd'
[  120.890207][ T7854] binder: BINDER_SET_CONTEXT_MGR already set
[  120.892490][ T7854] binder: 7853:7854 ioctl 4018620d 20000100 returned -16
[  120.970786][ T5944] Bluetooth: hci1: command tx timeout
[  121.230103][ T7866] sit0: mtu less than device minimum
[  121.284890][ T5944] Bluetooth: hci2: command tx timeout
[  121.393044][ T7869] syz_tun: entered allmulticast mode
[  121.415094][ T7869] FAULT_INJECTION: forcing a failure.
[  121.415094][ T7869] name failslab, interval 1, probability 0, space 0, times 0
[  121.418925][ T7869] CPU: 0 UID: 0 PID: 7869 Comm: syz.3.488 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  121.421903][ T7869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  121.424877][ T7869] Call Trace:
[  121.425840][ T7869]  <TASK>
[  121.426682][ T7869]  dump_stack_lvl+0x16c/0x1f0
[  121.428016][ T7869]  should_fail_ex+0x497/0x5b0
[  121.429371][ T7869]  ? fs_reclaim_acquire+0xae/0x150
[  121.430813][ T7869]  should_failslab+0xc2/0x120
[  121.432176][ T7869]  __kmalloc_noprof+0xce/0x4f0
[  121.433535][ T7869]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  121.435170][ T7869]  ? tomoyo_realpath_from_path+0xbf/0x710
[  121.436836][ T7869]  tomoyo_realpath_from_path+0xbf/0x710
[  121.438399][ T7869]  ? tomoyo_path_number_perm+0x235/0x5b0
[  121.440008][ T7869]  tomoyo_path_number_perm+0x248/0x5b0
[  121.441548][ T7869]  ? tomoyo_path_number_perm+0x235/0x5b0
[  121.443129][ T7869]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  121.444836][ T7869]  ? __pfx_lock_release+0x10/0x10
[  121.446271][ T7869]  ? trace_lock_acquire+0x14e/0x1f0
[  121.447707][ T7869]  ? __pfx___schedule+0x10/0x10
[  121.449053][ T7869]  ? lock_acquire+0x2f/0xb0
[  121.450290][ T7869]  ? __fget_files+0x40/0x3a0
[  121.451577][ T7869]  ? __fget_files+0x206/0x3a0
[  121.452879][ T7869]  security_file_ioctl_compat+0x9b/0x240
[  121.454440][ T7869]  __do_compat_sys_ioctl+0x4e/0x2c0
[  121.455960][ T7869]  __do_fast_syscall_32+0x73/0x120
[  121.457448][ T7869]  do_fast_syscall_32+0x32/0x80
[  121.458842][ T7869]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  121.460573][ T7869] RIP: 0023:0xf7fd6579
[  121.461703][ T7869] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  121.466960][ T7869] RSP: 002b:00000000f510555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  121.469261][ T7869] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000125f
[  121.471415][ T7869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  121.473573][ T7869] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  121.475757][ T7869] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  121.477923][ T7869] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  121.480108][ T7869]  </TASK>
[  121.481697][ T7869] ERROR: Out of memory at tomoyo_realpath_from_path.
[  121.748960][ T7877] could not allocate digest TFM handle cmac-aes-neon
[  121.828527][ T7885] binder: BINDER_SET_CONTEXT_MGR already set
[  121.830318][ T7885] binder: 7884:7885 ioctl 4018620d 20000100 returned -16
[  122.010793][ T5944] Bluetooth: hci3: command tx timeout
[  122.127802][ T7867] syz_tun: left allmulticast mode
[  122.273349][ T7898] /dev/sg0: Can't lookup blockdev
[  122.332839][ T7901] fuse: Bad value for 'fd'
[  123.040861][ T5944] Bluetooth: hci1: command tx timeout
[  123.645800][ T7920] fuse: Unknown parameter 'user_id00000000000000000000'
[  123.651391][ T7920] overlay: Unknown parameter 'workdir00000000000'
[  123.748342][ T7923] binder: BINDER_SET_CONTEXT_MGR already set
[  123.750140][ T7923] binder: 7922:7923 ioctl 4018620d 200002c0 returned -16
[  124.071937][ T7921] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  124.075171][ T7921] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  124.077683][ T7921] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  124.080283][ T7921] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  124.092110][ T7921] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  124.095509][ T7921] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  124.098927][ T7921] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  124.134430][ T7921] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  124.152820][ T7921] geneve2: entered promiscuous mode
[  124.154406][ T7921] geneve2: entered allmulticast mode
[  124.519868][ T7936] netlink: 4 bytes leftover after parsing attributes in process `syz.2.506'.
[  124.995798][ T7950] binder: BINDER_SET_CONTEXT_MGR already set
[  124.997577][ T7950] binder: 7949:7950 ioctl 4018620d 20000100 returned -16
[  125.099909][ T7959] pim6reg: entered allmulticast mode
[  125.108655][ T7959] pim6reg: left allmulticast mode
[  125.123528][ T5944] Bluetooth: hci1: command tx timeout
[  125.165523][ T7961] netlink: 'syz.3.514': attribute type 2 has an invalid length.
[  125.167859][ T7961] netlink: 'syz.3.514': attribute type 2 has an invalid length.
[  125.196836][ T7959] usb usb1: usbfs: process 7959 (syz.1.515) did not claim interface 0 before use
[  125.214394][ T7959] vlan2: entered promiscuous mode
[  125.216978][ T7959] vlan2: entered allmulticast mode
[  125.219970][ T7959] hsr_slave_1: entered allmulticast mode
[  125.239129][ T7959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.515'.
[  125.306986][ T7961] netfs: Couldn't get user pages (rc=-14)
[  125.354775][ T7959] hsr_slave_1 (unregistering): left allmulticast mode
[  125.375176][ T7959] hsr_slave_1 (unregistering): left promiscuous mode
[  125.684105][   T39] kauditd_printk_skb: 107 callbacks suppressed
[  125.684116][   T39] audit: type=1326 audit(1736915653.422:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  125.684516][ T7971] netlink: 12 bytes leftover after parsing attributes in process `syz.2.518'.
[  125.700810][   T39] audit: type=1326 audit(1736915653.422:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf708e579 code=0x7ffc0000
[  125.740986][ T7973] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  125.770975][   T39] audit: type=1326 audit(1736915653.422:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  125.778158][ T7976] fuse: Bad value for 'fd'
[  125.794796][ T7976] overlay: Unknown parameter 'workdir_id'
[  125.797541][   T39] audit: type=1326 audit(1736915653.422:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf708e579 code=0x7ffc0000
[  125.822354][   T39] audit: type=1326 audit(1736915653.422:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  125.830899][   T39] audit: type=1326 audit(1736915653.422:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf708e579 code=0x7ffc0000
[  125.840249][   T39] audit: type=1326 audit(1736915653.452:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  125.849162][   T39] audit: type=1326 audit(1736915653.452:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708e579 code=0x7ffc0000
[  125.857611][   T39] audit: type=1326 audit(1736915653.532:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  125.875240][   T39] audit: type=1326 audit(1736915653.532:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  126.672527][ T7995] netlink: 20 bytes leftover after parsing attributes in process `syz.1.525'.
[  126.677336][ T7995] ipvlan2: entered allmulticast mode
[  126.679055][ T7995] veth0_vlan: entered allmulticast mode
[  126.882154][ T5944] Bluetooth: hci0: command tx timeout
[  126.906077][ T8002] fuse: Bad value for 'fd'
[  126.910078][ T8002] overlay: Unknown parameter 'workdir_id'
[  128.570938][ T5944] Bluetooth: hci1: command tx timeout
[  128.866547][ T8030] 9pnet: Unknown protocol version 9
[  129.147057][ T8038] fuse: Bad value for 'fd'
[  129.150666][ T8038] overlay: Unknown parameter 'workdir_id'
[  129.861353][ T8060] netlink: 'syz.3.543': attribute type 1 has an invalid length.
[  130.732235][ T8079] netlink: 'syz.0.544': attribute type 2 has an invalid length.
[  130.735787][ T8079] netlink: 'syz.0.544': attribute type 2 has an invalid length.
[  130.906444][ T8084] »»»»»» speed is unknown, defaulting to 1000
[  131.190845][ T6002] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  131.340879][ T6002] usb 6-1: Using ep0 maxpacket: 16
[  131.345543][ T6002] usb 6-1: config 0 has no interfaces?
[  131.348790][ T6002] usb 6-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[  131.352295][ T6002] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.355284][ T6002] usb 6-1: Product: syz
[  131.356908][ T6002] usb 6-1: Manufacturer: syz
[  131.358679][ T6002] usb 6-1: SerialNumber: syz
[  131.367080][ T6002] usb 6-1: config 0 descriptor??
[  131.578719][ T5944] Bluetooth: hci2: unexpected event 0x03 length: 17 > 11
[  131.580511][ T6002] usb 6-1: USB disconnect, device number 7
[  131.600965][ T5944] Bluetooth: hci2: command tx timeout
[  131.693011][ T8094] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  132.285984][ T8105] fuse: Unknown parameter '0x0000000000000003'
[  132.289869][ T8105] overlay: Unknown parameter 'workdir000000000'
[  132.323921][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[  132.326516][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[  132.638689][ T8109] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  132.641102][ T8109] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  132.644006][ T8109] vhci_hcd vhci_hcd.0: Device attached
[  132.777844][ T8113] netlink: 4 bytes leftover after parsing attributes in process `syz.2.556'.
[  132.889538][ T8123] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  132.892351][ T1327] usb 39-1: new high-speed USB device number 2 using vhci_hcd
[  132.895665][ T6433] usb 6-1: new low-speed USB device number 8 using dummy_hcd
[  133.061012][ T6433] usb 6-1: Invalid ep0 maxpacket: 16
[  133.122318][ T8138] ieee802154 phy0 wpan0: encryption failed: -22
[  133.192918][ T6433] usb 6-1: new low-speed USB device number 9 using dummy_hcd
[  133.233872][ T8143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.567'.
[  133.246460][ T8141] netlink: 'syz.2.566': attribute type 2 has an invalid length.
[  133.248775][ T8141] netlink: 'syz.2.566': attribute type 2 has an invalid length.
[  133.286061][ T8145] mmap: syz.3.568 (8145) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  133.300988][ T8141] netfs: Couldn't get user pages (rc=-14)
[  133.330896][ T6231] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  133.350805][ T6433] usb 6-1: Invalid ep0 maxpacket: 16
[  133.353303][ T6433] usb usb6-port1: attempt power cycle
[  133.484874][ T6231] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  133.489478][ T6231] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  133.493484][ T6231] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  133.497068][ T6231] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.504440][ T8134] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  133.522882][ T6231] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  133.537008][ T8150] fuse: Unknown parameter '0x0000000000000003'
[  133.539692][ T8150] overlay: Unknown parameter 'workdir000000000'
[  133.702155][ T6433] usb 6-1: new low-speed USB device number 10 using dummy_hcd
[  133.721089][ T6231] usb 5-1: USB disconnect, device number 5
[  133.723666][ T6433] usb 6-1: Invalid ep0 maxpacket: 16
[  133.847343][ T8158] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  133.860830][ T6433] usb 6-1: new low-speed USB device number 11 using dummy_hcd
[  133.882548][ T6433] usb 6-1: Invalid ep0 maxpacket: 16
[  133.884369][ T6433] usb usb6-port1: unable to enumerate USB device
[  134.913526][ T8178] netlink: 'syz.0.577': attribute type 2 has an invalid length.
[  134.916006][ T8178] netlink: 'syz.0.577': attribute type 2 has an invalid length.
[  135.040845][ T5944] Bluetooth: hci3: command tx timeout
[  135.100896][ T8181] fuse: Unknown parameter '0x0000000000000003'
[  135.108250][ T8181] overlay: Unknown parameter 'workdir000000000'
[  135.292638][   T39] kauditd_printk_skb: 89 callbacks suppressed
[  135.292649][   T39] audit: type=1326 audit(1736915663.032:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.300584][   T39] audit: type=1326 audit(1736915663.032:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.306689][   T39] audit: type=1326 audit(1736915663.032:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.312850][   T39] audit: type=1326 audit(1736915663.032:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.318927][   T39] audit: type=1326 audit(1736915663.032:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.327274][   T39] audit: type=1326 audit(1736915663.032:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.335485][   T39] audit: type=1326 audit(1736915663.032:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.342679][   T39] audit: type=1326 audit(1736915663.032:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.361438][   T39] audit: type=1326 audit(1736915663.032:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.362431][ T8110] vhci_hcd: connection reset by peer
[  135.375021][  T104] vhci_hcd: stop threads
[  135.376332][  T104] vhci_hcd: release socket
[  135.379612][  T104] vhci_hcd: disconnect device
[  135.380185][   T39] audit: type=1326 audit(1736915663.112:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.0.579" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  135.533670][ T8197] ieee802154 phy0 wpan0: encryption failed: -22
[  135.870825][ T6006] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  136.020248][ T8210] netlink: 'syz.3.587': attribute type 1 has an invalid length.
[  136.028243][ T8210] bond2: entered promiscuous mode
[  136.029885][ T8210] 8021q: adding VLAN 0 to HW filter on device bond2
[  136.031660][ T6006] usb 7-1: Using ep0 maxpacket: 8
[  136.041585][ T6006] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  136.044106][ T6006] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  136.047607][ T6006] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  136.056171][ T6006] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  136.062814][ T6006] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  136.072808][ T8213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.589'.
[  136.073587][ T6006] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  136.084212][ T6006] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.305124][ T6006] usb 7-1: usb_control_msg returned -32
[  136.307381][ T6006] usbtmc 7-1:16.0: can't read capabilities
[  136.311638][ T8223] xt_hashlimit: overflow, rate too high: 0
[  136.421631][ T8227] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[  136.686589][ T8237] syzkaller1: entered promiscuous mode
[  136.688833][ T8237] syzkaller1: entered allmulticast mode
[  136.717856][ T8236] netlink: 8 bytes leftover after parsing attributes in process `syz.3.598'.
[  136.724413][ T8238] usbtmc 7-1:16.0: stb usb_control_msg returned -32
[  136.834368][ T5944] Bluetooth: hci1: command tx timeout
[  136.834790][ T5952] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  136.838470][ T5952] Bluetooth: hci2: Injecting HCI hardware error event
[  136.841402][ T5952] Bluetooth: hci2: hardware error 0x00
[  136.895973][ T6002] usb 7-1: USB disconnect, device number 3
[  137.306258][ T8243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.599'.
[  137.575653][ T8254] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  137.686101][ T5944] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  137.689121][ T5944] CPU: 3 UID: 0 PID: 5944 Comm: kworker/u33:2 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  137.692300][ T5944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.695834][ T5944] Workqueue: hci3 hci_rx_work
[  137.697199][ T5944] Call Trace:
[  137.698169][ T5944]  <TASK>
[  137.699033][ T5944]  dump_stack_lvl+0x16c/0x1f0
[  137.700384][ T5944]  sysfs_warn_dup+0x7f/0xa0
[  137.701700][ T5944]  sysfs_create_dir_ns+0x24d/0x2b0
[  137.703563][ T5944]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  137.705608][ T5944]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  137.707149][ T5944]  ? kobject_add_internal+0x12d/0x990
[  137.708713][ T5944]  ? do_raw_spin_unlock+0x172/0x230
[  137.710219][ T5944]  kobject_add_internal+0x2c8/0x990
[  137.711748][ T5944]  kobject_add+0x16f/0x240
[  137.713383][ T5944]  ? __pfx_kobject_add+0x10/0x10
[  137.714993][ T5944]  ? kobject_put+0xab/0x5a0
[  137.716342][ T5944]  device_add+0x289/0x1a70
[  137.717648][ T5944]  ? __pfx_dev_set_name+0x10/0x10
[  137.719132][ T5944]  ? __pfx_device_add+0x10/0x10
[  137.720574][ T5944]  ? mgmt_send_event_skb+0x2f2/0x460
[  137.722277][ T5944]  hci_conn_add_sysfs+0x17e/0x230
[  137.724362][ T5944]  le_conn_complete_evt+0xfce/0x1d10
[  137.726126][ T5944]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  137.727781][ T5944]  ? __mutex_lock+0x1cc/0xa60
[  137.729181][ T5944]  ? mark_held_locks+0x9f/0xe0
[  137.730632][ T5944]  hci_le_conn_complete_evt+0x23c/0x370
[  137.732213][ T5944]  hci_le_meta_evt+0x2e2/0x5d0
[  137.734042][ T5944]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  137.735807][ T5944]  hci_event_packet+0x666/0x1190
[  137.737243][ T5944]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  137.738807][ T5944]  ? __pfx_hci_event_packet+0x10/0x10
[  137.740370][ T5944]  ? mark_held_locks+0x9f/0xe0
[  137.741776][ T5944]  ? kcov_remote_start+0x3cf/0x6e0
[  137.743702][ T5944]  ? lockdep_hardirqs_on+0x7c/0x110
[  137.745657][ T5944]  hci_rx_work+0x2c5/0x16b0
[  137.746989][ T5944]  ? process_one_work+0x8bb/0x1b30
[  137.748470][ T5944]  process_one_work+0x958/0x1b30
[  137.749914][ T5944]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  137.751541][ T5944]  ? __pfx_process_one_work+0x10/0x10
[  137.753443][ T5944]  ? rcu_is_watching+0x12/0xc0
[  137.755037][ T5944]  ? assign_work+0x1a0/0x250
[  137.756412][ T5944]  worker_thread+0x6c8/0xf00
[  137.757853][ T5944]  ? __pfx_worker_thread+0x10/0x10
[  137.759340][ T5944]  kthread+0x2c1/0x3a0
[  137.760544][ T5944]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.762053][ T5944]  ? __pfx_kthread+0x10/0x10
[  137.763845][ T5944]  ret_from_fork+0x45/0x80
[  137.765505][ T5944]  ? __pfx_kthread+0x10/0x10
[  137.766854][ T5944]  ret_from_fork_asm+0x1a/0x30
[  137.768268][ T5944]  </TASK>
[  137.769248][    C3] vkms_vblank_simulate: vblank timer overrun
[  137.773010][ T5944] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  137.777441][ T5944] Bluetooth: hci3: failed to register connection device
[  137.990772][ T1327] vhci_hcd: vhci_device speed not set
[  138.357616][ T8272] infiniband s
z1: set active
[  138.391422][   T70] »»»»»» speed is unknown, defaulting to 1000
[  138.480828][ T5944] Bluetooth: hci3: command tx timeout
[  138.706546][ T8282] program syz.2.608 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  138.884016][ T8285] ubi: mtd0 is already attached to ubi0
[  138.890831][ T5952] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  139.585811][ T8305] netlink: 72 bytes leftover after parsing attributes in process `syz.1.615'.
[  140.861449][ T8328] »»»»»» speed is unknown, defaulting to 1000
[  140.897034][ T8335] program syz.0.624 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  140.957993][ T8339] ubi: mtd0 is already attached to ubi0
[  141.160889][    T9] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  141.280858][ T5952] Bluetooth: hci3: command tx timeout
[  141.320803][    T9] usb 7-1: Using ep0 maxpacket: 8
[  141.324274][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  141.327418][    T9] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  141.330039][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.333581][    T9] usb 7-1: config 0 descriptor??
[  141.420797][ T6231] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  141.577392][    T9] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  141.580739][ T6231] usb 6-1: Using ep0 maxpacket: 8
[  141.589656][ T6231] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  141.595165][ T6231] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  141.597977][ T6231] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.601303][ T6231] usb 6-1: config 0 descriptor??
[  141.790915][ T1327] usb 7-1: USB disconnect, device number 4
[  141.822428][ T8356] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  141.827422][ T6231] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  142.030909][ T8359] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  142.080811][ T5952] Bluetooth: hci1: command tx timeout
[  142.281925][ T6002] usb 6-1: USB disconnect, device number 12
[  142.669847][ T8373] pimreg: entered allmulticast mode
[  142.791049][ T8378] netlink: 'syz.0.639': attribute type 1 has an invalid length.
[  143.270040][ T8378] syz.0.639 (8378): drop_caches: 2
[  144.075737][ T8409] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[  144.077842][ T8409] PKCS7: Only support pkcs7_signedData type
[  144.240782][ T5952] Bluetooth: hci1: command tx timeout
[  144.483570][ T8428] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input8
[  145.083098][   T39] kauditd_printk_skb: 16 callbacks suppressed
[  145.083115][   T39] audit: type=1326 audit(1736915672.822:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.093748][   T39] audit: type=1326 audit(1736915672.822:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.100403][   T39] audit: type=1326 audit(1736915672.822:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.106380][   T39] audit: type=1326 audit(1736915672.822:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.112916][   T39] audit: type=1326 audit(1736915672.822:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.118586][   T39] audit: type=1326 audit(1736915672.822:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.124914][   T39] audit: type=1326 audit(1736915672.822:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.131250][   T39] audit: type=1326 audit(1736915672.832:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.172564][   T39] audit: type=1326 audit(1736915672.912:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.178716][   T39] audit: type=1326 audit(1736915672.912:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8439 comm="syz.3.659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  145.646382][ T8465] netlink: 'syz.1.665': attribute type 12 has an invalid length.
[  145.648980][ T8465] netlink: 'syz.1.665': attribute type 29 has an invalid length.
[  145.653447][ T8465] netlink: 148 bytes leftover after parsing attributes in process `syz.1.665'.
[  145.656242][ T8465] netlink: 'syz.1.665': attribute type 1 has an invalid length.
[  145.658760][ T8465] netlink: 39 bytes leftover after parsing attributes in process `syz.1.665'.
[  146.170791][ T5952] Bluetooth: hci3: command tx timeout
[  146.320748][ T5952] Bluetooth: hci1: command tx timeout
[  146.849514][ T8488] program syz.0.671 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  146.910669][ T8493] ubi: mtd0 is already attached to ubi0
[  148.400924][ T5952] Bluetooth: hci1: command tx timeout
[  149.290521][ T8552] FAULT_INJECTION: forcing a failure.
[  149.290521][ T8552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.392195][ T8552] CPU: 1 UID: 0 PID: 8552 Comm: syz.3.689 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  149.395255][ T8552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.398398][ T8552] Call Trace:
[  149.399372][ T8552]  <TASK>
[  149.400249][ T8552]  dump_stack_lvl+0x16c/0x1f0
[  149.401639][ T8552]  should_fail_ex+0x497/0x5b0
[  149.403010][ T8552]  _copy_from_user+0x2e/0xd0
[  149.404374][ T8552]  get_compat_msghdr+0xa8/0x170
[  149.405814][ T8552]  ? __pfx_get_compat_msghdr+0x10/0x10
[  149.407398][ T8552]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.409104][ T8552]  ___sys_sendmsg+0x1b0/0x1e0
[  149.410492][ T8552]  ? __pfx____sys_sendmsg+0x10/0x10
[  149.412030][ T8552]  ? __pfx_vfs_write+0x10/0x10
[  149.413428][ T8552]  __sys_sendmsg+0x16e/0x220
[  149.415067][ T8552]  ? __pfx___sys_sendmsg+0x10/0x10
[  149.417036][ T8552]  ? __pfx___schedule+0x10/0x10
[  149.419008][ T8552]  __do_fast_syscall_32+0x73/0x120
[  149.421059][ T8552]  do_fast_syscall_32+0x32/0x80
[  149.422998][ T8552]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  149.425484][ T8552] RIP: 0023:0xf7fd6579
[  149.427092][ T8552] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  149.434563][ T8552] RSP: 002b:00000000f50e455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  149.437819][ T8552] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000200001c0
[  149.440942][ T8552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  149.444044][ T8552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  149.447109][ T8552] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  149.450218][ T8552] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  149.453327][ T8552]  </TASK>
[  149.672272][ T8566] netlink: 132 bytes leftover after parsing attributes in process `syz.2.691'.
[  149.967339][ T8579] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  149.971466][ T8579] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  149.974911][ T8579] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  149.978345][ T8579] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  150.107530][   T39] kauditd_printk_skb: 81 callbacks suppressed
[  150.107541][   T39] audit: type=1326 audit(1736915677.842:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.694" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  150.117495][   T39] audit: type=1326 audit(1736915677.852:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.694" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  150.144194][   T39] audit: type=1326 audit(1736915677.882:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.694" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf708e579 code=0x7ffc0000
[  150.155226][   T39] audit: type=1326 audit(1736915677.892:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8570 comm="syz.1.694" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  150.162417][   T39] audit: type=1326 audit(1736915677.892:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8584 comm="syz.0.699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  150.169857][   T39] audit: type=1326 audit(1736915677.892:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8584 comm="syz.0.699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  150.179781][   T39] audit: type=1326 audit(1736915677.892:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8584 comm="syz.0.699" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709e579 code=0x7ffc0000
[  150.190778][   T39] audit: type=1326 audit(1736915677.892:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8584 comm="syz.0.699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  150.201929][   T39] audit: type=1326 audit(1736915677.892:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8584 comm="syz.0.699" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  150.208579][   T39] audit: type=1326 audit(1736915677.892:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8584 comm="syz.0.699" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf709e579 code=0x7ffc0000
[  150.480827][ T5952] Bluetooth: hci1: command tx timeout
[  151.213264][ T8607] erofs (device loop0): cannot find valid erofs superblock
[  151.410870][ T1013] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  151.572101][ T1013] usb 7-1: config index 0 descriptor too short (expected 25183, got 18)
[  151.575847][ T1013] usb 7-1: config 116 has too many interfaces: 121, using maximum allowed: 32
[  151.578984][ T1013] usb 7-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config
[  151.582212][ T1013] usb 7-1: config 116 has 0 interfaces, different from the descriptor's value: 121
[  151.586544][ T1013] usb 7-1: New USB device found, idVendor=0fe9, idProduct=db59, bcdDevice=e9.9b
[  151.589162][ T1013] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.591827][ T1013] usb 7-1: Product: syz
[  151.593138][ T1013] usb 7-1: Manufacturer: syz
[  151.594490][ T1013] usb 7-1: SerialNumber: syz
[  151.683317][ T8625] block device autoloading is deprecated and will be removed.
[  151.689124][ T8624] md: md2 stopped.
[  152.503641][ T8650] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  152.603033][ T1013] usb 7-1: USB disconnect, device number 5
[  153.013780][ T8661] kAFS: No cell specified
[  153.669505][ T8679] FAULT_INJECTION: forcing a failure.
[  153.669505][ T8679] name failslab, interval 1, probability 0, space 0, times 0
[  153.673230][ T8679] CPU: 3 UID: 0 PID: 8679 Comm: syz.0.725 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  153.676253][ T8679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.679266][ T8679] Call Trace:
[  153.680264][ T8679]  <TASK>
[  153.681166][ T8679]  dump_stack_lvl+0x16c/0x1f0
[  153.682740][ T8679]  should_fail_ex+0x497/0x5b0
[  153.684374][ T8679]  ? fs_reclaim_acquire+0xae/0x150
[  153.686278][ T8679]  should_failslab+0xc2/0x120
[  153.687921][ T8679]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  153.689676][ T8679]  ? __alloc_skb+0x2b3/0x380
[  153.690967][ T8679]  __alloc_skb+0x2b3/0x380
[  153.692276][ T8679]  ? __pfx___alloc_skb+0x10/0x10
[  153.693689][ T8679]  ? lock_acquire+0x2f/0xb0
[  153.695002][ T8679]  netlink_alloc_large_skb+0x69/0x130
[  153.696461][ T8679]  netlink_sendmsg+0x689/0xd70
[  153.698056][ T8679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  153.699569][ T8679]  ____sys_sendmsg+0x9ae/0xb40
[  153.700952][ T8679]  ? __pfx_____sys_sendmsg+0x10/0x10
[  153.702468][ T8679]  ? get_compat_msghdr+0x11b/0x170
[  153.703932][ T8679]  ___sys_sendmsg+0x135/0x1e0
[  153.705277][ T8679]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.706834][ T8679]  ? __pfx_lock_release+0x10/0x10
[  153.708290][ T8679]  ? trace_lock_acquire+0x14e/0x1f0
[  153.710032][ T8679]  ? __fget_files+0x206/0x3a0
[  153.711696][ T8679]  __sys_sendmsg+0x16e/0x220
[  153.713406][ T8679]  ? __pfx___sys_sendmsg+0x10/0x10
[  153.715223][ T8679]  __do_fast_syscall_32+0x73/0x120
[  153.717136][ T8679]  do_fast_syscall_32+0x32/0x80
[  153.718593][ T8679]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.720406][ T8679] RIP: 0023:0xf709e579
[  153.721570][ T8679] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  153.726908][ T8679] RSP: 002b:00000000f509055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  153.729237][ T8679] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  153.731412][ T8679] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  153.733578][ T8679] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.735818][ T8679] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  153.738029][ T8679] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.740256][ T8679]  </TASK>
[  153.741170][    C3] vkms_vblank_simulate: vblank timer overrun
[  154.429444][ T8705] kAFS: No cell specified
[  155.690084][ T8735] netlink: 12 bytes leftover after parsing attributes in process `syz.1.741'.
[  156.009368][ T8738] netfs: Couldn't get user pages (rc=-14)
[  156.670106][ T8760] netlink: 20 bytes leftover after parsing attributes in process `syz.0.748'.
[  157.120856][ T5952] Bluetooth: hci1: command tx timeout
[  157.505486][ T8776] netlink: 892 bytes leftover after parsing attributes in process `syz.2.753'.
[  157.563942][ T8779] audit_log_lost: 26 callbacks suppressed
[  157.564055][ T8779] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  157.569043][ T8779] audit: out of memory in audit_log_start
[  157.960066][ T8786] program syz.1.756 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  158.018538][ T8787] ubi: mtd0 is already attached to ubi0
[  158.372016][ T8798] kAFS: No cell specified
[  158.840076][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.842532][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.844938][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.847519][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.850109][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.853421][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.856064][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.858525][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.861494][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.863873][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.866120][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.867980][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.870114][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.872560][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.875113][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.877623][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.880207][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.883053][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.885600][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.888324][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.888357][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.893512][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.895907][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.897986][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.899918][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.902037][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.904596][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.907241][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.909630][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.911843][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.913790][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.915898][   T70] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  158.922345][   T70] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID vffffff.ff Device [syz1] on syz0
[  159.090787][ T6006] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  159.144467][ T8816] »»»»»» speed is unknown, defaulting to 1000
[  159.202623][ T8821] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  159.252337][ T6006] usb 6-1: config 0 has no interfaces?
[  159.254564][ T6006] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  159.258157][ T6006] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.283496][ T6006] usb 6-1: config 0 descriptor??
[  159.372508][ T8833] program syz.3.768 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  159.439551][ T8834] ubi: mtd0 is already attached to ubi0
[  159.708253][ T8839] kAFS: No cell specified
[  160.220429][ T8847] netlink: 8 bytes leftover after parsing attributes in process `syz.2.773'.
[  160.339225][ T8854] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  160.392873][ T8858] netlink: 28 bytes leftover after parsing attributes in process `syz.0.778'.
[  160.498562][ T8865] program syz.0.779 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  160.553444][ T8869] ubi: mtd0 is already attached to ubi0
[  160.619976][ T8872] overlayfs: workdir and upperdir must be separate subtrees
[  161.421297][   T39] audit: type=1326 audit(1736915689.132:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8881 comm="syz.0.785" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  161.430433][   T39] audit: type=1326 audit(1736915689.132:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8881 comm="syz.0.785" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  161.440587][   T39] audit: type=1326 audit(1736915689.142:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8881 comm="syz.0.785" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709e579 code=0x7ffc0000
[  161.460855][   T39] audit: type=1326 audit(1736915689.142:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8881 comm="syz.0.785" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  161.466739][   T39] audit: type=1326 audit(1736915689.142:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8881 comm="syz.0.785" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  161.473696][   T39] audit: type=1326 audit(1736915689.142:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8881 comm="syz.0.785" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf709e579 code=0x7ffc0000
[  161.480816][   T39] audit: type=1326 audit(1736915689.152:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8881 comm="syz.0.785" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  161.491125][   T39] audit: type=1326 audit(1736915689.152:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8881 comm="syz.0.785" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  161.601901][ T8890] kAFS: No cell specified
[  161.684627][ T8895] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  161.767376][ T8897] netlink: 28 bytes leftover after parsing attributes in process `syz.2.788'.
[  161.847248][   T70] usb 6-1: USB disconnect, device number 13
[  161.983954][ T8904] »»»»»» speed is unknown, defaulting to 1000
[  162.806447][ T8925] netlink: 28 bytes leftover after parsing attributes in process `syz.2.797'.
[  163.056784][ T8931] netlink: 20 bytes leftover after parsing attributes in process `syz.2.799'.
[  163.450482][   T39] kauditd_printk_skb: 6 callbacks suppressed
[  163.450493][   T39] audit: type=1326 audit(1736915691.182:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.461046][   T39] audit: type=1326 audit(1736915691.192:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.468052][   T39] audit: type=1326 audit(1736915691.192:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.475307][   T39] audit: type=1326 audit(1736915691.192:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.481608][   T39] audit: type=1326 audit(1736915691.192:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.487705][   T39] audit: type=1326 audit(1736915691.192:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.495350][ T8936] block nbd1: shutting down sockets
[  163.495463][   T39] audit: type=1326 audit(1736915691.192:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.503576][   T39] audit: type=1326 audit(1736915691.192:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.509630][   T39] audit: type=1326 audit(1736915691.192:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.516433][   T39] audit: type=1326 audit(1736915691.192:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.0.802" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  163.550781][ T8937] nbd1: detected capacity change from 0 to 12
[  163.555637][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.559371][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.562609][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.566038][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.569069][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.572572][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.575577][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.579013][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.582108][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.585506][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.588597][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.591322][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.593649][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.596388][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.598662][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.601400][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.603645][ T5959] ldm_validate_partition_table(): Disk read failed.
[  163.606137][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.609384][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.611735][ T5959] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  163.614039][ T5959] Buffer I/O error on dev nbd1, logical block 0, async page read
[  163.616628][ T5959] Dev nbd1: unable to read RDB block 0
[  163.619042][ T5959]  nbd1: unable to read partition table
[  163.621527][ T5959] nbd1: partition table beyond EOD, truncated
[  163.629321][ T5959] ldm_validate_partition_table(): Disk read failed.
[  163.631596][ T5959] Dev nbd1: unable to read RDB block 0
[  163.633680][ T5959]  nbd1: unable to read partition table
[  163.636028][ T5959] nbd1: partition table beyond EOD, truncated
[  164.325405][ T5952] Bluetooth: hci3: command tx timeout
[  164.759886][ T8972] random: crng reseeded on system resumption
[  165.430872][ T8979] program syz.1.812 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  165.461583][ T8979] ubi: mtd0 is already attached to ubi0
[  165.613839][ T8985] netlink: 4 bytes leftover after parsing attributes in process `syz.2.814'.
[  166.072498][ T9008] afs: Unknown parameter 'dy'
[  166.098053][ T9002] netlink: 20 bytes leftover after parsing attributes in process `syz.2.820'.
[  166.373704][ T9013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.830'.
[  166.410189][ T9015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.823'.
[  166.869084][ T9016] kAFS: No cell specified
[  167.010542][ T9029] program syz.1.827 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  167.014071][ T9029] ubi: mtd0 is already attached to ubi0
[  167.569913][ T9051] netlink: 20 bytes leftover after parsing attributes in process `syz.1.836'.
[  167.634301][ T9051] 
[  167.635358][ T9051] ======================================================
[  167.638146][ T9051] WARNING: possible circular locking dependency detected
[  167.640987][ T9051] 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0 Not tainted
[  167.645335][ T9051] ------------------------------------------------------
[  167.648544][ T9051] syz.1.836/9051 is trying to acquire lock:
[  167.650938][ T9051] ffff8880250e8fa0 (&q->sysfs_lock){+.+.}-{4:4}, at: blk_register_queue+0x132/0x4f0
[  167.654736][ T9051] 
[  167.654736][ T9051] but task is already holding lock:
[  167.657642][ T9051] ffff8880250e9030 (&q->sysfs_dir_lock){+.+.}-{4:4}, at: blk_register_queue+0x5c/0x4f0
[  167.661311][ T9051] 
[  167.661311][ T9051] which lock already depends on the new lock.
[  167.661311][ T9051] 
[  167.664370][ T9051] 
[  167.664370][ T9051] the existing dependency chain (in reverse order) is:
[  167.666992][ T9051] 
[  167.666992][ T9051] -> #5 (&q->sysfs_dir_lock){+.+.}-{4:4}:
[  167.669332][ T9051]        __mutex_lock+0x19b/0xa60
[  167.670859][ T9051]        blk_mq_sysfs_unregister_hctxs+0x92/0x2d0
[  167.673460][ T9051]        __blk_mq_update_nr_hw_queues+0x93f/0x1460
[  167.676088][ T9051]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  167.678540][ T9051]        nbd_start_device+0x15b/0xd70
[  167.680703][ T9051]        nbd_ioctl+0x21a/0xfd0
[  167.682633][ T9051]        compat_blkdev_ioctl+0x2f7/0x750
[  167.684917][ T9051]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  167.687261][ T9051]        __do_fast_syscall_32+0x73/0x120
[  167.689554][ T9051]        do_fast_syscall_32+0x32/0x80
[  167.691746][ T9051]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.694487][ T9051] 
[  167.694487][ T9051] -> #4 (&q->q_usage_counter(io)#50){++++}-{0:0}:
[  167.697851][ T9051]        blk_mq_submit_bio+0x1fb6/0x24c0
[  167.700020][ T9051]        __submit_bio+0x384/0x540
[  167.701942][ T9051]        submit_bio_noacct_nocheck+0x698/0xd70
[  167.704294][ T9051]        submit_bio_noacct+0x93a/0x1e20
[  167.706400][ T9051]        block_read_full_folio+0x812/0xa50
[  167.708609][ T9051]        filemap_read_folio+0xc6/0x2a0
[  167.710664][ T9051]        filemap_get_pages+0x155f/0x1be0
[  167.712799][ T9051]        filemap_read+0x3ca/0xd70
[  167.714718][ T9051]        blkdev_read_iter+0x187/0x480
[  167.716763][ T9051]        vfs_read+0x87f/0xbe0
[  167.718584][ T9051]        ksys_read+0x12b/0x250
[  167.720443][ T9051]        do_syscall_64+0xcd/0x250
[  167.722396][ T9051]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.724847][ T9051] 
[  167.724847][ T9051] -> #3 (mapping.invalidate_lock#2){.+.+}-{4:4}:
[  167.728063][ T9051]        down_read+0x9a/0x330
[  167.729879][ T9051]        filemap_fault+0x2e0/0x2820
[  167.731879][ T9051]        __do_fault+0x10a/0x490
[  167.733752][ T9051]        do_pte_missing+0x99f/0x3e00
[  167.735784][ T9051]        __handle_mm_fault+0x103c/0x2a40
[  167.737929][ T9051]        handle_mm_fault+0x3fa/0xaa0
[  167.739950][ T9051]        __get_user_pages+0x8d9/0x3b50
[  167.742075][ T9051]        faultin_page_range+0x24a/0x980
[  167.744262][ T9051]        do_madvise+0x504/0x770
[  167.746186][ T9051]        __ia32_sys_madvise+0xa7/0x110
[  167.748329][ T9051]        __do_fast_syscall_32+0x73/0x120
[  167.750509][ T9051]        do_fast_syscall_32+0x32/0x80
[  167.752624][ T9051]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.755329][ T9051] 
[  167.755329][ T9051] -> #2 (&mm->mmap_lock){++++}-{4:4}:
[  167.758294][ T9051]        __might_fault+0x11b/0x190
[  167.760330][ T9051]        _copy_from_user+0x29/0xd0
[  167.762295][ T9051]        compat_blk_trace_setup+0xc9/0x200
[  167.764522][ T9051]        blk_trace_ioctl+0x24a/0x290
[  167.766538][ T9051]        compat_blkdev_ioctl+0x13c/0x750
[  167.768711][ T9051]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  167.770945][ T9051]        __do_fast_syscall_32+0x73/0x120
[  167.773165][ T9051]        do_fast_syscall_32+0x32/0x80
[  167.773190][ T9051]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.773217][ T9051] 
[  167.773217][ T9051] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}:
[  167.777994][ T9051]        __mutex_lock+0x19b/0xa60
[  167.782521][ T9051]        blk_register_queue+0x13c/0x4f0
[  167.782539][ T9051]        add_disk_fwnode+0x785/0x1300
[  167.782548][ T9051]        brd_alloc.isra.0+0x50a/0x7c0
[  167.782562][ T9051]        brd_init+0x12b/0x1d0
[  167.789195][ T9051]        do_one_initcall+0x128/0x630
[  167.789212][ T9051]        kernel_init_freeable+0x58f/0x8b0
[  167.789226][ T9051]        kernel_init+0x1c/0x2b0
[  167.794384][ T9051]        ret_from_fork+0x45/0x80
[  167.794395][ T9051]        ret_from_fork_asm+0x1a/0x30
[  167.794409][ T9051] 
[  167.794409][ T9051] -> #0 (&q->sysfs_lock){+.+.}-{4:4}:
[  167.800071][ T9051]        __lock_acquire+0x249e/0x3c40
[  167.800083][ T9051]        lock_acquire.part.0+0x11b/0x380
[  167.800091][ T9051]        __mutex_lock+0x19b/0xa60
[  167.800103][ T9051]        blk_register_queue+0x132/0x4f0
[  167.806777][ T9051]        add_disk_fwnode+0x785/0x1300
[  167.806788][ T9051]        nbd_dev_add+0x78b/0xbc0
[  167.806799][ T9051]        nbd_genl_connect+0x8b1/0x1c00
[  167.806811][ T9051]        genl_family_rcv_msg_doit+0x202/0x2f0
[  167.806824][ T9051]        genl_rcv_msg+0x565/0x800
[  167.815101][ T9051]        netlink_rcv_skb+0x165/0x410
[  167.815114][ T9051]        genl_rcv+0x28/0x40
[  167.815124][ T9051]        netlink_unicast+0x53c/0x7f0
[  167.815134][ T9051]        netlink_sendmsg+0x8b8/0xd70
[  167.815144][ T9051]        ____sys_sendmsg+0x9ae/0xb40
[  167.823056][ T9051]        ___sys_sendmsg+0x135/0x1e0
[  167.823070][ T9051]        __sys_sendmsg+0x16e/0x220
[  167.823083][ T9051]        __do_fast_syscall_32+0x73/0x120
[  167.823095][ T9051]        do_fast_syscall_32+0x32/0x80
[  167.823107][ T9051]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.823122][ T9051] 
[  167.823122][ T9051] other info that might help us debug this:
[  167.823122][ T9051] 
[  167.823125][ T9051] Chain exists of:
[  167.823125][ T9051]   &q->sysfs_lock --> &q->q_usage_counter(io)#50 --> &q->sysfs_dir_lock
[  167.823125][ T9051] 
[  167.823144][ T9051]  Possible unsafe locking scenario:
[  167.823144][ T9051] 
[  167.823147][ T9051]        CPU0                    CPU1
[  167.823149][ T9051]        ----                    ----
[  167.823151][ T9051]   lock(&q->sysfs_dir_lock);
[  167.823158][ T9051]                                lock(&q->q_usage_counter(io)#50);
[  167.823167][ T9051]                                lock(&q->sysfs_dir_lock);
[  167.823173][ T9051]   lock(&q->sysfs_lock);
[  167.823179][ T9051] 
[  167.823179][ T9051]  *** DEADLOCK ***
[  167.823179][ T9051] 
[  167.823181][ T9051] 3 locks held by syz.1.836/9051:
[  167.823187][ T9051]  #0: ffffffff8fb5f590 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  167.823211][ T9051]  #1: ffffffff8fb5f648 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x580/0x800
[  167.823250][ T9051]  #2: ffff8880250e9030 (&q->sysfs_dir_lock){+.+.}-{4:4}, at: blk_register_queue+0x5c/0x4f0
[  167.823275][ T9051] 
[  167.823275][ T9051] stack backtrace:
[  167.823279][ T9051] CPU: 2 UID: 0 PID: 9051 Comm: syz.1.836 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  167.823291][ T9051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.823297][ T9051] Call Trace:
[  167.823301][ T9051]  <TASK>
[  167.823305][ T9051]  dump_stack_lvl+0x116/0x1f0
[  167.823319][ T9051]  print_circular_bug+0x41c/0x610
[  167.823334][ T9051]  check_noncircular+0x31a/0x400
[  167.823350][ T9051]  ? __pfx_check_noncircular+0x10/0x10
[  167.823365][ T9051]  ? hlock_class+0x4e/0x130
[  167.823377][ T9051]  ? lockdep_lock+0xc6/0x200
[  167.823389][ T9051]  ? __pfx_lockdep_lock+0x10/0x10
[  167.823403][ T9051]  __lock_acquire+0x249e/0x3c40
[  167.823414][ T9051]  ? __pfx___lock_acquire+0x10/0x10
[  167.823424][ T9051]  ? xa_find_after+0x291/0x480
[  167.823439][ T9051]  lock_acquire.part.0+0x11b/0x380
[  167.823449][ T9051]  ? blk_register_queue+0x132/0x4f0
[  167.823461][ T9051]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  167.823471][ T9051]  ? rcu_is_watching+0x12/0xc0
[  167.823482][ T9051]  ? trace_lock_acquire+0x14e/0x1f0
[  167.823495][ T9051]  ? blk_register_queue+0x132/0x4f0
[  167.823507][ T9051]  ? lock_acquire+0x2f/0xb0
[  167.823515][ T9051]  ? blk_register_queue+0x132/0x4f0
[  167.823527][ T9051]  __mutex_lock+0x19b/0xa60
[  167.823539][ T9051]  ? blk_register_queue+0x132/0x4f0
[  167.823552][ T9051]  ? blk_register_queue+0x132/0x4f0
[  167.823564][ T9051]  ? __pfx___mutex_lock+0x10/0x10
[  167.823576][ T9051]  ? kobject_add+0x17c/0x240
[  167.823592][ T9051]  ? blk_register_queue+0x132/0x4f0
[  167.823603][ T9051]  blk_register_queue+0x132/0x4f0
[  167.823616][ T9051]  add_disk_fwnode+0x785/0x1300
[  167.823626][ T9051]  nbd_dev_add+0x78b/0xbc0
[  167.823638][ T9051]  ? __pfx_nbd_dev_add+0x10/0x10
[  167.823649][ T9051]  ? __mutex_lock+0x30d/0xa60
[  167.823664][ T9051]  ? bpf_lsm_capable+0x9/0x10
[  167.823676][ T9051]  ? __radix_tree_lookup+0x21f/0x2c0
[  167.823688][ T9051]  nbd_genl_connect+0x8b1/0x1c00
[  167.823702][ T9051]  ? __pfx_nbd_genl_connect+0x10/0x10
[  167.823714][ T9051]  ? __nla_parse+0x40/0x60
[  167.823730][ T9051]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  167.823743][ T9051]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  167.823758][ T9051]  genl_family_rcv_msg_doit+0x202/0x2f0
[  167.823771][ T9051]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  167.823784][ T9051]  ? genl_get_cmd+0x195/0x580
[  167.823797][ T9051]  ? __radix_tree_lookup+0x21f/0x2c0
[  167.823809][ T9051]  genl_rcv_msg+0x565/0x800
[  167.823822][ T9051]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.823834][ T9051]  ? __pfx_nbd_genl_connect+0x10/0x10
[  167.823847][ T9051]  ? __pfx___lock_acquire+0x10/0x10
[  167.823857][ T9051]  netlink_rcv_skb+0x165/0x410
[  167.823868][ T9051]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.823881][ T9051]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  167.823894][ T9051]  ? down_read+0xc9/0x330
[  167.823907][ T9051]  ? __pfx_down_read+0x10/0x10
[  167.823920][ T9051]  ? netlink_deliver_tap+0x1ae/0xca0
[  167.823931][ T9051]  genl_rcv+0x28/0x40
[  167.823942][ T9051]  netlink_unicast+0x53c/0x7f0
[  167.823957][ T9051]  ? __pfx_netlink_unicast+0x10/0x10
[  167.823969][ T9051]  ? __phys_addr_symbol+0x30/0x80
[  167.823982][ T9051]  ? __check_object_size+0x488/0x710
[  167.823997][ T9051]  netlink_sendmsg+0x8b8/0xd70
[  167.824008][ T9051]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.824021][ T9051]  ____sys_sendmsg+0x9ae/0xb40
[  167.824032][ T9051]  ? __pfx_____sys_sendmsg+0x10/0x10
[  167.824043][ T9051]  ? get_compat_msghdr+0x11b/0x170
[  167.824055][ T9051]  ___sys_sendmsg+0x135/0x1e0
[  167.824070][ T9051]  ? __pfx____sys_sendmsg+0x10/0x10
[  167.824086][ T9051]  ? __pfx_lock_release+0x10/0x10
[  167.824095][ T9051]  ? trace_lock_acquire+0x14e/0x1f0
[  167.824109][ T9051]  ? __fget_files+0x206/0x3a0
[  167.824123][ T9051]  __sys_sendmsg+0x16e/0x220
[  167.824137][ T9051]  ? __pfx___sys_sendmsg+0x10/0x10
[  167.824153][ T9051]  ? __secure_computing+0x273/0x3f0
[  167.824168][ T9051]  __do_fast_syscall_32+0x73/0x120
[  167.824181][ T9051]  do_fast_syscall_32+0x32/0x80
[  167.824194][ T9051]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.824209][ T9051] RIP: 0023:0xf708e579
[  167.824217][ T9051] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  167.824227][ T9051] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  167.824237][ T9051] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000240
[  167.824244][ T9051] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  167.824249][ T9051] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  167.824256][ T9051] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  167.824262][ T9051] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  167.824270][ T9051]  </TASK>
[  167.876548][ T9059] afs: Unknown parameter 'dy'
[  169.690756][ T5944] Bluetooth: hci3: command tx timeout
[  170.240878][ T5944] Bluetooth: hci1: command 0x0406 tx timeout

VM DIAGNOSIS:
04:34:55  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000003 RBX=0000000000000001 RCX=1ffffffff3476914 RDX=dffffc0000000000
RSI=ffffffff8162c8a2 RDI=0000000000000001 RBP=ffff888049975158 RSP=ffffc90022da7a40
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff88801aca1800 R13=ffff88802b43e048 R14=dffffc0000000000 R15=ffff88801ac88c00
RIP=ffffffff816814fd RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002081a000 CR3=000000006da62000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000763d8c RBX=0000000000000001 RCX=ffffffff8b1a8889 RDX=ffffed10056a6fee
RSI=ffffffff8bb17240 RDI=ffffffff81703079 RBP=ffffed10039dc910 RSP=ffffc9000047fe08
R8 =0000000000000000 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801cee4880 R14=ffffffff901cf6d0 R15=0000000000000000
RIP=ffffffff8b1a9c6f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020534000 CR3=000000006eeb6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85145da5 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc90003456810
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36
R12=0000000000000000 R13=0000000000000069 R14=ffffffff85145d40 R15=0000000000000000
RIP=ffffffff85145dcf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002010a000 CR3=000000006eeb6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff888040e8b000 RCX=ffff88802b73ed00 RDX=1ffff110081d1605
RSI=0000000000000000 RDI=ffff888040e8b028 RBP=ffff88802b73ed40 RSP=ffffc90003047878
R8 =1ffff11004c67990 R9 =0000000000000001 R10=0000000000000001 R11=00000000000a201e
R12=0000000000225510 R13=0000000000000000 R14=ffff88802b73edc0 R15=dffffc0000000000
RIP=ffffffff816db027 RFL=00000806 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020192000 CR3=000000006a9f4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000