last executing test programs:

27.841227355s ago: executing program 0 (id=1379):
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000400)={0x0, 0x1}, &(0x7f0000000440)=0x8)
r0 = fsopen(&(0x7f0000000280)='befs\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xb, &(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRESHEX=r0], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300))
r3 = openat$tun(0xffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000002280)={'wlan1\x00', 0x200})
ioctl$TUNSETOWNER(r3, 0x400454cc, 0x0)
r4 = getegid()
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = openat$nullb(0xffffffffffffff9c, 0x0, 0xcb0042, 0x0)
sync_file_range(r5, 0x7fff, 0xfe77, 0x7)
getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x11e, 0x63, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, 0x0, 0x0)
ioctl$TUNSETGROUP(r3, 0x400454ce, r4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1800000014000100fd2874a4bef0dc8400000000", @ANYRES32=0x0], 0x18}}, 0x0)
socket$alg(0x26, 0x5, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

26.904861451s ago: executing program 0 (id=1380):
r0 = open$dir(&(0x7f0000000080)='.\x00', 0x2000, 0x0)
mknodat(r0, &(0x7f0000000000)='./file0\x00', 0x1000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, &(0x7f0000000480))
acct(&(0x7f0000000300)='./file0\x00')
openat$binder_debug(0xffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000021005dbc63fed1066926f5f"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x0, 0x10, 0xfffffffb, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x70, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_tunnel_key={0x58, 0x1, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x8, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x0, 0x0, @void, @value}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getpid()
socket$inet6(0xa, 0x6, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0xb635773f06ebbeef, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

26.017420547s ago: executing program 0 (id=1384):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x10, r0, 0x924ed000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f00000001c0)={0x1a, 0x1b, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x10)
gettid()
r3 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0x7, &(0x7f00000000c0)={0x100, 0x6f0, 0xfffffffa, 0x1}, 0x10)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
sendmsg$sock(r2, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r4, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000bc0)={&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000c00)=0x40)

25.791368467s ago: executing program 0 (id=1386):
socket$nl_route(0x10, 0x3, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r2 = syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r2, 0x4004480c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x690a, &(0x7f0000000340), &(0x7f0000000140), &(0x7f0000000280))
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r6, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000640)="383cd9cbce39f8c83f86c16cba3abbe0a1cc0ad921451ad90d20c72eb63222a37aae8f91c29a66efc1105e7f0b06d2d7d1f876c12c8b973ed6d1cc7e50c655a261d38303a2a8207b93fdf1c3119793fde070c8b352da2b29dc1881854b3c4e3fee5c11fb47c67ad456420760e853740c170a0a959fb04834d318beb94d0f919978e7735438d039dc81547bd691dc26888535a0af6262f7aee3fcde21e4e51474c1154f91dd642c1523f08a194491fbb33e25fe4f566802650ed77497cef0b0ce59681befc62a0c1e9b5899567715c0824463466d6d948a059962e44407245258ba2e6d02affafb03fcfdcecb5691e97fa7f332a35ff0c8e379a5f91e01302be79027b1f342614b0c616786ee8fc05d1ff275918e487ee241ae9759a500137bb7e63f65ec7969cff76b97e14dd7a7de48e37584ba66da992e3674d3f8a0788c6e72b0a736b8da9c6087090fcd5c0e3aefb88b39c8892becf8760560b16a45cfee5304f4d6c228772200d4fe48be3b4ed570c85f7b09c94210375e7263dc1119bf9aef972f32cbb6d70b427bb3c3fe211353d210eb27a757bc592b268d92c8e3c8632467f93c9a5a0cf90d0f8e0c6480b512e70828c5e2b53ed5d5f4b9f1d84477c209886aa095a77087d93c166797ec3282daf2f8e18d9944b4b9a13bb391b312fea26301ce18952204d4552bcc707112cb10d18df37379961ba957caf4bfaf4c48f0573ef237fb1f1cd0310a39d55f5def3da37e2e8a0f5573a2268ba74afb62f681f4bd02c9f250b3ff01388e59f69d9d651506561dfd901aa56129b8474afec21fc1115a38198fd0047e132cf879fb1dcf374eff81e5f079493d55a70014722b9157080281f42c7f37711aec262670ba5ddd151bdd018542c803b47be1dfc884ff5a22156fb9032095de7e69afe9eab810b0c3bac90a8ca8d8c1cb7919a082e7d6d5b2944822ebba4aef382525c5c3382bd8b9d368c337247b935aca5aa46e1124e350ef3fb60b80dd35dc0c65e45c81cd9f271be8c97b8845928926f931641af62f2bc81a6a1a982f8f3318da1a38489f51c564c6c7791fe2f63a10e0e432271aa1aff11f899c87a5c29c5bef73ed72473fada6f49d0af7916800fae9a4b8c60a2c69a93ba9abad0df99ea168cd40c63dee61518dcf8bb29743085de0b2b0cc0a68c4005120fa8ee871b8baa2c6f2f2f4c22002231c9334ca23804457df0922cfc37aaf4b8e4757ff37cd16052006e8bd20a086e4c2a2c3d8dd722e67dd0cb0204a577febd46d1c2315db5c5929c23d08b9c0fcaf9eef78f48d7ef6f51e5b9a6046699d572a9195b8a61ddab408580e209f5fdd804099f01afb597ef41419c82d029be14b8ac40c23c4519619301536709fed1a3150ed69f34012ee25257f4b19fcd1f3d1bfd5be03f85587470c85372ae257d220d7c346bfbd22fbfba27d5daf988e5fbed3c1872e70039f9196f61a30436791a65d5f727b5eb375a06735f7fab2e0434e6424e333a8d098e61c2793b9030df7427f5d654f48ac2f547acce2293fbc7ae6afd36008c31078cef27ec19e975b387ae73ba3e5b3657869ee0fe24a33b558fe42386466d55c56a3b5ce46c54df104bfa002e97e8bde1811681687dc7a2269783476a2c4106bcb25057a72c527a0747d7bef127e4dcd22a658ebe1ff79a77cd887734621b2fc9c4336c5ddc1fb49812b869c13453680e041bc2212f17550fc8d2c70c82452ef6b288985b7cbf53bb35b56a4b53e51dd112e1577", 0x4e0}], 0x1}}, {{0x0, 0x0, &(0x7f0000007440)=[{&(0x7f0000001500)="adf5bd04f01eccec95c1c5ca7fba623735df51cf89844d9bad7429917e03ad4b4cc6ae623ad8c0924b316f0e6d195479b75186ca55315366ef5d0b491b1811e932fb16a15906cab57fa112718bef35405bee39435abc9aa27f44c0fb7d15e1d8dd4b7a59deae296177fe9316e72cbc89f7e7e7c83d3ffae7d847a21894888b3de40826e54e7a0fc7b552c388637004dc3ea210d2c6dfc6283f690afa5b85b25939464a350dcdf1c38d97854aba19593fc884caec78d9c0", 0xb7}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="6be87034983df7d6abe2c2e287503e9fe67324bd3e88", 0x16}], 0x1}}], 0x3, 0x400c804)
getdents(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="e9070000000000000000010000001c0002800c00018008000100030000000c0001800800010001000000"], 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x3, 0x1800, @empty}}, 0xfffffffc, 0x3, 0x989, 0x0, 0x84, 0x8000}, 0x9c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc01cf509, &(0x7f0000000240)={<r9=>r0, 0xa80, 0x1, 0xffff})
read$FUSE(r9, &(0x7f00000003c0)={0x2020}, 0x2020)
socket$nl_generic(0x10, 0x3, 0x10)

16.295742904s ago: executing program 0 (id=1386):
socket$nl_route(0x10, 0x3, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r2 = syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r2, 0x4004480c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x690a, &(0x7f0000000340), &(0x7f0000000140), &(0x7f0000000280))
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r6, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000640)="383cd9cbce39f8c83f86c16cba3abbe0a1cc0ad921451ad90d20c72eb63222a37aae8f91c29a66efc1105e7f0b06d2d7d1f876c12c8b973ed6d1cc7e50c655a261d38303a2a8207b93fdf1c3119793fde070c8b352da2b29dc1881854b3c4e3fee5c11fb47c67ad456420760e853740c170a0a959fb04834d318beb94d0f919978e7735438d039dc81547bd691dc26888535a0af6262f7aee3fcde21e4e51474c1154f91dd642c1523f08a194491fbb33e25fe4f566802650ed77497cef0b0ce59681befc62a0c1e9b5899567715c0824463466d6d948a059962e44407245258ba2e6d02affafb03fcfdcecb5691e97fa7f332a35ff0c8e379a5f91e01302be79027b1f342614b0c616786ee8fc05d1ff275918e487ee241ae9759a500137bb7e63f65ec7969cff76b97e14dd7a7de48e37584ba66da992e3674d3f8a0788c6e72b0a736b8da9c6087090fcd5c0e3aefb88b39c8892becf8760560b16a45cfee5304f4d6c228772200d4fe48be3b4ed570c85f7b09c94210375e7263dc1119bf9aef972f32cbb6d70b427bb3c3fe211353d210eb27a757bc592b268d92c8e3c8632467f93c9a5a0cf90d0f8e0c6480b512e70828c5e2b53ed5d5f4b9f1d84477c209886aa095a77087d93c166797ec3282daf2f8e18d9944b4b9a13bb391b312fea26301ce18952204d4552bcc707112cb10d18df37379961ba957caf4bfaf4c48f0573ef237fb1f1cd0310a39d55f5def3da37e2e8a0f5573a2268ba74afb62f681f4bd02c9f250b3ff01388e59f69d9d651506561dfd901aa56129b8474afec21fc1115a38198fd0047e132cf879fb1dcf374eff81e5f079493d55a70014722b9157080281f42c7f37711aec262670ba5ddd151bdd018542c803b47be1dfc884ff5a22156fb9032095de7e69afe9eab810b0c3bac90a8ca8d8c1cb7919a082e7d6d5b2944822ebba4aef382525c5c3382bd8b9d368c337247b935aca5aa46e1124e350ef3fb60b80dd35dc0c65e45c81cd9f271be8c97b8845928926f931641af62f2bc81a6a1a982f8f3318da1a38489f51c564c6c7791fe2f63a10e0e432271aa1aff11f899c87a5c29c5bef73ed72473fada6f49d0af7916800fae9a4b8c60a2c69a93ba9abad0df99ea168cd40c63dee61518dcf8bb29743085de0b2b0cc0a68c4005120fa8ee871b8baa2c6f2f2f4c22002231c9334ca23804457df0922cfc37aaf4b8e4757ff37cd16052006e8bd20a086e4c2a2c3d8dd722e67dd0cb0204a577febd46d1c2315db5c5929c23d08b9c0fcaf9eef78f48d7ef6f51e5b9a6046699d572a9195b8a61ddab408580e209f5fdd804099f01afb597ef41419c82d029be14b8ac40c23c4519619301536709fed1a3150ed69f34012ee25257f4b19fcd1f3d1bfd5be03f85587470c85372ae257d220d7c346bfbd22fbfba27d5daf988e5fbed3c1872e70039f9196f61a30436791a65d5f727b5eb375a06735f7fab2e0434e6424e333a8d098e61c2793b9030df7427f5d654f48ac2f547acce2293fbc7ae6afd36008c31078cef27ec19e975b387ae73ba3e5b3657869ee0fe24a33b558fe42386466d55c56a3b5ce46c54df104bfa002e97e8bde1811681687dc7a2269783476a2c4106bcb25057a72c527a0747d7bef127e4dcd22a658ebe1ff79a77cd887734621b2fc9c4336c5ddc1fb49812b869c13453680e041bc2212f17550fc8d2c70c82452ef6b288985b7cbf53bb35b56a4b53e51dd112e1577", 0x4e0}], 0x1}}, {{0x0, 0x0, &(0x7f0000007440)=[{&(0x7f0000001500)="adf5bd04f01eccec95c1c5ca7fba623735df51cf89844d9bad7429917e03ad4b4cc6ae623ad8c0924b316f0e6d195479b75186ca55315366ef5d0b491b1811e932fb16a15906cab57fa112718bef35405bee39435abc9aa27f44c0fb7d15e1d8dd4b7a59deae296177fe9316e72cbc89f7e7e7c83d3ffae7d847a21894888b3de40826e54e7a0fc7b552c388637004dc3ea210d2c6dfc6283f690afa5b85b25939464a350dcdf1c38d97854aba19593fc884caec78d9c0", 0xb7}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="6be87034983df7d6abe2c2e287503e9fe67324bd3e88", 0x16}], 0x1}}], 0x3, 0x400c804)
getdents(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="e9070000000000000000010000001c0002800c00018008000100030000000c0001800800010001000000"], 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x3, 0x1800, @empty}}, 0xfffffffc, 0x3, 0x989, 0x0, 0x84, 0x8000}, 0x9c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc01cf509, &(0x7f0000000240)={<r9=>r0, 0xa80, 0x1, 0xffff})
read$FUSE(r9, &(0x7f00000003c0)={0x2020}, 0x2020)
socket$nl_generic(0x10, 0x3, 0x10)

5.418506934s ago: executing program 0 (id=1386):
socket$nl_route(0x10, 0x3, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r2 = syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r2, 0x4004480c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x690a, &(0x7f0000000340), &(0x7f0000000140), &(0x7f0000000280))
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r6, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000640)="383cd9cbce39f8c83f86c16cba3abbe0a1cc0ad921451ad90d20c72eb63222a37aae8f91c29a66efc1105e7f0b06d2d7d1f876c12c8b973ed6d1cc7e50c655a261d38303a2a8207b93fdf1c3119793fde070c8b352da2b29dc1881854b3c4e3fee5c11fb47c67ad456420760e853740c170a0a959fb04834d318beb94d0f919978e7735438d039dc81547bd691dc26888535a0af6262f7aee3fcde21e4e51474c1154f91dd642c1523f08a194491fbb33e25fe4f566802650ed77497cef0b0ce59681befc62a0c1e9b5899567715c0824463466d6d948a059962e44407245258ba2e6d02affafb03fcfdcecb5691e97fa7f332a35ff0c8e379a5f91e01302be79027b1f342614b0c616786ee8fc05d1ff275918e487ee241ae9759a500137bb7e63f65ec7969cff76b97e14dd7a7de48e37584ba66da992e3674d3f8a0788c6e72b0a736b8da9c6087090fcd5c0e3aefb88b39c8892becf8760560b16a45cfee5304f4d6c228772200d4fe48be3b4ed570c85f7b09c94210375e7263dc1119bf9aef972f32cbb6d70b427bb3c3fe211353d210eb27a757bc592b268d92c8e3c8632467f93c9a5a0cf90d0f8e0c6480b512e70828c5e2b53ed5d5f4b9f1d84477c209886aa095a77087d93c166797ec3282daf2f8e18d9944b4b9a13bb391b312fea26301ce18952204d4552bcc707112cb10d18df37379961ba957caf4bfaf4c48f0573ef237fb1f1cd0310a39d55f5def3da37e2e8a0f5573a2268ba74afb62f681f4bd02c9f250b3ff01388e59f69d9d651506561dfd901aa56129b8474afec21fc1115a38198fd0047e132cf879fb1dcf374eff81e5f079493d55a70014722b9157080281f42c7f37711aec262670ba5ddd151bdd018542c803b47be1dfc884ff5a22156fb9032095de7e69afe9eab810b0c3bac90a8ca8d8c1cb7919a082e7d6d5b2944822ebba4aef382525c5c3382bd8b9d368c337247b935aca5aa46e1124e350ef3fb60b80dd35dc0c65e45c81cd9f271be8c97b8845928926f931641af62f2bc81a6a1a982f8f3318da1a38489f51c564c6c7791fe2f63a10e0e432271aa1aff11f899c87a5c29c5bef73ed72473fada6f49d0af7916800fae9a4b8c60a2c69a93ba9abad0df99ea168cd40c63dee61518dcf8bb29743085de0b2b0cc0a68c4005120fa8ee871b8baa2c6f2f2f4c22002231c9334ca23804457df0922cfc37aaf4b8e4757ff37cd16052006e8bd20a086e4c2a2c3d8dd722e67dd0cb0204a577febd46d1c2315db5c5929c23d08b9c0fcaf9eef78f48d7ef6f51e5b9a6046699d572a9195b8a61ddab408580e209f5fdd804099f01afb597ef41419c82d029be14b8ac40c23c4519619301536709fed1a3150ed69f34012ee25257f4b19fcd1f3d1bfd5be03f85587470c85372ae257d220d7c346bfbd22fbfba27d5daf988e5fbed3c1872e70039f9196f61a30436791a65d5f727b5eb375a06735f7fab2e0434e6424e333a8d098e61c2793b9030df7427f5d654f48ac2f547acce2293fbc7ae6afd36008c31078cef27ec19e975b387ae73ba3e5b3657869ee0fe24a33b558fe42386466d55c56a3b5ce46c54df104bfa002e97e8bde1811681687dc7a2269783476a2c4106bcb25057a72c527a0747d7bef127e4dcd22a658ebe1ff79a77cd887734621b2fc9c4336c5ddc1fb49812b869c13453680e041bc2212f17550fc8d2c70c82452ef6b288985b7cbf53bb35b56a4b53e51dd112e1577", 0x4e0}], 0x1}}, {{0x0, 0x0, &(0x7f0000007440)=[{&(0x7f0000001500)="adf5bd04f01eccec95c1c5ca7fba623735df51cf89844d9bad7429917e03ad4b4cc6ae623ad8c0924b316f0e6d195479b75186ca55315366ef5d0b491b1811e932fb16a15906cab57fa112718bef35405bee39435abc9aa27f44c0fb7d15e1d8dd4b7a59deae296177fe9316e72cbc89f7e7e7c83d3ffae7d847a21894888b3de40826e54e7a0fc7b552c388637004dc3ea210d2c6dfc6283f690afa5b85b25939464a350dcdf1c38d97854aba19593fc884caec78d9c0", 0xb7}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="6be87034983df7d6abe2c2e287503e9fe67324bd3e88", 0x16}], 0x1}}], 0x3, 0x400c804)
getdents(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="e9070000000000000000010000001c0002800c00018008000100030000000c0001800800010001000000"], 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x3, 0x1800, @empty}}, 0xfffffffc, 0x3, 0x989, 0x0, 0x84, 0x8000}, 0x9c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc01cf509, &(0x7f0000000240)={<r9=>r0, 0xa80, 0x1, 0xffff})
read$FUSE(r9, &(0x7f00000003c0)={0x2020}, 0x2020)
socket$nl_generic(0x10, 0x3, 0x10)

4.185185391s ago: executing program 2 (id=1473):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x1, 0x0, @pic={0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x2c0710})
r3 = io_uring_setup(0x41a8, &(0x7f0000000600)={0x0, 0xb6ad, 0x4, 0x0, 0x2aa})
syz_io_uring_setup(0x768f, &(0x7f0000000080)={0x0, 0x6b05, 0x200, 0x2, 0x271, 0x0, r3}, &(0x7f0000000800), &(0x7f0000000140))
r4 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f0000000000), 0x4)
setsockopt$RDS_FREE_MR(r4, 0x114, 0x3, &(0x7f00000005c0), 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x64440, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x1000, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c000000020601040000000000000000000000000d000300686173683a6d6163000000000c007d0abc112c3c078008001200000000000900020073797a320000000005000100070000000500040000003f00"], 0x4c}}, 0x0)
read$FUSE(r6, &(0x7f0000004200)={0x2020, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x2020)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1100000004000000040000000c000000000000002478ae9c558284dc7855a8254a0b5722c63f9d40d53936c074e58817df6703d95c50676f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000040)=0x7)
ioctl$TCGETA(r9, 0x8926, &(0x7f0000000140))
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f00000004c0)=0x2)
r10 = syz_open_dev$sndpcmp(&(0x7f0000000180), 0x1, 0x101100)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r10, 0xc25c4111, &(0x7f00000001c0)={0x8, [[0x1, 0x7, 0xfd, 0x8, 0xea, 0x2, 0x8, 0x3ff], [0x2, 0x3, 0x8000002, 0xfc2, 0x4, 0x80000009, 0x6090, 0x5], [0x1, 0x9, 0x7, 0x5, 0x8, 0x6, 0x3, 0x16d]], '\x00', [{0x3ff, 0x8, 0x0, 0x1}, {0x847e, 0x106f08, 0x0, 0x1, 0x1, 0x1}, {0x4000044, 0x3b, 0x1, 0x0, 0x0, 0x1}, {0xa, 0x800, 0x0, 0x1, 0x1, 0x1}, {0x9, 0xa, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x4ce, 0x1, 0x0, 0x0, 0x1}, {0xe0, 0x8, 0x0, 0x0, 0x1}, {0x5, 0x1, 0x1, 0x0, 0x1}, {0x81, 0x96, 0x0, 0x0, 0x1}, {0xd0f, 0x3ff, 0x1, 0x1, 0x1}, {0x1, 0x6, 0x0, 0x1, 0x0, 0x1}, {0xfffffffe, 0x24, 0x1, 0x1, 0x1, 0x1}], '\x00', 0x750d})
socket$inet6_udp(0xa, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, r8, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

3.731475523s ago: executing program 2 (id=1477):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x8e, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000943000/0x2000)=nil, 0x2000, 0x13)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x80000000, 0x0)
r1 = syz_io_uring_setup(0x4b5, 0x0, &(0x7f0000000100), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000010380)=""/47, 0x2f}], 0x4)
r2 = socket$rds(0x15, 0x5, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r3, &(0x7f0000000080)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x0, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x40)
bind$rds(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {0x0}], &(0x7f00000005c0), 0x2}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x37)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x0, 0x0)
poll(&(0x7f00000000c0)=[{r4}], 0x1, 0xfffffffffffffff8)
dup2(r4, r5)
openat$dlm_monitor(0xffffff9c, &(0x7f0000000040), 0x400002, 0x0)
syz_emit_ethernet(0x46, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

2.780953506s ago: executing program 3 (id=1480):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c5602117436c379ffffffffffffc11758000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c10000000214e224e0000", 0x58}], 0x1)

2.780630261s ago: executing program 3 (id=1481):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0x208e24b)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r1 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1e000000070f0000000000000400800000400000b0c1dabe", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200000004000000000000000700"/28], 0x48)
r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8)
mkdir(&(0x7f00000000c0)='./control\x00', 0x0)
close(r2)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0x646, 0x2)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
r4 = socket(0x10, 0x2, 0x0)
write(r4, &(0x7f0000000000)="220000002100072400be00000900070102000000000f000000200000050013800100", 0x22)
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a730b801"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f00000000c0)=@mmap={0x1, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "0900d69d"}})
r5 = inotify_init1(0x0)
r6 = epoll_create(0x6)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYRESHEX=r6, @ANYBLOB="bb44860800a4"])
inotify_add_watch(r5, &(0x7f0000000180)='./control\x00', 0xa7000be0)
close(r2)
open(&(0x7f0000000080)='./control\x00', 0x0, 0x0)

1.661058259s ago: executing program 1 (id=1483):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x2000000015, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
write$P9_RSTATu(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="020200007d00000005f0000000000000000000000000000000000000000000000000000000000000000000000000006465767b6376666f7892ffffff8102000000000031ffcebc920000003800704a86cec602007dfa673effeb09b5351f5bde05f7"], 0x232)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x400, &(0x7f0000000540)=ANY=[@ANYBLOB="68262c0b25a230d1f3c9c74c26124ede670124ffcb10cf422693ebf43fd6a2a8c6605056d2c8674b6a1e7902838cc2c3a91a2a0232105291a8f91dc8e276d8572d2ca46c16d008419d9de5f76adddb6726301dbc10d44c8d2059687bb446a7059de17b19e38d7661dbc512722212ae08bac1d7e6e51d66f844570d215fb4715cef3a6a462b3ef8663df23faba8db6b597d18fa70afd81fdc2ef8b8f3", @ANYRESHEX=r3, @ANYRESDEC=0x0, @ANYBLOB='\x00'/10, @ANYRESDEC=r2, @ANYBLOB="2c00ca7fd54ea6c411ac71f8a2de", @ANYRESOCT=r0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
syz_fuse_handle_req(r3, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c1bece1fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8952ea61655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b6", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)={0x90, 0x0, 0x0, {0x4, 0x0, 0x9, 0x0, 0x0, 0x0, {0x0, 0x0, 0xc0d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000}}}, 0x0, 0x0, 0x0, 0x0})
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
lchown(&(0x7f0000000200)='./file0\x00', 0xee00, 0x0)
r5 = open(&(0x7f0000000180)='./file2\x00', 0x1cd842, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x4020940d, &(0x7f0000000000)={0x4})
write$FUSE_INIT(r3, &(0x7f0000000e00)={0x50, 0x0, r4}, 0x50)
unlink(&(0x7f0000000100)='./file0/file0\x00')
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "ff00f7000000000000000000af88008300"})
r7 = syz_open_pts(r6, 0x143201)
ioctl$TCSETSF(r7, 0x541d, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000100)='./file0/file0\x00')
close_range(r1, 0xffffffffffffffff, 0x0)

1.580748867s ago: executing program 1 (id=1484):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="17000000f5ff000000ff0000000000000054000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200"/28], 0x50)
open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000280)='./bus\x00', &(0x7f0000000240)='minix\x00', 0x2808088, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = io_uring_setup(0x7bd9, &(0x7f0000000180)={0x0, 0x480e, 0x400, 0x0, 0x43})
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x1b, 0x20000009, r6)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x1c)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r7, 0x400448de, &(0x7f00000000c0)={0x0, 0x0, "cd0200"})
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r8, &(0x7f0000000040)="05000000010000", 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r4}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

1.241093192s ago: executing program 1 (id=1485):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000009c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x478, 0x1e0, 0x128, 0x324, 0x128, 0x1e0, 0x3e4, 0x3e4, 0x3e4, 0x3e4, 0x3e4, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00', {}, {0xff}, 0x6, 0x0, 0x1}, 0x0, 0x70, 0x94, 0x0, {0x0, 0x1000000}}, @ECN={0x24, 'ECN\x00', 0x0, {0x20}}}, {{@uncond, 0x0, 0x70, 0x94}, @TTL={0x24}}, {{@uncond, 0x0, 0x94, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @TTL={0x24, 'TTL\x00', 0x0, {0x3, 0x1}}}, {{@uncond, 0x0, 0xe4, 0x144, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x2]}, {0x0, [0x0, 0x0, 0x0, 0x3]}}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'macvtap0\x00'}, 0x0, 0x9c, 0xc0, 0x0, {}, [@common=@inet=@udplite={{0x2c}}]}, @ECN={0x24, 'ECN\x00', 0x0, {0x65f5c1fa4b778e1a, 0x6, 0x1}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x4d4)

1.240662515s ago: executing program 1 (id=1486):
syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x100)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r3, 0x29, 0x20, &(0x7f0000000000)="0bbb268d0200a808ed90cfcf000000000000210d0000aaa8fa017242ba9380d410000000000000002900000004000000", 0x30)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x50, 0x81}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x8)
syz_emit_ethernet(0x60, &(0x7f0000000b40)=ANY=[@ANYBLOB="cf702e8cf675aaaaaaaaaabb86dd60"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffd4a)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000100)={"9fcaa0504b38d5004b9277c079417ff857dc9b7ac770169aed764b4d2ada8bde"})
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = syz_io_uring_setup(0x23b, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x0, 0xfffffffe}, 0x0, 0x0)
io_uring_enter(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000045c0)={0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x4}, 0x0, &(0x7f0000004640)={0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000, 0x586e0342}, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000080))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, 0xffffffffffffffff, &(0x7f0000000a00))
splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000b, 0x8012, r4, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000200)=@ethtool_channels={0x33}})

716.209772ms ago: executing program 3 (id=1487):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0x20}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x20, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa4}, 0x1, 0x0, 0x0, 0xfff5}, 0x0)

621.106079ms ago: executing program 2 (id=1488):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1, 0x12400, 0x9effffff}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @empty}]}]}]}, 0x3c}}, 0x0)

560.969467ms ago: executing program 2 (id=1489):
syz_emit_ethernet(0xbe, 0x0, 0x0)
r0 = open(0x0, 0x60142, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$SO_COOKIE(r1, 0x1, 0x28, 0x0, &(0x7f00000012c0))
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000b80), 0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000080)={'team0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x60, r5, 0x809, 0x0, 0x0, {}, [{{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}]}}]}, 0x60}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'team_slave_0\x00'}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x9, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48880}, 0x8000)
bind$unix(r0, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)

491.309341ms ago: executing program 3 (id=1490):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'veth0_vlan\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r2, 0xc0106407, &(0x7f0000000000)={0xffffffff, 0x0, 0xffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r3=>0x0})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000140), 0xfffffffffffffc1f)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff}, './file0\x00'})
r5 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r5, 0x107, 0x0, &(0x7f0000000040), &(0x7f0000000080)=0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x304}, "0400", "03070800010000000100", "cf0d00", "8657e2b7e41712e4"}, 0x28)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r6, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101}], {0x14}}, 0x3c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYRES64=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = syz_open_dev$usbfs(&(0x7f0000000c40), 0x310decfa, 0x1)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r9, &(0x7f00000003c0)=ANY=[@ANYRES16, @ANYRESDEC, @ANYRESOCT=r8], 0xc1)
ioctl$USBDEVFS_CONTROL(r8, 0x80045505, &(0x7f0000000000)={0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(0xffffffffffffffff, &(0x7f00000003c0), 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r10 = fanotify_init(0x200, 0x0)
writev(r10, &(0x7f00000005c0)=[{&(0x7f00000001c0)="84", 0x8}, {0x0}], 0x2)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x2000}}}, 0x24}}, 0x0)

400.29841ms ago: executing program 2 (id=1491):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x40, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x100e}]}, 0x40}, 0x1, 0x0, 0x0, 0x84}, 0x0)

381.7593ms ago: executing program 1 (id=1492):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x2000000015, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
write$P9_RSTATu(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="020200007d00000005f0000000000000000000000000000000000000000000000000000000000000000000000000006465767b6376666f7892ffffff8102000000000031ffcebc920000003800704a86cec602007dfa673effeb09b5351f5bde05f7"], 0x232)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x400, &(0x7f0000000540)=ANY=[@ANYBLOB="68262c0b25a230d1f3c9c74c26124ede670124ffcb10cf422693ebf43fd6a2a8c6605056d2c8674b6a1e7902838cc2c3a91a2a0232105291a8f91dc8e276d8572d2ca46c16d008419d9de5f76adddb6726301dbc10d44c8d2059687bb446a7059de17b19e38d7661dbc512722212ae08bac1d7e6e51d66f844570d215fb4715cef3a6a462b3ef8663df23faba8db6b597d18fa70afd81fdc2ef8b8f3", @ANYRESHEX=r3, @ANYRESDEC=0x0, @ANYBLOB='\x00'/10, @ANYRESDEC=r2, @ANYBLOB="2c00ca7fd54ea6c411ac71f8a2de", @ANYRESOCT=r0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
syz_fuse_handle_req(r3, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c1bece1fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8952ea61655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b6", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)={0x90, 0x0, 0x0, {0x4, 0x0, 0x9, 0x0, 0x0, 0x0, {0x0, 0x0, 0xc0d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000}}}, 0x0, 0x0, 0x0, 0x0})
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
lchown(&(0x7f0000000200)='./file0\x00', 0xee00, 0x0)
r5 = open(&(0x7f0000000180)='./file2\x00', 0x1cd842, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x4020940d, &(0x7f0000000000)={0x4})
write$FUSE_INIT(r3, &(0x7f0000000e00)={0x50, 0x0, r4}, 0x50)
unlink(&(0x7f0000000100)='./file0/file0\x00')
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "ff00f7000000000000000000af88008300"})
r7 = syz_open_pts(r6, 0x143201)
ioctl$TCSETSF(r7, 0x541d, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000100)='./file0/file0\x00')
close_range(r1, 0xffffffffffffffff, 0x0)

331.049119ms ago: executing program 2 (id=1493):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="17000000f5ff000000ff0000000000000054000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200"/28], 0x50)
open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000280)='./bus\x00', &(0x7f0000000240)='minix\x00', 0x2808088, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$rdma_cm(0xffffff9c, 0x0, 0x2, 0x0)
r5 = io_uring_setup(0x7bd9, &(0x7f0000000180)={0x0, 0x480e, 0x400, 0x0, 0x43})
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x1b, 0x20000009, r6)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x1c)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r7, 0x400448de, &(0x7f00000000c0)={0x0, 0x0, "cd0200"})
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r8, &(0x7f0000000040)="05000000010000", 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r4}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

330.707514ms ago: executing program 3 (id=1494):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x1, 0x0, @pic={0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x2c0710})
r3 = io_uring_setup(0x41a8, &(0x7f0000000600)={0x0, 0xb6ad, 0x4, 0x0, 0x2aa})
syz_io_uring_setup(0x768f, &(0x7f0000000080)={0x0, 0x6b05, 0x200, 0x2, 0x271, 0x0, r3}, &(0x7f0000000800), &(0x7f0000000140))
r4 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f0000000000), 0x4)
setsockopt$RDS_FREE_MR(r4, 0x114, 0x3, &(0x7f00000005c0), 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x64440, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x1000, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c000000020601040000000000000000000000000d000300686173683a6d6163000000000c007d0abc112c3c078008001200000000000900020073797a320000000005000100070000000500040000003f00"], 0x4c}}, 0x0)
read$FUSE(r6, &(0x7f0000004200)={0x2020, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x2020)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x4e, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f0000000040)=0x7)
ioctl$TCGETA(r10, 0x8926, &(0x7f0000000140))
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f00000004c0)=0x2)
r11 = syz_open_dev$sndpcmp(&(0x7f0000000180), 0x1, 0x101100)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r11, 0xc25c4111, &(0x7f00000001c0)={0x8, [[0x1, 0x7, 0xfd, 0x8, 0xea, 0x2, 0x8, 0x3ff], [0x2, 0x3, 0x8000002, 0xfc2, 0x4, 0x80000009, 0x6090, 0x5], [0x1, 0x9, 0x7, 0x5, 0x8, 0x6, 0x3, 0x16d]], '\x00', [{0x3ff, 0x8, 0x0, 0x1}, {0x847e, 0x106f08, 0x0, 0x1, 0x1, 0x1}, {0x4000044, 0x3b, 0x1, 0x0, 0x0, 0x1}, {0xa, 0x800, 0x0, 0x1, 0x1, 0x1}, {0x9, 0xa, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x4ce, 0x1, 0x0, 0x0, 0x1}, {0xe0, 0x8, 0x0, 0x0, 0x1}, {0x5, 0x1, 0x1, 0x0, 0x1}, {0x81, 0x96, 0x0, 0x0, 0x1}, {0xd0f, 0x3ff, 0x1, 0x1, 0x1}, {0x1, 0x6, 0x0, 0x1, 0x0, 0x1}, {0xfffffffe, 0x24, 0x1, 0x1, 0x1, 0x1}], '\x00', 0x750d})
socket$inet6_udp(0xa, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, r8, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

330.402866ms ago: executing program 1 (id=1495):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0xe1cdc000)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock2(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x0)
mknod$loop(&(0x7f0000000080)='./file0/bus\x00', 0x6210, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x402)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102360, 0x18fd8)
setsockopt$TIPC_IMPORTANCE(0xffffffffffffffff, 0x10f, 0x7f, 0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000940)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, 0x0, 0x40)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0)
lchown(&(0x7f0000000000)='./file0/bus\x00', 0xee00, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000340)={{}, {}, [{0x2, 0x3}, {}, {0x2, 0x7, 0xee00}, {0x2, 0x4}, {0x2, 0x2}, {0x2, 0x1}, {0x2, 0x3, 0xee00}, {}], {}, [], {}, {0x20, 0x6}}, 0x64, 0x0)
creat(&(0x7f0000000040)='./file0/bus\x00', 0x0)
r4 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$SMC_PNETID_FLUSH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c029f239e5d6cd38216", @ANYRES16=0x0, @ANYRES8], 0x3c}}, 0x0)

0s ago: executing program 3 (id=1496):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x8e, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000943000/0x2000)=nil, 0x2000, 0x13)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x80000000, 0x0)
r1 = syz_io_uring_setup(0x4b5, 0x0, &(0x7f0000000100), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000010380)=""/47, 0x2f}], 0x4)
r2 = socket$rds(0x15, 0x5, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r3, &(0x7f0000000080)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x0, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x40)
bind$rds(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {0x0}], &(0x7f00000005c0), 0x2}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x37)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x0, 0x0)
poll(&(0x7f00000000c0)=[{r4}], 0x1, 0xfffffffffffffff8)
dup2(r4, r5)
openat$dlm_monitor(0xffffff9c, &(0x7f0000000040), 0x400002, 0x0)
syz_emit_ethernet(0x46, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

.430433][ T8496] Call Trace:
[  235.431670][ T8496]  <TASK>
[  235.432740][ T8496]  dump_stack_lvl+0x16c/0x1f0
[  235.434755][ T8496]  should_fail_ex+0x497/0x5b0
[  235.436537][ T8496]  _copy_from_user+0x30/0xf0
[  235.438219][ T8496]  get_compat_msghdr+0xa8/0x170
[  235.439991][ T8496]  ? __pfx_get_compat_msghdr+0x10/0x10
[  235.441796][ T8496]  ? __pfx___lock_acquire+0x10/0x10
[  235.443571][ T8496]  ___sys_sendmsg+0x1b0/0x1e0
[  235.445312][ T8496]  ? __pfx____sys_sendmsg+0x10/0x10
[  235.447176][ T8496]  ? lock_acquire+0x2f/0xb0
[  235.448811][ T8496]  ? __fget_files+0x40/0x3f0
[  235.450418][ T8496]  ? fdget+0x176/0x210
[  235.451851][ T8496]  __sys_sendmsg+0x117/0x1f0
[  235.453733][ T8496]  ? __pfx___sys_sendmsg+0x10/0x10
[  235.455670][ T8496]  ? __fget_files+0x244/0x3f0
[  235.457466][ T8496]  __do_fast_syscall_32+0x73/0x120
[  235.459658][ T8496]  do_fast_syscall_32+0x32/0x80
[  235.461747][ T8496]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  235.464204][ T8496] RIP: 0023:0xf7f24579
[  235.466136][ T8496] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  235.473618][ T8496] RSP: 002b:00000000f568556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  235.476721][ T8496] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000280
[  235.479876][ T8496] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  235.482866][ T8496] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  235.485801][ T8496] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  235.488631][ T8496] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.491467][ T8496]  </TASK>
[  235.499371][  T997] hsr_slave_0: left promiscuous mode
[  235.502815][  T997] hsr_slave_1: left promiscuous mode
[  235.506204][  T997] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.512498][  T997] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.520712][  T997] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.534362][  T997] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.609798][  T997] veth1_macvtap: left promiscuous mode
[  235.615753][  T997] veth0_macvtap: left promiscuous mode
[  235.620947][  T997] veth1_vlan: left promiscuous mode
[  235.625491][  T997] veth0_vlan: left promiscuous mode
[  236.191737][ T8505] nfs: Unknown parameter 'ntext'
[  236.659121][  T997] team0 (unregistering): Port device team_slave_1 removed
[  236.816751][  T997] team0 (unregistering): Port device team_slave_0 removed
[  236.837399][ T5360] Bluetooth: hci0: command tx timeout
[  237.853270][ T8447] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  237.863729][ T8505] netlink: 20 bytes leftover after parsing attributes in process `syz.3.852'.
[  237.866203][ T8505] netlink: 8 bytes leftover after parsing attributes in process `syz.3.852'.
[  237.963124][ T8447] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  237.970861][ T8447] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  237.985568][ T8447] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  238.175049][ T8447] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.194173][ T8447] 8021q: adding VLAN 0 to HW filter on device team0
[  238.203540][ T1179] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.205513][ T1179] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.215061][   T98] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.216996][   T98] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.269139][ T8447] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  238.342285][ T8447] 8021q: adding VLAN 0 to HW filter on device batadv0
[  238.359957][ T8447] veth0_vlan: entered promiscuous mode
[  238.363667][ T8447] veth1_vlan: entered promiscuous mode
[  238.420800][ T8447] veth0_macvtap: entered promiscuous mode
[  238.424262][ T8447] veth1_macvtap: entered promiscuous mode
[  238.434881][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.438870][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.441453][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.444503][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.447063][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.464003][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.468458][ T8447] batman_adv: batadv0: Interface activated: batadv_slave_0
[  238.473763][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.476772][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.480140][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.482950][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.485860][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.489273][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.493935][ T8447] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.499589][ T8447] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.501888][ T8447] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  238.504166][ T8447] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  238.507379][ T8447] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  238.540277][   T98] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.543921][   T98] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.560344][   T98] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.563938][   T98] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.860501][ T8545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.858'.
[  238.929197][ T5360] Bluetooth: hci0: command tx timeout
[  240.948003][ T8564] netlink: 4 bytes leftover after parsing attributes in process `syz.2.863'.
[  240.979975][ T8570] netlink: 12 bytes leftover after parsing attributes in process `syz.0.865'.
[  240.997385][ T5360] Bluetooth: hci0: command tx timeout
[  241.084279][ T8578] block device autoloading is deprecated and will be removed.
[  241.097588][ T8574] md: md2 stopped.
[  241.471814][ T8590] block nbd0: shutting down sockets
[  242.019220][ T8610] netlink: 4 bytes leftover after parsing attributes in process `syz.3.872'.
[  242.983033][ T8613] netlink: 'syz.2.867': attribute type 10 has an invalid length.
[  242.986721][ T8613] bond0: (slave bond_slave_0): Releasing backup interface
[  244.036097][   T39] audit: type=1800 audit(1729063503.646:2951): pid=8625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.876" name="file2" dev="overlay" ino=115 res=0 errno=0
[  244.222465][ T8632] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.225532][ T8632] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.270608][ T8630] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  244.272383][ T8630] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  244.274608][ T8630] vhci_hcd vhci_hcd.0: Device attached
[  244.283875][ T8632] bridge0: port 3(ipvlan2) entered blocking state
[  244.286295][ T8632] bridge0: port 3(ipvlan2) entered disabled state
[  244.292137][ T8632] ipvlan2: entered allmulticast mode
[  244.294021][ T8632] bridge0: entered allmulticast mode
[  244.296830][ T8632] ipvlan2: left allmulticast mode
[  244.299155][ T8632] bridge0: left allmulticast mode
[  244.367453][ T8635] netlink: 32 bytes leftover after parsing attributes in process `syz.1.878'.
[  244.472771][ T8641] netlink: 16 bytes leftover after parsing attributes in process `syz.2.881'.
[  244.477003][ T8641] netlink: 4 bytes leftover after parsing attributes in process `syz.2.881'.
[  244.483276][ T8641] openvswitch: netlink: Actions may not be safe on all matching packets
[  244.486080][ T8641] netlink: 104 bytes leftover after parsing attributes in process `syz.2.881'.
[  244.490018][ T8641] netlink: 104 bytes leftover after parsing attributes in process `syz.2.881'.
[  244.895530][    T8] vhci_hcd: vhci_device speed not set
[  244.987459][    T8] usb 15-1: new full-speed USB device number 2 using vhci_hcd
[  245.504996][ T8655] netlink: 60 bytes leftover after parsing attributes in process `syz.0.884'.
[  245.507848][ T8655] netlink: 16 bytes leftover after parsing attributes in process `syz.0.884'.
[  245.510208][ T8655] netlink: 60 bytes leftover after parsing attributes in process `syz.0.884'.
[  245.553625][ T8660] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  245.598921][ T8664] syz.2.887: attempt to access beyond end of device
[  245.598921][ T8664] nbd2: rw=2048, sector=2, nr_sectors = 1 limit=0
[  245.612934][ T8664] hfsplus: unable to find HFS+ superblock
[  245.697343][ T8633] vhci_hcd: connection reset by peer
[  245.699983][   T12] vhci_hcd: stop threads
[  245.701119][   T12] vhci_hcd: release socket
[  245.702893][   T12] vhci_hcd: disconnect device
[  245.740644][ T8668] FAULT_INJECTION: forcing a failure.
[  245.740644][ T8668] name failslab, interval 1, probability 0, space 0, times 0
[  245.743958][ T8668] CPU: 3 UID: 0 PID: 8668 Comm: syz.1.888 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  245.746691][ T8668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  245.749487][ T8668] Call Trace:
[  245.750369][ T8668]  <TASK>
[  245.751128][ T8668]  dump_stack_lvl+0x16c/0x1f0
[  245.752419][ T8668]  should_fail_ex+0x497/0x5b0
[  245.753668][ T8668]  ? fs_reclaim_acquire+0xae/0x150
[  245.755018][ T8668]  should_failslab+0xc2/0x120
[  245.756292][ T8668]  __kmalloc_noprof+0xcb/0x410
[  245.757556][ T8668]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  245.759038][ T8668]  tomoyo_realpath_from_path+0xbf/0x710
[  245.760501][ T8668]  ? tomoyo_path_number_perm+0x232/0x5b0
[  245.761971][ T8668]  tomoyo_path_number_perm+0x245/0x5b0
[  245.763404][ T8668]  ? tomoyo_path_number_perm+0x232/0x5b0
[  245.764884][ T8668]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  245.766458][ T8668]  ? trace_lock_acquire+0x14a/0x1d0
[  245.767957][ T8668]  ? lock_acquire+0x2f/0xb0
[  245.769154][ T8668]  ? __fget_files+0x40/0x3f0
[  245.770374][ T8668]  ? __fget_files+0x244/0x3f0
[  245.771586][ T8668]  security_file_ioctl_compat+0x9b/0x240
[  245.773057][ T8668]  __do_compat_sys_ioctl+0x52/0x2b0
[  245.774449][ T8668]  __do_fast_syscall_32+0x73/0x120
[  245.775823][ T8668]  do_fast_syscall_32+0x32/0x80
[  245.777103][ T8668]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  245.778758][ T8668] RIP: 0023:0xf7f13579
[  245.779853][ T8668] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  245.784802][ T8668] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  245.786959][ T8668] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005392
[  245.789021][ T8668] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  245.791082][ T8668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  245.793121][ T8668] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  245.795193][ T8668] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  245.797274][ T8668]  </TASK>
[  245.798118][    C3] vkms_vblank_simulate: vblank timer overrun
[  245.828065][ T8668] ERROR: Out of memory at tomoyo_realpath_from_path.
[  245.956418][ T8672] netlink: 28 bytes leftover after parsing attributes in process `syz.0.890'.
[  245.959422][ T8672] netlink: 'syz.0.890': attribute type 7 has an invalid length.
[  245.961510][ T8672] netlink: 'syz.0.890': attribute type 8 has an invalid length.
[  245.963513][ T8672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.890'.
[  245.967530][ T8672] gretap0: entered promiscuous mode
[  245.970929][ T8672] batadv_slave_1: entered promiscuous mode
[  245.973398][ T8672] gretap0: left promiscuous mode
[  245.975203][ T8672] batadv_slave_1: left promiscuous mode
[  247.199706][ T8700] nfs: Unknown parameter 'ntext'
[  248.354867][   T39] audit: type=1326 audit(1729063507.966:2952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.0.908" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x0
[  248.559387][ T8733] syzkaller1: entered promiscuous mode
[  248.561444][ T8733] syzkaller1: entered allmulticast mode
[  248.617376][   T63] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  248.768946][   T63] usb 6-1: Using ep0 maxpacket: 32
[  248.772623][   T63] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  248.774808][   T63] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  248.780180][   T63] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  248.782757][   T63] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  248.785094][   T63] usb 6-1: Product: syz
[  248.786286][   T63] usb 6-1: Manufacturer: syz
[  248.790470][   T63] usb 6-1: SerialNumber: syz
[  248.793472][   T63] usb 6-1: config 0 descriptor??
[  248.803208][   T63] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  248.809060][   T63] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  249.025022][    C3] ldusb 6-1:0.0: usb_submit_urb failed (-19)
[  249.027802][   T63] usb 6-1: USB disconnect, device number 8
[  249.032537][   T63] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  249.339816][ T8759] netlink: 'syz.0.922': attribute type 3 has an invalid length.
[  249.484549][ T8727] ldusb: No device or device unplugged -19
[  250.298821][ T8777] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  250.347494][    T8] vhci_hcd: vhci_device speed not set
[  250.369102][ T8781] i2c i2c-1: Invalid block write size 254
[  250.483232][ T8784] tmpfs: Unknown parameter 'ª†Õ'
[  250.534057][ T8786] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.636393][ T8786] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.782650][ T8786] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.855254][ T8786] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.038966][ T8786] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  251.063057][ T8786] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  251.079761][ T8786] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  251.100622][ T8786] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  251.644971][ T8798] FAULT_INJECTION: forcing a failure.
[  251.644971][ T8798] name failslab, interval 1, probability 0, space 0, times 0
[  251.650207][ T8798] CPU: 2 UID: 0 PID: 8798 Comm: syz.1.928 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  251.653821][ T8798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.658100][ T8798] Call Trace:
[  251.659558][ T8798]  <TASK>
[  251.660860][ T8798]  dump_stack_lvl+0x16c/0x1f0
[  251.662982][ T8798]  should_fail_ex+0x497/0x5b0
[  251.664653][ T8798]  ? fs_reclaim_acquire+0xae/0x150
[  251.666780][ T8798]  should_failslab+0xc2/0x120
[  251.668504][ T8798]  kmem_cache_alloc_node_noprof+0x71/0x310
[  251.670649][ T8798]  ? __alloc_skb+0x2b3/0x380
[  251.672312][ T8798]  __alloc_skb+0x2b3/0x380
[  251.673895][ T8798]  ? __pfx___alloc_skb+0x10/0x10
[  251.675680][ T8798]  ? lock_acquire+0x2f/0xb0
[  251.677290][ T8798]  netlink_alloc_large_skb+0x69/0x130
[  251.679164][ T8798]  netlink_sendmsg+0x689/0xd70
[  251.680897][ T8798]  ? __pfx_netlink_sendmsg+0x10/0x10
[  251.682942][ T8798]  ? lock_acquire+0x2f/0xb0
[  251.684965][ T8798]  ____sys_sendmsg+0x9ae/0xb40
[  251.686897][ T8798]  ? __pfx_____sys_sendmsg+0x10/0x10
[  251.689214][ T8798]  ? get_compat_msghdr+0x11b/0x170
[  251.691023][ T8798]  ? __pfx___lock_acquire+0x10/0x10
[  251.692897][ T8798]  ___sys_sendmsg+0x135/0x1e0
[  251.694599][ T8798]  ? __pfx____sys_sendmsg+0x10/0x10
[  251.696481][ T8798]  ? lock_acquire+0x2f/0xb0
[  251.698107][ T8798]  ? __fget_files+0x40/0x3f0
[  251.699736][ T8798]  ? fdget+0x176/0x210
[  251.701193][ T8798]  __sys_sendmsg+0x117/0x1f0
[  251.702820][ T8798]  ? __pfx___sys_sendmsg+0x10/0x10
[  251.704655][ T8798]  ? __fget_files+0x244/0x3f0
[  251.706330][ T8798]  __do_fast_syscall_32+0x73/0x120
[  251.708159][ T8798]  do_fast_syscall_32+0x32/0x80
[  251.709861][ T8798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  251.712292][ T8798] RIP: 0023:0xf7f13579
[  251.713734][ T8798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  251.720447][ T8798] RSP: 002b:00000000f567556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  251.723307][ T8798] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000280
[  251.726096][ T8798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  251.728858][ T8798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  251.731659][ T8798] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  251.734492][ T8798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  251.737511][ T8798]  </TASK>
[  251.830497][ T8801] FAULT_INJECTION: forcing a failure.
[  251.830497][ T8801] name failslab, interval 1, probability 0, space 0, times 0
[  251.835484][ T8801] CPU: 0 UID: 0 PID: 8801 Comm: syz.0.932 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  251.838903][ T8801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.842751][ T8801] Call Trace:
[  251.843806][ T8801]  <TASK>
[  251.844702][ T8801]  dump_stack_lvl+0x16c/0x1f0
[  251.845906][ T8801]  should_fail_ex+0x497/0x5b0
[  251.847075][ T8801]  ? fs_reclaim_acquire+0xae/0x150
[  251.848415][ T8801]  should_failslab+0xc2/0x120
[  251.849631][ T8801]  __kmalloc_cache_noprof+0x6b/0x310
[  251.850924][ T8801]  ? p9_fid_create+0x45/0x470
[  251.852106][ T8801]  p9_fid_create+0x45/0x470
[  251.853220][ T8801]  p9_client_attach+0x92/0x2b0
[  251.854399][ T8801]  ? __pfx_p9_client_attach+0x10/0x10
[  251.855765][ T8801]  v9fs_fid_lookup+0x97d/0xec0
[  251.856918][ T8801]  ? __d_lookup_rcu+0x331/0x4c0
[  251.858135][ T8801]  v9fs_vfs_lookup+0x1a3/0x520
[  251.859301][ T8801]  ? __pfx_v9fs_vfs_lookup+0x10/0x10
[  251.860743][ T8801]  ? d_alloc_parallel+0x6b8/0x12b0
[  251.862055][ T8801]  v9fs_vfs_atomic_open+0x4ce/0x930
[  251.863393][ T8801]  ? __pfx_d_alloc_parallel+0x10/0x10
[  251.864813][ T8801]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[  251.866267][ T8801]  ? __d_lookup+0x266/0x4a0
[  251.867507][ T8801]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[  251.869051][ T8801]  lookup_open.isra.0+0xc9f/0x14c0
[  251.870455][ T8801]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  251.872305][ T8801]  ? path_openat+0x88a/0x2d60
[  251.873570][ T8801]  ? lookup_fast+0x155/0x540
[  251.874793][ T8801]  path_openat+0x904/0x2d60
[  251.876033][ T8801]  ? __pfx_path_openat+0x10/0x10
[  251.877371][ T8801]  ? __pfx___lock_acquire+0x10/0x10
[  251.878808][ T8801]  do_filp_open+0x1dc/0x430
[  251.880074][ T8801]  ? __pfx_do_filp_open+0x10/0x10
[  251.881413][ T8801]  ? _raw_spin_unlock+0x28/0x50
[  251.882692][ T8801]  ? alloc_fd+0x2d7/0x6c0
[  251.883852][ T8801]  do_sys_openat2+0x17a/0x1e0
[  251.885132][ T8801]  ? __pfx_do_sys_openat2+0x10/0x10
[  251.886493][ T8801]  ? __fget_files+0x244/0x3f0
[  251.887748][ T8801]  __ia32_compat_sys_open+0x147/0x1e0
[  251.889146][ T8801]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  251.890681][ T8801]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  251.892440][ T8801]  __do_fast_syscall_32+0x73/0x120
[  251.893775][ T8801]  do_fast_syscall_32+0x32/0x80
[  251.895042][ T8801]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  251.896708][ T8801] RIP: 0023:0xf7eff579
[  251.897774][ T8801] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  251.902998][ T8801] RSP: 002b:00000000f568656c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  251.905172][ T8801] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 00000000000a0800
[  251.907211][ T8801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  251.909263][ T8801] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  251.911294][ T8801] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  251.913371][ T8801] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  251.915487][ T8801]  </TASK>
[  252.049984][ T8803] __nla_validate_parse: 5 callbacks suppressed
[  252.050000][ T8803] netlink: 132 bytes leftover after parsing attributes in process `syz.3.934'.
[  252.275829][ T5360] Bluetooth: Unexpected continuation frame (len 12)
[  252.406019][ T8818] overlayfs: failed to resolve './file0': -2
[  252.414736][ T8818] netlink: 'syz.1.939': attribute type 3 has an invalid length.
[  252.417015][ T8818] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.939'.
[  252.531095][ T8823] netlink: 32 bytes leftover after parsing attributes in process `syz.1.941'.
[  254.302889][ T8866] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  254.551541][ T8873] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  254.998537][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  255.073240][ T8886] netlink: 20 bytes leftover after parsing attributes in process `syz.1.962'.
[  255.827125][ T8893] netlink: 'syz.2.963': attribute type 3 has an invalid length.
[  255.829259][ T8893] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.963'.
[  256.250964][ T8908] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0
[  256.275740][ T8913] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98
[  257.691060][ T8938] netlink: 4 bytes leftover after parsing attributes in process `syz.2.978'.
[  258.012537][ T8950] FAULT_INJECTION: forcing a failure.
[  258.012537][ T8950] name failslab, interval 1, probability 0, space 0, times 0
[  258.016021][ T8950] CPU: 0 UID: 0 PID: 8950 Comm: syz.0.981 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  258.018753][ T8950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.021512][ T8950] Call Trace:
[  258.022383][ T8950]  <TASK>
[  258.023155][ T8950]  dump_stack_lvl+0x16c/0x1f0
[  258.024456][ T8950]  should_fail_ex+0x497/0x5b0
[  258.025706][ T8950]  ? fs_reclaim_acquire+0xae/0x150
[  258.027053][ T8950]  should_failslab+0xc2/0x120
[  258.028355][ T8950]  __kmalloc_noprof+0xcb/0x410
[  258.029608][ T8950]  ? __pfx_d_absolute_path+0x10/0x10
[  258.030997][ T8950]  tomoyo_encode2+0x100/0x3e0
[  258.032248][ T8950]  tomoyo_realpath_from_path+0x1a7/0x710
[  258.033717][ T8950]  tomoyo_path_number_perm+0x245/0x5b0
[  258.035142][ T8950]  ? tomoyo_path_number_perm+0x232/0x5b0
[  258.036641][ T8950]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  258.038196][ T8950]  ? trace_lock_acquire+0x14a/0x1d0
[  258.039561][ T8950]  ? lock_acquire+0x2f/0xb0
[  258.040752][ T8950]  ? __fget_files+0x40/0x3f0
[  258.041967][ T8950]  ? __fget_files+0x244/0x3f0
[  258.043212][ T8950]  security_file_ioctl_compat+0x9b/0x240
[  258.044690][ T8950]  __do_compat_sys_ioctl+0x52/0x2b0
[  258.046085][ T8950]  __do_fast_syscall_32+0x73/0x120
[  258.047425][ T8950]  do_fast_syscall_32+0x32/0x80
[  258.048705][ T8950]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.050358][ T8950] RIP: 0023:0xf7eff579
[  258.051439][ T8950] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  258.056439][ T8950] RSP: 002b:00000000f568656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  258.058562][ T8950] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005392
[  258.060537][ T8950] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  258.062499][ T8950] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  258.064472][ T8950] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  258.066382][ T8950] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  258.068430][ T8950]  </TASK>
[  258.070725][ T8950] ERROR: Out of memory at tomoyo_realpath_from_path.
[  258.164623][ T8952] netlink: 28 bytes leftover after parsing attributes in process `syz.0.982'.
[  258.166984][ T8952] netlink: 'syz.0.982': attribute type 7 has an invalid length.
[  258.169279][ T8952] netlink: 'syz.0.982': attribute type 8 has an invalid length.
[  258.171716][ T8952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.982'.
[  258.176139][ T8952] gretap0: entered promiscuous mode
[  258.178477][ T8952] batadv_slave_1: entered promiscuous mode
[  258.180761][ T8952] gretap0: left promiscuous mode
[  258.183296][ T8952] batadv_slave_1: left promiscuous mode
[  258.397566][ T8962] Bluetooth: MGMT ver 1.23
[  258.399322][ T8961] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  258.400118][ T8956] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  259.249859][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.3.989'.
[  259.261528][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.3.989'.
[  259.680247][ T8984] trusted_key: encrypted_key: insufficient parameters specified
[  260.182437][ T8987] /dev/nullb0: Can't open blockdev
[  260.216798][ T8992] nfs: Unknown parameter 'ntext'
[  260.219237][ T8992] netlink: 20 bytes leftover after parsing attributes in process `syz.2.995'.
[  260.222493][ T8992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.995'.
[  260.358435][ T5352] Bluetooth: hci0: command 0x0c20 tx timeout
[  260.362296][ T5360] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  260.857423][ T5352] Bluetooth: hci4: command tx timeout
[  261.027505][ T8987] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  261.158174][ T9005] netlink: 8 bytes leftover after parsing attributes in process `syz.2.998'.
[  261.235133][ T9009] netlink: 'syz.1.1000': attribute type 5 has an invalid length.
[  261.337428][   T30] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  261.352572][ T5352] Bluetooth: Unexpected continuation frame (len 12)
[  261.469728][ T9015] bridge1: entered promiscuous mode
[  261.472163][ T9015] bridge1: entered allmulticast mode
[  261.487388][   T30] usb 5-1: Using ep0 maxpacket: 32
[  261.490287][   T30] usb 5-1: config 0 has no interfaces?
[  261.509949][   T30] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  261.512240][   T30] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  261.514447][   T30] usb 5-1: Product: syz
[  261.515627][   T30] usb 5-1: Manufacturer: syz
[  261.516920][   T30] usb 5-1: SerialNumber: syz
[  261.520435][   T30] usb 5-1: config 0 descriptor??
[  261.678307][ T9027] binder: 9026:9027 ioctl c0306201 0 returned -14
[  261.684595][ T9027] binder: BC_ACQUIRE_RESULT not supported
[  261.689526][ T9027] binder: 9026:9027 ioctl c0306201 200001c0 returned -22
[  261.696369][ T9025] sp0: Synchronizing with TNC
[  261.732096][ T9031] syzkaller1: entered promiscuous mode
[  261.733534][ T9031] syzkaller1: entered allmulticast mode
[  261.999682][ T9038] netlink: 'syz.2.1011': attribute type 1 has an invalid length.
[  262.002536][ T9038] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.1011'.
[  262.437375][ T5352] Bluetooth: hci0: command 0x0c20 tx timeout
[  262.701835][ T9036] netlink: 'syz.1.1009': attribute type 10 has an invalid length.
[  263.362127][   T30] usb 5-1: USB disconnect, device number 11
[  263.547946][ T9061] bridge_slave_0: left allmulticast mode
[  263.549492][ T9061] bridge_slave_0: left promiscuous mode
[  263.551418][ T9061] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.556642][ T9061] bridge_slave_1: left allmulticast mode
[  263.562003][ T9061] bridge_slave_1: left promiscuous mode
[  263.563681][ T9061] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.568836][ T9061] bond0: (slave bond_slave_1): Releasing backup interface
[  263.583050][ T9061] team0: Port device team_slave_0 removed
[  263.590667][ T9061] team0: Port device team_slave_1 removed
[  263.592626][ T9061] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  263.594769][ T9061] batman_adv: batadv0: Removing interface: batadv_slave_0
[  263.601385][ T9061] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  263.603493][ T9061] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.517510][ T5352] Bluetooth: hci0: command 0x0c20 tx timeout
[  264.681856][ T9086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1023'.
[  264.701647][ T9086] sp0: Synchronizing with TNC
[  264.814546][ T9096] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  264.832709][ T1104] Bluetooth: hci1: Frame reassembly failed (-84)
[  266.302957][ T9118] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1033'.
[  266.373006][ T9123] macsec1: entered promiscuous mode
[  266.374449][ T9123] macsec1: entered allmulticast mode
[  266.837427][ T5360] Bluetooth: hci1: command 0x1003 tx timeout
[  266.841826][ T5352] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  267.147865][ T9141] bridge0: port 1(ipvlan2) entered blocking state
[  267.149855][ T9141] bridge0: port 1(ipvlan2) entered disabled state
[  267.151766][ T9141] ipvlan2: entered allmulticast mode
[  267.153258][ T9141] bridge0: entered allmulticast mode
[  267.157644][ T9141] ipvlan2: left allmulticast mode
[  267.159227][ T9141] bridge0: left allmulticast mode
[  268.074143][ T9156] x_tables: duplicate underflow at hook 1
[  268.519230][ T5352] Bluetooth: hci0: Malformed LE Event: 0x1b
[  268.521149][ T5352] Bluetooth: hci0: Ignoring connect complete event for invalid link type
[  268.533145][ T5352] Bluetooth: hci0: unexpected event for opcode 0x0c47
[  268.535717][ T9169] 9pnet: Unknown protocol version 9p2000.u¨Öwt¢îuˆ—ûA”²Âü]_¤
[  268.578379][ T9171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1051'.
[  268.581813][   T39] audit: type=1326 audit(1729063528.186:2953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  268.596691][   T39] audit: type=1326 audit(1729063528.186:2954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  268.605507][   T39] audit: type=1326 audit(1729063528.186:2955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  268.611602][   T39] audit: type=1326 audit(1729063528.186:2956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  268.618128][   T39] audit: type=1326 audit(1729063528.196:2957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  268.625845][   T39] audit: type=1326 audit(1729063528.196:2958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  268.632078][   T39] audit: type=1326 audit(1729063528.196:2959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  268.638240][   T39] audit: type=1326 audit(1729063528.196:2960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  268.644427][   T39] audit: type=1326 audit(1729063528.196:2961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  268.650883][   T39] audit: type=1326 audit(1729063528.196:2962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.0.1051" exe="/syz-executor" sig=0 arch=40000003 syscall=367 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  269.170279][ T9188] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1056'.
[  269.409512][ T9196] usb usb8: check_ctrlrecip: process 9196 (syz.3.1059) requesting ep 01 but needs 81
[  269.417727][ T9196] usb usb8: usbfs: process 9196 (syz.3.1059) did not claim interface 0 before use
[  270.571389][ T9214] netlink: 'syz.1.1065': attribute type 10 has an invalid length.
[  270.926872][ T9223] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  271.218242][ T9234] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1072'.
[  271.226050][ T9234] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1072'.
[  271.250546][ T9243] fuse: Unknown parameter '0xffffffffffffffff0x0000000000000003'
[  272.124165][ T9265] capability: warning: `syz.0.1080' uses 32-bit capabilities (legacy support in use)
[  272.184350][ T9266] netlink: 'syz.0.1080': attribute type 10 has an invalid length.
[  272.186774][ T9266] netlink: 212412 bytes leftover after parsing attributes in process `syz.0.1080'.
[  272.190241][ T9266] openvswitch: netlink: Flow key attr not present in new flow.
[  272.544059][ T9261] netlink: 'syz.2.1077': attribute type 10 has an invalid length.
[  272.598329][ T5360] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  272.601544][ T5360] Bluetooth: hci0: Injecting HCI hardware error event
[  272.651954][ T9278] FAULT_INJECTION: forcing a failure.
[  272.651954][ T9278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.656762][ T9278] CPU: 3 UID: 0 PID: 9278 Comm: syz.3.1085 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  272.659973][ T9278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  272.663289][ T9278] Call Trace:
[  272.664461][ T9278]  <TASK>
[  272.665484][ T9278]  dump_stack_lvl+0x16c/0x1f0
[  272.667149][ T9278]  should_fail_ex+0x497/0x5b0
[  272.668796][ T9278]  _copy_from_user+0x30/0xf0
[  272.670402][ T9278]  mmc_ioctl_dvd_auth+0x12e/0x230
[  272.672142][ T9278]  ? __pfx_mmc_ioctl_dvd_auth+0x10/0x10
[  272.674043][ T9278]  cdrom_ioctl+0x2d98/0x3280
[  272.675658][ T9278]  ? mark_lock+0xb5/0xc60
[  272.677238][ T9278]  ? __pfx_cdrom_ioctl+0x10/0x10
[  272.678945][ T9278]  ? __pfx_mark_lock+0x10/0x10
[  272.680491][ T9278]  ? trace_rpm_return_int+0x19d/0x220
[  272.682371][ T9278]  ? rpm_resume+0x81d/0x1330
[  272.683998][ T9278]  ? lock_acquire.part.0+0x11b/0x380
[  272.685822][ T9278]  ? find_held_lock+0x2d/0x110
[  272.687516][ T9278]  ? __pm_runtime_resume+0xc3/0x170
[  272.689638][ T9278]  ? __pfx_lock_release+0x10/0x10
[  272.691419][ T9278]  ? lockdep_hardirqs_on+0x7c/0x110
[  272.693232][ T9278]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  272.695293][ T9278]  ? __pm_runtime_resume+0xc3/0x170
[  272.697141][ T9278]  sr_block_ioctl+0x1b0/0x250
[  272.698801][ T9278]  ? __pfx_sr_block_ioctl+0x10/0x10
[  272.700664][ T9278]  blkdev_compat_ptr_ioctl+0x9c/0xe0
[  272.702489][ T9278]  ? __pfx_blkdev_compat_ptr_ioctl+0x10/0x10
[  272.704572][ T9278]  compat_blkdev_ioctl+0x2f7/0x750
[  272.706396][ T9278]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  272.708463][ T9278]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  272.710537][ T9278]  __do_compat_sys_ioctl+0x259/0x2b0
[  272.712483][ T9278]  __do_fast_syscall_32+0x73/0x120
[  272.714426][ T9278]  do_fast_syscall_32+0x32/0x80
[  272.716221][ T9278]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.718592][ T9278] RIP: 0023:0xf7f24579
[  272.720102][ T9278] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  272.726977][ T9278] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  272.729998][ T9278] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005392
[  272.732890][ T9278] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  272.735839][ T9278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  272.738234][ T9278] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  272.740387][ T9278] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  272.742438][ T9278]  </TASK>
[  272.743390][    C3] vkms_vblank_simulate: vblank timer overrun
[  272.869107][ T9286] syzkaller1: entered promiscuous mode
[  272.870591][ T9286] syzkaller1: entered allmulticast mode
[  272.917692][ T5360] Bluetooth: hci0: command 0x0c20 tx timeout
[  272.919902][ T5352] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  272.922444][ T5352] Bluetooth: hci0: hardware error 0x00
[  272.957795][ T9264] ALSA: mixer_oss: invalid OSS volume ''
[  275.097563][ T5352] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  276.240028][ T9291] FAULT_INJECTION: forcing a failure.
[  276.240028][ T9291] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.243597][ T9291] CPU: 3 UID: 0 PID: 9291 Comm: syz.1.1089 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  276.246428][ T9291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.249227][ T9291] Call Trace:
[  276.250102][ T9291]  <TASK>
[  276.250876][ T9291]  dump_stack_lvl+0x16c/0x1f0
[  276.252119][ T9291]  should_fail_ex+0x497/0x5b0
[  276.253347][ T9291]  __fpu_restore_sig+0xa9c/0x1430
[  276.254660][ T9291]  ? rcu_is_watching+0x12/0xc0
[  276.255921][ T9291]  ? __pfx___fpu_restore_sig+0x10/0x10
[  276.257339][ T9291]  ? lock_acquire+0x2f/0xb0
[  276.258576][ T9291]  ? __might_fault+0xe3/0x190
[  276.259836][ T9291]  ? __might_fault+0xe3/0x190
[  276.261092][ T9291]  fpu__restore_sig+0x102/0x180
[  276.262390][ T9291]  ia32_restore_sigcontext+0x40f/0x5d0
[  276.263885][ T9291]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  276.265516][ T9291]  ? __pfx_lock_release+0x10/0x10
[  276.266877][ T9291]  ? _raw_spin_unlock_irq+0x23/0x50
[  276.268243][ T9291]  ? lockdep_hardirqs_on+0x7c/0x110
[  276.269572][ T9291]  __do_compat_sys_sigreturn+0x140/0x1f0
[  276.271013][ T9291]  ? __pfx___do_compat_sys_sigreturn+0x10/0x10
[  276.272602][ T9291]  ? rcu_is_watching+0x12/0xc0
[  276.273837][ T9291]  do_int80_emulation+0x104/0x200
[  276.275149][ T9291]  asm_int80_emulation+0x1a/0x20
[  276.276441][ T9291] RIP: 0023:0xf7f13579
[  276.277500][ T9291] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  276.282378][ T9291] RSP: 002b:00000000f569656c EFLAGS: 00000296
[  276.283890][ T9291] RAX: 00000000fffffffc RBX: 0000000000000008 RCX: 0000000000000007
[  276.285800][ T9291] RDX: 0000000000000000 RSI: 0000000000089ffc RDI: 0000000000000000
[  276.287758][ T9291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  276.289714][ T9291] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  276.291618][ T9291] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  276.293538][ T9291]  </TASK>
[  276.294392][    C3] vkms_vblank_simulate: vblank timer overrun
[  277.621693][ T9298] netlink: 'syz.1.1092': attribute type 8 has an invalid length.
[  277.706418][   T39] kauditd_printk_skb: 66 callbacks suppressed
[  277.706429][   T39] audit: type=1326 audit(1729063537.316:3029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.713791][   T39] audit: type=1326 audit(1729063537.316:3030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.739160][ T9305] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98
[  277.741439][   T39] audit: type=1326 audit(1729063537.316:3031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.749348][   T39] audit: type=1326 audit(1729063537.316:3032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.756065][   T39] audit: type=1326 audit(1729063537.316:3033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.779260][   T39] audit: type=1326 audit(1729063537.316:3034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.785580][   T39] audit: type=1326 audit(1729063537.316:3035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.796039][   T39] audit: type=1326 audit(1729063537.316:3036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.801757][   T39] audit: type=1326 audit(1729063537.316:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=170 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.808424][   T39] audit: type=1326 audit(1729063537.316:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.0.1097" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000
[  277.880997][ T9306] lo speed is unknown, defaulting to 1000
[  277.882623][ T9306] lo speed is unknown, defaulting to 1000
[  277.885217][ T9306] lo speed is unknown, defaulting to 1000
[  277.893345][ T9306] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  277.910525][ T9306] lo speed is unknown, defaulting to 1000
[  277.912950][ T9306] lo speed is unknown, defaulting to 1000
[  277.914753][ T9306] lo speed is unknown, defaulting to 1000
[  277.916491][ T9306] lo speed is unknown, defaulting to 1000
[  277.918739][ T9306] lo speed is unknown, defaulting to 1000
[  278.249673][ T9332] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1103'.
[  280.194254][ T9348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1106'.
[  280.197561][ T5352] Bluetooth: hci3: command tx timeout
[  280.234726][ T9342] netlink: 'syz.2.1104': attribute type 10 has an invalid length.
[  280.433671][ T9357] binder: 9354:9357 unknown command 0
[  280.435149][ T9357] binder: 9354:9357 ioctl c0306201 20000140 returned -22
[  280.491740][ T9360] binder: 9354:9360 ioctl 4008af20 20000000 returned -22
[  280.506869][ T9359] fuse: Unknown parameter 'h&'
[  285.198285][ T9388] fuse: Unknown parameter 'h&'
[  285.205675][   T39] kauditd_printk_skb: 42 callbacks suppressed
[  285.205685][   T39] audit: type=1800 audit(1729063544.816:3081): pid=9388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1118" name="file2" dev="overlay" ino=538 res=0 errno=0
[  285.313073][ T9403] FAULT_INJECTION: forcing a failure.
[  285.313073][ T9403] name failslab, interval 1, probability 0, space 0, times 0
[  285.328226][ T9403] CPU: 2 UID: 0 PID: 9403 Comm: syz.1.1123 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  285.330932][ T9403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.333584][ T9403] Call Trace:
[  285.334425][ T9403]  <TASK>
[  285.335314][ T9403]  dump_stack_lvl+0x16c/0x1f0
[  285.336558][ T9403]  should_fail_ex+0x497/0x5b0
[  285.337716][ T9403]  ? fs_reclaim_acquire+0xae/0x150
[  285.338978][ T9403]  should_failslab+0xc2/0x120
[  285.340225][ T9403]  __kmalloc_noprof+0xcb/0x410
[  285.341364][ T9403]  ? __pfx_d_absolute_path+0x10/0x10
[  285.342661][ T9403]  tomoyo_encode2+0x100/0x3e0
[  285.343903][ T9403]  tomoyo_realpath_from_path+0x1a7/0x710
[  285.345288][ T9403]  tomoyo_path_number_perm+0x245/0x5b0
[  285.346704][ T9403]  ? tomoyo_path_number_perm+0x232/0x5b0
[  285.348057][ T9403]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  285.349575][ T9403]  ? trace_lock_acquire+0x14a/0x1d0
[  285.350826][ T9403]  ? lock_acquire+0x2f/0xb0
[  285.351950][ T9403]  ? __fget_files+0x40/0x3f0
[  285.353170][ T9403]  ? __fget_files+0x244/0x3f0
[  285.354356][ T9403]  security_file_ioctl_compat+0x9b/0x240
[  285.355798][ T9403]  __do_compat_sys_ioctl+0x52/0x2b0
[  285.357201][ T9403]  __do_fast_syscall_32+0x73/0x120
[  285.358454][ T9403]  do_fast_syscall_32+0x32/0x80
[  285.359672][ T9403]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  285.361315][ T9403] RIP: 0023:0xf7f13579
[  285.362334][ T9403] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  285.368574][ T9403] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  285.368596][ T9403] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004004af61
[  285.368603][ T9403] RDX: 0000000020000580 RSI: 0000000000000000 RDI: 0000000000000000
[  285.375049][ T9403] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  285.377047][ T9403] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  285.378909][ T9403] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  285.381144][ T9403]  </TASK>
[  285.417375][ T9403] ERROR: Out of memory at tomoyo_realpath_from_path.
[  285.437703][ T5352] Bluetooth: Unexpected continuation frame (len 12)
[  286.348245][ T9400] netlink: 'syz.0.1119': attribute type 10 has an invalid length.
[  286.362691][ T9400] bond0: (slave bond_slave_0): Releasing backup interface
[  287.520652][ T9431] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1130'.
[  287.555285][ T9433] fuse: Unknown parameter 'h&'
[  287.651856][   T39] audit: type=1800 audit(1729063547.216:3082): pid=9433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1131" name="file2" dev="overlay" ino=432 res=0 errno=0
[  287.686840][ T5352] Bluetooth: Unexpected continuation frame (len 12)
[  288.101090][ T9449] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  288.949508][ T9445] netlink: 'syz.2.1135': attribute type 10 has an invalid length.
[  289.621699][ T9460] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1138'.
[  290.804940][ T9469] fuse: Unknown parameter 'h&'
[  290.817374][   T39] audit: type=1800 audit(1729063550.426:3083): pid=9469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1141" name="file2" dev="overlay" ino=432 res=0 errno=0
[  292.799650][ T9523] netlink: 'syz.2.1148': attribute type 10 has an invalid length.
[  293.358754][ T9564] netlink: 'syz.0.1151': attribute type 1 has an invalid length.
[  293.360810][ T9564] netlink: 232 bytes leftover after parsing attributes in process `syz.0.1151'.
[  293.725930][ T9568] binder: 9567:9568 ioctl c0306201 0 returned -14
[  293.731654][ T9568] binder: BC_ACQUIRE_RESULT not supported
[  293.733297][ T9568] binder: 9567:9568 ioctl c0306201 200001c0 returned -22
[  293.957915][ T9573] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1153'.
[  295.311002][ T9585] syzkaller1: entered promiscuous mode
[  295.312420][ T9585] syzkaller1: entered allmulticast mode
[  295.843524][ T5360] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  295.848063][ T5360] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  295.852246][ T5360] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  295.856786][ T5360] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  295.861521][ T5360] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  295.863603][ T5360] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  295.976128][ T9593] chnl_net:caif_netlink_parms(): no params data found
[  296.116633][ T9593] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.118763][ T9593] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.120716][ T9593] bridge_slave_0: entered allmulticast mode
[  296.123096][ T9593] bridge_slave_0: entered promiscuous mode
[  296.126866][ T9593] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.128994][ T9593] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.131023][ T9593] bridge_slave_1: entered allmulticast mode
[  296.133136][ T9593] bridge_slave_1: entered promiscuous mode
[  296.164415][ T9593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.172816][ T9593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.219818][ T9593] team0: Port device team_slave_0 added
[  296.225666][ T9593] team0: Port device team_slave_1 added
[  296.263193][ T9593] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.265010][ T9593] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.271993][ T9593] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.277218][ T9593] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.279181][ T9593] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.285803][ T9593] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.337957][ T9593] hsr_slave_0: entered promiscuous mode
[  296.341063][ T9593] hsr_slave_1: entered promiscuous mode
[  296.344957][ T9593] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  296.348927][ T9593] Cannot create hsr debugfs directory
[  296.489495][ T9593] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.590489][ T9593] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.682494][ T9593] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.757429][ T9593] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.884479][ T9593] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  296.890622][ T9593] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  296.894263][ T9593] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  296.901011][ T9593] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  296.976657][ T9593] 8021q: adding VLAN 0 to HW filter on device bond0
[  296.994495][ T9593] 8021q: adding VLAN 0 to HW filter on device team0
[  297.001508][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.003457][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.051454][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.053345][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.325991][ T9593] 8021q: adding VLAN 0 to HW filter on device batadv0
[  297.371645][ T9593] veth0_vlan: entered promiscuous mode
[  297.381202][ T9593] veth1_vlan: entered promiscuous mode
[  297.439112][ T9593] veth0_macvtap: entered promiscuous mode
[  297.445399][ T9593] veth1_macvtap: entered promiscuous mode
[  297.456126][ T9593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.461311][ T9593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.464122][ T9593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.466892][ T9593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.470022][ T9593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.472770][ T9593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.476237][ T9593] batman_adv: batadv0: Interface activated: batadv_slave_0
[  297.481050][ T9612] netlink: 'syz.3.1163': attribute type 10 has an invalid length.
[  297.492970][ T9612] bond0: (slave bond_slave_0): Releasing backup interface
[  297.520932][ T9593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.523681][ T9593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.526202][ T9593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.529212][ T9593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.531780][ T9593] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.534564][ T9593] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.540411][ T9593] batman_adv: batadv0: Interface activated: batadv_slave_1
[  297.545997][ T9593] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.548914][ T9593] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  297.551320][ T9593] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  297.553686][ T9593] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  297.602597][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.604650][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.623659][ T1196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.625564][ T1196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.700789][ T9621] fuse: Unknown parameter 'h&'
[  297.738581][   T39] audit: type=1800 audit(1729063557.356:3084): pid=9621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1160" name="file2" dev="overlay" ino=27 res=0 errno=0
[  297.877474][ T5352] Bluetooth: hci1: command tx timeout
[  299.120931][ T9644] input: syz0 as /devices/virtual/input/input14
[  299.924869][ T9656] fuse: Unknown parameter 'h&'
[  299.951374][   T39] audit: type=1800 audit(1729063559.566:3085): pid=9656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1175" name="file2" dev="overlay" ino=441 res=0 errno=0
[  299.957388][ T5352] Bluetooth: hci1: command tx timeout
[  301.278544][ T9683] fuse: Unknown parameter 'h&'
[  301.290680][   T39] audit: type=1800 audit(1729063560.906:3086): pid=9683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1184" name="file2" dev="overlay" ino=472 res=0 errno=0
[  301.353826][ T9670] netlink: 'syz.1.1179': attribute type 10 has an invalid length.
[  301.379614][ T9670] bond0: (slave bond_slave_0): Releasing backup interface
[  301.414828][ T9689] netlink: 'syz.3.1186': attribute type 5 has an invalid length.
[  301.417095][ T9689] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1186'.
[  302.047340][ T5352] Bluetooth: hci1: command tx timeout
[  303.096856][ T9720] Cannot find set identified by id 0 to match
[  303.196368][ T9723] fuse: Unknown parameter 'h&'
[  303.225251][   T39] audit: type=1800 audit(1729063562.836:3087): pid=9723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1194" name="file2" dev="overlay" ino=85 res=0 errno=0
[  303.542708][ T9737] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1197'.
[  304.127619][ T5352] Bluetooth: hci1: command tx timeout
[  304.436097][ T9755] fuse: Unknown parameter 'h&'
[  304.486611][   T39] audit: type=1800 audit(1729063564.096:3088): pid=9755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1203" name="file2" dev="overlay" ino=116 res=0 errno=0
[  304.662650][ T9759] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1204'.
[  304.736159][ T9735] netlink: 'syz.2.1196': attribute type 10 has an invalid length.
[  306.089743][ T9780] 9pnet_fd: Insufficient options for proto=fd
[  306.126694][ T9787] fuse: Unknown parameter 'h&'
[  306.157330][   T39] audit: type=1800 audit(1729063565.746:3089): pid=9787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1212" name="file2" dev="overlay" ino=555 res=0 errno=0
[  307.145777][ T9803] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1216'.
[  307.177518][ T9792] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  307.184012][ T9803] sp0: Synchronizing with TNC
[  309.248622][ T9813] netlink: 'syz.2.1219': attribute type 10 has an invalid length.
[  309.316163][ T9840] fuse: Unknown parameter 'h&'
[  309.322216][   T39] audit: type=1800 audit(1729063568.936:3090): pid=9840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1225" name="file2" dev="overlay" ino=556 res=0 errno=0
[  310.319099][ T9842] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  311.275351][ T9872] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1234'.
[  311.308402][ T9872] sp0: Synchronizing with TNC
[  311.632355][ T9879] fuse: Unknown parameter 'h&'
[  311.707194][   T39] audit: type=1800 audit(1729063571.316:3091): pid=9879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1236" name="file2" dev="overlay" ino=589 res=0 errno=0
[  311.949772][ T9874] netlink: 'syz.0.1233': attribute type 10 has an invalid length.
[  312.061865][ T9882] FAULT_INJECTION: forcing a failure.
[  312.061865][ T9882] name failslab, interval 1, probability 0, space 0, times 0
[  312.077612][ T9882] CPU: 3 UID: 0 PID: 9882 Comm: syz.2.1237 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  312.080374][ T9882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  312.083144][ T9882] Call Trace:
[  312.084018][ T9882]  <TASK>
[  312.084794][ T9882]  dump_stack_lvl+0x16c/0x1f0
[  312.086027][ T9882]  should_fail_ex+0x497/0x5b0
[  312.087286][ T9882]  ? fs_reclaim_acquire+0xae/0x150
[  312.088626][ T9882]  should_failslab+0xc2/0x120
[  312.089858][ T9882]  __kmalloc_noprof+0xcb/0x410
[  312.091130][ T9882]  ? rcu_is_watching+0x12/0xc0
[  312.092398][ T9882]  p9_fcall_init+0x97/0x260
[  312.093593][ T9882]  p9_tag_alloc+0x17a/0x870
[  312.094809][ T9882]  ? __pfx_p9_tag_alloc+0x10/0x10
[  312.096149][ T9882]  p9_client_prepare_req+0x19f/0x4d0
[  312.097533][ T9882]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  312.099080][ T9882]  ? hlock_class+0x4e/0x130
[  312.100275][ T9882]  ? mark_lock+0xb5/0xc60
[  312.101408][ T9882]  ? __pfx___lock_acquire+0x10/0x10
[  312.103265][ T9882]  p9_client_rpc+0x1c3/0xc10
[  312.104442][ T9882]  ? __pfx_p9_client_rpc+0x10/0x10
[  312.105782][ T9882]  ? find_held_lock+0x2d/0x110
[  312.107058][ T9882]  ? p9_fid_create+0x26a/0x470
[  312.108311][ T9882]  ? mark_held_locks+0x9f/0xe0
[  312.109564][ T9882]  ? rcu_is_watching+0x12/0xc0
[  312.110825][ T9882]  p9_client_attach+0x154/0x2b0
[  312.112107][ T9882]  ? __pfx_p9_client_attach+0x10/0x10
[  312.113502][ T9882]  v9fs_fid_lookup+0x97d/0xec0
[  312.114778][ T9882]  ? __d_lookup_rcu+0x331/0x4c0
[  312.116108][ T9882]  v9fs_vfs_lookup+0x1a3/0x520
[  312.117403][ T9882]  ? __pfx_v9fs_vfs_lookup+0x10/0x10
[  312.118778][ T9882]  ? d_alloc_parallel+0x6b8/0x12b0
[  312.120152][ T9882]  v9fs_vfs_atomic_open+0x4ce/0x930
[  312.121509][ T9882]  ? __pfx_d_alloc_parallel+0x10/0x10
[  312.122929][ T9882]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[  312.124409][ T9882]  ? __d_lookup+0x266/0x4a0
[  312.125610][ T9882]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[  312.127119][ T9882]  lookup_open.isra.0+0xc9f/0x14c0
[  312.128456][ T9882]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  312.129900][ T9882]  ? path_openat+0x88a/0x2d60
[  312.131164][ T9882]  ? lookup_fast+0x155/0x540
[  312.132381][ T9882]  path_openat+0x904/0x2d60
[  312.133577][ T9882]  ? __pfx_path_openat+0x10/0x10
[  312.134910][ T9882]  ? __pfx___lock_acquire+0x10/0x10
[  312.136273][ T9882]  do_filp_open+0x1dc/0x430
[  312.137465][ T9882]  ? __pfx_do_filp_open+0x10/0x10
[  312.139281][ T9882]  ? _raw_spin_unlock+0x28/0x50
[  312.140560][ T9882]  ? alloc_fd+0x2d7/0x6c0
[  312.141699][ T9882]  do_sys_openat2+0x17a/0x1e0
[  312.142959][ T9882]  ? __pfx_do_sys_openat2+0x10/0x10
[  312.144326][ T9882]  ? __fget_files+0x244/0x3f0
[  312.145560][ T9882]  __ia32_compat_sys_open+0x147/0x1e0
[  312.146972][ T9882]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  312.148511][ T9882]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  312.150224][ T9882]  __do_fast_syscall_32+0x73/0x120
[  312.151593][ T9882]  do_fast_syscall_32+0x32/0x80
[  312.152875][ T9882]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  312.154532][ T9882] RIP: 0023:0xf73ce579
[  312.155645][ T9882] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  312.160664][ T9882] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  312.162843][ T9882] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 00000000000a0800
[  312.164916][ T9882] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  312.166984][ T9882] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  312.169030][ T9882] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  312.171084][ T9882] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  312.173133][ T9882]  </TASK>
[  312.174024][    C3] vkms_vblank_simulate: vblank timer overrun
[  313.287441][ T9886] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  313.412860][ T9910] fuse: Unknown parameter 'h&'
[  313.424036][   T39] audit: type=1800 audit(1729063573.036:3092): pid=9910 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1245" name="file2" dev="overlay" ino=626 res=0 errno=0
[  313.520703][ T9913] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1246'.
[  313.531785][ T9913] sp0: Synchronizing with TNC
[  315.377812][ T9937] netlink: 'syz.0.1250': attribute type 10 has an invalid length.
[  315.728509][ T9942] fuse: Unknown parameter 'h&'
[  315.739106][   T39] audit: type=1800 audit(1729063575.356:3093): pid=9942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1254" name="file2" dev="overlay" ino=179 res=0 errno=0
[  315.814223][ T9944] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1256'.
[  315.827380][ T9944] sp0: Synchronizing with TNC
[  316.442176][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  317.601684][ T9972] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1263'.
[  318.583950][ T9989] FAULT_INJECTION: forcing a failure.
[  318.583950][ T9989] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  318.587569][ T9989] CPU: 1 UID: 0 PID: 9989 Comm: syz.2.1266 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  318.590297][ T9989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  318.593064][ T9989] Call Trace:
[  318.593938][ T9989]  <TASK>
[  318.594812][ T9989]  dump_stack_lvl+0x16c/0x1f0
[  318.596110][ T9989]  should_fail_ex+0x497/0x5b0
[  318.597357][ T9989]  ? fs_reclaim_acquire+0xae/0x150
[  318.598691][ T9989]  should_fail_alloc_page+0xe7/0x130
[  318.600077][ T9989]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  318.601681][ T9989]  __alloc_pages_noprof+0x190/0x25a0
[  318.603061][ T9989]  ? copy_splice_read+0x1a8/0xb90
[  318.604368][ T9989]  ? stack_trace_save+0x95/0xd0
[  318.605675][ T9989]  ? __pfx_stack_trace_save+0x10/0x10
[  318.607075][ T9989]  ? stack_depot_save_flags+0x28/0x900
[  318.608488][ T9989]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  318.609958][ T9989]  ? copy_splice_read+0x1a8/0xb90
[  318.611273][ T9989]  ? kasan_save_stack+0x33/0x60
[  318.612539][ T9989]  ? kasan_save_track+0x14/0x30
[  318.613816][ T9989]  ? __kasan_kmalloc+0xaa/0xb0
[  318.615212][ T9989]  ? __kmalloc_noprof+0x1e8/0x410
[  318.616520][ T9989]  ? copy_splice_read+0x1a8/0xb90
[  318.617832][ T9989]  ? do_splice_read+0x282/0x370
[  318.619107][ T9989]  ? splice_direct_to_actor+0x2a4/0xa40
[  318.620541][ T9989]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  318.622224][ T9989]  alloc_pages_bulk_noprof+0x77c/0x1110
[  318.623671][ T9989]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  318.625229][ T9989]  ? trace_kmalloc+0x2d/0xe0
[  318.626439][ T9989]  ? __kmalloc_noprof+0x207/0x410
[  318.627765][ T9989]  copy_splice_read+0x1e3/0xb90
[  318.629037][ T9989]  ? __pfx_copy_splice_read+0x10/0x10
[  318.630435][ T9989]  ? pipe_unlock+0x4a/0x70
[  318.631605][ T9989]  ? __pfx_splice_from_pipe+0x10/0x10
[  318.633003][ T9989]  ? __pfx_register_lock_class+0x10/0x10
[  318.634501][ T9989]  ? __pfx_copy_splice_read+0x10/0x10
[  318.635998][ T9989]  do_splice_read+0x282/0x370
[  318.637248][ T9989]  splice_direct_to_actor+0x2a4/0xa40
[  318.638641][ T9989]  ? __pfx_direct_splice_actor+0x10/0x10
[  318.640106][ T9989]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  318.641645][ T9989]  ? __fget_files+0x23a/0x3f0
[  318.642875][ T9989]  do_splice_direct+0x178/0x250
[  318.644141][ T9989]  ? __pfx_do_splice_direct+0x10/0x10
[  318.645542][ T9989]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  318.647094][ T9989]  ? bpf_lsm_file_permission+0x9/0x10
[  318.648482][ T9989]  ? security_file_permission+0x71/0x210
[  318.649938][ T9989]  do_sendfile+0xb0c/0xe40
[  318.651118][ T9989]  ? __pfx_do_sendfile+0x10/0x10
[  318.652411][ T9989]  ? __fget_files+0x244/0x3f0
[  318.653645][ T9989]  __ia32_compat_sys_sendfile+0x1e7/0x230
[  318.655183][ T9989]  ? ksys_write+0x1ad/0x260
[  318.656366][ T9989]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  318.657976][ T9989]  __do_fast_syscall_32+0x73/0x120
[  318.659313][ T9989]  do_fast_syscall_32+0x32/0x80
[  318.660574][ T9989]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  318.662208][ T9989] RIP: 0023:0xf73ce579
[  318.663294][ T9989] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  318.668223][ T9989] RSP: 002b:00000000f567456c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  318.670367][ T9989] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000007
[  318.672410][ T9989] RDX: 0000000000000000 RSI: 0000000000089ffc RDI: 0000000000000000
[  318.674467][ T9989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  318.676535][ T9989] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  318.678560][ T9989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  318.680596][ T9989]  </TASK>
[  320.333409][T10012] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1273'.
[  320.359398][T10012] sp0: Synchronizing with TNC
[  320.440203][ T9988] netlink: 'syz.1.1267': attribute type 10 has an invalid length.
[  321.099528][T10035] netlink: zone id is out of range
[  321.102181][T10035] netlink: zone id is out of range
[  321.103743][T10035] netlink: zone id is out of range
[  321.105232][T10035] netlink: zone id is out of range
[  321.106693][T10035] netlink: zone id is out of range
[  321.113578][T10035] netlink: zone id is out of range
[  321.116088][T10035] netlink: zone id is out of range
[  321.120675][T10035] netlink: zone id is out of range
[  321.140655][T10035] netlink: zone id is out of range
[  321.152440][T10035] netlink: zone id is out of range
[  322.263757][T10054] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1284'.
[  322.303784][T10056] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1285'.
[  323.107625][T10061] netlink: 'syz.2.1286': attribute type 10 has an invalid length.
[  324.073422][   T57] IPVS: starting estimator thread 0...
[  324.079370][T10077] tipc: Started in network mode
[  324.080766][T10077] tipc: Node identity ac1414aa, cluster identity 4711
[  324.082650][T10077] tipc: Enabled bearer <udp:s>, priority 10
[  324.187457][T10078] IPVS: using max 36 ests per chain, 86400 per kthread
[  324.571025][T10095] syz.0.1296: attempt to access beyond end of device
[  324.571025][T10095] nbd0: rw=0, sector=0, nr_sectors = 8 limit=0
[  324.934237][T10095] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1296'.
[  325.099134][T10080] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  325.208888][   T57] tipc: Node number set to 2886997162
[  326.147317][    C1] net_ratelimit: 16 callbacks suppressed
[  326.147328][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  326.268051][T10126] ./file0: Can't lookup blockdev
[  326.404312][T10130] FAULT_INJECTION: forcing a failure.
[  326.404312][T10130] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.408549][T10130] CPU: 2 UID: 0 PID: 10130 Comm: syz.3.1306 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  326.411337][T10130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  326.414297][T10130] Call Trace:
[  326.415198][T10130]  <TASK>
[  326.415980][T10130]  dump_stack_lvl+0x16c/0x1f0
[  326.417220][T10130]  should_fail_ex+0x497/0x5b0
[  326.418463][T10130]  _copy_from_iter+0x29b/0x13e0
[  326.419742][T10130]  ? __pfx__copy_from_iter+0x10/0x10
[  326.421112][T10130]  ? __virt_addr_valid+0x1a4/0x590
[  326.422439][T10130]  ? __virt_addr_valid+0x5e/0x590
[  326.423888][T10130]  ? __phys_addr_symbol+0x30/0x80
[  326.425227][T10130]  ? __check_object_size+0x488/0x710
[  326.426636][T10130]  netlink_sendmsg+0x813/0xd70
[  326.428108][T10130]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.429494][T10130]  ? lock_acquire+0x2f/0xb0
[  326.430699][T10130]  ____sys_sendmsg+0x9ae/0xb40
[  326.432010][T10130]  ? __pfx_____sys_sendmsg+0x10/0x10
[  326.433397][T10130]  ? get_compat_msghdr+0x11b/0x170
[  326.434798][T10130]  ? __pfx___lock_acquire+0x10/0x10
[  326.436192][T10130]  ___sys_sendmsg+0x135/0x1e0
[  326.437432][T10130]  ? __pfx____sys_sendmsg+0x10/0x10
[  326.439041][T10130]  ? lock_acquire+0x2f/0xb0
[  326.440237][T10130]  ? __fget_files+0x40/0x3f0
[  326.441464][T10130]  ? fdget+0x176/0x210
[  326.442537][T10130]  __sys_sendmsg+0x117/0x1f0
[  326.443774][T10130]  ? __pfx___sys_sendmsg+0x10/0x10
[  326.445130][T10130]  ? __fget_files+0x244/0x3f0
[  326.446376][T10130]  __do_fast_syscall_32+0x73/0x120
[  326.447735][T10130]  do_fast_syscall_32+0x32/0x80
[  326.449027][T10130]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  326.450690][T10130] RIP: 0023:0xf7f24579
[  326.451815][T10130] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  326.456806][T10130] RSP: 002b:00000000f568556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  326.458981][T10130] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000280
[  326.461034][T10130] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  326.463106][T10130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  326.465402][T10130] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  326.467465][T10130] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  326.469525][T10130]  </TASK>
[  327.006128][T10148] fuse: blksize only supported for fuseblk
[  327.029279][T10134] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  327.167302][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  327.463094][T10158] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1315'.
[  327.508256][T10158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1315'.
[  327.511293][T10158] openvswitch: netlink: Actions may not be safe on all matching packets
[  327.513737][T10158] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1315'.
[  327.516217][T10158] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1315'.
[  327.588525][T10172] input: syz1 as /devices/virtual/input/input15
[  327.939460][T10197] FAULT_INJECTION: forcing a failure.
[  327.939460][T10197] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  327.943961][T10197] CPU: 1 UID: 0 PID: 10197 Comm: syz.0.1321 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  327.947590][T10197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  327.951181][T10197] Call Trace:
[  327.952328][T10197]  <TASK>
[  327.953345][T10197]  dump_stack_lvl+0x16c/0x1f0
[  327.955300][T10197]  should_fail_ex+0x497/0x5b0
[  327.956913][T10197]  ? fs_reclaim_acquire+0xae/0x150
[  327.958646][T10197]  should_fail_alloc_page+0xe7/0x130
[  327.960465][T10197]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  327.962548][T10197]  __alloc_pages_noprof+0x190/0x25a0
[  327.964358][T10197]  ? copy_splice_read+0x1a8/0xb90
[  327.966066][T10197]  ? stack_trace_save+0x95/0xd0
[  327.967721][T10197]  ? __pfx_stack_trace_save+0x10/0x10
[  327.969524][T10197]  ? stack_depot_save_flags+0x28/0x900
[  327.971394][T10197]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  327.973308][T10197]  ? copy_splice_read+0x1a8/0xb90
[  327.975033][T10197]  ? kasan_save_stack+0x33/0x60
[  327.976683][T10197]  ? kasan_save_track+0x14/0x30
[  327.978336][T10197]  ? __kasan_kmalloc+0xaa/0xb0
[  327.979972][T10197]  ? __kmalloc_noprof+0x1e8/0x410
[  327.982013][T10197]  ? copy_splice_read+0x1a8/0xb90
[  327.983730][T10197]  ? do_splice_read+0x282/0x370
[  327.985387][T10197]  ? splice_direct_to_actor+0x2a4/0xa40
[  327.987279][T10197]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  327.989481][T10197]  alloc_pages_bulk_noprof+0x77c/0x1110
[  327.991327][T10197]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  327.992921][T10197]  ? trace_kmalloc+0x2d/0xe0
[  327.994137][T10197]  ? __kmalloc_noprof+0x207/0x410
[  327.995498][T10197]  copy_splice_read+0x1e3/0xb90
[  327.996777][T10197]  ? __pfx_copy_splice_read+0x10/0x10
[  327.998192][T10197]  ? pipe_unlock+0x4a/0x70
[  327.999381][T10197]  ? __pfx_splice_from_pipe+0x10/0x10
[  328.000793][T10197]  ? __pfx_register_lock_class+0x10/0x10
[  328.002268][T10197]  ? __pfx_copy_splice_read+0x10/0x10
[  328.003684][T10197]  do_splice_read+0x282/0x370
[  328.004932][T10197]  splice_direct_to_actor+0x2a4/0xa40
[  328.006338][T10197]  ? __pfx_direct_splice_actor+0x10/0x10
[  328.007826][T10197]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  328.009731][T10197]  ? __fget_files+0x23a/0x3f0
[  328.010991][T10197]  do_splice_direct+0x178/0x250
[  328.012273][T10197]  ? __pfx_do_splice_direct+0x10/0x10
[  328.013689][T10197]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  328.015272][T10197]  ? bpf_lsm_file_permission+0x9/0x10
[  328.016683][T10197]  ? security_file_permission+0x71/0x210
[  328.018240][T10197]  do_sendfile+0xb0c/0xe40
[  328.019408][T10197]  ? __pfx_do_sendfile+0x10/0x10
[  328.020761][T10197]  ? __fget_files+0x244/0x3f0
[  328.022112][T10197]  __ia32_compat_sys_sendfile+0x1e7/0x230
[  328.023617][T10197]  ? ksys_write+0x1ad/0x260
[  328.024824][T10197]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  328.026473][T10197]  __do_fast_syscall_32+0x73/0x120
[  328.027836][T10197]  do_fast_syscall_32+0x32/0x80
[  328.029136][T10197]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  328.030817][T10197] RIP: 0023:0xf7eff579
[  328.031909][T10197] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  328.037428][T10197] RSP: 002b:00000000f564456c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  328.039991][T10197] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000007
[  328.042033][T10197] RDX: 0000000000000000 RSI: 0000000000089ffc RDI: 0000000000000000
[  328.044098][T10197] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  328.046155][T10197] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  328.048220][T10197] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  328.050273][T10197]  </TASK>
[  328.197301][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  328.651450][T10210] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1328'.
[  328.657479][T10192] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  329.237441][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  330.019641][T10243] netlink: 'syz.0.1338': attribute type 1 has an invalid length.
[  330.154352][T10246] fuse: Bad value for 'user_id'
[  330.155689][T10246] fuse: Bad value for 'user_id'
[  330.172113][T10246] Process accounting resumed
[  330.277350][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  330.336119][T10234] netlink: 'syz.3.1335': attribute type 10 has an invalid length.
[  331.017605][T10255] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  331.317362][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  332.357324][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  333.397337][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  334.196038][T10297] netlink: 'syz.0.1352': attribute type 10 has an invalid length.
[  334.447367][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  335.477336][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  336.517370][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  337.557406][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  337.566054][T10323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1359'.
[  337.643787][T10330] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1361'.
[  337.664568][T10330] sp0: Synchronizing with TNC
[  337.726022][T10333] bridge2: entered allmulticast mode
[  338.597315][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  338.687416][T10335] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  338.799641][T10352] fuse: Unknown parameter 'h&'
[  338.818869][   T39] audit: type=1800 audit(1729063598.436:3094): pid=10352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1369" name="file2" dev="overlay" ino=734 res=0 errno=0
[  339.146266][T10343] netlink: 'syz.0.1366': attribute type 10 has an invalid length.
[  339.153064][T10362] netlink: 9412 bytes leftover after parsing attributes in process `syz.2.1371'.
[  339.620197][T10378] fuse: Unknown parameter 'h&'
[  339.637321][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  339.642560][   T39] audit: type=1800 audit(1729063599.256:3095): pid=10378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1378" name="file2" dev="overlay" ino=765 res=0 errno=0
[  340.508705][T10380] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  340.677321][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  341.664473][T10396] netlink: 'syz.1.1382': attribute type 10 has an invalid length.
[  341.717353][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  341.773774][T10403] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98
[  341.824562][ T1196] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.896124][ T1196] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.979290][ T1196] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  342.007937][ T5360] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  342.014765][ T5360] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  342.017784][ T5360] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  342.021955][ T5360] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  342.024149][ T5360] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  342.026094][ T5360] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  342.081559][ T1196] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  342.288165][T10407] chnl_net:caif_netlink_parms(): no params data found
[  342.347153][ T1196] bridge_slave_1: left allmulticast mode
[  342.348843][ T1196] bridge_slave_1: left promiscuous mode
[  342.350265][ T1196] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.412990][ T1196] bridge_slave_0: left allmulticast mode
[  342.416229][ T1196] bridge_slave_0: left promiscuous mode
[  342.426462][ T1196] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.757349][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  343.256705][ T1196] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  343.269930][ T1196] bond0 (unregistering): Released all slaves
[  343.797362][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  344.038352][T10411] Bluetooth: hci0: command tx timeout
[  344.118227][ T5354] Bluetooth: hci3: command 0x0406 tx timeout
[  344.121098][ T5354] Bluetooth: hci4: command 0x0406 tx timeout
[  344.122781][T10411] Bluetooth: hci5: command 0x0406 tx timeout
[  344.423131][T10407] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.425067][T10407] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.427104][T10407] bridge_slave_0: entered allmulticast mode
[  344.439435][T10407] bridge_slave_0: entered promiscuous mode
[  344.442576][T10407] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.444938][T10407] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.447143][T10407] bridge_slave_1: entered allmulticast mode
[  344.453022][T10407] bridge_slave_1: entered promiscuous mode
[  344.457937][T10446] Bluetooth: MGMT ver 1.23
[  344.459703][T10435] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  344.553641][T10407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  344.557127][T10407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  344.599223][T10407] team0: Port device team_slave_0 added
[  344.618090][T10407] team0: Port device team_slave_1 added
[  344.668250][T10407] batman_adv: batadv0: Adding interface: batadv_slave_0
[  344.670013][T10407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.676443][T10407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  344.686884][ T1196] hsr_slave_0: left promiscuous mode
[  344.687365][   T30] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  344.690585][ T1196] hsr_slave_1: left promiscuous mode
[  344.692541][ T1196] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  344.694483][ T1196] batman_adv: batadv0: Removing interface: batadv_slave_0
[  344.697543][ T1196] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  344.699648][ T1196] batman_adv: batadv0: Removing interface: batadv_slave_1
[  344.741265][ T1196] veth1_macvtap: left promiscuous mode
[  344.742827][ T1196] veth0_macvtap: left promiscuous mode
[  344.744291][ T1196] veth1_vlan: left promiscuous mode
[  344.745768][ T1196] veth0_vlan: left promiscuous mode
[  344.791169][T10461] fuse: Unknown parameter 'h&'
[  344.837325][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  344.847595][   T39] audit: type=1800 audit(1729063604.416:3096): pid=10461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1395" name="file2" dev="overlay" ino=778 res=0 errno=0
[  344.869621][   T30] usb 7-1: Using ep0 maxpacket: 8
[  344.873479][   T30] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  344.885691][   T30] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  344.890990][   T30] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  344.893578][   T30] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  344.896586][   T30] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  344.906457][   T30] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  344.910700][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.151129][   T30] usb 7-1: usb_control_msg returned -32
[  345.152904][   T30] usbtmc 7-1:16.0: can't read capabilities
[  345.210865][   T30] usb 7-1: USB disconnect, device number 7
[  345.859876][ T1196] team0 (unregistering): Port device team_slave_1 removed
[  345.877371][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  345.986488][ T1196] team0 (unregistering): Port device team_slave_0 removed
[  346.127438][ T5360] Bluetooth: hci0: command tx timeout
[  346.567892][ T5352] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  346.917302][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  347.586132][T10407] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.592914][T10407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.601314][T10407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  347.714092][T10407] hsr_slave_0: entered promiscuous mode
[  347.717213][T10407] hsr_slave_1: entered promiscuous mode
[  347.960464][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  348.120007][T10495] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  348.207347][ T5360] Bluetooth: hci0: command 0x040f tx timeout
[  348.211763][ T5352] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  348.434066][T10505] netlink: 'syz.1.1400': attribute type 10 has an invalid length.
[  348.477840][T10512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1403'.
[  348.479937][T10407] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  348.496837][T10407] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  348.530808][T10407] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  348.541529][T10407] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  348.558109][T10518] fuse: Unknown parameter 'h&'
[  348.567089][   T39] audit: type=1800 audit(1729063608.176:3097): pid=10518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1404" name="file2" dev="overlay" ino=852 res=0 errno=0
[  348.619540][T10407] 8021q: adding VLAN 0 to HW filter on device bond0
[  348.638486][T10407] 8021q: adding VLAN 0 to HW filter on device team0
[  348.651114][ T1196] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.653060][ T1196] bridge0: port 1(bridge_slave_0) entered forwarding state
[  348.733368][   T98] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.735811][   T98] bridge0: port 2(bridge_slave_1) entered forwarding state
[  348.924227][T10407] 8021q: adding VLAN 0 to HW filter on device batadv0
[  348.954463][T10407] veth0_vlan: entered promiscuous mode
[  348.958509][T10407] veth1_vlan: entered promiscuous mode
[  348.984599][T10407] veth0_macvtap: entered promiscuous mode
[  348.989951][T10407] veth1_macvtap: entered promiscuous mode
[  348.997391][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  349.038836][T10407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  349.043304][T10407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.045817][T10407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  349.052269][T10407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.055605][T10407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  349.058416][T10407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.062422][T10407] batman_adv: batadv0: Interface activated: batadv_slave_0
[  349.066644][T10407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  349.070228][T10407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.073492][T10407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  349.076994][T10407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.080411][T10407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  349.083889][T10407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.088021][T10407] batman_adv: batadv0: Interface activated: batadv_slave_1
[  349.093013][T10407] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  349.095976][T10407] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  349.099070][T10407] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  349.103094][T10407] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.139911][ T1196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.144888][ T1196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.161134][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.163206][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.877943][T10569] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  349.885610][T10569] CIFS: Unable to determine destination address
[  350.006858][T10578] Process accounting resumed
[  350.016577][T10578] kernel write not supported for file /asound/timers (pid: 10578 comm: syz.2.1412)
[  350.047381][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  350.246240][T10586] fuse: Unknown parameter 'h&'
[  350.263561][   T39] audit: type=1800 audit(1729063609.876:3098): pid=10586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1415" name="file2" dev="overlay" ino=830 res=0 errno=0
[  350.347332][   T63] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  350.499375][   T63] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  350.501687][   T63] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  350.504172][   T63] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  350.511882][   T63] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  350.514308][   T63] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  350.516849][   T63] usb 7-1: Product: syz
[  350.518586][   T63] usb 7-1: Manufacturer: syz
[  350.525168][   T63] cdc_wdm 7-1:1.0: skipping garbage
[  350.526589][   T63] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[  350.741977][   T63] usb 7-1: USB disconnect, device number 8
[  351.077308][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  351.264902][T10581] kernel write not supported for file /asound/timers (pid: 10581 comm: syz.2.1414)
[  351.310535][   T98] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.693504][T10595] kernel write not supported for file /asound/timers (pid: 10595 comm: syz.2.1418)
[  351.761161][T10597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1419'.
[  351.814962][ T5352] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  351.837704][ T5352] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  351.840776][ T5352] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  351.843382][ T5352] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  351.845472][ T5352] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  351.847590][ T5352] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  352.024210][T10605] chnl_net:caif_netlink_parms(): no params data found
[  352.074080][T10625] Bluetooth: MGMT ver 1.23
[  352.078614][T10618] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  352.096939][T10628] fuse: Unknown parameter 'h&'
[  352.098837][T10605] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.100956][T10605] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.103171][T10605] bridge_slave_0: entered allmulticast mode
[  352.105878][T10605] bridge_slave_0: entered promiscuous mode
[  352.112331][T10605] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.113815][   T39] audit: type=1800 audit(1729063611.726:3099): pid=10628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1424" name="file2" dev="overlay" ino=429 res=0 errno=0
[  352.114447][T10605] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.122925][T10605] bridge_slave_1: entered allmulticast mode
[  352.125346][T10605] bridge_slave_1: entered promiscuous mode
[  352.127308][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  352.160743][T10605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  352.164672][T10602] kernel write not supported for file /asound/timers (pid: 10602 comm: syz.2.1421)
[  352.164685][T10605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  352.241882][T10632] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  352.281598][T10605] team0: Port device team_slave_0 added
[  352.294238][T10631] kernel write not supported for file /asound/timers (pid: 10631 comm: syz.2.1426)
[  352.327361][T10605] team0: Port device team_slave_1 added
[  352.379301][T10639] FAULT_INJECTION: forcing a failure.
[  352.379301][T10639] name failslab, interval 1, probability 0, space 0, times 0
[  352.383440][T10639] CPU: 2 UID: 0 PID: 10639 Comm: syz.2.1428 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  352.386213][T10639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  352.388987][T10639] Call Trace:
[  352.389876][T10639]  <TASK>
[  352.390668][T10639]  dump_stack_lvl+0x16c/0x1f0
[  352.391911][T10639]  should_fail_ex+0x497/0x5b0
[  352.393151][T10639]  ? fs_reclaim_acquire+0xae/0x150
[  352.394519][T10639]  should_failslab+0xc2/0x120
[  352.395771][T10639]  __kmalloc_noprof+0xcb/0x410
[  352.397035][T10639]  ? rcu_is_watching+0x12/0xc0
[  352.398296][T10639]  p9_fcall_init+0x97/0x260
[  352.399501][T10639]  p9_tag_alloc+0x21c/0x870
[  352.400696][T10639]  ? __pfx_p9_tag_alloc+0x10/0x10
[  352.402017][T10639]  p9_client_prepare_req+0x19f/0x4d0
[  352.403413][T10639]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  352.404938][T10639]  ? hlock_class+0x4e/0x130
[  352.406139][T10639]  ? mark_lock+0xb5/0xc60
[  352.407282][T10639]  ? __pfx___lock_acquire+0x10/0x10
[  352.408642][T10639]  p9_client_rpc+0x1c3/0xc10
[  352.409862][T10639]  ? __pfx_p9_client_rpc+0x10/0x10
[  352.411207][T10639]  ? find_held_lock+0x2d/0x110
[  352.412462][T10639]  ? p9_fid_create+0x26a/0x470
[  352.413730][T10639]  ? mark_held_locks+0x9f/0xe0
[  352.415161][T10639]  ? rcu_is_watching+0x12/0xc0
[  352.416422][T10639]  p9_client_attach+0x154/0x2b0
[  352.417696][T10639]  ? __pfx_p9_client_attach+0x10/0x10
[  352.419118][T10639]  v9fs_fid_lookup+0x97d/0xec0
[  352.420376][T10639]  ? __d_lookup_rcu+0x331/0x4c0
[  352.421654][T10639]  v9fs_vfs_lookup+0x1a3/0x520
[  352.422926][T10639]  ? __pfx_v9fs_vfs_lookup+0x10/0x10
[  352.424305][T10639]  ? d_alloc_parallel+0x6b8/0x12b0
[  352.425656][T10639]  v9fs_vfs_atomic_open+0x4ce/0x930
[  352.427022][T10639]  ? __pfx_d_alloc_parallel+0x10/0x10
[  352.428427][T10639]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[  352.430011][T10639]  ? __d_lookup+0x266/0x4a0
[  352.431247][T10639]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[  352.432750][T10639]  lookup_open.isra.0+0xc9f/0x14c0
[  352.434117][T10639]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  352.435595][T10639]  ? path_openat+0x88a/0x2d60
[  352.436927][T10639]  ? lookup_fast+0x155/0x540
[  352.438168][T10639]  path_openat+0x904/0x2d60
[  352.439542][T10639]  ? __pfx_path_openat+0x10/0x10
[  352.440896][T10639]  ? __pfx___lock_acquire+0x10/0x10
[  352.442273][T10639]  do_filp_open+0x1dc/0x430
[  352.443486][T10639]  ? __pfx_do_filp_open+0x10/0x10
[  352.444911][T10639]  ? _raw_spin_unlock+0x28/0x50
[  352.446193][T10639]  ? alloc_fd+0x2d7/0x6c0
[  352.447347][T10639]  do_sys_openat2+0x17a/0x1e0
[  352.448704][T10639]  ? __pfx_do_sys_openat2+0x10/0x10
[  352.450112][T10639]  ? __fget_files+0x244/0x3f0
[  352.451382][T10639]  __ia32_compat_sys_open+0x147/0x1e0
[  352.452815][T10639]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  352.454407][T10639]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  352.456151][T10639]  __do_fast_syscall_32+0x73/0x120
[  352.457504][T10639]  do_fast_syscall_32+0x32/0x80
[  352.458961][T10639]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  352.460627][T10639] RIP: 0023:0xf73ce579
[  352.461730][T10639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  352.466775][T10639] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  352.468969][T10639] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 00000000000a0800
[  352.471051][T10639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  352.473113][T10639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  352.475196][T10639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  352.477240][T10639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  352.479329][T10639]  </TASK>
[  352.594319][T10638] kernel write not supported for file /asound/timers (pid: 10638 comm: syz.2.1428)
[  352.607823][T10605] batman_adv: batadv0: Adding interface: batadv_slave_0
[  352.613934][T10605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.624192][T10605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  352.668545][T10605] batman_adv: batadv0: Adding interface: batadv_slave_1
[  352.670767][T10605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.678735][T10605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  353.157310][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  353.872909][T10644] kernel write not supported for file /asound/timers (pid: 10644 comm: syz.2.1429)
[  353.887556][ T5360] Bluetooth: hci0: command tx timeout
[  353.893731][T10605] hsr_slave_0: entered promiscuous mode
[  353.895659][T10605] hsr_slave_1: entered promiscuous mode
[  353.899380][T10605] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  353.901311][T10605] Cannot create hsr debugfs directory
[  354.117803][ T5352] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  354.188687][   T98] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.197451][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  354.251951][T10655] fuse: Unknown parameter 'h&'
[  354.285203][   T98] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.292428][   T39] audit: type=1800 audit(1729063613.906:3100): pid=10655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1433" name="file2" dev="overlay" ino=455 res=0 errno=0
[  354.382080][   T98] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.610851][   T98] bridge_slave_1: left allmulticast mode
[  354.612454][   T98] bridge_slave_1: left promiscuous mode
[  354.614069][   T98] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.624969][   T98] bridge_slave_0: left allmulticast mode
[  354.632298][   T98] bridge_slave_0: left promiscuous mode
[  354.645934][   T98] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.758644][T10649] kernel write not supported for file /asound/timers (pid: 10649 comm: syz.2.1430)
[  354.976161][T10665] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  355.207463][T10663] kernel write not supported for file /asound/timers (pid: 10663 comm: syz.2.1435)
[  355.237311][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  355.460537][   T98] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  355.464610][   T98] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  355.473213][   T98] bond0 (unregistering): Released all slaves
[  355.476132][T10676] kernel write not supported for file /asound/timers (pid: 10676 comm: syz.2.1438)
[  355.516892][T10679] kernel write not supported for file /asound/timers (pid: 10679 comm: syz.2.1439)
[  355.893724][   T98] hsr_slave_0: left promiscuous mode
[  355.905584][   T98] hsr_slave_1: left promiscuous mode
[  355.908949][   T98] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  355.911070][   T98] batman_adv: batadv0: Removing interface: batadv_slave_0
[  355.928510][   T98] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  355.930438][   T98] batman_adv: batadv0: Removing interface: batadv_slave_1
[  355.967297][ T5360] Bluetooth: hci0: command 0x041b tx timeout
[  355.970128][ T5352] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  355.991900][   T98] veth1_macvtap: left promiscuous mode
[  355.996436][   T98] veth0_macvtap: left promiscuous mode
[  356.003592][   T98] veth1_vlan: left promiscuous mode
[  356.010221][   T98] veth0_vlan: left promiscuous mode
[  356.278156][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  356.491129][T10710] fuse: Unknown parameter 'h&'
[  356.502657][   T39] audit: type=1800 audit(1729063616.116:3101): pid=10710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1442" name="file2" dev="overlay" ino=481 res=0 errno=0
[  357.121222][T10718] block nbd3: shutting down sockets
[  357.317360][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  357.610386][T10684] kernel write not supported for file /asound/timers (pid: 10684 comm: syz.2.1440)
[  357.649139][   T98] team0 (unregistering): Port device team_slave_1 removed
[  357.752681][   T98] team0 (unregistering): Port device team_slave_0 removed
[  358.037626][ T5352] Bluetooth: hci0: command 0x041b tx timeout
[  358.357309][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  358.398775][T10605] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  358.442943][T10605] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  358.465132][T10605] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  358.476700][T10605] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  358.545747][T10605] 8021q: adding VLAN 0 to HW filter on device bond0
[  358.557611][T10605] 8021q: adding VLAN 0 to HW filter on device team0
[  358.563054][  T997] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.564949][  T997] bridge0: port 1(bridge_slave_0) entered forwarding state
[  358.581296][ T1196] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.583212][ T1196] bridge0: port 2(bridge_slave_1) entered forwarding state
[  358.632936][T10731] kernel write not supported for file /asound/timers (pid: 10731 comm: syz.2.1446)
[  358.691931][T10605] 8021q: adding VLAN 0 to HW filter on device batadv0
[  358.719359][T10605] veth0_vlan: entered promiscuous mode
[  358.732539][T10605] veth1_vlan: entered promiscuous mode
[  359.397351][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  359.595656][T10745] kernel write not supported for file /asound/timers (pid: 10745 comm: syz.2.1448)
[  359.601323][T10605] veth0_macvtap: entered promiscuous mode
[  359.604043][T10605] veth1_macvtap: entered promiscuous mode
[  359.609448][T10605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.612153][T10605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.614679][T10605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.617457][T10605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.620489][T10605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.623317][T10605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.628523][T10605] batman_adv: batadv0: Interface activated: batadv_slave_0
[  359.631387][T10605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  359.634082][T10605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.636627][T10605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  359.639477][T10605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.641997][T10605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  359.644685][T10605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.648315][T10605] batman_adv: batadv0: Interface activated: batadv_slave_1
[  359.651672][T10605] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  359.653922][T10605] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  359.656182][T10605] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  359.658614][T10605] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  359.659945][T10739] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  359.698738][  T997] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  359.700847][  T997] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  359.715403][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  359.718882][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  359.724989][   T39] audit: type=1326 audit(1729063619.336:3102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10746 comm="syz.2.1449" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0
[  359.862297][T10755] fuse: Unknown parameter 'h&'
[  359.876136][   T39] audit: type=1800 audit(1729063619.486:3103): pid=10755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1451" name="file2" dev="overlay" ino=514 res=0 errno=0
[  359.910842][T10753] kernel write not supported for file /asound/timers (pid: 10753 comm: syz.2.1449)
[  359.937330][T10752] md0: using deprecated bitmap file support
[  359.938862][T10752] md0: error: bitmap file must be a regular file
[  359.986582][T10761] kernel write not supported for file /asound/timers (pid: 10761 comm: syz.2.1453)
[  360.127495][ T5360] Bluetooth: hci0: command 0x041b tx timeout
[  360.129959][ T5352] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  360.151802][T10764] FAULT_INJECTION: forcing a failure.
[  360.151802][T10764] name failslab, interval 1, probability 0, space 0, times 0
[  360.155347][T10764] CPU: 0 UID: 0 PID: 10764 Comm: syz.2.1454 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  360.158171][T10764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  360.160962][T10764] Call Trace:
[  360.161848][T10764]  <TASK>
[  360.162640][T10764]  dump_stack_lvl+0x16c/0x1f0
[  360.163887][T10764]  should_fail_ex+0x497/0x5b0
[  360.165133][T10764]  should_failslab+0xc2/0x120
[  360.166334][T10764]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  360.167752][T10764]  ? skb_clone+0x190/0x3f0
[  360.169023][T10764]  skb_clone+0x190/0x3f0
[  360.170149][T10764]  netlink_deliver_tap+0xb26/0xcf0
[  360.171542][T10764]  netlink_unicast+0x5e1/0x7f0
[  360.173010][T10764]  ? __pfx_netlink_unicast+0x10/0x10
[  360.174372][T10764]  ? __phys_addr_symbol+0x30/0x80
[  360.175721][T10764]  ? __check_object_size+0x4a1/0x710
[  360.177120][T10764]  netlink_sendmsg+0x8b8/0xd70
[  360.178384][T10764]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.179781][T10764]  ? lock_acquire+0x2f/0xb0
[  360.180991][T10764]  ____sys_sendmsg+0x9ae/0xb40
[  360.182254][T10764]  ? __pfx_____sys_sendmsg+0x10/0x10
[  360.183653][T10764]  ? get_compat_msghdr+0x11b/0x170
[  360.185010][T10764]  ? __pfx___lock_acquire+0x10/0x10
[  360.186358][T10764]  ___sys_sendmsg+0x135/0x1e0
[  360.187528][T10764]  ? __pfx____sys_sendmsg+0x10/0x10
[  360.188898][T10764]  ? lock_acquire+0x2f/0xb0
[  360.190241][T10764]  ? __fget_files+0x40/0x3f0
[  360.191474][T10764]  ? fdget+0x176/0x210
[  360.192553][T10764]  __sys_sendmsg+0x117/0x1f0
[  360.193778][T10764]  ? __pfx___sys_sendmsg+0x10/0x10
[  360.195153][T10764]  ? __fget_files+0x244/0x3f0
[  360.196404][T10764]  __do_fast_syscall_32+0x73/0x120
[  360.197758][T10764]  do_fast_syscall_32+0x32/0x80
[  360.199057][T10764]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  360.200728][T10764] RIP: 0023:0xf73ce579
[  360.201812][T10764] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  360.206852][T10764] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  360.209178][T10764] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000280
[  360.211249][T10764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  360.213317][T10764] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  360.215386][T10764] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  360.217442][T10764] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  360.219487][T10764]  </TASK>
[  360.437378][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  360.873083][T10766] kernel write not supported for file /asound/timers (pid: 10766 comm: syz.2.1454)
[  360.950129][T10772] kernel write not supported for file /asound/timers (pid: 10772 comm: syz.2.1456)
[  361.014341][T10774] kernel write not supported for file /asound/timers (pid: 10774 comm: syz.2.1457)
[  361.251948][T10779] netlink: 'syz.2.1458': attribute type 10 has an invalid length.
[  361.254676][T10779] netlink: 'syz.2.1458': attribute type 10 has an invalid length.
[  361.487422][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  361.729699][T10782] syz.3.1459 (10782): drop_caches: 2
[  361.890858][T10779] kernel write not supported for file /asound/timers (pid: 10779 comm: syz.2.1458)
[  361.930007][T10787] fuse: Unknown parameter 'h&'
[  361.935694][   T39] audit: type=1800 audit(1729063621.546:3104): pid=10787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1461" name="file2" dev="overlay" ino=535 res=0 errno=0
[  361.955082][T10789] kernel write not supported for file /asound/timers (pid: 10789 comm: syz.2.1462)
[  362.004904][T10792] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1464'.
[  362.020770][T10792] sp0: Synchronizing with TNC
[  362.238255][T10798] FAULT_INJECTION: forcing a failure.
[  362.238255][T10798] name failslab, interval 1, probability 0, space 0, times 0
[  362.241569][T10798] CPU: 1 UID: 0 PID: 10798 Comm: syz.1.1463 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  362.244427][T10798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  362.247166][T10798] Call Trace:
[  362.248086][T10798]  <TASK>
[  362.248861][T10798]  dump_stack_lvl+0x16c/0x1f0
[  362.250089][T10798]  should_fail_ex+0x497/0x5b0
[  362.251390][T10798]  ? fs_reclaim_acquire+0xae/0x150
[  362.252720][T10798]  should_failslab+0xc2/0x120
[  362.253950][T10798]  __kmalloc_noprof+0xcb/0x410
[  362.255222][T10798]  ? put_page+0x21e/0x280
[  362.256351][T10798]  copy_splice_read+0x1a8/0xb90
[  362.257609][T10798]  ? __pfx_pipe_to_null+0x10/0x10
[  362.258903][T10798]  ? __pfx_copy_splice_read+0x10/0x10
[  362.260242][T10798]  ? pipe_unlock+0x4a/0x70
[  362.261374][T10798]  ? __pfx_splice_from_pipe+0x10/0x10
[  362.262718][T10798]  ? pipe_unlock+0x4a/0x70
[  362.263829][T10798]  ? splice_from_pipe+0xdf/0x140
[  362.265068][T10798]  ? __pfx_copy_splice_read+0x10/0x10
[  362.266652][T10798]  do_splice_read+0x282/0x370
[  362.267869][T10798]  splice_direct_to_actor+0x2a4/0xa40
[  362.269266][T10798]  ? __pfx_direct_splice_actor+0x10/0x10
[  362.270678][T10798]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  362.272232][T10798]  ? __fget_files+0x23a/0x3f0
[  362.273446][T10798]  do_splice_direct+0x178/0x250
[  362.274657][T10798]  ? __pfx_do_splice_direct+0x10/0x10
[  362.276037][T10798]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  362.277571][T10798]  ? bpf_lsm_file_permission+0x9/0x10
[  362.278990][T10798]  ? security_file_permission+0x71/0x210
[  362.280452][T10798]  do_sendfile+0xb0c/0xe40
[  362.281650][T10798]  ? __pfx_do_sendfile+0x10/0x10
[  362.282944][T10798]  ? __pfx___schedule+0x10/0x10
[  362.284208][T10798]  ? __fget_files+0x244/0x3f0
[  362.285435][T10798]  __ia32_compat_sys_sendfile+0x1e7/0x230
[  362.286907][T10798]  ? ksys_write+0x1ad/0x260
[  362.288086][T10798]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  362.289695][T10798]  __do_fast_syscall_32+0x73/0x120
[  362.291065][T10798]  do_fast_syscall_32+0x32/0x80
[  362.292343][T10798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  362.293978][T10798] RIP: 0023:0xf7f40579
[  362.295072][T10798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  362.300478][T10798] RSP: 002b:00000000f568456c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  362.302639][T10798] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000007
[  362.304687][T10798] RDX: 0000000000000000 RSI: 0000000000089ffc RDI: 0000000000000000
[  362.306719][T10798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  362.308764][T10798] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  362.310841][T10798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  362.312911][T10798]  </TASK>
[  362.345180][ T1196] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.417784][T10792] kernel write not supported for file /asound/timers (pid: 10792 comm: syz.2.1464)
[  362.517631][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  362.713249][ T5352] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  362.718018][ T5352] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  362.720845][ T5352] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  362.726825][ T5352] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  362.731655][ T5352] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  362.733564][ T5352] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  362.939530][T10802] chnl_net:caif_netlink_parms(): no params data found
[  362.975465][T10810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1467'.
[  362.997723][T10810] sp0: Synchronizing with TNC
[  363.035532][T10802] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.039408][T10802] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.041884][T10802] bridge_slave_0: entered allmulticast mode
[  363.044384][T10802] bridge_slave_0: entered promiscuous mode
[  363.048238][T10802] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.050774][T10802] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.053228][T10802] bridge_slave_1: entered allmulticast mode
[  363.055711][T10802] bridge_slave_1: entered promiscuous mode
[  363.083217][T10802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  363.092376][T10802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  363.118838][T10802] team0: Port device team_slave_0 added
[  363.122159][T10802] team0: Port device team_slave_1 added
[  363.145493][T10802] batman_adv: batadv0: Adding interface: batadv_slave_0
[  363.148111][T10802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.159149][T10802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  363.163312][T10802] batman_adv: batadv0: Adding interface: batadv_slave_1
[  363.165178][T10802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.172475][T10802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  363.221774][T10802] hsr_slave_0: entered promiscuous mode
[  363.224453][T10802] hsr_slave_1: entered promiscuous mode
[  363.352138][T10800] kernel write not supported for file /asound/timers (pid: 10800 comm: syz.2.1465)
[  363.388590][ T1196] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.396501][T10826] fuse: Unknown parameter 'h&'
[  363.433925][   T39] audit: type=1800 audit(1729063623.046:3105): pid=10826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1472" name="file2" dev="overlay" ino=571 res=0 errno=0
[  363.475037][ T1196] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.514497][T10828] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1473'.
[  363.526372][T10828] sp0: Synchronizing with TNC
[  363.567337][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  363.572408][ T1196] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.729313][ T1196] bridge_slave_1: left allmulticast mode
[  363.733762][ T1196] bridge_slave_1: left promiscuous mode
[  363.735950][ T1196] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.742126][T10836] kernel write not supported for file /asound/timers (pid: 10836 comm: syz.2.1473)
[  363.742493][ T1196] bridge_slave_0: left allmulticast mode
[  363.749640][ T1196] bridge_slave_0: left promiscuous mode
[  363.751300][ T1196] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.121336][ T1196] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  364.125322][ T1196] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  364.129364][ T1196] bond0 (unregistering): Released all slaves
[  364.508877][ T1196] hsr_slave_0: left promiscuous mode
[  364.513198][ T1196] hsr_slave_1: left promiscuous mode
[  364.526147][ T1196] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  364.529247][ T1196] batman_adv: batadv0: Removing interface: batadv_slave_0
[  364.532435][ T1196] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  364.534942][ T1196] batman_adv: batadv0: Removing interface: batadv_slave_1
[  364.573901][ T1196] veth1_macvtap: left promiscuous mode
[  364.576090][ T1196] veth0_macvtap: left promiscuous mode
[  364.578355][ T1196] veth1_vlan: left promiscuous mode
[  364.580166][ T1196] veth0_vlan: left promiscuous mode
[  364.597422][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  364.764814][ T5360] Bluetooth: hci0: command tx timeout
[  365.047589][T10884] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  365.647357][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  365.781782][ T1196] team0 (unregistering): Port device team_slave_1 removed
[  365.870083][ T1196] team0 (unregistering): Port device team_slave_0 removed
[  365.881221][T10888] fuse: Unknown parameter 'h&'
[  365.911449][   T39] audit: type=1800 audit(1729063625.516:3106): pid=10888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1483" name="file2" dev="overlay" ino=607 res=0 errno=0
[  366.086501][T10893] Bluetooth: MGMT ver 1.23
[  366.093579][T10890] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  366.677427][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  366.822002][T10802] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  366.837410][ T5352] Bluetooth: hci0: command tx timeout
[  366.840213][T10802] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  366.854542][T10802] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  366.877038][T10802] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  366.886316][T10843] kernel write not supported for file /asound/timers (pid: 10843 comm: syz.2.1477)
[  366.946020][T10908] kernel write not supported for file /asound/timers (pid: 10908 comm: syz.2.1488)
[  366.969169][T10802] 8021q: adding VLAN 0 to HW filter on device bond0
[  366.983476][T10802] 8021q: adding VLAN 0 to HW filter on device team0
[  366.992780][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.994695][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  367.006793][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state
[  367.009033][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  367.056029][T10913] team0: Port device team_slave_0 removed
[  367.104171][T10913] kernel write not supported for file /asound/timers (pid: 10913 comm: syz.2.1489)
[  367.142035][T10916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1490'.
[  367.151861][T10916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1490'.
[  367.174531][T10928] kernel write not supported for file /asound/timers (pid: 10928 comm: syz.2.1491)
[  367.187530][T10932] fuse: Unknown parameter 'h&'
[  367.193811][   T39] audit: type=1800 audit(1729063626.806:3107): pid=10932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1492" name="file2" dev="overlay" ino=640 res=0 errno=0
[  367.234817][T10802] 8021q: adding VLAN 0 to HW filter on device batadv0
[  367.250296][T10802] veth0_vlan: entered promiscuous mode
[  367.254324][T10802] veth1_vlan: entered promiscuous mode
[  367.275570][T10802] veth0_macvtap: entered promiscuous mode
[  367.279305][T10802] veth1_macvtap: entered promiscuous mode
[  367.286199][T10802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.289869][T10802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.292400][T10802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.295045][T10802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.297970][T10802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.299453][T10938] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1494'.
[  367.300690][T10802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.307022][T10802] batman_adv: batadv0: Interface activated: batadv_slave_0
[  367.315322][T10802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.318909][T10802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.321481][T10802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.324082][T10802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.326542][T10802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.331483][T10802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.334663][T10802] batman_adv: batadv0: Interface activated: batadv_slave_1
[  367.346394][T10938] sp0: Synchronizing with TNC
[  367.352358][T10802] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  367.354678][T10802] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  367.356928][T10802] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  367.359629][T10802] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.416470][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.418850][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.443051][ T1196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.445081][ T1196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.717322][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  368.117422][ T5360] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  368.202727][T10934] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  368.208068][T10802] ------------[ cut here ]------------
[  368.209542][T10802] ODEBUG: free active (active state 0) object: ffff88805a14c978 object type: timer_list hint: hci_cmd_timeout+0x0/0x260
[  368.216403][T10802] WARNING: CPU: 3 PID: 10802 at lib/debugobjects.c:514 debug_print_object+0x1a3/0x2b0
[  368.218997][T10802] Modules linked in:
[  368.220124][T10802] CPU: 3 UID: 0 PID: 10802 Comm: syz-executor Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  368.224464][T10802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  368.227582][T10802] RIP: 0010:debug_print_object+0x1a3/0x2b0
[  368.229268][T10802] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 48 8b 14 dd e0 3c b1 8b 41 56 4c 89 e6 48 c7 c7 40 30 b1 8b e8 9e ff bf fc 90 <0f> 0b 90 90 58 83 05 fd dc 8e 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[  368.234300][T10802] RSP: 0018:ffffc90002c17978 EFLAGS: 00010282
[  368.236353][T10802] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff814e38b9
[  368.239452][T10802] RDX: ffff8880217b4880 RSI: ffffffff814e38c6 RDI: 0000000000000001
[  368.241474][T10802] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  368.243541][T10802] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8bb136e0
[  368.245500][T10802] R13: ffffffff8b4f6c60 R14: ffffffff8a060c00 R15: ffffc90002c17a88
[  368.247774][T10802] FS:  0000000000000000(0000) GS:ffff88802b700000(0000) knlGS:0000000000000000
[  368.250083][T10802] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  368.252150][T10802] CR2: 0000000000000000 CR3: 0000000027fa4000 CR4: 0000000000352ef0
[  368.254257][T10802] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  368.256465][T10802] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  368.259450][T10802] Call Trace:
[  368.260321][T10802]  <TASK>
[  368.261080][T10802]  ? __warn+0xea/0x3d0
[  368.262116][T10802]  ? preempt_schedule_notrace+0x62/0xe0
[  368.263543][T10802]  ? debug_print_object+0x1a3/0x2b0
[  368.264853][T10802]  ? report_bug+0x3c0/0x580
[  368.266011][T10802]  ? handle_bug+0x54/0xa0
[  368.267195][T10802]  ? exc_invalid_op+0x17/0x50
[  368.268415][T10802]  ? asm_exc_invalid_op+0x1a/0x20
[  368.269639][T10802]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  368.270953][T10802]  ? __warn_printk+0x199/0x350
[  368.272133][T10802]  ? __warn_printk+0x1a6/0x350
[  368.273334][T10802]  ? debug_print_object+0x1a3/0x2b0
[  368.274673][T10802]  ? debug_print_object+0x1a2/0x2b0
[  368.275956][T10802]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  368.278027][T10802]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  368.280135][T10802]  debug_check_no_obj_freed+0x4b8/0x600
[  368.281568][T10802]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  368.283070][T10802]  ? kmem_cache_free+0x152/0x4b0
[  368.284488][T10802]  ? kfree_skbmem+0x1a4/0x1f0
[  368.285675][T10802]  kfree+0x2b3/0x4b0
[  368.286778][T10802]  ? hci_release_dev+0x4d9/0x600
[  368.288074][T10802]  hci_release_dev+0x4d9/0x600
[  368.289245][T10802]  ? __pfx_hci_release_dev+0x10/0x10
[  368.291011][T10802]  ? rcu_is_watching+0x12/0xc0
[  368.292491][T10802]  ? kfree+0x274/0x4b0
[  368.293750][T10802]  bt_host_release+0x6a/0xb0
[  368.295190][T10802]  ? __pfx_bt_host_release+0x10/0x10
[  368.296812][T10802]  device_release+0xa1/0x240
[  368.298302][T10802]  kobject_put+0x1e4/0x5a0
[  368.299706][T10802]  ? __pfx_vhci_release+0x10/0x10
[  368.301252][T10802]  put_device+0x1f/0x30
[  368.302568][T10802]  vhci_release+0x81/0xf0
[  368.303901][T10802]  __fput+0x3f6/0xb60
[  368.305151][T10802]  task_work_run+0x14e/0x250
[  368.306579][T10802]  ? __pfx_task_work_run+0x10/0x10
[  368.308226][T10802]  do_exit+0xadd/0x2d70
[  368.309508][T10802]  ? do_group_exit+0x1c3/0x2a0
[  368.310979][T10802]  ? __pfx_lock_release+0x10/0x10
[  368.312138][T10802]  ? do_raw_spin_lock+0x12d/0x2c0
[  368.313319][T10802]  ? __pfx_do_exit+0x10/0x10
[  368.314471][T10802]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  368.315753][T10802]  do_group_exit+0xd3/0x2a0
[  368.316899][T10802]  __ia32_sys_exit_group+0x3e/0x50
[  368.318201][T10802]  ia32_sys_call+0x13f8/0x1bb0
[  368.319474][T10802]  __do_fast_syscall_32+0x73/0x120
[  368.320969][T10802]  do_fast_syscall_32+0x32/0x80
[  368.322144][T10802]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  368.323744][T10802] RIP: 0023:0xf7fb3579
[  368.324996][T10802] Code: Unable to access opcode bytes at 0xf7fb354f.
[  368.327026][T10802] RSP: 002b:00000000ff835b8c EFLAGS: 00000286 ORIG_RAX: 00000000000000fc
[  368.329635][T10802] RAX: ffffffffffffffda RBX: 0000000000000043 RCX: 00000000ff835bd8
[  368.332001][T10802] RDX: 0000000000000000 RSI: 00000000f743bff4 RDI: 00000000f726b056
[  368.334064][T10802] RBP: 00000000f743bff4 R08: 0000000000000000 R09: 0000000000000000
[  368.335976][T10802] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  368.337926][T10802] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  368.339792][T10802]  </TASK>
[  368.340505][T10802] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  368.342184][T10802] CPU: 3 UID: 0 PID: 10802 Comm: syz-executor Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  368.344740][T10802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  368.347263][T10802] Call Trace:
[  368.348055][T10802]  <TASK>
[  368.348754][T10802]  dump_stack_lvl+0x3d/0x1f0
[  368.349853][T10802]  panic+0x71d/0x800
[  368.350792][T10802]  ? __pfx_panic+0x10/0x10
[  368.351855][T10802]  ? show_trace_log_lvl+0x29d/0x3d0
[  368.353089][T10802]  ? check_panic_on_warn+0x1f/0xb0
[  368.354314][T10802]  ? debug_print_object+0x1a3/0x2b0
[  368.355568][T10802]  check_panic_on_warn+0xab/0xb0
[  368.356748][T10802]  __warn+0xf6/0x3d0
[  368.357688][T10802]  ? preempt_schedule_notrace+0x62/0xe0
[  368.359002][T10802]  ? debug_print_object+0x1a3/0x2b0
[  368.360236][T10802]  report_bug+0x3c0/0x580
[  368.361270][T10802]  handle_bug+0x54/0xa0
[  368.362268][T10802]  exc_invalid_op+0x17/0x50
[  368.363371][T10802]  asm_exc_invalid_op+0x1a/0x20
[  368.364531][T10802] RIP: 0010:debug_print_object+0x1a3/0x2b0
[  368.365906][T10802] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 48 8b 14 dd e0 3c b1 8b 41 56 4c 89 e6 48 c7 c7 40 30 b1 8b e8 9e ff bf fc 90 <0f> 0b 90 90 58 83 05 fd dc 8e 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[  368.370388][T10802] RSP: 0018:ffffc90002c17978 EFLAGS: 00010282
[  368.371812][T10802] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff814e38b9
[  368.373656][T10802] RDX: ffff8880217b4880 RSI: ffffffff814e38c6 RDI: 0000000000000001
[  368.375519][T10802] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  368.377374][T10802] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8bb136e0
[  368.379229][T10802] R13: ffffffff8b4f6c60 R14: ffffffff8a060c00 R15: ffffc90002c17a88
[  368.381083][T10802]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  368.382343][T10802]  ? __warn_printk+0x199/0x350
[  368.383481][T10802]  ? __warn_printk+0x1a6/0x350
[  368.384621][T10802]  ? debug_print_object+0x1a2/0x2b0
[  368.385852][T10802]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  368.387028][T10802]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  368.388406][T10802]  debug_check_no_obj_freed+0x4b8/0x600
[  368.389733][T10802]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  368.391184][T10802]  ? kmem_cache_free+0x152/0x4b0
[  368.392359][T10802]  ? kfree_skbmem+0x1a4/0x1f0
[  368.393474][T10802]  kfree+0x2b3/0x4b0
[  368.394422][T10802]  ? hci_release_dev+0x4d9/0x600
[  368.395600][T10802]  hci_release_dev+0x4d9/0x600
[  368.396735][T10802]  ? __pfx_hci_release_dev+0x10/0x10
[  368.397978][T10802]  ? rcu_is_watching+0x12/0xc0
[  368.399117][T10802]  ? kfree+0x274/0x4b0
[  368.400086][T10802]  bt_host_release+0x6a/0xb0
[  368.401187][T10802]  ? __pfx_bt_host_release+0x10/0x10
[  368.402440][T10802]  device_release+0xa1/0x240
[  368.403539][T10802]  kobject_put+0x1e4/0x5a0
[  368.404595][T10802]  ? __pfx_vhci_release+0x10/0x10
[  368.405789][T10802]  put_device+0x1f/0x30
[  368.406791][T10802]  vhci_release+0x81/0xf0
[  368.407823][T10802]  __fput+0x3f6/0xb60
[  368.408792][T10802]  task_work_run+0x14e/0x250
[  368.409895][T10802]  ? __pfx_task_work_run+0x10/0x10
[  368.411116][T10802]  do_exit+0xadd/0x2d70
[  368.412103][T10802]  ? do_group_exit+0x1c3/0x2a0
[  368.413238][T10802]  ? __pfx_lock_release+0x10/0x10
[  368.414448][T10802]  ? do_raw_spin_lock+0x12d/0x2c0
[  368.415636][T10802]  ? __pfx_do_exit+0x10/0x10
[  368.416729][T10802]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  368.417990][T10802]  do_group_exit+0xd3/0x2a0
[  368.419079][T10802]  __ia32_sys_exit_group+0x3e/0x50
[  368.420286][T10802]  ia32_sys_call+0x13f8/0x1bb0
[  368.421414][T10802]  __do_fast_syscall_32+0x73/0x120
[  368.422638][T10802]  do_fast_syscall_32+0x32/0x80
[  368.423755][T10802]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  368.425228][T10802] RIP: 0023:0xf7fb3579
[  368.426194][T10802] Code: Unable to access opcode bytes at 0xf7fb354f.
[  368.427767][T10802] RSP: 002b:00000000ff835b8c EFLAGS: 00000286 ORIG_RAX: 00000000000000fc
[  368.429727][T10802] RAX: ffffffffffffffda RBX: 0000000000000043 RCX: 00000000ff835bd8
[  368.431595][T10802] RDX: 0000000000000000 RSI: 00000000f743bff4 RDI: 00000000f726b056
[  368.433455][T10802] RBP: 00000000f743bff4 R08: 0000000000000000 R09: 0000000000000000
[  368.435337][T10802] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  368.437252][T10802] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  368.439669][T10802]  </TASK>
[  368.441186][T10802] Kernel Offset: disabled
[  368.442519][T10802] Rebooting in 86400 seconds..

VM DIAGNOSIS:
07:27:07  Registers:
info registers vcpu 0

CPU#0
RAX=000000000090cc41 RBX=0000000000000000 RCX=ffffffff8b137a49 RDX=0000000000000000
RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb12ae0 RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20
R8 =0000000000000001 R9 =ffffed1005687025 R10=ffff88802b43812b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff901ce188 R15=0000000000000000
RIP=ffffffff8b138e2f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c28f2fb CR3=000000006f07c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff81db81d6 RDX=ffff888025944880
RSI=0000000000000000 RDI=ffffea00017c5880 RBP=ffffea00017c5880 RSP=ffffc900060cf600
R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000
R12=dffffc0000000000 R13=ffffea00017c5880 R14=ffff8880552951f0 R15=ffffea00017c5880
RIP=ffffffff818cb910 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002001a810 CR3=000000000db7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000d1b3f7 RBX=0000000000000002 RCX=ffffffff8b137a49 RDX=0000000000000000
RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb12ae0 RBP=ffffed10036ec000 RSP=ffffc90000487e08
R8 =0000000000000001 R9 =ffffed10056c7025 R10=ffff88802b63812b R11=0000000000000000
R12=0000000000000002 R13=ffff88801b760000 R14=ffffffff901ce188 R15=0000000000000000
RIP=ffffffff8b138e2f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5441da4 CR3=0000000000eae000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8503db85 RDI=ffffffff9a63d260 RBP=ffffffff9a63d220 RSP=ffffc90002c172d8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000064 R14=ffffffff8503db20 R15=0000000000000000
RIP=ffffffff8503dbaf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000027fa4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefeffd0 Opmask01=0000000000000000 Opmask02=000000007fffffff Opmask03=8200002022100080
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005630a718d4a0 00005630a71b11b0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 dd087ca1908e247c 73732546b7631a8f
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737142 7373737373737373
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000121 0000000000000000 44455a494c414954 494e495f43455355
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f306963682f6874 6f6f7465756c622f 6c6175747269762f 736563697665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000141 0000000000306963 682f68746f6f7465 756c622f6c617574
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005630a719daa0 00005630a719e720 0000000000000041 0000560036366c6c
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 00005630a7302610 00005630a7302500 307761726469682f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000