last executing test programs:

36.286613071s ago: executing program 1 (id=805):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x90, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xa6}, 0x0, 0x1000000}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe4}, {0x0, 0x0, 0x0, 0x0, 0x9}}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xf0}}, 0x0)

36.286154823s ago: executing program 1 (id=806):
r0 = openat$snapshot(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$SNDCTL_SEQ_CTRLRATE(0xffffffffffffffff, 0xc0045103, &(0x7f0000000080)=0x7bb)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r2, &(0x7f00000000c0)={0x1f, @none}, 0x8)
r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x80000000})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
sendmsg$NL80211_CMD_SET_BEACON(r1, &(0x7f0000001900)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000018c0)={&(0x7f00000001c0)={0x1708, r4, 0x20, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xfff, 0x19}}}}, [@NL80211_ATTR_FTM_RESPONDER={0x80, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x68, 0x3, "5f5bd76bcd5b0a37a7ac21e8b9cf56a000ac4d6c08c62c331bc828e38608d45d1a55c2fce235cc3507d963d05c16e9af459a4aefbf03f0335186a750d76f2c1c18a1bbbba830a5820f218524bb2ef8ab07735268623178068bb5c0834f8dba3815368905"}, @NL80211_FTM_RESP_ATTR_LCI={0x13, 0x2, "e0b3fbc720ba116619183ea3f45fc3"}]}, @NL80211_ATTR_FTM_RESPONDER={0x110, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x56, 0x3, "7adc5805f1133bd4178cf81d89d5fc0dde5c3a112f0d3263d0e0609e1e0701c5ac13ab7fec0feeb4708737da202edd1701da384a43900cc4a9d53c4b10ad4b6cc6fbaa4ee706ce414360783f68560c0d5a3e"}, @NL80211_FTM_RESP_ATTR_LCI={0xa9, 0x2, "0fc74737a301f1ae60df136dc0940298ed1ab17c27bac169618f69df5dbddf9e2670499d02f6288efe28d680c649481579f3cf95ba6bae60572cdd27d117ca18ebd97fa1219cd3a33c983b82f3dcf2d652be54c0aeb9f6b7961e6dd921b446b905ff5778bf8428eb45c3eb879a2371030f3c4947af3026b33b95bcfdabfbbcffa73a5353fb2456c04253c9a25c1e28e0b6816a62ba26cc4509481b09c3a0faa3bf2fa800ce"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x11c, 0x80, [@link_id={0x65, 0x12}, @ht={0x2d, 0x1a, {0x2, 0x2, 0x4, 0x0, {0x0, 0x2, 0x0, 0x6, 0x0, 0x1, 0x1, 0x2, 0x1}, 0x400, 0x0, 0x1}}, @measure_req={0x26, 0xde, {0xe, 0x2, 0x7, "dd893232e2841262eddb3561ffd49c5c5456f43929c35ab479ef2f9c6e0d70fdd6a416b9e9df81b9645c7aa7af2d6bdabf9c39b4affd12c2b0386033de1e2882c1e09712fa0185f0d697239ee1e3e64dd69d76b623acb3327211dde8b663de731ff02788e3590ea815431b0e4550e7f5faddd06b4780ee5c520f6d0beb5dfd574829086e66876ec44d39474a2827bdb1e124c2eb4ea06994899da22032ca4f5eeae963c320db5254977fcc46b859a41fe5a4b3644adc29cfbe6058fa7a36781ae4d70af659e01cef17948a14530dbd5964d5c211e0d46a64f13b93"}}, @mesh_id={0x72, 0x6}]}, @NL80211_ATTR_FTM_RESPONDER={0x24, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x19, 0x3, "b8652dc0404f352f14af7f54d7b0383861ba4c5d48"}]}, @NL80211_ATTR_IE={0x15b, 0x2a, [@preq={0x82, 0x46, {{0x1}, 0x80, 0x9, 0xb, @broadcast, 0x4, @void, 0x2, 0xfffff801, 0x4, [{{}, @broadcast, 0x2}, {{0x0, 0x0, 0x1}, @device_a, 0x4}, {{0x0, 0x0, 0x1}, @device_b}, {{0x1}, @device_a, 0x400}]}}, @channel_switch={0x25, 0x3, {0x0, 0xaf, 0x5}}, @erp={0x2a, 0x1, {0x0, 0x1, 0x1}}, @ht={0x2d, 0x1a, {0x0, 0x1, 0x4, 0x0, {0x9, 0x2, 0x0, 0x2, 0x0, 0x0, 0x1, 0x2, 0x1}, 0x300, 0x2, 0xe0}}, @random_vendor={0xdd, 0xe9, "84aed835b00c81293d6f93488387d08aaf169894e24e38f4e6a94fdd4deb1c20593ba8e0f329f4222997dbfb59e6142cf96831f3a90b1d12a10711251114aa2fec44e1583bd913004a11c1ba8091856f35e5c8db9681cb48e5683380fceaa1045ec8cb071f646a6da675b1cfb0d6541fc9157b3a72dceb5a038a645c01f152d398760ba8fecd3fdafde1eb8dffe164cb700f533811f76228ff4a50a89fb492b1bc1b1ffae659cc4428809d12c49dd51edc1a6a5b4036a80746fe899578fada8b28b466b36ada4dfee907c45f2fcc7229097273d9c79e863f78cc134a8876be5beb8808b54877f3f45f"}]}, @NL80211_ATTR_FTM_RESPONDER={0x140, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x9, 0x3, "e272f47c7a"}, @NL80211_FTM_RESP_ATTR_LCI={0xbc, 0x2, "1852adf6a4107b73610d0afd06a6cdde2e83d34b1bb67927949af5e5ec5d4be59d1a069cd1686f3db4c7f3eb59318678ad0b4c741bd37120fbd800ff188378f8ea707a9e404d75ef4d0ee0df2481db7b8902503dfd5e54f337a5e6da92c4a5199634b55e7c4b9d2d0956c21b7e157ce2ff50c2513c962986547cad27b7677887a85538e7a898e4b7f7b18956eed48af06f298b42b47962f0330f921c07112adcc5cb5c2e3358c1f1b4d477dc7b0544dd75c4deead6b3b153"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x6e, 0x3, "8cb168bd680750e7909c8c0c173152c23456de9c509e05261c522bd4cb9f146fd1869597d9e3e6b09fb26380bf8b2a4e7a95a2e552ebc4945f29693614089b3b38a0e7bcedae62aa0a0109fa80dc7f78702d7f23e941ed14b3a3263f7aa48f5b160af8bdab8ade9f283e"}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x102a, 0x80, [@channel_switch={0x25, 0x3, {0x1, 0x5a}}, @ht={0x2d, 0x1a, {0x1000, 0x1, 0x7, 0x0, {0x100000000, 0x1, 0x0, 0xe8, 0x0, 0x1}, 0x300, 0x9, 0x4}}, @measure_req={0x26, 0x1003, {0x10, 0x3, 0x2, "d29dc94710dc2ec8ccab6e4b3a9113fc345772801d5d45af8540c716c83cb2a2bad1b79e70033ea8eb49c886b37162e6c62344a9c30ada4bed9e7d5eeacac8cedd54acdb2b9ce711aa510c38970f23c309978cf902e33000475117137148456d757cfbb19713453172ed060b32e5b5a693e01d65f4f460349f7a04d50c0433df24975971e82bf5d912d2f2b1a3ad01cfefd29644ea02aab372c6221f39e3d25c55026347cb1bfb649e82f227210b25fb07761db438608a431bf0cf188f6e736f6a5dafdf842fddd9774a59857f198b65fd289ff59ebb81960baa43a80390cde45293486f2da4d94b469fd61a908ceffe0572f6b048b75a378b4d42e85bc17fc5c9d99ca3f4e8ac3a7a839e545755d6db890943b022a3a0d3e262e023a9b7dcb1293dad349c9c72c29285918a6805d3dc290e4d65c6286bb730939f006e5c0a469dbdd5ceffb1df643b5cc709a09f432bbf11643ef832ae11ee701d6866cb67e4b4be6c04d67de875debd15f6fd48fbf7c0a97f587a8e2fde23a482af579d72670e514824b5dc85fdc1ab913527ce3989bec1e8f7760e484704e79e92c5137e876486ab7a2b9ba25c16f386ae49885d68fe3a554f0b607b25ced497fbc25d44c5e3c363cb16e36a8b4c1671ac9808dfa1ee8d47f1cd98e38100b6c5fe14da30965dbbd329d33ee4bf426c883bf2583088d1a66b044314a805de0fd0dc5c199fe9a15b885bc1a51a32b4f6e60d4b4eb87c679e60c5db0081c7102cb69c29432b6ae089c212d46dc9adfc84c99f881fccbc32a57ff8dd616a648c60a103a5f5ea4bfad957ec3c85bbcd889d502033be3696d460d299f95eb1d80040772081273516c98958751a27fb7abd5cbb58fa7ac79b3c273f89611b2d6db6a6d4de33b0ebb5c87847f05bb9361b28eb2b3620b984398a53fa0b2f8f27729b3f0a7b00f09d16de6a9d13945e1ff399111f35a2e9d7871ff180ad5d5c9be9ad2e06f7f68ff5d3e4faeced635191ed13d5dfc9e17803d7a6002958bf76180a0550eb7db0cce8033947fe2f1dc271f554f36769ab16aa1f68f4ffbe2c7ef15786658bc21ec5b4858b35ed37203e794787d136f2e88115a65fbf0fc0bb4be93623840f767bbfbd22da167de4f4b9daf8126ab235b5b4a928927f7f60ce5603d557402ccd3056041f507a14ac9cb6acb104627a319094f3f0bdf0899fa496bc471bcb86abe2b283ff6f7004c681a5982c5b9e94ce765803bf200c397b18bbfadddd9d80650fd72cf1d9ea5bdb25d3ddbff347303ce3078d14c415dd0d19c67066aec7ec99932aff21f76022fabd0ef463cf6249ab1b441b5c2843a8954642700d64b67a860009ce8b468bf6562b46d17aa7c3240440f186b67c6452677b9230b5929684376753e01128ee25df344573d9b59686124cea55a6c5213e753e650a76ddf2852d7d299d0fa6136e2a59ceda084b0d13d54a7c2db3bfe084f9979b64481c1ecdf94f2c47f86ac38a25a426d7354c9430a77f5b61abb021084b7dd73adaaed868c710e64a06e466a9529fb3164541df7c1f2560ded5c6bb7e57c145bb8bc0d53fd64b2f7d954b454c4b45bec9703e01d8d2fa9b2fea9dd035e0c7036da958123bbd12a1c3e349e21f0ee8e268f761a73d0984dc935e9658e2393c90386a1f944bd531ce5287ee1c021a93d494f904fee81f57c9c1d482c9f91b586ee7f5a34683cbd3505ae4e581b8c3bc41bc2d6a1f0f7400c8a50ab28515577258b487207ba157b52ba74e2ec454ae21b1ae58a0bdcca5f0eb8d6b6523fa546e5cb70f19bf128603ea0034116235d2d45d59a387fc28271754b1bd0127c0cc87f5b88837520409643f4f12aeaccee74b2989771dfce8ae725203edf9931c4a9bbc30dc863812e073675f9af2af51250eefcd8ece164113ddba06b3fae325d5d0910b9caacda19ae4dae5690ab4f39e963a8d435cf7c7275860d5dd545b0608962ef5ecf54d785392b8be09011bb52a99a1fb80130b47f172bbca5663c843ee64ebb7bf388e746d5f88fce3d8ab057ff0e8423dcc9ac5db6a24be0f7877bba6b14f1cafc48baacbd2dbc9304487907bc1f19a43943815f923d6107af11ffcd07eb71f9acbeb851e4c2cb97ff40e603b2b4f18a7cf50b7845e42406b640cd26e7492185c208c565fcff00c84cb871db76363c08771626b2dca1e462877b9f77b15446bbd5902832931e6e0f748f77dec12586f5f4b5b5745faeaf5cb770114497a7bde1b0da2334f0252642cdc1e72508f0f96e6720d4b5fcbc90e24bb31258f8b1866aa815344be3d7bcaacc6690e7ea4ab9a56a9bda2eb16128ea54a8ead8a3afa82a96229f017539f583fa0de80ab2e6e64418125f5f7aff3646f2b09673202d47ca9587bd257d7bdc2aebd0c1be2a17a31f89fb4ae9acd3d5ec39f5703c6c5ab7402130b71110ae8b90a55c4c200657ac05ab19c5da46601c566017a67587e2f9af355cff6279ae7ba595d102de5b3e6af814108f40afbdf8a50d8d7489ccb64b9373b1a26e852b0ca2e8766266543098b1d5b09acae2990c48f4ec4a375264a5863cdf42d3e7e25022caa307db4bdd271d5dd687683f1d7f0937c5e4fef44c6e090dbecb30c71a238248fccaf35fb28d47fd9da47233a8fbdc94fd673e1ad471eafa685934e4acbfe1f86f004f9ece4bbeda7a97b5b13ef38cbd3873595735d33d1a8aec7062b66253d511876f9b4c372a0a64ad86269578d52d2bc291c675f4aea7a9306695e0e8d561e7c2f7522cf634abf998fb012dd70bd92e2e2eb73ac17dbc5404e9275b2a6687792f59a0153efd0f9da32c971dfc60e655ccc592f5a66b5a829f0ef5d240bc782b6a401fa79afadfe9dc068e3653d1e21a0ff92d06aa6e70fb5755392f8c263fbdd5738850da286d201f6910d11c042a6430dd8b55fb850a806d47f8af2c10817df3f6466c08eec9ce2ee51158e9ff44ca601fb6cdc6c3dc16287c2b0ab56e5a2dd997a3f5c6db0e19271124fb10d9c30613a24c71485f50b30391713471488516c8ed6456dce901111b25e6c91f475d87e6c193d58a115f02ad3ad41f3e681c2517348eee3bd7f2dfff4c2f020319c3e6661f07492df8042d99adab5ce836970450db92cfd45bdf8c6f3d1336c324988440cba8e887ae49e0358cd2bdc8a3727a06087970d03c199682c65a50358f0f7251d309584fd52faeaf18669ca1f66ede507fbc7939ce7db9e209fe3c19336d0e9e9a6d676220728d0f49725a613fa2b3c83a10c0263459bbd504291f0bb62baffa41de4f910b59243120079c71b16066844725275b969ec06ab3a805058c3827f37bd9400b3e3bb920a8839cfe8fd057a8bb4e21c5dad45b56c83a23bfb2ebdea7a65dff994a8cb077bc3c319e0950357c77d2d5331e0feb8de63a8d8d7634cf4e2b4219dd19c853f4f30836fbd9ea5553329ebaf2e7e7e67aec584328763df1241b80ece73986be00c65642844c168ed9b5c194911b85a89fcd46a7298d33fe327bb014aadeb428b143d9d318cb93a8d3ef99e4a76228e195f6bbc63a75dbf5d36d4e4cbdfab6f616e57cbca40aa086d1ed1f30724a39dd24d5bddf61cf22316026f5b127e177be1077fad7018b2b3005f0b7639c1e2a1b88107749564a5dd0d28f74e23de2986ea50c5f5375932f4b099a571d3ca0a90c40d83e040d58172d3c273cdb92b6193ddf6085f8c17db792781313643aeb2817bfaeeee77ee0a9e040c5c1e88036d63ba09ff7b659ef70c1522ff72818066aac19988d5835b86d9102f7cdce6a4d9e7d237695569e0ee428c594974af8a6d7f739064bf23630a45a651a00658ecefe1062a5f70db182940788d81157b7f542adcf25b1672c47523a21163709e3e1de894a0101c7efbe93fceb96c29d0dbbefdf4ea81ce91a76437a6a77b513f60664d61c7a15fa3e46aaf33a524b8a24a0cab64235e78fd677e106a5e9264d287677c37ad022a605f8c3731d02e6da0cf76dd6fb23bece0b9a0f7bfbaee93f01d5fe6f985ace3fecd8b463d95c00551e47791b250f6c94d28505711e02e2a6e26c5f4824a764effa7c3677acf8a0769a10600b47cd9c9f3c2e8c562cd57a8594bd682751320940172194621a5195e81cd9f2bb3fd9af036c759f6b03206f9833712aabcc11350f19a62ef1d8282f2964f91e0920db8b9ae2c636e7a49ed492893450089fcc934a7206884d15a33bc630531a44e89cc9a6c0ad513badd6c7ba9244a5ca5a0b675f707c7cceb203eb7a27f3cd6c7f749e8f3e248de2282db09fb6c60fe4c256df18c304dba6ad0932b7fbedecdfc274bd4e607c37cf0ebb3f32b3ab5edb7c98786bdbfcf6cabc777dc768ae1f0790c1775c2339f705eedd1791a8c1102f1ad4f6d7899f32d35b858380913ac79466542108b5c8ce87c127a8be4fd54d9ff0a1bc00af731bd75e2d4364e11c39741de286d6af1cada69e92a9c85801de707342a4ae1a676e8246d4390693cec8f037c88b5f8a74f276f19f33d3cab548a7c79f3d24968bb099056a3dac48dc7d7b740a25325720c36b1914f3c1df8e36ed69a6c44d089a68aefac8031f7da14c1fa78ea4123b1be6d912d79bbc0d168ecae4d0532396316eb36ba50eefb10cf0bf52e7539d07de1d8fc67fd245b7c660e0d304cb3c9e224d4376bf78a9368ecd48eb1e490559676f40c0ad6eb176e9fe5f75b9727ec10483c0a72002f72806592df13e0f94b32e2727d0f38151a937376918a289670ac736d2aca16a154d88906ec737be114ddd09ad5b109989870610e40e7c5e5f4f60bbf8da1ca1cd5f1a8b8fc5d82192788079c1b0847a6bdb58efa45440888cdf729fcaa9856cb6bfc5d8c9a43200b04819d35a2120034aec923e615b060868384ed8cbc301e4422b43c06da724240fb9ac0cdeabf80120089814a222e8ea2fae9d987053b98b9dd24f897ebb0636007b94e08584654da7cce5d89d51a0decb33cf8df12aa8cfb895ffd1cea483e3bf9925ac71d3db4d3250eba8bcd087e67d3336dff5a7e599374ec5cf91bc6e9fae02d509f1e25b51f1dd96976d058e68cb0be1b474f3fc73af04913ee6ec4f60331c223031976edaa54bcdc0b329588d70113ffcd92bcc6da95566a3a6dda731c78b88a96f005d4110eb5d6d62c5a64081262983b6a68dc8956773d5d358cbbacecb873fcab4194f6578bde608283e440d8f7f5b36393e4bd319fa607075cb9cabc6d6788e97c1170577dff4f39eab099a4f8afd2edfb4b0a485b436a4c57c0ebe30f6c6a9f37bb0341778d3b11f6324c382d5735b0bef5cf23c421c3284a9bf993c5c342702fd71e3afb0c00cb16fa45067da273769cd7be17695e61065dd00594026368f906e8c9a6ddea7995dd1b88a3b59cea1ec1177961ede572cc705ca4d9e0691f90aaba778c585b3293880aba8486b83f4b9f56adfa319b63eebb99093d6f2bad75c8fb870b5936c13c73f62f6748ad5abd6964e8bb23c8d23aa8cf5955e2ebfb3590e12156fc65776bba8e3cfe9c8dc201e88f687afa8a658811ebba9f8956a4464153f4f8f65c35b9cdb4a8bc34f47d6eab710776bc1ebe73627c2f73bb6973c29ba9fe51a41538912ff22a7630db9153001d6649e183ecc3b5cbc57775928583f793e37aa9698451113cb5e1efcefa0b695391f4ea2f8999940f5ad540c9733ef765b385b1be670730d369f0bdc16ddbc7fb431b9887a644ec21fec7a3b2448577d086883a4f731167e4538a818e2098174b0a7de2e4c4ebd71e1622648387aa9fd31802e23707a05b12568db267"}}]}, @NL80211_ATTR_IE={0x14d, 0x2a, [@chsw_timing={0x68, 0x4, {0x7fff, 0x4}}, @ssid={0x0, 0x9, @random="7c57bb707efba74c46"}, @dsss={0x3, 0x1, 0xb0}, @fast_bss_trans={0x37, 0x7d, {0x9, 0x2, "afefc2c110cb97723d8af675af96dbb8", "c2e1467a8e23560eb2f5803d55b56e6a4e3cace7b707ad42e3715bbe6e9d9c78", "e40d7b443d0be4cbf9afd1e66ae0370ef35c56c5c453c85154fb3a7d427289fc", [{0x2, 0x1b, "c6cb9727112c1c20b7af4628bdde2710b1fded6080e95ab8069f11"}, {0x3, 0xc, "d24ab10d7dd4e751caf32c06"}]}}, @erp={0x2a, 0x1, {0x0, 0x1}}, @preq={0x82, 0x57, {{0x1, 0x0, 0x1, 0x0, 0x1}, 0x40, 0xd4, 0x5, @broadcast, 0x776, @value=@device_b, 0x5, 0x3, 0x5, [{{}, @device_b, 0x4}, {{0x1}, @device_a, 0x200}, {{0x0, 0x0, 0x1}, @device_a, 0xfffffffe}, {{0x1, 0x0, 0x1}, @device_a, 0x661}, {{0x1, 0x0, 0x1}, @device_a, 0x10001}]}}, @prep={0x83, 0x1f, {{}, 0x6, 0x1, @device_a, 0x400, @void, 0x3, 0x175, @broadcast, 0x235b}}, @prep={0x83, 0x1f, {{}, 0xfb, 0xbf, @device_b, 0x8, @void, 0x0, 0x7, @device_b, 0xc60f}}, @mic={0x8c, 0x10, {0xd10, "795e62d25b25", @short="3b90be148aad47a2"}}, @chsw_timing={0x68, 0x4, {0x4, 0x1000}}]}]}, 0x1708}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bind$bt_rfcomm(r3, &(0x7f0000001940)={0x1f, @any, 0xb}, 0xa)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001a00)={'sit0\x00', &(0x7f0000001980)={'sit0\x00', <r5=>0x0, 0x1, 0x80, 0x2, 0x40, {{0x12, 0x4, 0x3, 0x1, 0x48, 0x68, 0x0, 0x0, 0x4, 0x0, @broadcast, @multicast1, {[@timestamp_prespec={0x44, 0x34, 0x49, 0x3, 0x9, [{@private=0xa010101, 0x2}, {@loopback, 0xfffffff6}, {@multicast1, 0x5}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7fff}, {@rand_addr=0x64010101, 0x9}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5937}]}]}}}}})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001a40)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x4, '\x00', r5, 0xffffffffffffffff, 0x2, 0x5, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000001ac0)={'ipvlan0\x00', 0x1})
setsockopt$inet_tcp_int(r1, 0x6, 0x1b, &(0x7f0000001b00), 0x4)
shutdown(r3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000001b40)={'vxcan1\x00'})
creat(&(0x7f0000001b80)='./file0\x00', 0x8)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000001bc0)=<r7=>0x0)
prlimit64(r7, 0xe, &(0x7f0000001c00)={0x7, 0xb}, &(0x7f0000001c40))
openat$cgroup_root(0xffffff9c, &(0x7f0000001c80)='./cgroup/syz0\x00', 0x200002, 0x0)
r8 = syz_open_dev$I2C(&(0x7f0000001cc0), 0x6, 0x200)
ioctl$I2C_SLAVE_FORCE(r8, 0x706, 0xb0)
r9 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
bind$bt_rfcomm(r9, &(0x7f0000001d00)={0x1f, @any, 0xa}, 0xa)
connect$rxrpc(r1, &(0x7f0000001d40)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e23, 0xb, @local, 0x10001}}, 0x24)
r10 = openat$ndctl0(0xffffff9c, &(0x7f0000001d80), 0x180002, 0x0)
bind$inet6(r10, &(0x7f0000001dc0)={0xa, 0x4e22, 0x8, @rand_addr=' \x01\x00', 0xb}, 0x1c)
ioctl$VHOST_VDPA_GET_AS_NUM(r10, 0x8004af7a, &(0x7f0000001e00))

35.554615731s ago: executing program 1 (id=810):
mmap(&(0x7f000049c000/0x1000)=nil, 0x1000, 0x1000000, 0x20011, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
sched_setscheduler(r2, 0x2, &(0x7f00000000c0)=0x9)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000600)={0x0, 0x1ffffe, 0x800, 0x1, 0x395, 0x0, r1}, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000400)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_SENDMSG={0x9, 0x67, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000018c0)={&(0x7f0000000380)=@sco, 0x80, &(0x7f0000001880)=[{0x0}], 0x1}, 0x0, 0x810})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="5000000014000100ffffffffffdbdf250a"], 0x50}}, 0x24005040)
listen(r6, 0x0)
accept4$rose(r6, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)

33.857112072s ago: executing program 1 (id=823):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000)=0x5, 0x0, 0x0)
ioctl$TIOCOUTQ(0xffffffffffffffff, 0x4bfb, &(0x7f0000000000))
r6 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$video4linux(&(0x7f0000000480), 0x5, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r7, 0x40047459, &(0x7f00000000c0)=0x41)
pwritev(r7, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd02000040", 0x42}], 0x1, 0x0, 0x0)
add_key(&(0x7f0000000080)='asymmetric\x00', 0x0, &(0x7f0000000500)="e306644c2f0b801228a9253e", 0xc, 0xfffffffffffffffd)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000210400"/20, @ANYRES32=0x0, @ANYBLOB="0000000200feff001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0)

32.210245914s ago: executing program 3 (id=826):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0)

32.146939525s ago: executing program 3 (id=827):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="9402000021000100fcffffff00000000ac1414aae5fffff8b49ed9825133a900fc0100000000000000000000000000000000add500200000000000801aeaaec1", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000070000400706362632874776f66697368290000000000fffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000040010000dc06216ef2c68e9f6da05d886dbc3273ef99796b36698e2bd5179c3eea5474fc78c9720bfc4f90a708001f0001000000cc0111"], 0x294}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)

32.146745695s ago: executing program 3 (id=828):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x9, &(0x7f0000000100)=[{&(0x7f0000000040)="1800000072006bcd9e3fe3dc6e080000070900ffffffa600", 0x18}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

31.38513995s ago: executing program 0 (id=829):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @random="a2c7278f3e29", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x9, 0x2, 0x0, @private, @multicast1}, @address_request={0x11, 0x2}}}}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f0000001040)=[{&(0x7f0000000cc0)="e3debf033cd14beb067c8b1a891eb3a8b82c600b83b75e6bbfa2db7b6a52d253829115e6047701f43fe3473b115e6cfc4d7b81e6d55b1fc445ec99429c393826189433b8c87f0945be14d47a71a64d12fb52ea5f1099f28c857c4773dd60f8c9a2b42dc54336b01981960f0eb4cd82c639f191aa36b40dfe84b80bc6f1740c83c6dce0b9c4", 0x85}, {0x0}, {&(0x7f0000000e40)="3cf800f1", 0x4}], 0x3}}], 0x1, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = io_uring_setup(0x356d, &(0x7f0000000080)={0x0, 0x0, 0x80, 0x2, 0x40000})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x288}, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000001028002002d1f", 0x2e}], 0x1}, 0x0)

23.513079055s ago: executing program 3 (id=830):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000001600)=ANY=[@ANYBLOB="61128c000000000061134cffffff9000bf200000000000002600020007ffffffbd0310000000000095002000000000006916000000000000bf6700000000000004070000b964b01a4607feff00200000540700000ee61e00bf150000000000000f5700000000000065070000d23700002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c4ed68ecf264e0f84f9f17d3c30e3c7bdd2d17f2f175455000078af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd390700000500000000f18c30907d7bee45a0100000fe9de56c9d05000000c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3f1d5af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8dfd13ff15f852a39e5b2ab7bcb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916fcecc8158f0200000000c8fb735fd552bdc268694aeb0743e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6037ed8c85f21ec2c081bdce431e56723888fb126a19bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1c921b5bbf7949632cacfdd32b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbb400001e3738270b315d362ed834f2af97787f696649a462e7e090000000000000045eac1f2014f720e83b7838e3eede14308d582685e1becd6f35154bcb4000000000000000000000000000000bc3af2b170ad3e2b26539cebca8f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed840a7afaab43176e65ec1118d46d1e827f3472f4445d353887a5ad103649afa1769080584f800031e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b4040c1458d0320ce7d0000413a0000000000000000005f37983f84e98a523d80bd56a57fa82b82f639601ae899a559944cb9a62a29ab028acfc1cb26a0f6a5480a55d624a0c544ba0dc828c22fe30000aa391598000000437d57fcf8295f63a70837f5cd4e5e77964522dc7ca3aa3476b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac872ade9d1f2ab779b8dbe843aeeda0426c767c00327b8c95b2bb6ddb55117669d9598c0f3598073f3a921c76beceff7e4fbf909a2cabf5b8ea5011db9020823b83abe54346c7af0a99fa077ffe7000feb9e44023a1749eb1d0d572b77d6e0d0fcd74031c8ef2629f5ecff4626746d6abe98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b5d3dfdf0cb8b71ad79000000000000000000000000000000dd434a25e95d0ec29d3adaccf89d0888031ecdfdb4dfbe444673be099ece7e4009c76c7108ef0a7e59fd6d906fbc3c9b412e0478cfee4485f423c63f49db43833c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4fe39cc2d292691672cc18ca372104ceb83a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec905000000b13f4a2575fbe943a6c40000000000000000000000000000028026b80c3899543223a6079ee96198b9a326db3be3a48af415ca28ca68c502550044ed8e29af8d763ef9b1f31befcad2ce5394601c7cdc233bff7f0000000000009fb3ad650f77e339768924dfdbeead13b88371154d743544a6091ec93e0d3fd5b4dc42911c1ba322fd4d6fbf19e617d51f964727bfd5cc5ba15370f6e1141d2271eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d952c7ad17a58d9be691c334ea35bae71e76e160cc2260bd028162917807ce89e11b5f261052ee0dde18efa1d802af2b7bcf6f8af41933cea0d0343261bccf64ca1c81045153eafbefdb91fbdff9ee3307d4a1837963b2dc2a3698d90e7915b098f19392e792adaea86052f4e948184001b6494e906925a092483adc7e9c8f7a29d226763c100aecae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baaae05aed6bf0f40c8a323f9235dc99698bd0b800067a901a79daada03cc77e74feb98b1586946b452764ff917a8ecc10e529c5bea49cad70e22df522c2803b6ef65df70223c6e22c3433e322d8dbd6e9b040065a9d6b3d5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a96548d47c609a93c45f4d1382b39c05dcc07d5b49ad75ddb3ce5b5b9416e03995da04647aa5e6fc1a6f5d663380967ccef9de49a90ced031335e3219ebd9d06c257a50497ec523f5ff7361261ccfe239d603364a42e2e81fc068fcbb9792b673827fe7018a988fbce55bb74cdb327ced4b77b8743fb3cb72cc280b9f62e4f92f46a19600b802cba88b7d0a938d9e0e6cfe5d66b874c9a0c6c04b96360d6f499d004179e5b6025c0e1050faec7ecd9de190a975db2f8c06a551236278c4766d7e22e3b85168c9851de6266c791252f919b4f8b257b5a786734e5142e4666c67aef5b7b2f88c6640995434aa8636993089c73f196c54ae829ad4307132655b075ae534fa7f1ea9a17e62357b0bd2bd1d62d34bfc1364640250136729ba4f763ff25c33e8acc806611792add8254e705fefd2a44d5b15e3b36f6b75c97c9c04c511d8cf9e24c61c8284a913a381cb1a5628878040000000000000017b68afd95d4abf7920de9ebe1c89661f4adc3d83d72b1b778e30c2bf2efbbcd054cf51f4205ebf9a98a0d9f18135cb1d8d567c3436fa697b72c3b0200000000000079c0b3339debc78352b2e65299223d7ef2bd540e78167b3ac92a4c4f826f6d0e5c4ebf4f7a70c03e2f5ddbebf168586360c3663531eb5995d228f011a10ffc8b17d716b0c528dab6d0c4fe2ee402348104bc5d4012babedee898c6d3e1017be2e9bc759d3ab4d615f5000000000000000000000000000000000000000000007fff0000000000e693e314adf7dc9f517d04f1e6ca367d30d31d3647c6059db6e1e9529eb1623ef99e2d9ac2ab4872f8e784b07a31110bef6d000000a6f9e89e6d50ee06ce716f94da60f1f22d9669560d296287c13c92070000ee7553eb2df17839542fa88d09f000e88a90cf4406b9000000000000000000000000f441d6a6f516c235c6f5863e7f454ee0e16b9aa2593eb31fa3836703e7765aaeb77a8770e518efaa6d3dd85e03b3b133eb749057cea9af75a0e6f633532f2891b8e263cb6eecea691842827bc7c8c0130187081c8d320642389f5f0c42dba0ff68e84d7b130906f17f6aa075a257310f2d92cb1d1e16468949f5675262ee318e735930b01d8f586e34537bcff7d6196f494cdcf3a712078d745db0f5687a78ee6d000b3d171a0f08299b52d207f32e9da311ca090000003a42732808515eec574f892622c5be497fc3d9ca122d7c18b9e54637812c8debc61f0e42d838e44a819b74bce1a56108bb0fde97a02475920532309c55b2c9ae9f281391ec5cc72a5e94cca1cbf1ff01000000000000bdb537a0c52bd45a9f966c25616cec30c3ea3246cb8e6aac7cf273638e6656a3e4ccadc348f0172028c99cc5f6d5c6d09ed65aa54549e73c28b7c8ad06ad3c5e3c27eec0eff1a6c84f1189919eefcee807fc081e004ffb7d3104af00ac92f1080211c4bee74381a0e31021918f27863fdbafb50f70857d52a1f7df51935a80b1980a4778d35f183ea517f55a98095305701ab3f3ae43f06e91bc7d85e3800b46926944fba9805a985e63e53a62232fcd3f01dbe1728f300e247a7ebe344f9749818ff3961b2a42664ccd680a90bbb6ab400e286acc8f9febef64594777f848ed1cf980a3da2f0f7745760a05887d0c28060d613dd6539d392fc21fee0b5131609664b821d7a994e6c5965a4fa1ec1790c54e54586907dcc5e8bac16e79da9c2444420900000000000000f888a94365b99b72796fca1b922fc9aefaf1546c17cbb1d2d2fd12cb1a49cad501a3ca218c595b667b634606c57987ebfb0783a4948e4561d5cda158fe74453ff4a837beeedba483842c57d6005b544b4f80003386edfd3d4a88a667bd41eefe0d808abed08a29e6bc370a80cc0366fb4080bfbaaa946fd47ab662c794846e403950bbc3a48bb276cbb08a8eab145c06221ef16a238e3d50ad18aea9a2cec97d3c2d0569caabe2bffe02506bc9cb7294c5d020536dd5e7a6351642112df3b55d0215aaec7e45598995e79699e47567e353e68b03f82be860b188554b734e1192f9c1a867b815ef52cdc3307c0cc9be05a40fde69c350e59f11f1d26a4d04d8c8b2c4a4d23ec931d14bc7807db773a614b670acf46f83f7c65a0f8d43c5f64705f0d27c46d4b686e867e9b0be76a7978a8f962bb5a070df97f2bf7612115cfe5ebdc7ad0bc5a5f3ace25347d0e5c347279d55aa67a967380000000000000000000000000000000000000000000000ed0942d980c754c6c69ef65c375ad018824f78b260d5f51bc3feba504408a8c8141d84f3f417603b5081680f346ff0ffbe4ae19e936511966965ce268b6345a0001c0f26a32e0a999fc869292e939dcf89b9bfd794f9c12d41959a00688cca43015a9eec58f647796adea520cd2abeb0b55c22949d10e5a05fee4543fdc1e02554a55b5fef2427a6e5708edc38fac53c2f961945a3f83cdf01979939b49bc6b1aef8c733401bbe473de8d64efbe0d123739f387d1c0d9e74f2175c174ada1678c7db79492e8dd0f34e2ccf419cf7f14ffa408b50a52685b36aed14aa22ad928191d5a2697646edc52a1c0c5d720ae690add2b34aed161f51cc1cb424f76098e1e1921e5a405f9d298a8461f2da30e47b7c6ed7c95c84c745f58723e4cddffae3b53b5b947f9435e589f9ae55b30ecd3827b2de5df31976870823da8058c2538c04e397f3d0ef90c11c74da984fa558697ecb57224ce8fa6f79aadbd7dbf3678e74d790bc2ee72769a3ada1dd504f8e4133ce1effd446bc9a2f139e65cc4bd83912af3122352506c7c2191b3705116b2f4fc20d4e93882bdd6ccea97f3a08d3565b0000000000000000000000000000d35fb97c2d7a9374294dcec3da3df9a13c4fc63b00426682534d894caee0b963a3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe50, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x141000, 0x20)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, 0x0)
finit_module(r4, 0x0, 0x3)

18.995016433s ago: executing program 2 (id=831):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0xfffffffffffffffc, &(0x7f00000002c0)={<r2=>0xffffffffffffffff}, 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r2, 0x0, 0x2, 0x2}}, 0x20)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r3 = syz_open_dev$dri(0x0, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000c000000000000000000000000008000"/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES8=r0, @ANYRES16=r3], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r4}, 0xc)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
r7 = socket(0x2, 0x3, 0xff)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r7, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r7, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="643c87cf2bd21d995e613d73613b1e78334efea0", 0x14}], 0x1}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000500)="7dcc2c9d4eaf588822e6a9cc8eec13d9754bb76c", 0x14}], 0x1}}], 0x2, 0x0)
sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x20, r6, 0x30d, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}]}, 0x20}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'lo\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@delqdisc={0x24, 0x25, 0x1, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0xd, 0x9}, {0xfff1, 0x6}, {0x6, 0xfff5}}}, 0x24}}, 0x4)
r13 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0xf})
sendmsg$nl_generic(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001e80)={0x14, 0x2a, 0x9, 0x0, 0x1, {0xa, 0x0, 0x2c00}}, 0x14}, 0x1, 0x3000000, 0x0, 0x8000}, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000006c0)=[<r14=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000003c0)={r14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

18.824814776s ago: executing program 1 (id=832):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x3, r2, 0x2, &(0x7f0000000200))
bind$tipc(r0, 0x0, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x9)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdir(&(0x7f0000000240)='./file0\x00', 0x157)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)

18.683944685s ago: executing program 0 (id=833):
syz_open_procfs(0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
r1 = open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x1000)
getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000280)={0x0, 0xea3d}, &(0x7f0000000340)=0x8)
r2 = socket$kcm(0x11, 0x3, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x3, 0x32314142, 0x0, 0x0, [{}, {}, {}, {0x800001}, {0x0, 0x7}, {0xfffffffa, 0x6}], 0x0, 0x0, 0x8, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
r5 = accept4(r4, 0x0, 0x0, 0x0)
write(r5, &(0x7f0000000040)="cb", 0xfffffdef)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYRES16=r2, @ANYRES16=r6, @ANYRES16, @ANYRES32, @ANYRES32=r5], 0x30}}, 0x4004000)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, &(0x7f00000000c0))
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})
openat$sequencer2(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$SNDCTL_TMR_TIMEBASE(0xffffffffffffffff, 0xc0045401, &(0x7f0000002800)=0xb2)

17.403076967s ago: executing program 1 (id=834):
setrlimit(0x6, &(0x7f0000000000)={0x0, 0xfffffffffffffffd})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x2000, 0x0, 0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000300)={0x8, 0xff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QUERYBUF(r4, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x40, 0x7, {}, {0x0, 0x2, 0x2, 0x0, 0x0, 0x0, "10110401"}})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
unshare(0x62040200)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = openat$vnet(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$vhost_msg(r5, &(0x7f0000000240)={0x1, {&(0x7f0000000100)=""/195, 0xc3, &(0x7f0000000200)=""/60, 0x3, 0x4}}, 0x44)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000003c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x4d4, 0x2a8, 0x3a0, 0x2a8, 0x440, 0x2a8, 0x440, 0x440, 0x440, 0x440, 0x440, 0x6, 0x0, {[{{@ip={@multicast1, @broadcast, 0x0, 0xff, 'bridge_slave_0\x00', 'ipvlan1\x00', {0xff}, {}, 0x6, 0x2, 0x42}, 0x0, 0x70, 0xac}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x5, 0x7, @ipv4=@dev={0xac, 0x14, 0x14, 0x26}, 0x4e21}}}, {{@uncond, 0x0, 0xe4, 0x108, 0x0, {}, [@common=@inet=@dscp={{0x24}, {0x89}}, @common=@inet=@set4={{0x50}, {{0x2, 0x4, 0x2}, {{0x2}, 0x4}, {{0x2}, 0xfc}}}]}, @TTL={0x24}}, {{@uncond, 0x0, 0xb8, 0xf4, 0x0, {}, [@inet=@rpfilter={{0x24}}, @inet=@rpfilter={{0x24}, {0x8}}]}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0xfffffff7, 0x800000e, @ipv4=@loopback, 0x4e20}}}, {{@uncond, 0x0, 0xd4, 0xf8, 0x0, {}, [@common=@set={{0x40}, {{0x1, [0x0, 0x3, 0x1, 0x7, 0x0, 0x3], 0x6, 0xa}}}, @inet=@rpfilter={{0x24}}]}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x3, 0x8001, @empty, 0x4e22}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x530)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$UHID_INPUT(r7, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)

17.233371681s ago: executing program 3 (id=842):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000003c0)={0x0, 0x0, @pic={0x10, 0xff, 0x0, 0x10, 0x0, 0x44, 0x5, 0x7, 0x0, 0x0, 0x6, 0x6a, 0x4, 0xfc, 0xff, 0x2}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x0, 0x2004c9, 0x0, 0x4], 0x0, 0x2c0710})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='::,:/', 0x0)
syz_usb_connect$printer(0x4, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000009c0)=@delchain={0x3b8, 0x65, 0x100, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x5, 0xc}, {0xfff3, 0x8}, {0x2, 0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x388, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xa6}, @TCA_ROUTE4_ACT={0x35c, 0x6, [@m_csum={0x150, 0x19, 0x0, 0x0, {{0x9}, {0x100, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x80ce, 0x5, 0x3, 0x6, 0x9}, 0x44}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x4, 0x20000000, 0x7fff, 0x5}, 0x6b}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x80, 0x6, 0x5, 0x6, 0x9}, 0x2a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x6, 0x1, 0x2, 0x74, 0x5}, 0x1d}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x10000, 0xffffffffffffffff, 0x3, 0x4}, 0x75}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x80000000, 0x10000000, 0xffff2d32, 0x3}, 0x26}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7, 0x7, 0x5, 0xfffffffb, 0x9}, 0x59}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x3, 0xffffffffffffffff, 0x7, 0x1}, 0x28}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x6, 0x4, 0x6, 0xfff80000, 0x2}, 0x39}}]}, {0x28, 0x6, "217835923e3f62dd50a58c138da0199f76cd94952452d613254b90cdb44a4a439d75f14a"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_skbmod={0x144, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBMOD_DMAC={0xa, 0x3, @broadcast}, @TCA_SKBMOD_DMAC={0xa, 0x3, @multicast}]}, {0xfd, 0x6, "37a01f92213ed4b11dfeb855f6b3cebfd3004407087292409559aa9e831ef24aef5470d21580a0b9ac56008301079a9d529b4a8607cf41244e3b65f423e25de1650975d91f81605071a0b3e2aaf1676ed80037d58d21be597b77d883b871113897db063497fa5ad76b668d51169753d8b08cd6ece60f49e97e5db487b9d3a3094083aa69b1cc46881aa2991c68ecec5d360eff8327c9ebf90fafc08ede0044ff551b21b7fce36dbe02f8929e6faff7bdc95cda81495ab21347c643be43c83bad9e66268124160acf7b4953dbfe05900f1ca22e0fd8cc1a2963f643e2a8e63a53f0e2124f2c0c8425848b6c03b4b53831b3b06ae728a61eda80"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_connmark={0xc4, 0x1b, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x265, 0xda84, 0xffffffffffffffff, 0x7, 0x7}, 0x48}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1bc0000, 0x40, 0x0, 0x80000000, 0x60f}, 0x2}}]}, {0x5c, 0x6, "ba7dba1a1943a47b66fb7adf46c7bd695aa35f7ecea2c575f768a036e8fd41f6422bcd2911a07e7aa1962534a81b4da69f235f2da644f70e9d32d5db1906853521acfa073e65da253131c62e8940fffb0f2c4d41f16275ae"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}]}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_TO={0x8, 0x2, 0x68}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0x3, 0x8}}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0x5, 0xfff2}}]}}]}, 0x3b8}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
shmat(r7, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
shmat(r7, &(0x7f00003e8000/0x1000)=nil, 0x4000)
r8 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r8, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)

17.058506956s ago: executing program 2 (id=835):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f0000000140)={0x4, 0x2, 0x5, 0x0, 0x9, 0x6})
mkdir(0x0, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @sliced={0x8, [0x9, 0x8, 0x10, 0x6, 0xa, 0x81, 0x1a, 0xfff, 0x7, 0x80, 0x6, 0x200, 0x53c, 0x8, 0xcf20, 0x800, 0x4, 0x4, 0x0, 0x200, 0x8, 0x59f, 0x87a0, 0x2, 0xff, 0x2, 0x3, 0x9, 0x8, 0x9e, 0xfa, 0xd, 0x78, 0x1ff, 0xfffc, 0x7, 0x1bc, 0x0, 0xf000, 0x4, 0xbbc, 0x80, 0x3, 0x5, 0x6, 0x1, 0x6, 0xa], 0xfffffffe}})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x5)
recvmmsg(r3, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x0, 0x0}, 0x8)
sendmmsg(0xffffffffffffffff, &(0x7f0000001c00), 0x400000000000159, 0x40840)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x28, 0x10, 0x437, 0x70bd23, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x4068b}, [@IFLA_LINKMODE={0x5, 0x11, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040000}, 0x20000000)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, 0x0)
creat(0x0, 0x188)
setxattr$security_evm(&(0x7f0000000240)='./file0/file0\x00', &(0x7f0000000380), &(0x7f0000000180)=@v2={0x3, 0x1, 0xd}, 0x9, 0x0)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

14.743993407s ago: executing program 2 (id=836):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xfc}, {0xeeee8000, 0x10000, 0x4, 0x0, 0x0, 0x0, 0xfd}, {0x0, 0x0, 0x9, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {0xeeee0000, 0x5000, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfd}, {}, {0x0, 0xeeee0000, 0xa, 0x6, 0x0, 0x0, 0x0, 0xf8, 0xe4}, {0x25999ffbd32df201, 0xeeee8000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee}, {0x0, 0x0, 0x3, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {0x0, 0x3}, {}, 0x9df8ffcb, 0x0, 0x80a0000, 0x140030, 0x0, 0x4500, 0x0, [0x0, 0x0, 0x0, 0x4]})
ioctl$KVM_TRANSLATE(r3, 0xc018ae85, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
ioctl$sock_ifreq(0xffffffffffffffff, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in6={0x21, 0x3, 0x2, 0x0, {0xa, 0x4e23, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}, 0x6}}, 0x24)
r7 = io_uring_setup(0x214f, &(0x7f00000001c0)={0x0, 0xfffffffc, 0x20000, 0x0, 0x100001})
r8 = socket(0x10, 0x3, 0x0)
write(r8, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14)
recvmmsg(r8, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r9, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8)
close_range(r7, 0xffffffffffffffff, 0x0)

14.552296372s ago: executing program 0 (id=837):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f00000002c0)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x2}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x0, 0x0)
syz_emit_ethernet(0x82, &(0x7f0000000000)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x2a}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010101}, {@private}, {@dev}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0)

13.618119215s ago: executing program 0 (id=838):
syz_emit_vhci(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000240)=ANY=[@ANYRES64, @ANYRES8, @ANYRESOCT], &(0x7f0000000000)='GPL\x00', 0x8, 0xa2, &(0x7f0000000140)=""/162, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x1, 0x1, 0xa, 0xb}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x7, 0x0, 0x0, 0x7fdfffff}]})
mount$9p_virtio(0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[])
write$binfmt_script(0xffffffffffffffff, 0x0, 0xfffffe5d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getpid()
preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000002380)=""/169, 0xa9}], 0x1, 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x9, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x2, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r4}, 0x38)

12.855171649s ago: executing program 3 (id=839):
r0 = socket$netlink(0x10, 0x3, 0x15)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmmsg$inet(r0, 0x0, 0xf9, 0x20000014)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = add_key$fscrypt_v1(&(0x7f0000000380), &(0x7f00000000c0)={'fscrypt:', @auto=[0x66, 0x66, 0x38, 0x33, 0x65, 0x62, 0x33, 0x36, 0x36, 0x38, 0x30, 0x39, 0x37, 0x32, 0x34, 0x61]}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c9d064bbd27b2aa57459cff33a3a9831ac46b8829b48fff3d63520d260804d0"}, 0x48, 0xfffffffffffffffd)
keyctl$setperm(0x5, r2, 0x0)
keyctl$revoke(0x6, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)={{r3, r4/1000+60000}, {0x77359400}})
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, &(0x7f0000000400)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r6, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
dup3(r6, r5, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$pptp(0x18, 0x1, 0x2)
r7 = socket$kcm(0x10, 0x2, 0x0)
mlockall(0x0)
sendmsg$kcm(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[], 0x54}}, 0x0)
sendmsg$kcm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300), 0x0, 0x0, 0x0, 0xc9e}, 0x40048c4)

12.755570242s ago: executing program 0 (id=840):
r0 = socket$packet(0x11, 0x3, 0x300)
fstatfs(r0, &(0x7f0000000200)=""/83)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
r2 = syz_io_uring_setup(0x23b, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
r7 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000))
mq_timedreceive(r6, 0x0, 0xffffffffffffffe7, 0x20004000, 0x0)
sendmsg$IPSET_CMD_SAVE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x30, 0x8, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x30}}, 0x0)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000001f40)=@raw={'raw\x00', 0x8, 0x3, 0x1488, 0x133c, 0x11, 0x148, 0x0, 0x10, 0x13f4, 0x2a8, 0x2a8, 0x13f4, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@private, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_team\x00'}, 0x10, 0x12d0, 0x133c, 0x1c, {0x6}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x0, './cgroup.cpu/syz1\x00'}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x2, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x6c, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "3027851d572baec918d14e79584558b361139090a42fe5fdfaacee38e43f6e7bf8a58e41363c09ee585cd87590517c3539bccbf1de93ba4d0b7ca0972c475b6f"}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x14e4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x5, 0xce, 0x31, 0x8f}]}, 0x8)

12.696650914s ago: executing program 0 (id=841):
bpf$ENABLE_STATS(0x20, &(0x7f0000000040)={0x2}, 0x75)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x11, 0xfffffffc, 0x0, 'queue0\x00'})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, 0x0, 0x0)
r2 = semget$private(0x0, 0x4, 0x500)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r5, 0x0)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000040), 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000640)='GPL\x00', 0xfffffff2, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r7}, 0x10)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x80000000, &(0x7f0000000200)={<r9=>0xffffffffffffffff}, 0x111, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r8, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_tos={0x0, r9}}, 0x20)
r10 = socket$kcm(0x2, 0x3, 0x2)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r11, &(0x7f0000001980)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0xfffffffffffffca8}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r11, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x989680}, 0x0)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r11, &(0x7f00000001c0)=ANY=[@ANYBLOB="0800000e000012000000000002004500002800", @ANYRES64=r8, @ANYRES32=0x41424344], 0x36)
sendmsg$nl_xfrm(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c00", @ANYRES32=0x0, @ANYBLOB="00000001"], 0xc4}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="680000000206010000000006001f0000000000000e0003006269746d61703a697000000005000400000000000900020073797a30000000002000078005000300000000000c0001800800014080ffffff05001400fe000000050005000200000005000100060000005e1937d9a825519c1b1934f941e8b4a4fc2587c1e3f9a32584522267b4eb"], 0x68}}, 0x0)
semctl$GETVAL(r2, 0x3, 0xc, &(0x7f00000002c0)=""/218)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)

2.463491379s ago: executing program 2 (id=843):
connect(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000000)
socket$xdp(0x2c, 0x3, 0x0)
syz_open_procfs(0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r1 = gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000440)={0x53, 0x29, 0x10, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000380)="851666ce20db", 0x0, 0x10, 0x39, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900})

1.801463064s ago: executing program 32 (id=834):
setrlimit(0x6, &(0x7f0000000000)={0x0, 0xfffffffffffffffd})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x2000, 0x0, 0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000300)={0x8, 0xff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QUERYBUF(r4, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x40, 0x7, {}, {0x0, 0x2, 0x2, 0x0, 0x0, 0x0, "10110401"}})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
unshare(0x62040200)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = openat$vnet(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$vhost_msg(r5, &(0x7f0000000240)={0x1, {&(0x7f0000000100)=""/195, 0xc3, &(0x7f0000000200)=""/60, 0x3, 0x4}}, 0x44)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000003c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x4d4, 0x2a8, 0x3a0, 0x2a8, 0x440, 0x2a8, 0x440, 0x440, 0x440, 0x440, 0x440, 0x6, 0x0, {[{{@ip={@multicast1, @broadcast, 0x0, 0xff, 'bridge_slave_0\x00', 'ipvlan1\x00', {0xff}, {}, 0x6, 0x2, 0x42}, 0x0, 0x70, 0xac}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x5, 0x7, @ipv4=@dev={0xac, 0x14, 0x14, 0x26}, 0x4e21}}}, {{@uncond, 0x0, 0xe4, 0x108, 0x0, {}, [@common=@inet=@dscp={{0x24}, {0x89}}, @common=@inet=@set4={{0x50}, {{0x2, 0x4, 0x2}, {{0x2}, 0x4}, {{0x2}, 0xfc}}}]}, @TTL={0x24}}, {{@uncond, 0x0, 0xb8, 0xf4, 0x0, {}, [@inet=@rpfilter={{0x24}}, @inet=@rpfilter={{0x24}, {0x8}}]}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0xfffffff7, 0x800000e, @ipv4=@loopback, 0x4e20}}}, {{@uncond, 0x0, 0xd4, 0xf8, 0x0, {}, [@common=@set={{0x40}, {{0x1, [0x0, 0x3, 0x1, 0x7, 0x0, 0x3], 0x6, 0xa}}}, @inet=@rpfilter={{0x24}}]}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x3, 0x8001, @empty, 0x4e22}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x530)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$UHID_INPUT(r7, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)

1.631967272s ago: executing program 2 (id=845):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b705"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r0 = getpid()
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e24, @empty}}}, 0x90)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000040)={0x0, 0x8, 0x9}, &(0x7f0000000200)=0x8)
r3 = socket$netlink(0x10, 0x3, 0xa)
r4 = dup(r3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x18)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000ff9000/0x4000)=nil, 0x4000}, 0x4})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
r6 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0)
write$binfmt_elf64(r5, &(0x7f0000000380)=ANY=[], 0xfe3c)
finit_module(r6, 0x0, 0x0)
r7 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0)
ftruncate(r7, 0x200004)
sendfile(r4, r7, 0x0, 0x80001d00c0d1)

0s ago: executing program 2 (id=846):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
preadv(0xffffffffffffffff, &(0x7f0000000580)=[{0x0}], 0x1, 0x2007ff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x8, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0)
ioctl$SW_SYNC_IOC_INC(r3, 0x40045701, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a31000000002c000000030a01020000000000000000010000000900030073797a30000000000900010073797a310000000030000000050a01020000000000000000010020000c00024000000000000000010900010073797a310000000009000480140000001100010000000000000000000000000a"], 0xa4}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20a040, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000004c0)=ANY=[@ANYBLOB="01000000"])
preadv(r4, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r7 = dup(r6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r7, 0x0)
r8 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$FUSE_NOTIFY_STORE(r8, &(0x7f0000000200)=ANY=[@ANYRES64=r8, @ANYRESOCT=r8, @ANYRESOCT=r0, @ANYRES32=r2, @ANYRESHEX=r4], 0xffffffffffffffdc)
close(r8)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$BLKRRPART(r7, 0x125f, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

kernel console output (not intermixed with test programs):

 softirq work is pending, handler #200!!!
[   47.803869][ T6027] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   48.432007][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.437848][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.761797][ T6035] netlink: 'syz.0.6': attribute type 10 has an invalid length.
[   48.766111][ T6035] syz_tun: entered promiscuous mode
[   48.777351][ T6035] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   48.825564][ T6040] random: crng reseeded on system resumption
[   49.342047][ T5954] Bluetooth: hci2: command tx timeout
[   49.412338][ T5954] Bluetooth: hci3: command tx timeout
[   50.042801][ T6067] process 'syz.3.11' launched '/dev/fd/7' with NULL argv: empty string added
[   50.299161][ T6051] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   50.318975][ T6078] random: crng reseeded on system resumption
[   50.372075][ T5963] Bluetooth: hci1: command tx timeout
[   50.851941][ T5963] Bluetooth: hci0: command tx timeout
[   50.948800][ T6086] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   50.991015][ T6105] netlink: 32 bytes leftover after parsing attributes in process `syz.3.14'.
[   51.000452][ T6105] warning: `syz.3.14' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   51.492187][ T5963] Bluetooth: hci3: command tx timeout
[   51.523122][ T5963] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[   51.587783][ T6121] random: crng reseeded on system resumption
[   52.454128][ T5963] Bluetooth: hci2: command tx timeout
[   52.454151][   T67] Bluetooth: hci1: command tx timeout
[   52.472149][   T67] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[   52.932403][ T5963] Bluetooth: hci0: command tx timeout
[   53.134673][ T6190] random: crng reseeded on system resumption
[   53.597342][ T6192] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   54.043191][   T58] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   54.857511][ T6251] netlink: 20 bytes leftover after parsing attributes in process `syz.3.31'.
[   54.868168][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   54.868799][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   54.970519][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   55.139887][ T6258] random: crng reseeded on system resumption
[   55.353360][ T6261] netlink: 4 bytes leftover after parsing attributes in process `syz.0.33'.
[   55.358608][ T6261] bridge0: port 3(macsec1) entered blocking state
[   55.361452][ T6261] bridge0: port 3(macsec1) entered disabled state
[   55.364356][ T6261] macsec1: entered allmulticast mode
[   55.540475][ T6261] macsec1: left allmulticast mode
[   55.652526][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   55.734510][ T6269] ipt_REJECT: ECHOREPLY no longer supported.
[   61.626517][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   61.872321][ T6328] random: crng reseeded on system resumption
[   61.989159][ T6331] netlink: 'syz.2.40': attribute type 1 has an invalid length.
[   61.991462][ T6331] netlink: 224 bytes leftover after parsing attributes in process `syz.2.40'.
[   62.522702][ T6331] No control pipe specified
[   62.559923][ T6331] vivid-000: disconnect
[   62.871512][ T6370] random: crng reseeded on system resumption
[   63.347242][ T6338] vivid-000: reconnect
[   63.676268][ T5963] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[   64.224601][ T6452] random: crng reseeded on system resumption
[   64.863817][ T6462] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   64.907178][ T5963] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[   65.803248][ T5963] block nbd1: Receive control failed (result -107)
[   65.818435][ T6521] random: crng reseeded on system resumption
[   66.417817][ T6507] block nbd1: shutting down sockets
[   68.152863][ T6567] netlink: 4 bytes leftover after parsing attributes in process `syz.3.56'.
[   68.178344][ T6567] netlink: 32 bytes leftover after parsing attributes in process `syz.3.56'.
[   68.247963][ T6586] random: crng reseeded on system resumption
[   69.217683][   T39] audit: type=1800 audit(1737241010.179:2): pid=6626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.65" name="bus" dev="9p" ino=37618304 res=0 errno=0
[   69.274261][ T6626] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.774838][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[   71.321265][ T6705] random: crng reseeded on system resumption
[   71.735449][ T6716] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   72.139816][ T6710] netlink: 4 bytes leftover after parsing attributes in process `syz.2.75'.
[   72.143195][ T6710] netlink: 32 bytes leftover after parsing attributes in process `syz.2.75'.
[   72.879546][ T6760] random: crng reseeded on system resumption
[   72.943411][ T6761] fuse: Bad value for 'fd'
[   73.365959][ T6768] FAULT_INJECTION: forcing a failure.
[   73.365959][ T6768] name failslab, interval 1, probability 0, space 0, times 1
[   73.369706][ T6768] CPU: 1 UID: 0 PID: 6768 Comm: syz.3.85 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[   73.372760][ T6768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.375902][ T6768] Call Trace:
[   73.376966][ T6768]  <TASK>
[   73.377854][ T6768]  dump_stack_lvl+0x16c/0x1f0
[   73.379292][ T6768]  should_fail_ex+0x497/0x5b0
[   73.380685][ T6768]  ? fs_reclaim_acquire+0xae/0x150
[   73.382231][ T6768]  should_failslab+0xc2/0x120
[   73.383636][ T6768]  __kmalloc_noprof+0xce/0x4f0
[   73.385071][ T6768]  ? d_absolute_path+0x137/0x1b0
[   73.386548][ T6768]  ? tomoyo_encode2+0x100/0x3e0
[   73.388568][ T6768]  tomoyo_encode2+0x100/0x3e0
[   73.390545][ T6768]  tomoyo_realpath_from_path+0x1a7/0x710
[   73.392861][ T6768]  tomoyo_path_number_perm+0x248/0x5b0
[   73.394522][ T6768]  ? tomoyo_path_number_perm+0x235/0x5b0
[   73.396170][ T6768]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   73.398237][ T6768]  ? __pfx_lock_release+0x10/0x10
[   73.399725][ T6768]  ? trace_lock_acquire+0x14e/0x1f0
[   73.401261][ T6768]  ? lock_acquire+0x2f/0xb0
[   73.402601][ T6768]  ? __fget_files+0x40/0x3a0
[   73.403985][ T6768]  ? __fget_files+0x206/0x3a0
[   73.405371][ T6768]  security_file_ioctl_compat+0x9b/0x240
[   73.407099][ T6768]  __do_compat_sys_ioctl+0x4e/0x2c0
[   73.409202][ T6768]  __do_fast_syscall_32+0x73/0x120
[   73.411311][ T6768]  do_fast_syscall_32+0x32/0x80
[   73.413197][ T6768]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   73.415073][ T6768] RIP: 0023:0xf712e579
[   73.416293][ T6768] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   73.422094][ T6768] RSP: 002b:00000000f512055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   73.424545][ T6768] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040bc5311
[   73.426965][ T6768] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000
[   73.430276][ T6768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   73.433372][ T6768] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   73.435697][ T6768] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   73.438065][ T6768]  </TASK>
[   73.439689][ T6768] ERROR: Out of memory at tomoyo_realpath_from_path.
[   73.677518][ T6778] random: crng reseeded on system resumption
[   75.455800][ T6836] random: crng reseeded on system resumption
[   75.621642][ T6839] Illegal XDP return value 4294967274 on prog  (id 16) dev N/A, expect packet loss!
[   75.894068][   T64] cfg80211: failed to load regulatory.db
[   76.071905][ T6009] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   76.222693][ T6009] usb 6-1: Using ep0 maxpacket: 32
[   76.228193][ T6009] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[   76.230880][ T6009] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   76.242746][ T6009] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[   76.245430][ T6009] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   76.248256][ T6009] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   76.252545][ T6009] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   76.256254][ T6009] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   76.258852][ T6009] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.263519][ T6009] usb 6-1: config 0 descriptor??
[   76.425574][ T6876] random: crng reseeded on system resumption
[   76.526586][ T6009] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   76.540898][ T6009] usb 6-1: USB disconnect, device number 2
[   76.555183][ T6009] usblp0: removed
[   76.978486][ T1486] libceph: connect (1)[c::]:6789 error -101
[   76.981537][ T1486] libceph: mon0 (1)[c::]:6789 connect error
[   77.061948][ T6009] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   77.211985][ T6009] usb 6-1: Using ep0 maxpacket: 32
[   77.215931][ T6009] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[   77.218719][ T6009] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   77.221906][ T6009] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[   77.224547][ T6009] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   77.227381][ T6009] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   77.230225][ T6009] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   77.233989][ T6009] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   77.236586][ T6009] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.240882][ T6009] usb 6-1: config 0 descriptor??
[   77.243260][   T64] libceph: connect (1)[c::]:6789 error -101
[   77.245498][   T64] libceph: mon0 (1)[c::]:6789 connect error
[   77.353888][ T6909] netlink: 96 bytes leftover after parsing attributes in process `syz.3.112'.
[   77.449428][ T6009] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   77.456853][ T6911] netlink: 'syz.3.113': attribute type 1 has an invalid length.
[   77.459116][ T6911] netlink: 224 bytes leftover after parsing attributes in process `syz.3.113'.
[   77.593005][ T6904] ceph: No mds server is up or the cluster is laggy
[   77.653702][ T6015] usb 6-1: USB disconnect, device number 3
[   77.656490][ T6015] usblp0: removed
[   78.182824][ T6924] random: crng reseeded on system resumption
[   78.196830][ T6926] macvlan2: entered promiscuous mode
[   78.198881][ T6926] team_slave_0: entered promiscuous mode
[   78.200658][ T6926] team_slave_1: entered promiscuous mode
[   78.202450][ T6926] team0: entered promiscuous mode
[   78.204271][ T6926] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   78.207154][ T6926] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[   78.363957][ T6936] overlayfs: statfs failed on './file0'
[   78.371109][ T6936] fuse: Unknown parameter 'ÿÿO«™žYQçŒE¯èŠ:75S»â
CÄ�‰SFû`odû'
[   78.477808][ T6949] netlink: 60 bytes leftover after parsing attributes in process `syz.3.125'.
[   78.480676][ T6949] netlink: 928 bytes leftover after parsing attributes in process `syz.3.125'.
[   78.581499][ T6967] random: crng reseeded on system resumption
[   78.668161][ T6969] syzkaller1: entered promiscuous mode
[   78.669805][ T6969] syzkaller1: entered allmulticast mode
[   78.776683][ T6981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.134'.
[   78.821967][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.134'.
[   78.826167][ T6981] netlink: 32 bytes leftover after parsing attributes in process `syz.0.134'.
[   78.858424][ T6983] 9pnet_fd: Insufficient options for proto=fd
[   78.864413][ T5963] block nbd0: Receive control failed (result -107)
[   78.901924][   T57] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   78.901966][ T6981] nbd0: detected capacity change from 0 to 256
[   78.909651][ T6319] block nbd0: Dead connection, failed to find a fallback
[   78.913386][ T6319] block nbd0: shutting down sockets
[   78.915146][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.917951][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.920375][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.923729][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.923799][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.929289][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.931516][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.935182][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.935814][ T6986] netlink: 8 bytes leftover after parsing attributes in process `syz.0.136'.
[   78.937842][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.940769][ T6986] netlink: 12 bytes leftover after parsing attributes in process `syz.0.136'.
[   78.944606][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.948871][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.952585][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.954954][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.957543][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.959796][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.962479][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.964825][ T6319] ldm_validate_partition_table(): Disk read failed.
[   78.967231][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.969828][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.972154][ T6319] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   78.974730][ T6319] Buffer I/O error on dev nbd0, logical block 0, async page read
[   78.977026][ T6319] Dev nbd0: unable to read RDB block 0
[   78.978794][ T6319]  nbd0: unable to read partition table
[   78.982906][ T6319] ldm_validate_partition_table(): Disk read failed.
[   78.985296][ T6319] Dev nbd0: unable to read RDB block 0
[   78.987060][ T6319]  nbd0: unable to read partition table
[   79.036685][ T6992] =======================================================
[   79.036685][ T6992] WARNING: The mand mount option has been deprecated and
[   79.036685][ T6992]          and is ignored by this kernel. Remove the mand
[   79.036685][ T6992]          option from the mount to silence this warning.
[   79.036685][ T6992] =======================================================
[   79.041903][   T57] usb 8-1: device descriptor read/64, error -71
[   79.153642][ T6992] /dev/sr0: Can't open blockdev
[   79.181912][ T5992] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   79.281948][   T57] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   79.331912][ T5992] usb 7-1: Using ep0 maxpacket: 8
[   79.334698][ T5992] usb 7-1: config 0 has no interfaces?
[   79.336344][ T5992] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   79.339033][ T5992] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.344864][ T5992] usb 7-1: config 0 descriptor??
[   79.409007][ T7002] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   79.411937][   T57] usb 8-1: device descriptor read/64, error -71
[   79.523640][   T57] usb usb8-port1: attempt power cycle
[   79.549701][   T58] usb 7-1: USB disconnect, device number 2
[   79.862033][   T57] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   79.882710][   T57] usb 8-1: device descriptor read/8, error -71
[   79.963019][ T7008] syz.0.142 uses obsolete (PF_INET,SOCK_PACKET)
[   80.064508][ T7010] random: crng reseeded on system resumption
[   80.141960][   T57] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   80.162280][   T57] usb 8-1: device descriptor read/8, error -71
[   80.180123][ T7026] netlink: 8 bytes leftover after parsing attributes in process `syz.1.149'.
[   80.272056][   T57] usb usb8-port1: unable to enumerate USB device
[   80.350616][ T7046] netlink: 'syz.1.155': attribute type 10 has an invalid length.
[   80.355758][ T7046] syz_tun: entered promiscuous mode
[   80.387115][ T7052] random: crng reseeded on system resumption
[   80.433432][ T7055] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   80.442932][ T7055] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   80.693510][ T7074] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   80.743175][ T7080] Zero length message leads to an empty skb
[   81.041579][ T7106] random: crng reseeded on system resumption
[   81.564270][ T7113] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   81.677059][ T7130] syz_tun: left promiscuous mode
[   81.685238][ T7130] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.688113][ T7130] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.735463][ T7130] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   81.741660][ T7130] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   81.777525][ T7130] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   81.780924][ T7130] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   81.785690][ T7130] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   81.789025][ T7130] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   82.722150][ T7168] __nla_validate_parse: 2 callbacks suppressed
[   82.722164][ T7168] netlink: 4 bytes leftover after parsing attributes in process `syz.0.179'.
[   82.728190][ T7168] bridge0: port 3(macsec1) entered blocking state
[   82.730134][ T7168] bridge0: port 3(macsec1) entered disabled state
[   82.732119][ T7168] macsec1: entered allmulticast mode
[   82.735101][ T7168] macsec1: left allmulticast mode
[   82.915568][ T7183] random: crng reseeded on system resumption
[   82.939872][ T7187] netlink: 20 bytes leftover after parsing attributes in process `syz.2.188'.
[   82.943703][ T7187] netlink: 112 bytes leftover after parsing attributes in process `syz.2.188'.
[   82.946382][ T7187] netlink: 20 bytes leftover after parsing attributes in process `syz.2.188'.
[   82.952878][   T39] audit: type=1800 audit(1737241023.919:3): pid=7185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.187" name="bus" dev="9p" ino=37618304 res=0 errno=0
[   83.172370][ T7196] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   83.631053][ T7217] netlink: 8 bytes leftover after parsing attributes in process `syz.2.198'.
[   84.354582][ T5963] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[   84.399689][ T7255] random: crng reseeded on system resumption
[   84.876727][ T7262] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   85.540707][ T7299] FAULT_INJECTION: forcing a failure.
[   85.540707][ T7299] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   85.544532][ T7299] CPU: 1 UID: 0 PID: 7299 Comm: syz.0.199 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[   85.547532][ T7299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.550552][ T7299] Call Trace:
[   85.551513][ T7299]  <TASK>
[   85.552354][ T7299]  dump_stack_lvl+0x16c/0x1f0
[   85.553721][ T7299]  should_fail_ex+0x497/0x5b0
[   85.555051][ T7299]  _copy_from_user+0x2e/0xd0
[   85.556388][ T7299]  snd_seq_ioctl+0x1c0/0x3f0
[   85.557754][ T7299]  ? __pfx_snd_seq_ioctl+0x10/0x10
[   85.559249][ T7299]  ? __fget_files+0x206/0x3a0
[   85.560613][ T7299]  snd_seq_ioctl_compat+0xea/0x310
[   85.562091][ T7299]  ? __pfx_snd_seq_ioctl_compat+0x10/0x10
[   85.563740][ T7299]  __do_compat_sys_ioctl+0x1cb/0x2c0
[   85.565271][ T7299]  __do_fast_syscall_32+0x73/0x120
[   85.566758][ T7299]  do_fast_syscall_32+0x32/0x80
[   85.568163][ T7299]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   85.569947][ T7299] RIP: 0023:0xf714e579
[   85.571113][ T7299] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   85.576414][ T7299] RSP: 002b:00000000f514055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   85.578776][ T7299] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040bc5311
[   85.581006][ T7299] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000
[   85.583283][ T7299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   85.585526][ T7299] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   85.587775][ T7299] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   85.590009][ T7299]  </TASK>
[   85.590927][    C1] vkms_vblank_simulate: vblank timer overrun
[   85.701008][ T7307] cgroup: fork rejected by pids controller in /syz2
[   85.997102][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.068280][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.159958][   T67] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   86.163742][   T67] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   86.166213][   T67] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   86.168660][   T67] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   86.170961][   T67] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   86.173137][   T67] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   86.213329][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.316717][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.328279][ T7412] chnl_net:caif_netlink_parms(): no params data found
[   86.381255][ T7412] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.383729][   T67] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[   86.385039][ T7412] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.388171][ T7412] bridge_slave_0: entered allmulticast mode
[   86.391130][ T7412] bridge_slave_0: entered promiscuous mode
[   86.393851][ T7412] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.396923][ T7412] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.399230][ T7412] bridge_slave_1: entered allmulticast mode
[   86.401393][ T7412] bridge_slave_1: entered promiscuous mode
[   86.554083][ T7412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.559341][ T7412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.606400][   T39] audit: type=1800 audit(1737241027.569:4): pid=7437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.207" name="bus" dev="9p" ino=37618304 res=0 errno=0
[   86.633210][ T7412] team0: Port device team_slave_0 added
[   86.655113][ T7412] team0: Port device team_slave_1 added
[   86.705164][ T7412] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.707251][ T7412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.717142][ T7412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.720651][   T12] bridge_slave_1: left allmulticast mode
[   86.731912][   T12] bridge_slave_1: left promiscuous mode
[   86.734611][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.739470][   T12] bridge_slave_0: left allmulticast mode
[   86.741102][   T12] bridge_slave_0: left promiscuous mode
[   86.744816][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.134249][ T7441] netlink: 4 bytes leftover after parsing attributes in process `syz.1.208'.
[   87.140382][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   87.146493][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   87.155153][   T12] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[   87.158263][   T12] team0: left promiscuous mode
[   87.160382][   T12] team_slave_0: left promiscuous mode
[   87.162267][   T12] team_slave_1: left promiscuous mode
[   87.164733][   T12] bond0 (unregistering): Released all slaves
[   87.168912][ T7412] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.172098][ T7412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.179486][ T7412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.369705][ T7412] hsr_slave_0: entered promiscuous mode
[   87.372987][ T7412] hsr_slave_1: entered promiscuous mode
[   87.375580][ T7412] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   87.377830][ T7412] Cannot create hsr debugfs directory
[   87.474074][ T7450] netlink: 'syz.1.211': attribute type 1 has an invalid length.
[   87.486746][ T7450] netlink: 224 bytes leftover after parsing attributes in process `syz.1.211'.
[   87.526061][   T12] hsr_slave_0: left promiscuous mode
[   87.528215][   T12] hsr_slave_1: left promiscuous mode
[   87.530504][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.532742][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   87.535709][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   87.537915][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   87.556777][   T12] veth1_macvtap: left promiscuous mode
[   87.558625][   T12] veth0_macvtap: left promiscuous mode
[   87.560177][   T12] veth1_vlan: left promiscuous mode
[   87.561775][   T12] veth0_vlan: left promiscuous mode
[   88.110343][   T12] team0 (unregistering): Port device team_slave_1 removed
[   88.170210][   T12] team0 (unregistering): Port device team_slave_0 removed
[   88.222945][   T67] Bluetooth: hci2: command tx timeout
[   88.356472][ T7465] MINIX-fs: blocksize too small for device
[   88.550577][ T7473] Bluetooth: MGMT ver 1.23
[   88.592261][   T58] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   88.821976][   T58] usb 8-1: Using ep0 maxpacket: 32
[   88.827636][   T58] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[   88.830062][   T58] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   88.832825][   T58] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[   88.835393][   T58] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   88.838142][   T58] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   88.840875][   T58] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   88.845804][   T58] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   88.848402][   T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.855162][   T58] usb 8-1: config 0 descriptor??
[   89.070710][ T7412] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   89.077062][ T7412] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   89.080364][ T7412] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   89.093831][ T7412] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   89.142708][ T7412] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.155531][ T7412] 8021q: adding VLAN 0 to HW filter on device team0
[   89.159809][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.161967][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.169361][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.171539][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.240459][   T58] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   89.244664][   T58] usb 8-1: USB disconnect, device number 6
[   89.247542][   T58] usblp0: removed
[   89.311460][ T7412] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.331408][ T7412] veth0_vlan: entered promiscuous mode
[   89.336935][ T7412] veth1_vlan: entered promiscuous mode
[   89.347346][ T7412] veth0_macvtap: entered promiscuous mode
[   89.350421][ T7412] veth1_macvtap: entered promiscuous mode
[   89.357021][ T7412] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.360530][ T7412] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.363492][ T7412] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.366443][ T7412] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.369725][ T7412] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.374281][ T7412] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.377421][ T7412] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.380263][ T7412] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.384152][ T7412] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.388550][ T7412] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.392879][ T7412] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.395407][ T7412] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.398034][ T7412] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.400568][ T7412] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.430080][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.436442][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.447821][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.450335][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.592151][   T58] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[   89.699198][ T7519] netlink: 48 bytes leftover after parsing attributes in process `syz.0.223'.
[   89.729696][ T7520] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   89.738424][ T7519] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   89.743288][ T7519] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   89.748652][ T7519] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   89.962086][   T58] usb 8-1: Using ep0 maxpacket: 32
[   89.964777][   T58] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[   89.967104][   T58] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   89.969521][   T58] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[   89.972491][   T58] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   89.975234][   T58] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   89.978092][   T58] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   89.982493][   T58] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   89.985151][   T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.988463][   T58] usb 8-1: config 0 descriptor??
[   89.999919][ T7533] overlay: ./bus is not a directory
[   90.193066][   T58] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   90.301950][   T67] Bluetooth: hci2: command tx timeout
[   90.403305][   T58] usb 8-1: USB disconnect, device number 7
[   90.408389][   T58] usblp0: removed
[   90.505468][ T7548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.232'.
[   90.947726][ T7558] netlink: 12 bytes leftover after parsing attributes in process `syz.3.236'.
[   90.959401][ T7558] bond1: entered promiscuous mode
[   90.963784][ T7558] gretap1: entered promiscuous mode
[   90.965544][ T7558] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   90.969603][ T7558] bond1 (unregistering): (slave gretap1): Releasing backup interface
[   90.973944][ T7558] gretap1: left promiscuous mode
[   90.980480][ T7558] bond1 (unregistering): Released all slaves
[   91.217823][ T7583] macvlan2: entered promiscuous mode
[   91.219494][ T7583] team0: entered promiscuous mode
[   91.221110][ T7583] team_slave_0: entered promiscuous mode
[   91.223422][ T7583] team_slave_1: entered promiscuous mode
[   91.225204][ T7583] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   91.227956][ T7583] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[   92.371922][ T5954] Bluetooth: hci2: command tx timeout
[   92.511921][ T1486] usb 8-1: new low-speed USB device number 8 using dummy_hcd
[   92.663799][ T1486] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[   92.669405][ T1486] usb 8-1: config 0 has no interface number 0
[   92.672652][ T1486] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[   92.676924][ T1486] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[   92.681138][ T1486] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   92.685103][ T1486] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.695537][ T1486] usb 8-1: config 0 descriptor??
[   92.701434][ T7623] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   92.737536][ T1486] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[   92.746248][ T7630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.262'.
[   92.802735][ T7630] netlink: 4 bytes leftover after parsing attributes in process `syz.1.262'.
[   92.805271][ T7630] netlink: 32 bytes leftover after parsing attributes in process `syz.1.262'.
[   92.842581][ T5954] block nbd1: Receive control failed (result -107)
[   92.902006][ T7630] nbd1: detected capacity change from 0 to 256
[   92.906571][ T6319] block nbd1: Dead connection, failed to find a fallback
[   92.908685][ T6319] block nbd1: shutting down sockets
[   92.910180][ T6319] blk_print_req_error: 27 callbacks suppressed
[   92.910187][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.931932][ T6319] buffer_io_error: 27 callbacks suppressed
[   92.931946][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   92.936921][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.939435][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   92.941639][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.953137][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   92.955443][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.957972][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   92.960155][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.963021][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   92.965187][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.967654][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   92.969834][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.973054][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   92.976210][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.980438][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   92.983352][ T6319] ldm_validate_partition_table(): Disk read failed.
[   92.983586][ T7639] netlink: 8 bytes leftover after parsing attributes in process `syz.0.264'.
[   92.985280][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.987891][ T7639] netlink: 12 bytes leftover after parsing attributes in process `syz.0.264'.
[   92.990325][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   92.990387][ T6319] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.998532][ T6319] Buffer I/O error on dev nbd1, logical block 0, async page read
[   93.000832][ T6319] Dev nbd1: unable to read RDB block 0
[   93.002911][ T6319]  nbd1: unable to read partition table
[   93.005764][ T6319] ldm_validate_partition_table(): Disk read failed.
[   93.008164][ T6319] Dev nbd1: unable to read RDB block 0
[   93.009875][ T6319]  nbd1: unable to read partition table
[   93.056638][    C1] iowarrior 8-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1
[   93.061359][   T25] usb 8-1: USB disconnect, device number 8
[   93.109869][ T7642] syzkaller1: entered promiscuous mode
[   93.111463][ T7642] syzkaller1: entered allmulticast mode
[   93.670168][ T7657] netlink: 96 bytes leftover after parsing attributes in process `syz.0.269'.
[   93.780848][ T7661] netlink: 8 bytes leftover after parsing attributes in process `syz.0.271'.
[   93.946060][ T7670] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   94.110097][ T7677] siw: device registration error -23
[   94.452259][ T5954] Bluetooth: hci2: command tx timeout
[   94.651556][ T7698] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   95.382139][    T8] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[   95.531986][    T8] usb 8-1: Using ep0 maxpacket: 32
[   95.535260][    T8] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[   95.537737][    T8] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   95.540273][    T8] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[   95.543034][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   95.545769][    T8] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   95.548581][    T8] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   95.552471][    T8] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   95.555137][    T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.559959][    T8] usb 8-1: config 0 descriptor??
[   95.632419][ T7731] macvlan2: entered promiscuous mode
[   95.634471][ T7731] team_slave_0: entered promiscuous mode
[   95.636871][ T7731] team_slave_1: entered promiscuous mode
[   95.639197][ T7731] team0: entered promiscuous mode
[   95.642953][ T7731] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   95.647005][ T7731] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[   95.769541][    T8] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   95.776012][    T8] usb 8-1: USB disconnect, device number 9
[   95.779190][    T8] usblp0: removed
[   96.222053][   T25] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[   96.381905][   T25] usb 8-1: Using ep0 maxpacket: 32
[   96.385017][   T25] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[   96.388290][   T25] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   96.391305][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[   96.394901][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   96.398171][   T25] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   96.401695][   T25] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   96.406649][   T25] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   96.410161][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.420321][   T25] usb 8-1: config 0 descriptor??
[   96.688593][   T25] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   96.846722][    T8] usb 8-1: USB disconnect, device number 10
[   96.867310][    T8] usblp0: removed
[   97.365822][ T7770] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[   97.574714][ T5954] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[   98.048268][ T7780] FAULT_INJECTION: forcing a failure.
[   98.048268][ T7780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.052186][ T7780] CPU: 1 UID: 0 PID: 7780 Comm: syz.1.307 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[   98.055162][ T7780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.058181][ T7780] Call Trace:
[   98.059141][ T7780]  <TASK>
[   98.059980][ T7780]  dump_stack_lvl+0x16c/0x1f0
[   98.061342][ T7780]  should_fail_ex+0x497/0x5b0
[   98.062714][ T7780]  _copy_from_user+0x2e/0xd0
[   98.064038][ T7780]  kstrtouint_from_user+0xd7/0x1c0
[   98.065485][ T7780]  ? __pfx_kstrtouint_from_user+0x10/0x10
[   98.067065][ T7780]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   98.068665][ T7780]  proc_fail_nth_write+0x84/0x250
[   98.070101][ T7780]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   98.071670][ T7780]  ? ksys_write+0x12b/0x250
[   98.073007][ T7780]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   98.074591][ T7780]  vfs_write+0x24c/0x1150
[   98.075812][ T7780]  ? __fget_files+0x1fc/0x3a0
[   98.077168][ T7780]  ? __pfx___mutex_lock+0x10/0x10
[   98.078628][ T7780]  ? __pfx_vfs_write+0x10/0x10
[   98.080018][ T7780]  ? __fget_files+0x206/0x3a0
[   98.081411][ T7780]  ksys_write+0x12b/0x250
[   98.082682][ T7780]  ? __pfx_ksys_write+0x10/0x10
[   98.084101][ T7780]  __do_fast_syscall_32+0x73/0x120
[   98.085607][ T7780]  do_fast_syscall_32+0x32/0x80
[   98.087026][ T7780]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   98.088882][ T7780] RIP: 0023:0xf70ee579
[   98.090054][ T7780] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   98.095416][ T7780] RSP: 002b:00000000f50e0590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[   98.097766][ T7780] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f50e0620
[   98.099967][ T7780] RDX: 0000000000000001 RSI: 00000000f7423ff4 RDI: 0000000000000000
[   98.102207][ T7780] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   98.104443][ T7780] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   98.106672][ T7780] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   98.108903][ T7780]  </TASK>
[   98.317927][ T7789] __nla_validate_parse: 3 callbacks suppressed
[   98.317942][ T7789] netlink: 80 bytes leftover after parsing attributes in process `syz.1.311'.
[   98.409524][ T7796] netlink: 8 bytes leftover after parsing attributes in process `syz.1.314'.
[   98.473003][ T7796] netlink: 4 bytes leftover after parsing attributes in process `syz.1.314'.
[   98.476185][ T7796] netlink: 32 bytes leftover after parsing attributes in process `syz.1.314'.
[   98.532863][ T5954] block nbd2: Receive control failed (result -107)
[   98.572022][ T7796] nbd2: detected capacity change from 0 to 256
[   98.582281][ T6319] block nbd2: Dead connection, failed to find a fallback
[   98.584402][ T6319] block nbd2: shutting down sockets
[   98.586164][ T6319] blk_print_req_error: 27 callbacks suppressed
[   98.586174][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.591070][ T6319] buffer_io_error: 27 callbacks suppressed
[   98.591078][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.595329][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.597879][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.600107][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.602848][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.605571][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.607091][ T7803] netlink: 4 bytes leftover after parsing attributes in process `syz.0.317'.
[   98.608124][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.619387][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.619919][ T7803] bridge0: port 3(macsec1) entered blocking state
[   98.624923][ T7803] bridge0: port 3(macsec1) entered disabled state
[   98.627116][ T7803] macsec1: entered allmulticast mode
[   98.630916][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.637792][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.639268][ T7803] macsec1: left allmulticast mode
[   98.640357][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.656247][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.659161][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.663782][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.666536][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.668905][ T6319] ldm_validate_partition_table(): Disk read failed.
[   98.670795][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.674554][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.676908][ T6319] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.679543][ T6319] Buffer I/O error on dev nbd2, logical block 0, async page read
[   98.683210][ T6319] Dev nbd2: unable to read RDB block 0
[   98.685592][ T6319]  nbd2: unable to read partition table
[   98.699261][ T6319] ldm_validate_partition_table(): Disk read failed.
[   98.701649][ T6319] Dev nbd2: unable to read RDB block 0
[   98.705130][ T6319]  nbd2: unable to read partition table
[   98.822443][ T7815] syzkaller1: entered promiscuous mode
[   98.824203][ T7815] syzkaller1: entered allmulticast mode
[   99.248108][ T7821] netlink: 8 bytes leftover after parsing attributes in process `syz.3.324'.
[   99.332088][ T7821] netlink: 4 bytes leftover after parsing attributes in process `syz.3.324'.
[   99.334754][ T7821] netlink: 32 bytes leftover after parsing attributes in process `syz.3.324'.
[   99.683187][ T7838] netlink: 8 bytes leftover after parsing attributes in process `syz.3.330'.
[  100.886462][ T7883] macvlan2: entered promiscuous mode
[  100.889049][ T7883] team_slave_0: entered promiscuous mode
[  100.890748][ T7883] team_slave_1: entered promiscuous mode
[  100.893218][ T7883] team0: entered promiscuous mode
[  100.895765][ T7883] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  100.899498][ T7883] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  101.844581][ T7939] netlink: 52 bytes leftover after parsing attributes in process `syz.3.355'.
[  102.081936][ T5992] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  102.242103][ T5992] usb 8-1: Using ep0 maxpacket: 32
[  102.246532][ T5992] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  102.249872][ T5992] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  102.253682][ T5992] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  102.257437][ T5992] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  102.261379][ T5992] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  102.265574][ T5992] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  102.270919][ T5992] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  102.274877][ T5992] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.279973][ T5992] usb 8-1: config 0 descriptor??
[  102.488467][ T5992] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  102.495683][ T5992] usb 8-1: USB disconnect, device number 11
[  102.504479][ T5992] usblp0: removed
[  102.673662][ T7952] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  103.041922][ T5992] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  103.202382][ T5992] usb 8-1: too many configurations: 148, using maximum allowed: 8
[  103.206411][ T5992] usb 8-1: unable to read config index 0 descriptor/start: -61
[  103.209319][ T5992] usb 8-1: can't read configurations, error -61
[  103.326975][ T7958] __nla_validate_parse: 1 callbacks suppressed
[  103.326992][ T7958] netlink: 8 bytes leftover after parsing attributes in process `syz.1.362'.
[  103.361958][ T5992] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  103.514392][ T7970] misc userio: The device must be registered before sending interrupts
[  103.533303][ T5992] usb 8-1: too many configurations: 148, using maximum allowed: 8
[  103.543165][ T5992] usb 8-1: unable to read config index 0 descriptor/start: -61
[  103.546204][ T5992] usb 8-1: can't read configurations, error -61
[  103.552677][ T5992] usb usb8-port1: attempt power cycle
[  103.558255][ T5954] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[  103.902034][ T5992] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  103.934309][ T5992] usb 8-1: too many configurations: 148, using maximum allowed: 8
[  103.939634][ T5992] usb 8-1: unable to read config index 0 descriptor/start: -61
[  103.942914][ T5992] usb 8-1: can't read configurations, error -61
[  104.072553][ T5992] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  104.093815][ T5992] usb 8-1: too many configurations: 148, using maximum allowed: 8
[  104.098376][ T5992] usb 8-1: unable to read config index 0 descriptor/start: -61
[  104.100630][ T5992] usb 8-1: can't read configurations, error -61
[  104.103969][ T5992] usb usb8-port1: unable to enumerate USB device
[  104.153869][ T7987] netlink: 48 bytes leftover after parsing attributes in process `syz.2.372'.
[  104.158885][ T7987] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  104.162052][ T7987] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  104.763687][ T8001] netlink: 12 bytes leftover after parsing attributes in process `syz.0.377'.
[  104.831313][ T8002] syzkaller1: entered promiscuous mode
[  104.833095][ T8002] syzkaller1: entered allmulticast mode
[  105.859945][ T8022] macvlan3: entered promiscuous mode
[  105.862354][ T8022] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  106.262184][ T6033] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  106.359932][ T8038] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  106.572014][ T6033] usb 7-1: Using ep0 maxpacket: 32
[  106.574760][ T6033] usb 7-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  106.577668][ T6033] usb 7-1: config 7 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.580971][ T6033] usb 7-1: config 7 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.584017][ T6033] usb 7-1: config 7 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  106.587693][ T6033] usb 7-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  106.590280][ T6033] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.998687][ T6033] ntrig 0003:1B96:000A.0002: unknown main item tag 0x0
[  107.000860][ T6033] ntrig 0003:1B96:000A.0002: unknown main item tag 0x0
[  107.002886][ T6033] ntrig 0003:1B96:000A.0002: unknown main item tag 0x0
[  107.004855][ T6033] ntrig 0003:1B96:000A.0002: unknown main item tag 0x0
[  107.006849][ T6033] ntrig 0003:1B96:000A.0002: unknown main item tag 0x0
[  107.011550][ T6033] ntrig 0003:1B96:000A.0002: hidraw1: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.2-1/input0
[  107.212108][ T6033] usb 7-1: USB disconnect, device number 3
[  107.447491][ T8076] FAULT_INJECTION: forcing a failure.
[  107.447491][ T8076] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.452716][ T8076] CPU: 0 UID: 0 PID: 8076 Comm: syz.1.394 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  107.456516][ T8076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.460484][ T8076] Call Trace:
[  107.461751][ T8076]  <TASK>
[  107.462870][ T8076]  dump_stack_lvl+0x16c/0x1f0
[  107.464543][ T8076]  should_fail_ex+0x497/0x5b0
[  107.466339][ T8076]  _copy_from_user+0x2e/0xd0
[  107.468088][ T8076]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  107.470085][ T8076]  drm_ioctl+0x4fc/0xba0
[  107.471700][ T8076]  ? __pfx_drm_ioctl+0x10/0x10
[  107.473452][ T8076]  drm_compat_ioctl+0x327/0x460
[  107.475257][ T8076]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  107.477328][ T8076]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  107.479304][ T8076]  __do_fast_syscall_32+0x73/0x120
[  107.481162][ T8076]  do_fast_syscall_32+0x32/0x80
[  107.482975][ T8076]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  107.485325][ T8076] RIP: 0023:0xf70ee579
[  107.486850][ T8076] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  107.492915][ T8076] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  107.495294][ T8076] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c06864a2
[  107.497602][ T8076] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000000000
[  107.499855][ T8076] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  107.502096][ T8076] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  107.504332][ T8076] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  107.506634][ T8076]  </TASK>
[  107.913282][   T39] audit: type=1326 audit(1737241048.869:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.920857][   T39] audit: type=1326 audit(1737241048.879:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.920878][   T39] audit: type=1326 audit(1737241048.879:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.937147][   T39] audit: type=1326 audit(1737241048.879:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.943563][   T39] audit: type=1326 audit(1737241048.879:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.949753][   T39] audit: type=1326 audit(1737241048.879:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.958216][   T39] audit: type=1326 audit(1737241048.879:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.964780][   T39] audit: type=1326 audit(1737241048.879:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.970961][   T39] audit: type=1326 audit(1737241048.879:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=258 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.979096][   T39] audit: type=1326 audit(1737241048.879:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.3.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  107.988164][ T8089] hsr_slave_0: left promiscuous mode
[  107.991137][ T8089] hsr_slave_1: left promiscuous mode
[  108.041363][ T8097] netlink: 20 bytes leftover after parsing attributes in process `syz.3.397'.
[  108.046060][ T8097] ipvlan2: entered allmulticast mode
[  108.047663][ T8097] veth0_vlan: entered allmulticast mode
[  108.068546][ T8101] bridge0: port 3(netdevsim0) entered blocking state
[  108.071245][ T8101] bridge0: port 3(netdevsim0) entered disabled state
[  108.073485][ T8101] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  108.357238][ T8108] netlink: 8 bytes leftover after parsing attributes in process `syz.2.404'.
[  108.412155][ T8108] netlink: 4 bytes leftover after parsing attributes in process `syz.2.404'.
[  108.415071][ T8108] netlink: 32 bytes leftover after parsing attributes in process `syz.2.404'.
[  108.486589][ T5954] block nbd3: Receive control failed (result -107)
[  108.533117][ T8108] nbd3: detected capacity change from 0 to 256
[  108.540005][ T6319] block nbd3: Dead connection, failed to find a fallback
[  108.542227][ T6319] block nbd3: shutting down sockets
[  108.544061][ T6319] blk_print_req_error: 27 callbacks suppressed
[  108.544069][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.548397][ T6319] buffer_io_error: 27 callbacks suppressed
[  108.548403][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.553269][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.556833][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.559251][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.562004][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.564365][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.567039][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.569399][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.572160][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.575342][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.578416][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.580660][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.583373][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.586006][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.589612][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.592891][ T6319] ldm_validate_partition_table(): Disk read failed.
[  108.595600][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.599209][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.599304][ T6319] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.599332][ T6319] Buffer I/O error on dev nbd3, logical block 0, async page read
[  108.599506][ T6319] Dev nbd3: unable to read RDB block 0
[  108.600223][ T6319]  nbd3: unable to read partition table
[  108.605359][ T6319] ldm_validate_partition_table(): Disk read failed.
[  108.605507][ T6319] Dev nbd3: unable to read RDB block 0
[  108.605671][ T6319]  nbd3: unable to read partition table
[  108.661719][ T8116] netlink: 4 bytes leftover after parsing attributes in process `syz.2.408'.
[  108.669878][ T8116] bridge0: port 3(macsec1) entered blocking state
[  108.672985][ T8116] bridge0: port 3(macsec1) entered disabled state
[  108.675785][ T8116] macsec1: entered allmulticast mode
[  108.679496][ T8116] macsec1: left allmulticast mode
[  109.525379][ T8134] netlink: 20 bytes leftover after parsing attributes in process `syz.0.414'.
[  109.528193][ T8134] netlink: 112 bytes leftover after parsing attributes in process `syz.0.414'.
[  109.531080][ T8134] netlink: 20 bytes leftover after parsing attributes in process `syz.0.414'.
[  109.566223][ T8136] ldm_validate_partition_table(): Disk read failed.
[  109.568970][ T8136] Dev nbd0: unable to read RDB block 0
[  109.571598][ T8136]  nbd0: unable to read partition table
[  109.707982][ T8152] netlink: 48 bytes leftover after parsing attributes in process `syz.1.420'.
[  109.714228][ T8152] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  109.726608][ T8152] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  109.967022][ T8168] netlink: 4 bytes leftover after parsing attributes in process `syz.1.425'.
[  110.037914][ T8171] netlink: 'syz.1.425': attribute type 1 has an invalid length.
[  110.043217][ T8171] ldm_validate_partition_table(): Disk read failed.
[  110.045906][ T8171] Dev nbd1: unable to read RDB block 0
[  110.047792][ T8171]  nbd1: unable to read partition table
[  110.050133][ T8171] block nbd1: Cannot use ioctl interface on a netlink controlled device.
[  110.117426][ T8177] macvlan3: entered promiscuous mode
[  110.118968][ T8177] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  110.598941][ T8195] siw: device registration error -23
[  110.723036][ T8202] netlink: 48 bytes leftover after parsing attributes in process `syz.0.434'.
[  111.073844][ T8219] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  111.309256][ T8224] netlink: 'syz.2.444': attribute type 1 has an invalid length.
[  111.312857][ T8233] FAULT_INJECTION: forcing a failure.
[  111.312857][ T8233] name failslab, interval 1, probability 0, space 0, times 0
[  111.317031][ T8233] CPU: 3 UID: 0 PID: 8233 Comm: syz.1.446 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  111.320094][ T8233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.323308][ T8233] Call Trace:
[  111.324695][ T8233]  <TASK>
[  111.325867][ T8233]  dump_stack_lvl+0x16c/0x1f0
[  111.327290][ T8233]  should_fail_ex+0x497/0x5b0
[  111.328802][ T8233]  ? fs_reclaim_acquire+0xae/0x150
[  111.330726][ T8233]  should_failslab+0xc2/0x120
[  111.332500][ T8233]  __kmalloc_cache_noprof+0x68/0x420
[  111.334491][ T8233]  ? ww_mutex_lock_interruptible+0x37/0x160
[  111.336314][ T8233]  ? modeset_lock+0x114/0x6e0
[  111.337750][ T8233]  drm_atomic_state_alloc+0xb8/0x120
[  111.339307][ T8233]  drm_atomic_helper_set_config+0x59/0x1a0
[  111.341022][ T8233]  drm_mode_setcrtc+0xdfc/0x1db0
[  111.342485][ T8233]  ? __pfx___lock_acquire+0x10/0x10
[  111.344024][ T8233]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  111.345627][ T8233]  ? do_raw_spin_unlock+0x172/0x230
[  111.347161][ T8233]  drm_ioctl_kernel+0x1e6/0x3d0
[  111.348617][ T8233]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  111.350156][ T8233]  ? __might_fault+0x41/0x190
[  111.351533][ T8233]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  111.353094][ T8233]  ? __might_fault+0xe3/0x190
[  111.354466][ T8233]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  111.356044][ T8233]  drm_ioctl+0x57e/0xba0
[  111.357376][ T8233]  ? __pfx_drm_ioctl+0x10/0x10
[  111.358800][ T8233]  drm_compat_ioctl+0x327/0x460
[  111.360221][ T8233]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  111.361806][ T8233]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  111.363334][ T8233]  __do_fast_syscall_32+0x73/0x120
[  111.364838][ T8233]  do_fast_syscall_32+0x32/0x80
[  111.366260][ T8233]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.368102][ T8233] RIP: 0023:0xf70ee579
[  111.369292][ T8233] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  111.374768][ T8233] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  111.377188][ T8233] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c06864a2
[  111.379492][ T8233] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000000000
[  111.381768][ T8233] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  111.384040][ T8233] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  111.386404][ T8233] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.388773][ T8233]  </TASK>
[  111.661514][ T8246] netlink: 'syz.1.449': attribute type 10 has an invalid length.
[  111.971367][ T8267] netlink: 'syz.1.459': attribute type 4 has an invalid length.
[  111.976739][ T8267] netlink: 'syz.1.459': attribute type 4 has an invalid length.
[  112.005498][ T5954] block nbd4: Receive control failed (result -107)
[  112.102100][ T8265] nbd4: detected capacity change from 0 to 256
[  112.106654][ T6319] block nbd4: Dead connection, failed to find a fallback
[  112.110024][ T6319] block nbd4: shutting down sockets
[  112.112007][ T6319] ldm_validate_partition_table(): Disk read failed.
[  112.114056][ T6319] Dev nbd4: unable to read RDB block 0
[  112.115842][ T6319]  nbd4: unable to read partition table
[  112.118772][ T6319] ldm_validate_partition_table(): Disk read failed.
[  112.120983][ T6319] Dev nbd4: unable to read RDB block 0
[  112.122812][ T6319]  nbd4: unable to read partition table
[  112.781895][    T8] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  112.932062][    T8] usb 7-1: Using ep0 maxpacket: 16
[  112.946526][    T8] usb 7-1: config 0 has no interfaces?
[  112.953248][    T8] usb 7-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[  112.956796][    T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.959136][    T8] usb 7-1: Product: syz
[  112.960412][    T8] usb 7-1: Manufacturer: syz
[  112.961940][    T8] usb 7-1: SerialNumber: syz
[  112.964203][    T8] usb 7-1: config 0 descriptor??
[  113.169190][    T8] usb 7-1: USB disconnect, device number 4
[  113.767952][ T8307] IPVS: set_ctl: invalid protocol: 59 172.20.20.187:20002
[  113.830839][ T8314] __nla_validate_parse: 7 callbacks suppressed
[  113.830849][ T8314] netlink: 8 bytes leftover after parsing attributes in process `syz.1.472'.
[  114.018418][ T5954] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[  114.105606][ T8334] macvlan3: entered promiscuous mode
[  114.107543][ T8334] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  114.197123][ T8337] netlink: 8 bytes leftover after parsing attributes in process `syz.3.481'.
[  114.341349][ T8337] blk_print_req_error: 96 callbacks suppressed
[  114.341362][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.345926][ T8337] buffer_io_error: 96 callbacks suppressed
[  114.345933][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.350119][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.353378][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.355980][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.358582][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.360928][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.364066][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.366339][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.368947][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.371573][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.374477][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.376760][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.379315][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.381626][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.384508][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.386741][ T8337] ldm_validate_partition_table(): Disk read failed.
[  114.388774][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.391327][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.393877][ T8337] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.396451][ T8337] Buffer I/O error on dev nbd3, logical block 0, async page read
[  114.398775][ T8337] Dev nbd3: unable to read RDB block 0
[  114.400737][ T8337]  nbd3: unable to read partition table
[  114.455737][   T39] kauditd_printk_skb: 317 callbacks suppressed
[  114.455751][   T39] audit: type=1326 audit(1737241055.419:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.464968][   T39] audit: type=1326 audit(1737241055.419:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.473568][   T39] audit: type=1326 audit(1737241055.419:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=76 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.480960][   T39] audit: type=1326 audit(1737241055.419:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.487185][   T39] audit: type=1326 audit(1737241055.419:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.494592][   T39] audit: type=1326 audit(1737241055.419:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.500899][   T39] audit: type=1326 audit(1737241055.419:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.507357][   T39] audit: type=1326 audit(1737241055.419:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.513855][   T39] audit: type=1326 audit(1737241055.419:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=434 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.520414][   T39] audit: type=1326 audit(1737241055.419:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  114.997340][ T8369] netlink: 'syz.2.492': attribute type 21 has an invalid length.
[  114.999653][ T8369] netlink: 132 bytes leftover after parsing attributes in process `syz.2.492'.
[  115.303089][ T8377] siw: device registration error -23
[  115.639678][ T8383] netlink: 'syz.1.495': attribute type 10 has an invalid length.
[  115.881345][ T8387] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  115.885198][ T8387] gretap1: entered allmulticast mode
[  116.351768][ T8402] netlink: 96 bytes leftover after parsing attributes in process `syz.3.502'.
[  116.487536][ T8407] netlink: 'syz.3.504': attribute type 1 has an invalid length.
[  116.489854][ T8407] netlink: 224 bytes leftover after parsing attributes in process `syz.3.504'.
[  117.042977][ T8426] netlink: 6 bytes leftover after parsing attributes in process `syz.0.507'.
[  117.046454][ T8426] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  117.168819][ T8439] netlink: 4 bytes leftover after parsing attributes in process `syz.0.511'.
[  117.174465][ T8439] bridge0: port 4(macsec1) entered blocking state
[  117.176367][ T8439] bridge0: port 4(macsec1) entered disabled state
[  117.178165][ T8439] macsec1: entered allmulticast mode
[  117.181152][ T8439] macsec1: left allmulticast mode
[  117.548897][ T8468] ipt_REJECT: ECHOREPLY no longer supported.
[  117.550884][ T8469] netlink: 20 bytes leftover after parsing attributes in process `syz.3.521'.
[  117.555064][ T8469] netlink: 112 bytes leftover after parsing attributes in process `syz.3.521'.
[  117.557748][ T8469] netlink: 20 bytes leftover after parsing attributes in process `syz.3.521'.
[  118.169823][ T8510] macvlan3: entered promiscuous mode
[  118.171546][ T8510] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  118.262471][ T8514] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  118.265795][ T8514] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  118.346581][ T8527] No control pipe specified
[  118.401985][ T6033] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  118.496680][ T5954] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[  118.554182][ T6033] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  118.556514][ T6033] usb 6-1: config 0 has no interface number 0
[  118.558349][ T6033] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  118.561712][ T6033] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  118.565083][ T6033] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  118.568253][ T6033] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[  118.571303][ T6033] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  118.574959][ T6033] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  118.577497][ T6033] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.581042][ T6033] usb 6-1: config 0 descriptor??
[  118.583252][ T8512] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  118.587410][ T6033] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  118.850593][   T25] usb 6-1: USB disconnect, device number 4
[  118.850636][    C2] ldusb 6-1:0.55: usb_submit_urb failed (-19)
[  118.854744][ T8512] ldusb 6-1:0.55: Couldn't submit interrupt_out_urb -19
[  118.859408][   T25] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  118.870307][ T8512] pimreg: entered allmulticast mode
[  119.140802][   T64] libceph: connect (1)[c::]:6789 error -101
[  119.144327][   T64] libceph: mon0 (1)[c::]:6789 connect error
[  119.147913][   T64] libceph: connect (1)[c::]:6789 error -101
[  119.150304][   T64] libceph: mon0 (1)[c::]:6789 connect error
[  119.197668][ T8553] ceph: No mds server is up or the cluster is laggy
[  119.206962][ T8556] __nla_validate_parse: 2 callbacks suppressed
[  119.207000][ T8556] netlink: 12 bytes leftover after parsing attributes in process `syz.3.544'.
[  119.417925][ T8560] FAULT_INJECTION: forcing a failure.
[  119.417925][ T8560] name failslab, interval 1, probability 0, space 0, times 0
[  119.422356][ T8560] CPU: 3 UID: 0 PID: 8560 Comm: syz.0.548 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  119.425609][ T8560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.428747][ T8560] Call Trace:
[  119.429739][ T8560]  <TASK>
[  119.430612][ T8560]  dump_stack_lvl+0x16c/0x1f0
[  119.432000][ T8560]  should_fail_ex+0x497/0x5b0
[  119.433396][ T8560]  ? fs_reclaim_acquire+0xae/0x150
[  119.434894][ T8560]  should_failslab+0xc2/0x120
[  119.436189][ T8560]  __kmalloc_noprof+0xce/0x4f0
[  119.437542][ T8560]  ? drm_atomic_state_init+0x17e/0x320
[  119.439010][ T8560]  drm_atomic_state_init+0x17e/0x320
[  119.440565][ T8560]  ? __kasan_kmalloc+0xaa/0xb0
[  119.441977][ T8560]  drm_atomic_state_alloc+0xd3/0x120
[  119.443531][ T8560]  drm_atomic_helper_set_config+0x59/0x1a0
[  119.445253][ T8560]  drm_mode_setcrtc+0xdfc/0x1db0
[  119.446709][ T8560]  ? __pfx___lock_acquire+0x10/0x10
[  119.448244][ T8560]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  119.449851][ T8560]  ? do_raw_spin_unlock+0x172/0x230
[  119.451373][ T8560]  drm_ioctl_kernel+0x1e6/0x3d0
[  119.452813][ T8560]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  119.454378][ T8560]  ? __might_fault+0x41/0x190
[  119.455768][ T8560]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  119.457352][ T8560]  ? __might_fault+0xe3/0x190
[  119.458763][ T8560]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  119.460335][ T8560]  drm_ioctl+0x57e/0xba0
[  119.461598][ T8560]  ? __pfx_drm_ioctl+0x10/0x10
[  119.463005][ T8560]  drm_compat_ioctl+0x327/0x460
[  119.464436][ T8560]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  119.466014][ T8560]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  119.467560][ T8560]  __do_fast_syscall_32+0x73/0x120
[  119.469086][ T8560]  do_fast_syscall_32+0x32/0x80
[  119.470521][ T8560]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  119.472381][ T8560] RIP: 0023:0xf714e579
[  119.473580][ T8560] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  119.479115][ T8560] RSP: 002b:00000000f514055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  119.481535][ T8560] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c06864a2
[  119.483813][ T8560] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000000000
[  119.486093][ T8560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  119.488380][ T8560] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  119.490667][ T8560] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.492969][ T8560]  </TASK>
[  119.528935][ T8563] syz_tun: entered allmulticast mode
[  119.603915][ T8562] syz_tun: left allmulticast mode
[  119.689908][ T8572] Bluetooth: MGMT ver 1.23
[  119.695473][ T8575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.554'.
[  119.760460][ T8577] netlink: 'syz.1.555': attribute type 10 has an invalid length.
[  120.235064][ T8598] bridge0: port 3(veth0_to_bridge) entered blocking state
[  120.237291][ T8598] bridge0: port 3(veth0_to_bridge) entered disabled state
[  120.239516][ T8598] veth0_to_bridge: entered allmulticast mode
[  120.242928][ T8598] veth0_to_bridge: entered promiscuous mode
[  120.244830][ T8598] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  120.248873][ T8598] bridge0: port 3(veth0_to_bridge) entered blocking state
[  120.251748][ T8598] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  120.711346][ T8609] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  120.714862][ T8609] gretap1: entered allmulticast mode
[  120.818181][ T8614] batadv_slave_1: entered promiscuous mode
[  120.822659][ T8614] netlink: 'syz.2.567': attribute type 1 has an invalid length.
[  120.828323][ T8614] netlink: 3 bytes leftover after parsing attributes in process `syz.2.567'.
[  120.833901][ T8613] batadv_slave_1: left promiscuous mode
[  121.191892][    T8] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  121.321965][    T8] usb 8-1: device descriptor read/64, error -71
[  121.678666][    T8] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  121.761784][ T8629] netlink: 36 bytes leftover after parsing attributes in process `syz.2.572'.
[  121.764886][ T8629] netlink: 16 bytes leftover after parsing attributes in process `syz.2.572'.
[  121.767420][ T8629] netlink: 36 bytes leftover after parsing attributes in process `syz.2.572'.
[  121.770891][ T8629] netlink: 36 bytes leftover after parsing attributes in process `syz.2.572'.
[  121.821985][    T8] usb 8-1: device descriptor read/64, error -71
[  121.942119][    T8] usb usb8-port1: attempt power cycle
[  121.984968][ T8635] netlink: 'syz.2.574': attribute type 1 has an invalid length.
[  121.992892][ T8635] 8021q: adding VLAN 0 to HW filter on device bond1
[  122.004365][ T8635] bond1: (slave bridge2): making interface the new active one
[  122.006940][ T8635] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  122.015140][ T8635] vlan2: entered promiscuous mode
[  122.016596][ T8635] bond1: entered promiscuous mode
[  122.017966][ T8635] bridge2: entered promiscuous mode
[  122.019551][ T8635] vlan2: entered allmulticast mode
[  122.021031][ T8635] bond1: entered allmulticast mode
[  122.023069][ T8635] bridge2: entered allmulticast mode
[  122.281906][    T8] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  122.302500][    T8] usb 8-1: device descriptor read/8, error -71
[  122.551948][    T8] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  122.572448][    T8] usb 8-1: device descriptor read/8, error -71
[  122.707745][    T8] usb usb8-port1: unable to enumerate USB device
[  123.398914][ T8689] netlink: 8 bytes leftover after parsing attributes in process `syz.0.586'.
[  123.443194][ T8689] netlink: 4 bytes leftover after parsing attributes in process `syz.0.586'.
[  123.445856][ T8689] netlink: 32 bytes leftover after parsing attributes in process `syz.0.586'.
[  123.958287][ T8723] netlink: 'syz.1.593': attribute type 10 has an invalid length.
[  124.617753][ T8744] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  124.827590][ T8765] netlink: 'syz.0.601': attribute type 1 has an invalid length.
[  124.829891][ T8765] __nla_validate_parse: 1 callbacks suppressed
[  124.829898][ T8765] netlink: 224 bytes leftover after parsing attributes in process `syz.0.601'.
[  125.180005][ T8800] netlink: 8 bytes leftover after parsing attributes in process `syz.1.608'.
[  125.231940][ T8800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.608'.
[  125.234852][ T8800] netlink: 32 bytes leftover after parsing attributes in process `syz.1.608'.
[  125.696095][ T8819] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  125.699738][ T8819] gretap1: entered allmulticast mode
[  126.019475][ T8824] netlink: 168 bytes leftover after parsing attributes in process `syz.3.615'.
[  126.311766][ T8835] loop0: detected capacity change from 0 to 16384
[  126.362429][ T8842] netlink: 8 bytes leftover after parsing attributes in process `syz.1.624'.
[  126.384299][ T8843] siw: device registration error -23
[  127.322283][ T8861] blk_print_req_error: 6 callbacks suppressed
[  127.322295][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.327436][ T8861] buffer_io_error: 6 callbacks suppressed
[  127.327446][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.331651][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.335035][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.337978][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.340680][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.344487][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.347140][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.349742][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.366812][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.369610][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.372568][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.375810][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.378961][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.381419][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.384208][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.386466][ T8861] ldm_validate_partition_table(): Disk read failed.
[  127.388396][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.390990][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.395080][ T8861] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.397720][ T8861] Buffer I/O error on dev nbd2, logical block 0, async page read
[  127.400006][ T8861] Dev nbd2: unable to read RDB block 0
[  127.402130][ T8861]  nbd2: unable to read partition table
[  127.489759][ T8873] netlink: 48 bytes leftover after parsing attributes in process `syz.0.631'.
[  127.870237][ T8889] netlink: 48 bytes leftover after parsing attributes in process `syz.0.637'.
[  127.884299][ T8889] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  127.887548][ T8889] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  129.653896][ T8925] netlink: 96 bytes leftover after parsing attributes in process `syz.3.645'.
[  130.060694][ T8945] netlink: 8 bytes leftover after parsing attributes in process `syz.2.654'.
[  130.146485][ T8947] netlink: 20 bytes leftover after parsing attributes in process `syz.2.655'.
[  130.150243][ T8947] geneve0: entered allmulticast mode
[  130.874444][ T8957] kAFS: No cell specified
[  131.220727][ T8968] FAULT_INJECTION: forcing a failure.
[  131.220727][ T8968] name failslab, interval 1, probability 0, space 0, times 0
[  131.224639][ T8968] CPU: 3 UID: 0 PID: 8968 Comm: syz.0.661 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  131.227698][ T8968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.230823][ T8968] Call Trace:
[  131.231806][ T8968]  <TASK>
[  131.232702][ T8968]  dump_stack_lvl+0x16c/0x1f0
[  131.234093][ T8968]  should_fail_ex+0x497/0x5b0
[  131.235453][ T8968]  ? fs_reclaim_acquire+0xae/0x150
[  131.236919][ T8968]  should_failslab+0xc2/0x120
[  131.238327][ T8968]  __kmalloc_cache_noprof+0x68/0x420
[  131.239874][ T8968]  ? ww_mutex_lock_interruptible+0x37/0x160
[  131.241631][ T8968]  ? ww_mutex_lock_interruptible+0x37/0x160
[  131.243387][ T8968]  ? modeset_lock+0x114/0x6e0
[  131.244782][ T8968]  vkms_plane_duplicate_state+0x45/0x130
[  131.246413][ T8968]  drm_atomic_get_plane_state+0x20b/0x590
[  131.248099][ T8968]  __drm_atomic_helper_set_config+0x107/0xe90
[  131.249885][ T8968]  ? trace_kmalloc+0x2d/0xd0
[  131.251239][ T8968]  ? __kmalloc_noprof+0x23b/0x4f0
[  131.252722][ T8968]  ? __pfx___drm_atomic_helper_set_config+0x10/0x10
[  131.254804][ T8968]  ? drm_atomic_state_init+0x17e/0x320
[  131.256541][ T8968]  ? drm_atomic_state_init+0x22c/0x320
[  131.258171][ T8968]  ? __kasan_kmalloc+0xaa/0xb0
[  131.259589][ T8968]  drm_atomic_helper_set_config+0x98/0x1a0
[  131.261299][ T8968]  drm_mode_setcrtc+0xdfc/0x1db0
[  131.262750][ T8968]  ? __pfx___lock_acquire+0x10/0x10
[  131.264433][ T8968]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  131.264473][ T8968]  ? do_raw_spin_unlock+0x172/0x230
[  131.264487][ T8968]  drm_ioctl_kernel+0x1e6/0x3d0
[  131.264498][ T8968]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  131.267620][ T8959] 9pnet_fd: Insufficient options for proto=fd
[  131.268205][ T8968]  ? __might_fault+0x41/0x190
[  131.274738][ T8968]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  131.274754][ T8968]  ? __might_fault+0xe3/0x190
[  131.274771][ T8968]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  131.274783][ T8968]  drm_ioctl+0x57e/0xba0
[  131.274798][ T8968]  ? __pfx_drm_ioctl+0x10/0x10
[  131.274818][ T8968]  drm_compat_ioctl+0x327/0x460
[  131.283897][ T8968]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  131.285495][ T8968]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  131.287062][ T8968]  __do_fast_syscall_32+0x73/0x120
[  131.288630][ T8968]  do_fast_syscall_32+0x32/0x80
[  131.290065][ T8968]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  131.291902][ T8968] RIP: 0023:0xf714e579
[  131.293109][ T8968] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  131.298751][ T8968] RSP: 002b:00000000f514055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  131.301203][ T8968] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c06864a2
[  131.303500][ T8968] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000000000
[  131.305803][ T8968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  131.308124][ T8968] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  131.310458][ T8968] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  131.312761][ T8968]  </TASK>
[  131.470942][ T8979] netlink: 'syz.2.666': attribute type 10 has an invalid length.
[  131.476093][ T8979] syz_tun: entered promiscuous mode
[  131.940062][ T8997] netlink: 36 bytes leftover after parsing attributes in process `syz.3.670'.
[  131.940086][ T8997] netlink: 16 bytes leftover after parsing attributes in process `syz.3.670'.
[  131.940095][ T8997] netlink: 36 bytes leftover after parsing attributes in process `syz.3.670'.
[  131.940109][ T8997] netlink: 36 bytes leftover after parsing attributes in process `syz.3.670'.
[  132.028038][ T8999] netlink: 96 bytes leftover after parsing attributes in process `syz.2.671'.
[  132.119113][ T5954] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[  132.213100][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[  132.221393][ T9012] netlink: 24 bytes leftover after parsing attributes in process `syz.2.676'.
[  132.387721][ T9013] overlay: Unknown parameter 'subj_user'
[  133.166326][ T5954] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[  133.186856][ T9033] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  133.513576][ T9039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.686'.
[  133.551990][ T9039] netlink: 4 bytes leftover after parsing attributes in process `syz.1.686'.
[  133.593965][ T5954] block nbd5: Receive control failed (result -107)
[  133.672155][ T9039] nbd5: detected capacity change from 0 to 256
[  133.677458][ T6319] block nbd5: Dead connection, failed to find a fallback
[  133.680147][ T6319] block nbd5: shutting down sockets
[  133.681718][ T6319] blk_print_req_error: 6 callbacks suppressed
[  133.681726][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.686789][ T6319] buffer_io_error: 6 callbacks suppressed
[  133.686796][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.690872][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.694314][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.697020][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.699652][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.702128][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.704803][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.707154][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.709817][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.712456][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.715061][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.717903][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.720667][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.723546][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.726180][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.727721][ T9047] bridge0: port 3(macsec0) entered blocking state
[  133.728916][ T6319] ldm_validate_partition_table(): Disk read failed.
[  133.730536][ T9047] bridge0: port 3(macsec0) entered disabled state
[  133.732603][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.734449][ T9047] macsec0: entered allmulticast mode
[  133.737231][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.737310][ T6319] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  133.744630][ T6319] Buffer I/O error on dev nbd5, logical block 0, async page read
[  133.747034][ T6319] Dev nbd5: unable to read RDB block 0
[  133.748874][ T6319]  nbd5: unable to read partition table
[  133.749076][ T9047] macsec0: left allmulticast mode
[  133.753938][ T6319] ldm_validate_partition_table(): Disk read failed.
[  133.757090][ T6319] Dev nbd5: unable to read RDB block 0
[  133.758856][ T6319]  nbd5: unable to read partition table
[  134.433307][ T9071] bridge0: port 4(netdevsim0) entered blocking state
[  134.435317][ T9071] bridge0: port 4(netdevsim0) entered disabled state
[  134.437469][ T9071] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  134.441161][ T9071] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  134.444413][ T9071] bridge0: port 4(netdevsim0) entered blocking state
[  134.447064][ T9071] bridge0: port 4(netdevsim0) entered forwarding state
[  134.479463][ T9073] MINIX-fs: blocksize too small for device
[  134.537390][   T39] kauditd_printk_skb: 35 callbacks suppressed
[  134.537401][   T39] audit: type=1326 audit(1737241075.493:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  134.555119][   T39] audit: type=1326 audit(1737241075.493:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  134.566048][   T39] audit: type=1326 audit(1737241075.503:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  134.573936][   T39] audit: type=1326 audit(1737241075.503:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f955a7 code=0x7ffc0000
[  134.580158][   T39] audit: type=1326 audit(1737241075.503:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  134.586506][   T39] audit: type=1326 audit(1737241075.503:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  134.594177][   T39] audit: type=1326 audit(1737241075.503:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  134.601057][   T39] audit: type=1326 audit(1737241075.513:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  134.608823][   T39] audit: type=1326 audit(1737241075.513:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f955a7 code=0x7ffc0000
[  134.615752][   T39] audit: type=1326 audit(1737241075.513:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9069 comm="syz.2.693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  135.432231][ T9090] syz_tun: entered allmulticast mode
[  135.575623][ T9089] syz_tun: left allmulticast mode
[  135.648550][ T9098] __nla_validate_parse: 2 callbacks suppressed
[  135.648560][ T9098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.699'.
[  135.896316][ T9102] netlink: 20 bytes leftover after parsing attributes in process `syz.1.702'.
[  135.899157][ T9102] netlink: 112 bytes leftover after parsing attributes in process `syz.1.702'.
[  135.903353][ T9102] netlink: 20 bytes leftover after parsing attributes in process `syz.1.702'.
[  136.341958][ T9113] bridge0: port 3(netdevsim0) entered blocking state
[  136.343910][ T9113] bridge0: port 3(netdevsim0) entered disabled state
[  136.347103][ T9113] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  136.350432][ T9113] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  136.354090][ T9113] bridge0: port 3(netdevsim0) entered blocking state
[  136.356666][ T9113] bridge0: port 3(netdevsim0) entered forwarding state
[  137.071227][ T9126] syz_tun: entered allmulticast mode
[  137.142571][ T9125] syz_tun: left allmulticast mode
[  137.321443][ T9137] netlink: 8 bytes leftover after parsing attributes in process `syz.0.715'.
[  137.372542][ T9137] netlink: 4 bytes leftover after parsing attributes in process `syz.0.715'.
[  137.383438][ T9137] netlink: 32 bytes leftover after parsing attributes in process `syz.0.715'.
[  137.480681][ T9145] netlink: 187320 bytes leftover after parsing attributes in process `syz.0.717'.
[  137.485710][ T9145] netlink: zone id is out of range
[  137.487304][ T9145] netlink: zone id is out of range
[  137.488821][ T9145] netlink: zone id is out of range
[  137.490310][ T9145] netlink: zone id is out of range
[  137.491776][ T9145] netlink: zone id is out of range
[  137.493522][ T9145] netlink: zone id is out of range
[  137.495299][ T9145] netlink: zone id is out of range
[  137.496772][ T9145] netlink: zone id is out of range
[  137.498283][ T9145] netlink: zone id is out of range
[  137.506235][ T9145] netlink: 28 bytes leftover after parsing attributes in process `syz.0.717'.
[  137.509254][ T9145] netlink: 'syz.0.717': attribute type 7 has an invalid length.
[  137.514753][ T9145] netlink: 'syz.0.717': attribute type 8 has an invalid length.
[  137.517138][ T9145] netlink: 4 bytes leftover after parsing attributes in process `syz.0.717'.
[  137.526079][ T9147] syz_tun: entered allmulticast mode
[  137.527281][ T9149] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  137.614404][ T9160] macvlan3: entered promiscuous mode
[  137.616232][ T9160] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  137.693976][ T9146] syz_tun: left allmulticast mode
[  137.855584][ T9164] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  137.914044][ T9167] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  138.205646][ T9179] syzkaller1: entered promiscuous mode
[  138.207345][ T9179] syzkaller1: entered allmulticast mode
[  138.733039][ T9206] syz_tun: entered allmulticast mode
[  138.825174][ T9204] syz_tun: left allmulticast mode
[  139.955084][ T9264] FAULT_INJECTION: forcing a failure.
[  139.955084][ T9264] name failslab, interval 1, probability 0, space 0, times 0
[  139.960479][ T9264] CPU: 0 UID: 0 PID: 9264 Comm: syz.2.750 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  139.964688][ T9264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  139.968995][ T9264] Call Trace:
[  139.970354][ T9264]  <TASK>
[  139.971567][ T9264]  dump_stack_lvl+0x16c/0x1f0
[  139.973087][ T9264]  should_fail_ex+0x497/0x5b0
[  139.974454][ T9264]  ? fs_reclaim_acquire+0xae/0x150
[  139.975939][ T9264]  should_failslab+0xc2/0x120
[  139.977317][ T9264]  __kmalloc_cache_noprof+0x68/0x420
[  139.978842][ T9264]  ? kasan_save_track+0x14/0x30
[  139.980246][ T9264]  vkms_plane_duplicate_state+0x87/0x130
[  139.981896][ T9264]  drm_atomic_get_plane_state+0x20b/0x590
[  139.984194][ T9264]  __drm_atomic_helper_set_config+0x107/0xe90
[  139.986655][ T9264]  ? trace_kmalloc+0x2d/0xd0
[  139.988616][ T9264]  ? __kmalloc_noprof+0x23b/0x4f0
[  139.990119][ T9264]  ? __pfx___drm_atomic_helper_set_config+0x10/0x10
[  139.992017][ T9264]  ? drm_atomic_state_init+0x17e/0x320
[  139.993738][ T9264]  ? drm_atomic_state_init+0x22c/0x320
[  139.995340][ T9264]  ? __kasan_kmalloc+0xaa/0xb0
[  139.996739][ T9264]  drm_atomic_helper_set_config+0x98/0x1a0
[  139.998681][ T9264]  drm_mode_setcrtc+0xdfc/0x1db0
[  140.000174][ T9264]  ? __pfx___lock_acquire+0x10/0x10
[  140.001695][ T9264]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  140.003240][ T9264]  ? do_raw_spin_unlock+0x172/0x230
[  140.004742][ T9264]  drm_ioctl_kernel+0x1e6/0x3d0
[  140.006141][ T9264]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  140.007720][ T9264]  ? __might_fault+0x41/0x190
[  140.009354][ T9264]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  140.010995][ T9264]  ? __might_fault+0xe3/0x190
[  140.012390][ T9264]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  140.013983][ T9264]  drm_ioctl+0x57e/0xba0
[  140.015223][ T9264]  ? __pfx_drm_ioctl+0x10/0x10
[  140.016648][ T9264]  drm_compat_ioctl+0x327/0x460
[  140.018081][ T9264]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  140.019645][ T9264]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  140.021188][ T9264]  __do_fast_syscall_32+0x73/0x120
[  140.022692][ T9264]  do_fast_syscall_32+0x32/0x80
[  140.024142][ T9264]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.025987][ T9264] RIP: 0023:0xf7f95579
[  140.027200][ T9264] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  140.032945][ T9264] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  140.035350][ T9264] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c06864a2
[  140.037663][ T9264] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000000000
[  140.039957][ T9264] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.042245][ T9264] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  140.044571][ T9264] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.046869][ T9264]  </TASK>
[  140.047907][    C0] vkms_vblank_simulate: vblank timer overrun
[  140.246402][ T9278] netlink: 'syz.1.756': attribute type 1 has an invalid length.
[  140.382327][   T25] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  140.399001][ T9287] net_ratelimit: 679 callbacks suppressed
[  140.399011][ T9287] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  140.532903][   T25] usb 7-1: Using ep0 maxpacket: 32
[  140.535887][   T25] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  140.538309][   T25] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  140.540761][   T25] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  140.543431][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  140.546170][   T25] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  140.548897][   T25] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  140.552700][   T25] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  140.555252][   T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.558582][   T25] usb 7-1: config 0 descriptor??
[  140.671944][ T6033] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  140.766217][   T25] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  140.771455][   T25] usb 7-1: USB disconnect, device number 5
[  140.778634][   T25] usblp0: removed
[  140.832090][ T6033] usb 5-1: Using ep0 maxpacket: 16
[  140.842860][ T6033] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  140.846754][ T6033] usb 5-1: config 0 has no interfaces?
[  140.848876][ T6033] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  140.852114][ T6033] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.859662][ T6033] usb 5-1: config 0 descriptor??
[  140.869582][ T9296] __nla_validate_parse: 9 callbacks suppressed
[  140.869596][ T9296] netlink: 4 bytes leftover after parsing attributes in process `syz.3.762'.
[  140.877492][ T9296] bridge0: port 4(macsec1) entered blocking state
[  140.879454][ T9296] bridge0: port 4(macsec1) entered disabled state
[  140.881611][ T9296] macsec1: entered allmulticast mode
[  140.884822][ T9296] macsec1: left allmulticast mode
[  140.980583][ T9298] ipt_ECN: cannot use operation on non-tcp rule
[  141.105355][ T7132] usb 5-1: USB disconnect, device number 2
[  141.221913][  T833] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  141.381877][  T833] usb 7-1: Using ep0 maxpacket: 32
[  141.386159][  T833] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  141.388647][  T833] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  141.391118][  T833] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  141.393876][  T833] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  141.397114][  T833] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  141.399890][  T833] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  141.403730][  T833] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  141.406327][  T833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.409413][  T833] usb 7-1: config 0 descriptor??
[  141.615721][  T833] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  141.699081][ T9319] netlink: 24 bytes leftover after parsing attributes in process `syz.0.770'.
[  141.816289][ T9272] 9pnet_fd: Insufficient options for proto=fd
[  141.944043][  T833] usb 7-1: USB disconnect, device number 6
[  141.946721][  T833] usblp0: removed
[  142.084342][ T9334] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.775' sets config #1
[  142.087417][ T9334] usb usb1: usbfs: process 9334 (syz.0.775) did not claim interface 0 before use
[  142.887884][ T9364] syz_tun: entered allmulticast mode
[  142.958191][ T9369] netlink: 8 bytes leftover after parsing attributes in process `syz.2.788'.
[  142.992892][ T9363] syz_tun: left allmulticast mode
[  143.099853][ T9388] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  143.215635][ T9391] netlink: 76 bytes leftover after parsing attributes in process `syz.0.798'.
[  143.387231][   T25] libceph: connect (1)[c::]:6789 error -101
[  143.389563][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  143.507148][ T9393] ceph: No mds server is up or the cluster is laggy
[  143.568346][ T9404] syz_tun: entered allmulticast mode
[  143.664661][ T9403] syz_tun: left allmulticast mode
[  144.169686][ T9421] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  144.174518][ T9421] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  144.211790][ T9421] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  144.232999][ T9421] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  144.235610][ T9421] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  144.269829][ T9421] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  144.280024][ T9425] netlink: 'syz.2.809': attribute type 1 has an invalid length.
[  144.284009][ T9425] netlink: 224 bytes leftover after parsing attributes in process `syz.2.809'.
[  144.303657][ T9421] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  144.306392][ T9421] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  144.322673][ T9421] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  144.342997][ T9421] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  144.345461][ T9421] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  144.361063][ T9421] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  144.984215][ T9431] netlink: 56 bytes leftover after parsing attributes in process `syz.1.810'.
[  145.168313][ T9447] ubi0: attaching mtd0
[  145.170505][ T9447] ubi0: scanning is finished
[  145.174275][ T9447] ubi0: empty MTD device detected
[  145.284718][ T9447] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  145.287130][ T9447] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  145.292147][ T9447] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  145.294339][ T9447] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  145.296868][ T9447] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  145.299650][ T9447] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  145.307041][ T9447] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1181494072
[  145.310253][ T9447] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  145.314682][ T9453] ubi0: background thread "ubi_bgt0d" started, PID 9453
[  145.514322][ T9458] netlink: 4 bytes leftover after parsing attributes in process `syz.0.818'.
[  145.518664][ T9458] bridge0: port 4(macsec1) entered blocking state
[  145.520659][ T9458] bridge0: port 4(macsec1) entered disabled state
[  145.522904][ T9458] macsec1: entered allmulticast mode
[  145.542257][ T9458] macsec1: left allmulticast mode
[  146.029616][ T9462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.820'.
[  146.081915][ T9462] netlink: 4 bytes leftover after parsing attributes in process `syz.2.820'.
[  146.091997][ T9462] netlink: 32 bytes leftover after parsing attributes in process `syz.2.820'.
[  146.132048][ T5954] Bluetooth: hci0: command 0x0c1a tx timeout
[  146.302006][ T5954] Bluetooth: hci1: command 0x0c1a tx timeout
[  146.309498][ T9477] netlink: 96 bytes leftover after parsing attributes in process `syz.2.824'.
[  146.371916][ T5954] Bluetooth: hci2: command 0x0405 tx timeout
[  146.373841][ T5954] Bluetooth: hci3: command 0x0419 tx timeout
[  146.458736][ T9481] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  147.436909][ T9485] netlink: 48 bytes leftover after parsing attributes in process `syz.2.825'.
[  147.572224][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.575805][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.579426][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.583012][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.586535][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.590002][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.593564][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.597111][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.600643][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.604198][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  148.281887][   T67] Bluetooth: hci0: command 0x0c1a tx timeout
[  148.373533][   T67] Bluetooth: hci1: command 0x0c1a tx timeout
[  148.452996][   T67] Bluetooth: hci3: command 0x0419 tx timeout
[  148.454766][   T67] Bluetooth: hci2: command 0x0405 tx timeout
[  148.769093][ T9495] netlink: 'syz.0.829': attribute type 10 has an invalid length.
[  150.291947][ T5954] Bluetooth: hci0: command 0x0c1a tx timeout
[  150.451971][ T5954] Bluetooth: hci1: command 0x0c1a tx timeout
[  150.532016][   T67] Bluetooth: hci3: command 0x0419 tx timeout
[  150.535204][ T5954] Bluetooth: hci2: command 0x0405 tx timeout
[  152.581878][    C0] net_ratelimit: 42427 callbacks suppressed
[  152.581892][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.587131][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  152.590663][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.594152][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.597706][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  152.601214][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.604773][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.608302][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  152.611799][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  152.611946][ T5954] Bluetooth: hci3: command 0x0419 tx timeout
[  152.615328][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  156.392187][ T9495] syz_tun: entered promiscuous mode
[  156.415588][ T9495] bond0: (slave syz_tun): Releasing backup interface
[  157.591961][    C0] net_ratelimit: 82623 callbacks suppressed
[  157.591974][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  157.592014][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  157.593718][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  157.597759][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  157.600853][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  157.604837][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  157.608064][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  157.612037][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  157.615171][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  157.618393][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  161.081842][    C0] sched: DL replenish lagged too much
[  162.601890][    C0] net_ratelimit: 74527 callbacks suppressed
[  162.601902][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  162.601910][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  162.603975][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  162.607299][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  162.611325][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  162.614710][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  162.619544][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  162.622846][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  162.627691][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  162.630978][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  163.185409][ T9523] xt_TPROXY: Can be used only with -p tcp or -p udp
[  163.641140][   T39] kauditd_printk_skb: 445 callbacks suppressed
[  163.641153][   T39] audit: type=1800 audit(1737241104.603:832): pid=9515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.842" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  167.358198][ T9548] xt_bpf: check failed: parse error
[  167.606661][ T9553] netlink: 'syz.3.839': attribute type 10 has an invalid length.
[  167.611918][    C2] net_ratelimit: 74962 callbacks suppressed
[  167.611929][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  167.612186][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  167.613769][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  167.617456][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  167.620480][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  167.623896][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  167.627203][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  167.630976][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  167.634015][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  167.637670][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  172.621873][    C0] net_ratelimit: 65121 callbacks suppressed
[  172.621887][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  172.622058][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  172.623763][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  172.627196][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  172.630585][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  172.633969][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  172.637398][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  172.640725][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  172.644138][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  172.647521][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  177.631923][    C0] net_ratelimit: 67507 callbacks suppressed
[  177.631936][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  177.632024][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  177.633865][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  177.637219][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  177.640601][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  177.644086][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  177.647602][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  177.650964][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  177.654423][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  177.657809][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  177.868689][   T67] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  177.872461][   T67] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  177.875998][   T67] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  177.878424][   T67] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  177.880720][   T67] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  177.883196][   T67] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  178.854540][   T39] audit: type=1804 audit(1737241119.813:833): pid=9565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.845" name="/newroot/148/bus/bus" dev="overlay" ino=792 res=1 errno=0
[  179.220581][ T9565] evm: overlay not supported
[  179.222541][   T39] audit: type=1800 audit(1737241120.183:834): pid=9565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.845" name="file1" dev="overlay" ino=793 res=0 errno=0
[  179.891913][   T67] Bluetooth: hci4: command tx timeout
[  180.035200][ T9570] netlink: 4 bytes leftover after parsing attributes in process `syz.2.846'.
[  181.973006][   T67] Bluetooth: hci4: command tx timeout
[  182.486600][ T9553] batman_adv: batadv0: Adding interface: team0
[  182.488441][ T9553] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.497394][ T9553] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  182.641903][    C0] net_ratelimit: 59053 callbacks suppressed
[  182.641917][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  182.641969][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  182.643837][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  182.647224][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  182.650626][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  182.654085][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  182.657464][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  182.660847][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  182.664242][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  182.667588][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  183.152292][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  183.159689][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  183.162402][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  183.168145][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  183.170358][ T5954] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  183.172496][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  183.193691][ T5954] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  183.197107][ T5954] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  183.199623][ T5954] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  183.202967][ T5954] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  183.205224][ T5954] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  183.207326][ T5954] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  184.051988][ T5954] Bluetooth: hci4: command tx timeout
[  185.252083][   T67] Bluetooth: hci0: command tx timeout
[  185.257228][ T5954] Bluetooth: hci5: command tx timeout
[  185.833870][  T113] 
[  185.834899][  T113] ======================================================
[  185.837749][  T113] WARNING: possible circular locking dependency detected
[  185.840550][  T113] 6.13.0-rc7-syzkaller-00189-g595523945be0 #0 Not tainted
[  185.844411][  T113] ------------------------------------------------------
[  185.847402][  T113] kswapd0/113 is trying to acquire lock:
[  185.849694][  T113] ffff888043a88a70 (&q->q_usage_counter(io)#68){++++}-{0:0}, at: blk_mq_submit_bio+0x7ca/0x24c0
[  185.853872][  T113] 
[  185.853872][  T113] but task is already holding lock:
[  185.856915][  T113] ffffffff8df4f1a0 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0
[  185.860438][  T113] 
[  185.860438][  T113] which lock already depends on the new lock.
[  185.860438][  T113] 
[  185.864554][  T113] 
[  185.864554][  T113] the existing dependency chain (in reverse order) is:
[  185.868110][  T113] 
[  185.868110][  T113] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  185.871011][  T113]        fs_reclaim_acquire+0x102/0x150
[  185.873242][  T113]        __kmalloc_node_noprof+0xb7/0x520
[  185.875531][  T113]        __kvmalloc_node_noprof+0xad/0x1a0
[  185.877901][  T113]        sbitmap_init_node+0x1ca/0x770
[  185.880102][  T113]        scsi_realloc_sdev_budget_map+0x2c7/0x610
[  185.882675][  T113]        scsi_add_lun+0x11b4/0x1fd0
[  185.884786][  T113]        scsi_probe_and_add_lun+0x4fa/0xda0
[  185.887168][  T113]        __scsi_add_device+0x24b/0x290
[  185.889379][  T113]        ata_scsi_scan_host+0x215/0x780
[  185.891598][  T113]        async_run_entry_fn+0x9c/0x530
[  185.893809][  T113]        process_one_work+0x958/0x1b30
[  185.896036][  T113]        worker_thread+0x6c8/0xf00
[  185.898097][  T113]        kthread+0x2c1/0x3a0
[  185.899979][  T113]        ret_from_fork+0x45/0x80
[  185.902017][  T113]        ret_from_fork_asm+0x1a/0x30
[  185.904232][  T113] 
[  185.904232][  T113] -> #0 (&q->q_usage_counter(io)#68){++++}-{0:0}:
[  185.907785][  T113]        __lock_acquire+0x249e/0x3c40
[  185.909949][  T113]        lock_acquire.part.0+0x11b/0x380
[  185.912206][  T113]        __bio_queue_enter+0x4c6/0x740
[  185.914393][  T113]        blk_mq_submit_bio+0x7ca/0x24c0
[  185.916683][  T113]        __submit_bio+0x384/0x540
[  185.918720][  T113]        submit_bio_noacct_nocheck+0x698/0xd70
[  185.921213][  T113]        submit_bio_noacct+0x93a/0x1e20
[  185.923441][  T113]        __swap_writepage+0x3a3/0xf50
[  185.925600][  T113]        swap_writepage+0x403/0x1120
[  185.927792][  T113]        pageout+0x3b2/0xaa0
[  185.929684][  T113]        shrink_folio_list+0x3025/0x42d0
[  185.931947][  T113]        evict_folios+0x6e7/0x1a50
[  185.934010][  T113]        try_to_shrink_lruvec+0x61e/0xa80
[  185.936313][  T113]        shrink_one+0x3e3/0x7b0
[  185.938294][  T113]        shrink_node+0xbf0/0x3f20
[  185.940337][  T113]        balance_pgdat+0xc1f/0x18f0
[  185.942436][  T113]        kswapd+0x605/0xc00
[  185.944292][  T113]        kthread+0x2c1/0x3a0
[  185.946177][  T113]        ret_from_fork+0x45/0x80
[  185.948198][  T113]        ret_from_fork_asm+0x1a/0x30
[  185.950344][  T113] 
[  185.950344][  T113] other info that might help us debug this:
[  185.950344][  T113] 
[  185.954380][  T113]  Possible unsafe locking scenario:
[  185.954380][  T113] 
[  185.957069][  T113]        CPU0                    CPU1
[  185.958611][  T113]        ----                    ----
[  185.960168][  T113]   lock(fs_reclaim);
[  185.961331][  T113]                                lock(&q->q_usage_counter(io)#68);
[  185.963599][  T113]                                lock(fs_reclaim);
[  185.965460][  T113]   rlock(&q->q_usage_counter(io)#68);
[  185.967041][  T113] 
[  185.967041][  T113]  *** DEADLOCK ***
[  185.967041][  T113] 
[  185.969355][  T113] 1 lock held by kswapd0/113:
[  185.970705][  T113]  #0: ffffffff8df4f1a0 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0
[  185.973329][  T113] 
[  185.973329][  T113] stack backtrace:
[  185.975036][  T113] CPU: 1 UID: 0 PID: 113 Comm: kswapd0 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0
[  185.977971][  T113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  185.981027][  T113] Call Trace:
[  185.981994][  T113]  <TASK>
[  185.982863][  T113]  dump_stack_lvl+0x116/0x1f0
[  185.984240][  T113]  print_circular_bug+0x41c/0x610
[  185.985687][  T113]  check_noncircular+0x31a/0x400
[  185.987132][  T113]  ? __pfx_check_noncircular+0x10/0x10
[  185.988699][  T113]  ? lockdep_lock+0xc6/0x200
[  185.990044][  T113]  ? __pfx_lockdep_lock+0x10/0x10
[  185.991500][  T113]  __lock_acquire+0x249e/0x3c40
[  185.992918][  T113]  ? __pfx___lock_acquire+0x10/0x10
[  185.994416][  T113]  lock_acquire.part.0+0x11b/0x380
[  185.995903][  T113]  ? blk_mq_submit_bio+0x7ca/0x24c0
[  185.997399][  T113]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  185.999013][  T113]  ? rcu_is_watching+0x12/0xc0
[  186.000411][  T113]  ? trace_lock_acquire+0x14e/0x1f0
[  186.001841][  T113]  ? blk_mq_submit_bio+0x7ca/0x24c0
[  186.003351][  T113]  ? lock_acquire+0x2f/0xb0
[  186.004680][  T113]  ? blk_mq_submit_bio+0x7ca/0x24c0
[  186.006178][  T113]  __bio_queue_enter+0x4c6/0x740
[  186.007635][  T113]  ? blk_mq_submit_bio+0x7ca/0x24c0
[  186.009157][  T113]  ? __pfx___bio_queue_enter+0x10/0x10
[  186.010727][  T113]  ? blk_mq_submit_bio+0x7b5/0x24c0
[  186.012311][  T113]  ? __pfx_autoremove_wake_function+0x10/0x10
[  186.014080][  T113]  blk_mq_submit_bio+0x7ca/0x24c0
[  186.015536][  T113]  ? __pfx_blk_mq_submit_bio+0x10/0x10
[  186.017118][  T113]  ? __pfx_mark_lock+0x10/0x10
[  186.018513][  T113]  __submit_bio+0x384/0x540
[  186.019827][  T113]  ? __pfx___submit_bio+0x10/0x10
[  186.021311][  T113]  ? ktime_get+0x206/0x300
[  186.022606][  T113]  ? lockdep_hardirqs_on+0x7c/0x110
[  186.024111][  T113]  ? submit_bio_noacct_nocheck+0x698/0xd70
[  186.025778][  T113]  submit_bio_noacct_nocheck+0x698/0xd70
[  186.027405][  T113]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  186.029190][  T113]  ? __pfx___might_resched+0x10/0x10
[  186.030708][  T113]  ? __pfx___folio_start_writeback+0x10/0x10
[  186.032446][  T113]  submit_bio_noacct+0x93a/0x1e20
[  186.033905][  T113]  __swap_writepage+0x3a3/0xf50
[  186.035418][  T113]  swap_writepage+0x403/0x1120
[  186.036812][  T113]  ? folio_clear_dirty_for_io+0x112/0x800
[  186.038464][  T113]  pageout+0x3b2/0xaa0
[  186.039647][  T113]  ? __pfx_pageout+0x10/0x10
[  186.041005][  T113]  ? __pfx_try_to_unmap_one+0x10/0x10
[  186.042555][  T113]  ? __pfx_folio_not_mapped+0x10/0x10
[  186.044119][  T113]  ? __pfx_folio_lock_anon_vma_read+0x10/0x10
[  186.045873][  T113]  ? folio_mark_dirty+0xd8/0x150
[  186.047311][  T113]  shrink_folio_list+0x3025/0x42d0
[  186.048793][  T113]  ? __pfx_shrink_folio_list+0x10/0x10
[  186.050368][  T113]  ? isolate_folios+0x1c57/0x3830
[  186.051822][  T113]  ? hlock_class+0x4e/0x130
[  186.053168][  T113]  ? mark_lock+0xb5/0xc60
[  186.054420][  T113]  ? mark_held_locks+0x9f/0xe0
[  186.055809][  T113]  evict_folios+0x6e7/0x1a50
[  186.057149][  T113]  ? __pfx_evict_folios+0x10/0x10
[  186.058604][  T113]  ? mem_cgroup_get_nr_swap_pages+0x20/0x120
[  186.060348][  T113]  ? sc_swappiness+0xd4/0x190
[  186.061708][  T113]  try_to_shrink_lruvec+0x61e/0xa80
[  186.063208][  T113]  ? find_held_lock+0x2d/0x110
[  186.064593][  T113]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[  186.066231][  T113]  ? shrink_node+0xbd0/0x3f20
[  186.067609][  T113]  shrink_one+0x3e3/0x7b0
[  186.068870][  T113]  ? shrink_node+0xbd0/0x3f20
[  186.070227][  T113]  shrink_node+0xbf0/0x3f20
[  186.071542][  T113]  ? shrink_node+0x93e/0x3f20
[  186.072916][  T113]  ? __pfx_shrink_node+0x10/0x10
[  186.074346][  T113]  ? __pfx_lock_release+0x10/0x10
[  186.075797][  T113]  ? percpu_ref_put_many.constprop.0+0x1b/0x150
[  186.077607][  T113]  ? balance_pgdat+0xc1f/0x18f0
[  186.079020][  T113]  balance_pgdat+0xc1f/0x18f0
[  186.080388][  T113]  ? __pfx_balance_pgdat+0x10/0x10
[  186.081858][  T113]  ? __pfx___lock_acquire+0x10/0x10
[  186.083346][  T113]  ? lock_acquire.part.0+0x11b/0x380
[  186.084872][  T113]  ? __pfx___might_resched+0x10/0x10
[  186.086393][  T113]  kswapd+0x605/0xc00
[  186.087564][  T113]  ? __pfx_kswapd+0x10/0x10
[  186.088889][  T113]  ? __pfx_autoremove_wake_function+0x10/0x10
[  186.090637][  T113]  ? lockdep_hardirqs_on+0x7c/0x110
[  186.092150][  T113]  ? __kthread_parkme+0x148/0x220
[  186.093604][  T113]  ? __pfx_kswapd+0x10/0x10
[  186.094919][  T113]  kthread+0x2c1/0x3a0
[  186.096108][  T113]  ? _raw_spin_unlock_irq+0x23/0x50
[  186.097617][  T113]  ? __pfx_kthread+0x10/0x10
[  186.098966][  T113]  ret_from_fork+0x45/0x80
[  186.100296][  T113]  ? __pfx_kthread+0x10/0x10
[  186.101617][  T113]  ret_from_fork_asm+0x1a/0x30
[  186.103022][  T113]  </TASK>
[  186.132638][ T5954] Bluetooth: hci4: command tx timeout
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  187.334619][   T67] Bluetooth: hci0: command tx timeout
[  187.337983][ T5954] Bluetooth: hci5: command tx timeout
[  187.651901][    C0] net_ratelimit: 96739 callbacks suppressed
[  187.651913][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  187.651928][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  187.653725][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  187.657530][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  187.660854][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  187.664924][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  187.668208][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  187.671525][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  187.674949][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  187.678382][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  189.422438][   T67] Bluetooth: hci0: command tx timeout
[  189.424877][ T5954] Bluetooth: hci5: command tx timeout
[  191.491952][   T67] Bluetooth: hci0: command tx timeout
[  191.493497][ T5954] Bluetooth: hci5: command tx timeout
[  192.661848][    C0] net_ratelimit: 123472 callbacks suppressed
[  192.661861][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  192.661932][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  192.663880][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  192.667065][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  192.670396][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  192.673857][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  192.677348][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  192.680582][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  192.683963][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  192.687263][    C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:d2:20:4c:26:ba:a0, vlan:0)
[  193.882807][ T1410] ieee802154 phy1 wpan1: encryption failed: -22

VM DIAGNOSIS:
22:58:46  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000002 RBX=0000000000000001 RCX=ffffffff913bbca2 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000001 RBP=ffffc9000042e3c0 RSP=ffffc9000042e308
R8 =ffffffff913bbcc0 R9 =ffffffff913bbca6 R10=ffffc9000042e378 R11=000000000008008e
R12=ffffc9000042e3c8 R13=ffffc9000042e378 R14=ffffc9000042fb30 R15=ffffc9000042fb28
RIP=ffffffff8148f97d RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020c34000 CR3=0000000058816000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 00c800a400000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0003af5200000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85146355 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc90002146200
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36
R12=0000000000000000 R13=0000000000000032 R14=ffffffff851462f0 R15=0000000000000000
RIP=ffffffff8514637f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000334feffc CR3=0000000049c8c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 00c800a400000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0003af5200000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000003 RBX=ffff88806a7b0280 RCX=ffffffff88ffd464 RDX=0000000000000000
RSI=ffffffff8bb17300 RDI=ffffffff8bb17340 RBP=ffff88804b389000 RSP=ffffc900005479b8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000b8f
R12=0000000000000002 R13=ffff88804b389140 R14=00000000ffffffff R15=ffff88807164c000
RIP=ffffffff88ffd4b2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f30e8718 CR3=0000000049c8c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000fc01 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f2d20d421ea7e30d a8b9e79d4ab6425e
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 df1f7341e4a08021 b0cb508a7573f73d
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 12c615a69e8651bf 1589902ec48a42b8
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 778a20bc9697186d 79ceaa09a24f80ab
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c7261e234f7a3531 1a39875a0063764c
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a4451637965240b0 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 08904390dd94b85d 56156daed80febdf
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 06f9e07700000000 d5160079b6fc3664
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 81e7024c949dc26e e81c51a685b267fa
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b44cb6a3b768c0eb ce0f5dd14cda7a71
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=c5f576ba6c089439 5b0fa24bf308eff8 c5f576ba6c089439 5b0fa24bf308eff8 c5f576ba6c089439 5b0fa24bf308eff8 c5f576ba6c089439 5b0fa24bf308eff8
ZMM18=58ae2dfe8989b2c5 f7ccaf7f16287237 58ae2dfe8989b2c5 f7ccaf7f16287237 58ae2dfe8989b2c5 f7ccaf7f16287237 58ae2dfe8989b2c5 f7ccaf7f16287237
ZMM19=7406000000000000 0000000000000020 7406000000000000 000000000000001f 7406000000000000 000000000000001e 7406000000000000 000000000000001d
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=5b0fa24b5b0fa24b 5b0fa24b5b0fa24b 5b0fa24b5b0fa24b 5b0fa24b5b0fa24b 5b0fa24b5b0fa24b 5b0fa24b5b0fa24b 5b0fa24b5b0fa24b 5b0fa24b5b0fa24b
ZMM22=6c0894396c089439 6c0894396c089439 6c0894396c089439 6c0894396c089439 6c0894396c089439 6c0894396c089439 6c0894396c089439 6c0894396c089439
ZMM23=c5f576bac5f576ba c5f576bac5f576ba c5f576bac5f576ba c5f576bac5f576ba c5f576bac5f576ba c5f576bac5f576ba c5f576bac5f576ba c5f576bac5f576ba
ZMM24=1628723716287237 1628723716287237 1628723716287237 1628723716287237 1628723716287237 1628723716287237 1628723716287237 1628723716287237
ZMM25=f7ccaf7ff7ccaf7f f7ccaf7ff7ccaf7f f7ccaf7ff7ccaf7f f7ccaf7ff7ccaf7f f7ccaf7ff7ccaf7f f7ccaf7ff7ccaf7f f7ccaf7ff7ccaf7f f7ccaf7ff7ccaf7f
ZMM26=8989b2c58989b2c5 8989b2c58989b2c5 8989b2c58989b2c5 8989b2c58989b2c5 8989b2c58989b2c5 8989b2c58989b2c5 8989b2c58989b2c5 8989b2c58989b2c5
ZMM27=58ae2dfe58ae2dfe 58ae2dfe58ae2dfe 58ae2dfe58ae2dfe 58ae2dfe58ae2dfe 58ae2dfe58ae2dfe 58ae2dfe58ae2dfe 58ae2dfe58ae2dfe 58ae2dfe58ae2dfe
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=7406000074060000 7406000074060000 7406000074060000 7406000074060000 7406000074060000 7406000074060000 7406000074060000 7406000074060000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=0000000000000001 RCX=ffffc900005d0000 RDX=ffffc900005cef01
RSI=ffffc900005cef48 RDI=ffffc900005cef48 RBP=ffffc900005ceba0 RSP=ffffc900005ceae0
R8 =ffffc900005ceb8c R9 =ffffffff90bb1be0 R10=ffffc900005ceb58 R11=000000000000f151
R12=ffffc900005ceba8 R13=ffffc900005ceb58 R14=ffffc900005cef50 R15=ffffc900005cef48
RIP=ffffffff8148e4b0 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002fa0affc CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000006854 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d8ba2c98b00df47 6b955483f0e82ff6
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5fd05479496fa201 42a567460b183378
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c6d678a1b2091952 ef123877a22a6039
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c0adaff7bc13d88d 97d6f59e0ed3811a
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001680
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9e43e69ebc008001 71a69c1f92008001
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d9dee24b00000000 0000000062008001
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 71a69b1800000000 f863731321ebb600
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000071a69d9f 71a69cfe3e008001
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a3d012c653a02341 26ba685f3fa89f6c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 81c24656ed82c0d9 6dfb4eeba7052a60
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000