last executing test programs:

4m18.240849618s ago: executing program 32 (id=195):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x585d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}}]}]}, @IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}]}, 0x50}, 0x1, 0x700, 0x0, 0x840}, 0x0)

3m48.938243914s ago: executing program 33 (id=912):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_NAT={0x8}, @TCA_CAKE_WASH={0x8}]}}]}, 0x44}}, 0x80)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB], 0x3}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7a}]}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

3m32.979323328s ago: executing program 34 (id=1190):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000420005"], 0x14}}, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303, 0x37}, "475566172f45f011", "bd14060000000000000092f94413582b", "a4774ec6", "15b188e5e74e13ed"}, 0x28)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000240)={0x0, 0xf0ffffff, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100001400a0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
pipe(&(0x7f0000000100)={<r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, r7, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}}, 0x0)
splice(r4, 0x0, r5, 0x0, 0x4ffe6, 0x0)
dup3(r3, 0xffffffffffffffff, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)

2m27.399068064s ago: executing program 6 (id=2496):
add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) (async)
r0 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = socket(0x40000000015, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001e0001000000000000000000fdff"], 0x1c}}, 0x0)
shmat(0x0, &(0x7f0000047000/0x3000)=nil, 0x1000)
r3 = socket(0x15, 0x5, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
getsockopt(r1, 0x200000000114, 0x2715, 0x0, &(0x7f0000000240))
r4 = socket(0x1e, 0x1, 0x0)
connect$tipc(r4, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
connect$tipc(r4, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
readv(r1, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/63, 0x3f}], 0x1)
sendmsg$TIPC_CMD_SHOW_PORTS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r6, 0x1}, 0x1c}}, 0x0)
r7 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$CDROM_SET_OPTIONS(r7, 0x80081270, 0x8)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e24, 0x1000, @dev={0xfe, 0x80, '\x00', 0xf}, 0x3}, @in6={0xa, 0x4e23, 0x7c13, @mcast2, 0xb}, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e22, @multicast2}], 0x58) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e24, 0x1000, @dev={0xfe, 0x80, '\x00', 0xf}, 0x3}, @in6={0xa, 0x4e23, 0x7c13, @mcast2, 0xb}, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e22, @multicast2}], 0x58)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) (async)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000700)=ANY=[@ANYBLOB="0500000000000000000000000000000009000000000000006105"]) (async)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000700)=ANY=[@ANYBLOB="0500000000000000000000000000000009000000000000006105"])
pipe2$watch_queue(&(0x7f0000000040)={<r11=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r11, 0x45)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, 0x0) (async)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, 0x0)

2m27.170759408s ago: executing program 6 (id=2497):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000001300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000000), 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000780)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000007c0)={0x1c, r1, 0x209, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x90)

2m27.170489169s ago: executing program 6 (id=2498):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000000)=0xfff)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000380))
getsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, 0x0, &(0x7f0000001400))
r2 = timerfd_create(0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000080), 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000000c0)={<r5=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000840)={r5, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x615, 0x1, 0x4, 0xa, 0x9}, 0x9c)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_AIE_ON(r6, 0x7001)
ioctl$RTC_SET_TIME(r6, 0x40247007, &(0x7f0000000040)={0x2, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
io_submit(r3, 0x1, &(0x7f0000000480)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
r7 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="cc000000000000001291b6"])
read$FUSE(0xffffffffffffffff, &(0x7f0000001440)={0x2020, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x2020)
r9 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$vhost_msg(r9, 0x0, 0x0)
write$vhost_msg_v2(r9, &(0x7f00000006c0)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
r10 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$FS_IOC_READ_VERITY_METADATA(r10, 0xc0286687, &(0x7f0000000140)={0x3, 0x7, 0xe7, &(0x7f0000000280)=""/231})
syz_open_procfs(r8, &(0x7f0000000000)='net/udp6\x00')

2m26.228487794s ago: executing program 6 (id=2499):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r2, 0x10, 0x0, @in={0x2, 0x4e21, @loopback}}}, 0x90)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFULA_CFG_CMD={0x5, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4880}, 0x24048094)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000"], 0x3c}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d0", 0x1}], 0x1}, 0x20000801)
recvmsg(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002)
sendto$inet6(r7, &(0x7f00000004c0)='N', 0x1, 0x4, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m26.151453051s ago: executing program 6 (id=2500):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async, rerun: 64)
mount(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) (async, rerun: 64)
chdir(&(0x7f0000000100)='./file0\x00') (async)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="080000000100000008"], 0xffa1) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x19, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001ac0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169b740ac03d7c64cee49ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d54f45a24effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c7724e9e7e7babf61fe358ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261ed1d4515f46290d5c6579b63358fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000200)="9902000012006b9c9e3fe3d86e6c1d0000147ea60864160af36504b68675f8001d000a00a0e69ee517d24460bc24eab556a705251e6182949a36c2151fef08d8cdbf9367b41ad206000000f408000300040100000800000000000000", 0x5c}, {&(0x7f00000000c0)="d557fc16674b56c0a96a733c232d6790c63ca969a688b06e3da58f3c4568bf0a77bdff6f41d7890e18defe94ef1a392dc00dea94a1bfe64982de7cf1c91e1103cc1840210cbb57222bc2bfa30369992a6bc5156c00aeadd359a7991ad1de01feec401dba6d7694a14785839d3c2d67188cd07827c934897de4676743c192c4a4b24f7f8747141a1325d29da89694574c32eba56e5bbc8f80376f3325dd89937e990089294183a4829e21849004c538378d41066cb7de399450b3544067", 0xbd}, {&(0x7f0000000280)="5e191aea3468a5eab1c3d6024b43dece099475c81c53aa9244d866f68b8e31e93b41b432fb0454234620a25706bfb6f01ce01093b7ff634785d8b345ef8f7a928034820bbd37467d1049ac7a724c153c358d6f7efd919bb918734e846598b03733a6f4bbce06471d3a440e14dae67170cbfea76bc33481c28ec2cfad1f3d83ddece3006d5bb30dc4288dd40bd476cc7f94d143c56e54ed4d84b9c1ecc87fc035c7c992767edcfe2218bc6542a6a3a9b879e8aa6d652d277ee640cc15d2e9efe30584ed57ab208ca4db6cf63381804a5ee5950020", 0xd4}, {&(0x7f0000000380)="fd7617adb877574c4a4489fcaccde0c97bdb2d9d89dba8ab9fc9ebbdcedc770661e1971989a787890de32eebe4008ac8bfafa034add91f6ea4acc741521abecc6cbb4fcfeb61d7d08a8911e59550055d17897194afc1ffd04c18c2506d41bec374a6e5b1ed5fd07db55483fef2dc9ad8ae7c6044b08a303f256ff7e7dd720c72fc0d513110468d44e31a8fc9833d521b95c3b04378ca1c67b4faca350009045628c7f7196510f14ebdc68ba7", 0xac}], 0x4, 0x0, 0x0, 0x1f00c00e}, 0x0)
sendmsg$netlink(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)={0x30, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @typed={0xf, 0x9, 0x0, 0x0, @str='/proc/keys\x00'}]}, 0x30}], 0x1}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a84000000060a0b0400000000000000000200000a58000480540001800a0001006c696d69740000004400028008000340000000000c00024000000000000007ac0c00024000000000000001330c0001400000000000000007080003400000000f0c00024000000000000000090900010073797a30000000000900020073797a32"], 0xac}}, 0x0)
r4 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000080)=0x14, 0x80000) (async)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000000c0)={'wg2\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000100)={0x11, 0x17, r5, 0x1, 0x9, 0x6, @multicast}, 0x14)

2m26.151269846s ago: executing program 6 (id=2501):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0) (async)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000140)=ANY=[@ANYRES32=0x0, @ANYBLOB="a4c9277cdb5f3b75"], 0xc) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0)
syz_usb_connect(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) (async)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r3, &(0x7f0000000200)=[{&(0x7f0000001080)="000000c60000678d5a5527c5f847fdf2d0283dea8d04d0efa8ee8177fc0000000001000000a38ab0665acc03d6bfc4fced6cc58ecc169484b5f5ff7bc4bea44a9abe", 0x42}], 0x1) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newlink={0x50, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_VFINFO_LIST={0x30, 0x16, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x1, {0x0, @random="9643e6bd0f69"}}]}]}]}, 0x50}}, 0x0)
close(r1) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8b20, &(0x7f0000000000)={'wlan1\x00', @random="c30014016800"})

2m11.716953568s ago: executing program 35 (id=2501):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0) (async)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000140)=ANY=[@ANYRES32=0x0, @ANYBLOB="a4c9277cdb5f3b75"], 0xc) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0)
syz_usb_connect(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) (async)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r3, &(0x7f0000000200)=[{&(0x7f0000001080)="000000c60000678d5a5527c5f847fdf2d0283dea8d04d0efa8ee8177fc0000000001000000a38ab0665acc03d6bfc4fced6cc58ecc169484b5f5ff7bc4bea44a9abe", 0x42}], 0x1) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newlink={0x50, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_VFINFO_LIST={0x30, 0x16, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x1, {0x0, @random="9643e6bd0f69"}}]}]}]}, 0x50}}, 0x0)
close(r1) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8b20, &(0x7f0000000000)={'wlan1\x00', @random="c30014016800"})

2m6.913610374s ago: executing program 2 (id=2743):
r0 = socket$inet_tcp(0x2, 0x1, 0x0) (async)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000014001a80100004800c000280"], 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/key-users\x00', 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f9ffffff0000000000000000850000002c00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', r2, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'team_slave_0\x00', <r6=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r5, r6, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x1}}, 0x30)

2m6.912037532s ago: executing program 2 (id=2744):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x2, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000140)={0x1, &(0x7f0000000440)=[{0x6}]})
write$ppp(r2, &(0x7f00000010c0)="1e00", 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='mmap_lock_acquire_returned\x00', r3}, 0x10)
mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0xa031, 0xffffffffffffffff, 0x180000000)
remap_file_pages(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x1, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x5)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

2m6.685649383s ago: executing program 2 (id=2748):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x7)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0xff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e)
setrlimit(0x1, &(0x7f0000000000))
r1 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r1, &(0x7f0000001940)=""/4086, 0xff6)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f00000000c0)={r1, 0xdd, 0xc3}, 0x0, &(0x7f0000000100)="df1570d3a59af8506572373868b36bf86536f7a641bf1bfe00e26edb93a630424709080fe5cd776d24e1eb030da6857437e35275c4640c9de50121fa6101b316e4c7a5d9b74e7e375a217c332736d05143ef0a0a2ee911451ead6a3b9160fc88cb4b9d6f9ca5e5f7b71c3f506cd80c21f2a749d549fa558a18a62cb0fdf6fb43cfe59306d02091f45a321cc8eb0a4837af48ff4224994bfc9337dbd050783d518d809352e0d9e36e6487e5f3e0ef1a65e5a44690f8d0ee679e71fd2d416ded37a704e0dd785e4f58a965de80b58bb6e8944827a97e7c4407b3bbeef1b1", &(0x7f0000000200)=""/195)

2m6.616135278s ago: executing program 2 (id=2749):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000002400000002000000000000000000000000000001000085000000000000000001000000000000000000"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x21, &(0x7f0000000000)=0xffffffff, 0x4) (async)
setsockopt$inet_int(r0, 0x0, 0x21, &(0x7f0000000000)=0xffffffff, 0x4)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000004)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x58}}, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f0000000180)='./file0/file0\x00', 0x189)
mkdir(&(0x7f0000000040)='./file1/file0\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x600) (async)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x600)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x10201, 0x6, 0x0, 0x2000, &(0x7f0000016000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x10201, 0x6, 0x0, 0x2000, &(0x7f0000016000/0x2000)=nil})
syz_emit_ethernet(0x72, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000640000000000119078e0000002000000004e2017c1005090780400000002000000a4a01bbe000000001911abe03776be50dd5196412310269fbb880762ae3f88efc03ec71858ca8e4c8522a4dc3042600bafd7c6cb94ad149d96c53666a843d0da7d4c2304af"], 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe9, 0x0, 0xffffffffffffff5d) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe9, 0x0, 0xffffffffffffff5d)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000280)=@broute={'broute\x00', 0x20, 0x2, 0x238, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200005c0], 0x0, 0x0, 0x0}, 0x2b0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000200)={0x1f, 0x4, 0x1}, 0x6) (async)
bind$bt_hci(r6, &(0x7f0000000200)={0x1f, 0x4, 0x1}, 0x6)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000014000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000300)="3e360fc7ae0010000066baf80cb8c07c2889ef66bafc0c66b8010066efc4e2a5acb465e7000000b8010000000f01c1673e0f01ca65660f388065eec4e151ed72c4450f011966430f38820fb913040000b800000000ba008000000f30", 0x5c}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000014000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000300)="3e360fc7ae0010000066baf80cb8c07c2889ef66bafc0c66b8010066efc4e2a5acb465e7000000b8010000000f01c1673e0f01ca65660f388065eec4e151ed72c4450f011966430f38820fb913040000b800000000ba008000000f30", 0x5c}], 0x1, 0x0, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x1000001000000, 0x2)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7) (async)
ptrace(0x10, r7)

2m6.476457608s ago: executing program 2 (id=2759):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b03000000000000200012800b00010067656e657665"], 0x40}}, 0x0) (async)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x9, 0x1, 0x32bcc7f5dd9f929e, "3271bdf0f2f20d558000", 0x47524247}) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50) (async, rerun: 64)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (rerun: 64)
write(0xffffffffffffffff, &(0x7f0000000000)='\"', 0x1) (async, rerun: 32)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x0) (async, rerun: 32)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
semctl$SEM_STAT(0x0, 0x4, 0x12, &(0x7f00000003c0)=""/4096) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b18, &(0x7f0000000000)={'wlan1\x00'}) (async, rerun: 64)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

2m6.199589084s ago: executing program 2 (id=2766):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3c}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f00000000c0)=0x108005, 0x4)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000056000106000000000000000007"], 0x1c}], 0x1}, 0x0)

2m6.178285696s ago: executing program 36 (id=2766):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3c}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f00000000c0)=0x108005, 0x4)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000056000106000000000000000007"], 0x1c}], 0x1}, 0x0)

1m55.94225907s ago: executing program 5 (id=2890):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x8, 0x36000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x36000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]})

1m55.876702601s ago: executing program 5 (id=2891):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$inet(0x2, 0x3, 0x14)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000002c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x0, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r4=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f00000000c0)=ANY=[@ANYRES32], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={<r5=>0x0, @local, @local}, &(0x7f0000000740)=0xc)
r6 = socket(0x10, 0x5, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r9, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x1a8000, 0xa, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x3000}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0xfc}, {0x0, 0x0, 0x0, 0x9, 0x3, 0x1, 0x0, 0x0, 0x1}, {0x0, 0x10000, 0x1, 0x9, 0x0, 0xfd}, {0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, 0x2, 0x3}, {0x0, 0xeeee8000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x140030, 0x80000a, 0x8000, 0x3000, [0x800000000, 0x0, 0x1a7ff4f4]})
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x8140aecc, &(0x7f0000000140))
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_PLIMIT={0x8}]}}]}, 0x38}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x4040850)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(r10, 0x0, 0x4, &(0x7f0000000040)="9f0910bc996c301c8107070400", 0x28)
getsockopt$inet_opts(r10, 0x0, 0x4, 0x0, &(0x7f0000000240))
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, &(0x7f0000000080)={0x0, 0x0, 0x100, 0xe7c5, 0x4, 0x7ff, 0x1})
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r11, 0xffffffff80000801, 0x0, &(0x7f0000000b80)={0x0, 0x0, 0x7fff, 0x0, 0x4000000000000000, 0x0, 0x0, 0xfffffffffffffffe, 0xde})
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)

1m55.70463985s ago: executing program 5 (id=2895):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$SG_SET_COMMAND_Q(0xffffffffffffffff, 0x2276, 0xfffffffffffffffe)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
close(0x3)

1m55.702516462s ago: executing program 5 (id=2896):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0, 0x2})
syz_open_procfs(r0, &(0x7f0000002100)='numa_maps\x00')
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x88700a, 0x0)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) (async)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) (async)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, 0x0) (async)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') (async)
fchdir(r1) (async)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) (async)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0, 0x2}) (async)
syz_open_procfs(r0, &(0x7f0000002100)='numa_maps\x00') (async)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x88700a, 0x0) (async)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb) (async)

1m55.600763181s ago: executing program 5 (id=2899):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x8, 0x36000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3600000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]})

1m55.46418068s ago: executing program 5 (id=2903):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000001c0)=0x400004, 0xffffffffffffffad)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000100), 0x4200, 0x0)
ioctl$HIDIOCGFIELDINFO(r2, 0xc038480a, &(0x7f0000000180)={0x3, 0x1, 0x5, 0x3, 0x4, 0x3, 0x9, 0x8001, 0x5, 0xe, 0x8, 0x7, 0x67, 0xfffffff3})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl2\x00', &(0x7f0000000080)={'syztnl2\x00', <r3=>0x0, 0x4, 0xf5, 0x8, 0xc, 0x54, @private1={0xfc, 0x1, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x20, 0x30, 0x80000000, 0x42}})
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f0000000200)={0x7, 0x3ff, 0x6, 0x3, 0x3, "ad1c3d31e919e83041fa8a017c6beda41643e0", 0x8001, 0x7})
r4 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r5, &(0x7f0000000440)=[{&(0x7f0000000100)=""/142, 0x8e}], 0x1, 0x9, 0x9)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r5, 0xc0189371, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000100))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0xd, &(0x7f0000000bc0)=ANY=[@ANYBLOB="180000000000000000000000001e0000001a400000ffffffff0000000000000000181000"/52, @ANYRES32, @ANYBLOB="20000000000000001850000000000000000000000000000018400000f8ffffff000000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x25, r1, 0x8, 0x0, 0x0, 0x2, &(0x7f0000000940)={0x2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m55.447914666s ago: executing program 37 (id=2903):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000001c0)=0x400004, 0xffffffffffffffad)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000100), 0x4200, 0x0)
ioctl$HIDIOCGFIELDINFO(r2, 0xc038480a, &(0x7f0000000180)={0x3, 0x1, 0x5, 0x3, 0x4, 0x3, 0x9, 0x8001, 0x5, 0xe, 0x8, 0x7, 0x67, 0xfffffff3})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl2\x00', &(0x7f0000000080)={'syztnl2\x00', <r3=>0x0, 0x4, 0xf5, 0x8, 0xc, 0x54, @private1={0xfc, 0x1, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x20, 0x30, 0x80000000, 0x42}})
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f0000000200)={0x7, 0x3ff, 0x6, 0x3, 0x3, "ad1c3d31e919e83041fa8a017c6beda41643e0", 0x8001, 0x7})
r4 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r5, &(0x7f0000000440)=[{&(0x7f0000000100)=""/142, 0x8e}], 0x1, 0x9, 0x9)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r5, 0xc0189371, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000100))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0xd, &(0x7f0000000bc0)=ANY=[@ANYBLOB="180000000000000000000000001e0000001a400000ffffffff0000000000000000181000"/52, @ANYRES32, @ANYBLOB="20000000000000001850000000000000000000000000000018400000f8ffffff000000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x25, r1, 0x8, 0x0, 0x0, 0x2, &(0x7f0000000940)={0x2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m0.67870205s ago: executing program 7 (id=3443):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x14, r2, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}}, 0x40)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x63d, 0x1, 0x2, 0xd59f83, 0x19f2, 0x3b, 0x19ef, 0x3, 0x8, 0x2800, 0x2800, 0x2, 0xba2, 0x18, 0x38, {0x8, 0xffffffff}, 0xd1, 0x9}})

1m0.645133618s ago: executing program 7 (id=3444):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x850)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="040100001a0001000000000000000011fc010000000000000000000000000000fc000000000000ff007195db315e7500"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003c000000fe88000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200250000000000000014000e"], 0x104}}, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0xe)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r2, &(0x7f000047b000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_SET_COMMAND_Q(0xffffffffffffffff, 0x2276, 0xfffffffffffffffe)
fadvise64(r1, 0x1, 0x3f8ee3c4, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000007910a800000000007d0a0000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2a)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
close(0x3)
ioctl$F2FS_IOC_SEC_TRIM_FILE(r2, 0x4018f514, &(0x7f00000000c0)={0x1, 0x7, 0x3})

1m0.644659873s ago: executing program 7 (id=3445):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000040)={0x8, 0x7})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x400000000000000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000240)="67f30f09660fae7e0066b9c100000066b80d00000066ba000000000f3066670f30f2e18d0f20c06635000001000f22c066b9800000c00f326635008000000f30c02d1866b9ac0200000f32f30f01df", 0x4f}], 0x1, 0x2, 0x0, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m0.444337619s ago: executing program 7 (id=3452):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRESHEX=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f0000000080)='./file0\x00')

1m0.442010916s ago: executing program 7 (id=3454):
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_SET_COMMAND_Q(0xffffffffffffffff, 0x2276, 0xfffffffffffffffe)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x6, 0xfb, 0x0, 0x2, 0x0, 0x70bd25}, 0x10}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x24, 0x2, 0x1, 0x301, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x2}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000011}, 0x4)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x800, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x200c8000)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
close(0x3)

1m0.354717698s ago: executing program 7 (id=3455):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f041, 0x0, '\x00', @ptr}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x85, &(0x7f0000000ac0), 0x90)
sendmsg$inet(r1, &(0x7f00000006c0)={&(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000300)=[{&(0x7f00000000c0)="83", 0x1}], 0x1}, 0x404c0e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f00000001c0)={0x14000000})
read$eventfd(r3, 0x0, 0x2000)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = dup2(r5, r4)
close_range(r6, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, '\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/'}}]})
r7 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r8 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r9 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r9, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r9, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r8, &(0x7f0000000180)='./file1\x00', 0x0)
mknodat$loop(r7, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r7, &(0x7f0000000100)='./file1\x00', r7, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r9, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f00000005c0)={0x70, 0x0, 0x400, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x6}, @NL80211_ATTR_BSS_BASIC_RATES={0x10, 0x24, [{0x30}, {0x6c, 0x1}, {0x12, 0x1}, {0x16, 0x1}, {0x30}, {0x4}, {0x9, 0x1}, {0x6c, 0x1}, {0x48, 0x1}, {0xc}, {0x3}, {0x4, 0x1}]}, @NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0x7c}]}, @NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x10, 0x3, 0x7, 0x0, {0xc, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3, 0x1}, 0x8, 0x0, 0xc3}}, @NL80211_ATTR_SSID={0x6, 0x34, @random="94c3"}]}, 0x70}, 0x1, 0x0, 0x0, 0x8018}, 0x4800)
unlink(&(0x7f0000000280)='./file1\x00')
syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0)
link(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000380)='./file1\x00')

1m0.352046709s ago: executing program 38 (id=3455):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f041, 0x0, '\x00', @ptr}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x85, &(0x7f0000000ac0), 0x90)
sendmsg$inet(r1, &(0x7f00000006c0)={&(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000300)=[{&(0x7f00000000c0)="83", 0x1}], 0x1}, 0x404c0e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f00000001c0)={0x14000000})
read$eventfd(r3, 0x0, 0x2000)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = dup2(r5, r4)
close_range(r6, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, '\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/'}}]})
r7 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r8 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r9 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r9, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r9, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r8, &(0x7f0000000180)='./file1\x00', 0x0)
mknodat$loop(r7, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r7, &(0x7f0000000100)='./file1\x00', r7, &(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r9, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f00000005c0)={0x70, 0x0, 0x400, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x6}, @NL80211_ATTR_BSS_BASIC_RATES={0x10, 0x24, [{0x30}, {0x6c, 0x1}, {0x12, 0x1}, {0x16, 0x1}, {0x30}, {0x4}, {0x9, 0x1}, {0x6c, 0x1}, {0x48, 0x1}, {0xc}, {0x3}, {0x4, 0x1}]}, @NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0x7c}]}, @NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x10, 0x3, 0x7, 0x0, {0xc, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3, 0x1}, 0x8, 0x0, 0xc3}}, @NL80211_ATTR_SSID={0x6, 0x34, @random="94c3"}]}, 0x70}, 0x1, 0x0, 0x0, 0x8018}, 0x4800)
unlink(&(0x7f0000000280)='./file1\x00')
syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0)
link(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000380)='./file1\x00')

57.078710436s ago: executing program 1 (id=3476):
socket$inet(0x2, 0x5, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000001c0)='2', 0x1}], 0x1}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'bond0\x00', <r4=>0x0})
sendmsg$nl_xfrm(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=@updpolicy={0xc4, 0x19, 0x501, 0x0, 0x0, {{@in6=@private0, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, r4}, {0x0, 0xfffffffffffffffc}}, [@offload={0xc, 0x1c, {r4, 0x4}}]}, 0xc4}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYRES32=r5, @ANYBLOB="020001000000000020001280110001006272696467655f736c617665000000000800058004001800"], 0x40}}, 0x0)
sendto$packet(r0, &(0x7f0000000180)="0b03f6ffe0ff64000200475400f6a13bb1000000080086dd4803", 0x100a6, 0x0, &(0x7f0000000140), 0x14)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x0, 0x0, {0x8000, 0x1}, {0x51, 0x2}, @period={0x0, 0x0, 0x0, 0x0, 0x0, {0x8, 0x8, 0x40, 0x4}, 0x0, 0x0}})
r7 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
syz_open_dev$evdev(&(0x7f0000000200), 0x8, 0x42)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x210000000013, &(0x7f0000000040)=0x100000001, 0x4)
write$char_usb(r7, &(0x7f0000000040)="e2", 0x12d8)

57.020506656s ago: executing program 1 (id=3479):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000080))
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={<r2=>0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x4e23, 0x3, @dev={0xfe, 0x80, '\x00', 0x42}, 0x3}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x7d, &(0x7f0000000000)={r2}, &(0x7f0000000080)=0x10)

56.974208146s ago: executing program 1 (id=3480):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="4dc07f947163300c", 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000002b00)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000001c0)="71d84c3fb4fa0100000064e0706278ff010000000000004cc928a07b97762f5fd200b5bb48de7a77878f42d3", 0x2c}, {&(0x7f00000002c0)="9e39cd", 0x3}], 0x2}, 0x0)
socket$key(0xf, 0x3, 0x2)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
write$cgroup_int(r2, &(0x7f0000000540), 0xfffffdd8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
fremovexattr(0xffffffffffffffff, &(0x7f00000000c0)=@known='security.selinux\x00')
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="0203000210000000000000000400000002000800081df4aa9d0000004000000005000600000000000a20000000000000fe8000000000000000000000000000aa00000000000020000200010000000000000005fd80ffffff05000500000000000a"], 0x80}, 0x1, 0x7}, 0x40008000)

56.821278481s ago: executing program 1 (id=3484):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='sched_process_wait\x00', r0}, 0x18)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x2805011, 0x0)
mount$bind(0x0, &(0x7f0000000400)='./file0/../file0\x00', 0x0, 0x20000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="85000000080000004e00000000000000850000007d00000095000000000000007ab9e683b171b4b09980af6c1ebeda4ac0d3e3aa71a9ab17e14e1b0be949499ca6a5b2c467b6d3d1c0ae1e9820331afd90cc832c761aa3adf9be48c401c7f893694bf8cd19b7173cd4688904f7310af046fd490d3f2cf49b5f68aecf0bc659dc3d53c2"], &(0x7f0000000140)='GPL\x00', 0x0, 0xbd, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r5 = dup(r4)
getsockname$packet(r5, 0x0, 0x0)
getsockopt$PNPIPE_IFINDEX(r2, 0x113, 0x2, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000280)=0x4)
r7 = userfaultfd(0x1)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000000))
read(r7, &(0x7f0000000140)=""/237, 0x20)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000080), 0x200000, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r2, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000580)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0], <r8=>0x0, 0x39, &(0x7f00000006c0)=[{}], 0x8, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0xf2, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000900)={r5, r6, 0x25, 0x8, @val=@target_btf_id=r8}, 0x14)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={r3, 0x0, 0x11, 0x0, &(0x7f0000000600)="61df712bc884fef053a7a9a26e9b722780", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_emit_ethernet(0x8e, &(0x7f0000000000)=ANY=[@ANYRES16], 0x0)

55.907040936s ago: executing program 1 (id=3497):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) (async)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xffdff02c}, {0x6}]}, 0x10)

55.7985423s ago: executing program 1 (id=3498):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x2, &(0x7f00000000c0)=@raw=[@call={0x85, 0x0, 0x0, 0x7b}, @exit={0x95, 0x0, 0x9fff}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='virtio_transport_alloc_pkt\x00', r1}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000100)=0xffffffff00040000, 0x112)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x3d0, 0x0, 0x200, 0x110, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr, @empty}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}, {{@arp={@remote, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xe0}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420)
r3 = syz_open_dev$admmidi(&(0x7f0000000000), 0xfffffffffffffffe, 0x1a9802)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r3, 0xc0305710, &(0x7f0000000040)={0x0, 0x7ff, 0x41})

55.79830874s ago: executing program 39 (id=3498):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x2, &(0x7f00000000c0)=@raw=[@call={0x85, 0x0, 0x0, 0x7b}, @exit={0x95, 0x0, 0x9fff}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='virtio_transport_alloc_pkt\x00', r1}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000100)=0xffffffff00040000, 0x112)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x3d0, 0x0, 0x200, 0x110, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr, @empty}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}, {{@arp={@remote, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xe0}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420)
r3 = syz_open_dev$admmidi(&(0x7f0000000000), 0xfffffffffffffffe, 0x1a9802)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r3, 0xc0305710, &(0x7f0000000040)={0x0, 0x7ff, 0x41})

38.870080023s ago: executing program 9 (id=3743):
r0 = socket(0x2a, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0x4, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x3, 0xe}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtfilter={0x98, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0x2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x5c, 0x2, [@TCA_MATCHALL_ACT={0x58, 0x2, [@m_simple={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0xb, 0x3, '.,\\-\\{\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x55b, 0x2, 0x10000000, 0x7, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x7, 0xb}}]}, 0x98}}, 0x801)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$key(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x4, 0x2, 0x24, 0x0, 0x70bd25, 0x25dfdbfe, [@sadb_x_kmaddress={0x7, 0x19, 0x0, @in6={0xa, 0x4e22, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, @in={0x2, 0x4e23, @empty}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x1, 0x0, 0x6e6bba, 0x401, {0x6, 0xff, 0x4, 0xce, 0x0, 0xfffffffb, 0x0, @in=@remote, @in=@loopback}}, @sadb_x_nat_t_type={0x1, 0x14, 0x4}, @sadb_x_sa2={0x2, 0x13, 0xff, 0x0, 0x0, 0xfff, 0x3505}, @sadb_lifetime={0x4, 0x5, 0x5, 0xd, 0x8000000000000001, 0x8}, @sadb_ident={0x2, 0x1, 0x5, 0x0, 0x7}, @sadb_spirange={0x2, 0x10, 0x4d6, 0x4d4}, @sadb_x_nat_t_type={0x1, 0x14, 0x3}, @sadb_x_filter={0x5, 0x1a, @in6=@private1, @in6=@mcast1, 0x26, 0x4, 0xe79c64dd18d88e7c}, @sadb_sa={0x2, 0x1, 0x4d5, 0x4, 0x7, 0x37, 0x0, 0x1}]}, 0x120}}, 0x840)

38.869715037s ago: executing program 9 (id=3744):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x8, 0x36000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x36000000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]})

38.822309168s ago: executing program 9 (id=3745):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="030000000000040000002e00000008000300", @ANYRES32=r4, @ANYBLOB="0a00340002020202020200000a00060063e0bd00443b00e40800420002"], 0x54}}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f000060c000/0x4000)=nil, 0x4000, 0x16)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
madvise(&(0x7f00006c9000/0x3000)=nil, 0x3000, 0x1)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x2, 0x1}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

38.822088385s ago: executing program 9 (id=3746):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r1, &(0x7f0000000000)={0x0, 0x1500, &(0x7f00000005c0)={&(0x7f0000000200)={0x6c, r2, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, 0xf8}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @mcast1}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x2805011, 0x0)
sendto$inet(r0, &(0x7f00000007c0)="06862b169a7504eb9d006efc94289ae7156131edafa2875b567746ba7f84a9daba61f251268437956795a6f9e94ec8271ee6d9c5f5755e7191a9c05a5f5a7f6b50a841d21d9e6e0808230737b548f2ca6a324f681587c5e1bb30af8203591279605e3e92736a1ffd13eb1fd05948ee07b31d25972156b4152ae647a588793b5d4146376e548d9e01443c68d99dce7f2566482abdbd5a3e7f00ffaec7c9e776aa6b71557106744b2bb40da764323f206effada8197561c4ff9ea7ffe7e851e9a4206a0e6aaee2d52e915a472cd7480bb8752318244cb1037ad715aafbc13d9dcfebca02a842ee69389a306b775690354150b39f575a9ac6fd6c79910ed39de17046305527d782c5e0c5c01db01311502b8130c10a7fa9fb254301dc32f1924cabeb74551c8ca7736cba0c1705ab8db3210f6b381874a48d8c83c1f6acd705824e82725d477a2ae1274b1bf6d85d0ea68a3b2c96035f1fd68f5c4b38329f5b36d0f4120e77b03a309f737c02316eb3f307ce2cb8c26d47179a8f85a00837f37f525b64be451f22a2c99fccc6a07e884c93b3e3ee135a4dc7978d07798d8cd40fe1f8fa3b47cdc1cbbf3a0525b90260382fb2144315cce1ad483b1f889f75d91ab47a69e104d81231029a3a9e94133cef2498cf68e4860efcbcfed386bbad87c83fbea32b7f87e0a1e281a88a09710c6658de27c3dcef373487d0bbf549fc819f9c592f6817802f0e79f182bd97ec5e495ca65508f23a2f92c3a4a4a839ef8c93c7cef31165aa069fd5029b5fba35db673af43138f1c962993ff9c08dd281ff3c5d165202ead88c3e6e50867e2bbbca1cc04a0d077ccb71a3455d0cd743b8ecb6ac1066433179630b7490cb47cc5a39434c3126ffbd1a38958616ba3782b5188ead68c17ede46a4dc7e2f357f8a56ff1b9d38352ab3bb7e943372602626fbfdf49d3bf5b60bb1c956d0bb953e2ed57e9f7a13486351cf92a286efea87291314da998df0a6b67febdfc0345bf0e2e864e0cdd29f00035a8c275ce9e2e0260d4e9a306ad03ebc71241041f966ac238a2cac2f88e961e9d9c560a2e22f7053f1e7b7d1c93398ca513b63e994781f27881cef9e4a0148de78452fad21f169a6e9d50369c6b4bfb6d5105e241debd07f81fa4508eae6185e17ad8176eaad9721f8d2aa5205f6da7adf339b34706437e463b7418d11b6aa5c849e8aaae7e19452c89c3a62f19f34deff915168057bbcea55091838ddd170c2da74894e766cfe395fa7e52fc187428c658da450932ec0e20f69399d19a0d9f382d431604026e15690d94e9d10967ca5de9da5df4e68388434a1872fc9d2f8152b8858b31bf3c7dd8a0b4f948c22c0138bff321602f21bf6dc071ba9c545b313fd97856e46d46328d567b63c3291e52026fc56c729af835eaf59e14e1359e3990a39bc9d4872f339f8990ea529c4302eaaa4859aa707e973b4291769e50d4864abff839e091c189400a2d16a072c0621f0aa48cae7bf857ce3d8fa9c392e9945c5d2cd5df7a4a77e064a3a04ac16669f3fb990021f74b7082e5e2b8879c8d3c9b214ba6cf065ad336502549abd7acd2b8b92177b2ca57981b111f8e1b7fa926f0e9254f60dadb4ac77e8d0e72bee371bc97a498cead5263315c6e1d960f9780ceeffcd9d10200041e24cc64ff01b8bb280c04281e6bf519d21ac9998ab1813481781e203ec26acf070eb4e98960d03717937fce87e63c02117ce5781ba8ce0da4b218649d03974d00e6bb5846a4424fab8da16b5a4c55eba28f105ef725c45a09eba2fc82750d57e5ba3f61d43ca649462610a773287a1c8b7981322ed8c15ffc14d2a74842e30fc878ec3a55a8cc3c8508abfb7faf9ff00f9e170a409083060ad180731acc8e692ca7d08656c78eb0b6ad613c6c3a3c831aab379c2ed0dff3f649f5b723290c8a8f0e530f4bc1193250516fd4ee40f8c365055a09e9c06584670bb3f396c954b6256b47bbf9677b0687f6db672e1de2d36a7bcf1bbce434d4ec94bf1343981f71f05c018e7d03b73573f89343d02480563f823dad8069a780f500a6a2a637b111a395c0e8b38dff712d969eae87ea91002fa89232b6906cfdee5038572557c9d1fc8fdfd1808fd184567f0711977911c84394809ce254437a7ceea3a56db861cef93768f1585ee01233d449a7e3160d40a20e3d3c0f03be0901cbb14266afa652bd4072ca044ada0a1fef3642d679f240d03a33888eb0da0c15fd5f9068c5d21d567af1ea235ee28565d03df30e1302795ecaccb1cbf5011f64526735b39b7ddc0cbb958a3861e3baae4e939027a1b037cd2074f160104763e2488b4066bfca48dd921bfa8cba22749f1b88527f9f2112f3a5150b4ee2fbd763a4ccaad16885c3380e2c09ed134e38c07594d11a8f089257d304991b0a304266bf9f524a3b07b6a654cbd9752d3c604a2688596cfdcfcc22b323dc685cb4f05a42e5ff896335587ebca704f1aa02299592f8f70487cb0b3e6aad75e1181090745358e823977d2ffd00097f9eab0f6b767106b21152d233d9b2d0f3a2e983619a4204786a4de5145f56f7b69cdf3ad5ac719a493892b1b7df92b88e72c2488ecc3843c3467db703379b827a2cd0f08599b758b9ecceb184ac66c9f90ff7a8fc7108ccc0781b7af8339e3c90fe623e474574f9da6e3da809458dfdb462f9c1dfcf80e5ebe31aa178b0b95ada9a2c5cdc6c9e440af006afc9d6e49c5c8b0fb02d461f8ea32f0df85dcac43b7bd2cd93a274c4d138e51dfb907e7faa5aeabd173472b63cb80a17199790aae2505a343c80a3c6948da332fe6cbbf05eb5a9dab1a37bfe2a1f22c1b3e5377a7f1d33e3633ce735ba040d6c369fd44dc863e9367efebe44a63c9f13f9bb573fe92a79985d94890797290ca3edacb22aad99e9463c047c2d23bce9d26475d9aaab9481a25ab10828f08c62fb5e04bce199ae5709dd2935d4d8bf910274be47af74491e4456aefdc359eb4c58360aa7b82874de705b7d643d6cc6725e8daabc05582247e019dcc0baa0bfd6755c1cf670da4b94bc6b4012f6c7508a04906559c857f20f4d03e1cf05c3cc55e56b81b2f431e98b743862c9cc3eacd0d223f644d8cebfbb7d9515fd84129cb6218757288785f760d3ecf7f4ec0a94c462e9f84c0409d2bcce77c57316565459ba4ed6b8159c4270a1a82ed93f170b4d6d8bcc0ed7faeb6fcc4f40bf0450a9be43e4a79a5c85cdf03fbac6e1a3d08b7c833f7eadf057a587276f3f744325b0cba7a6419e6bd90424a9eab4542869d164146a94018e0422b715b6762af47690bab99e9738fd7713e13692b503ee1879ef9853dcb163f68b58692362bc2ecbdd476c0da318f52565612ed4caf256ab7d82b988330aa137c72fdddbc1fe7aff8e194482675d9d08fb0bdb51a42ec5331b0dbb89bb73ee27771adf8207c1bd3ffff34bcc60080246cac447cbc01a12d91a3a1ce8931d457e6eba8bf9c22a22761b7b8256c06d0ec1dea7546a062eca448aa82119cae555288469af2b227cfec668c27c6c3f8649c87cdc8eae374668f2397f0b330f9012e0367ecd8e04cd1d3a0701fd2762b09b3475eb2fe995604da77fb7a691af7bd5c8588b93d23f8bb2ecb5a96813adee484b32629e6bd1f5a10b2fc7d53f46fc70cc3348613a8e8ae8b60d14628126946033ae0d78b922745513a9627e9ed611a80abaf7547389eabde215e61638381a89c7efb1c757e1b7525b5af1311764e3021f9f0dbeb36dd2998fb82160663a5db83b111d5bd247ef1227d9508dba5c0209218a9d569c69cd1f51a6165bc036ad0d9c7e70f7f8b7ec9a7cd10267fa141f7c5b650f1af6c99373fe15727017904b35ca4cdf05f95e0f96e8e869f93d12c5b53119ceb1313ac0df8a2af0043e103bcfa0cd30d4ef4e19444f507d52d1b5f7ee3bc7b9d0706d4d0a35582eda9ce5f3c1fc7baaa73047d0fbca0ad925f37c3b8f5afff37045e72972da5da13f0dca36f1cd292c789bd71b9657a12893606fb1e81b0800da63eef84c0564da16abf75c88c34ce4e08003bd91f3f37aa02e8ffe8f4ba36a5cc97826c50ec1fd4716392297660aeaa21b652dbb496e991584d628723f5f071106cc34dd0317029772b5d0bc164448f87317864c6ae3cc8c0467b861eaf236c3c20d4c65b2e282ef24f349891d02c1300b9047d599313e7a28719a9398e4d7a45ab4e6a877b43d000b131934e1bc83e3e5f9103ee170defaa32231830cea1aaad7e7c8ff14f23cfc608aafdeb03ce51055500003ea87e679bfb20e5336cbacc2ecb0fb5944329c39c2e9c84ea8f01f85a08a8016146f75177daa3b6220b70794796a7a5717359d2ff6507afd5e02445d8664b17dfd827ecaf9f31f6f7636d8579b08c5d1ff1a2d84c2f6a97a54e796af11aa57fa8574600d164c0a4cbf320a62f55d20f79905e0a202ef2b330526c353f229b5ce44b6689ef6920efafff19eccd1a7181a70f2c6bcb3732e73b491fd72f2fc6d300cdafc31ee7f269cff6ea58386fdf03c498f465da298d7fc0fe87aefe63652501f155121c5369b5434046744b9e65e39eb7f5766a242fb62735abc3f961217420368e54474fe2538c3ff7b4741b8829ff702e1353500da7c941a35ecf2c709f0d8658ff7587293c1594d93717a227f51a9f0e3a6b05cbfaad1b7b3a58ac95b682a46aa965dd26623a3b81b165f33fe7e2b86ef9ca7c8eff5af0fccf0f278f1534f813eca32cc05bc071cc3758847343b98ed96bcdb25b2c02cb71bc795b44d15226c7d0f4acad4e5421ec8071c5ea48d52b45efcf30a0e06b869d94abad648eb02623bd41e3e7e7632f8a7094b1bac901be5f576592d83dc142c7a2a93fd3d7fbb9986372c656b498bb57c5151fb487294e6f198393af7f9d9d44f3597448ff43fc42f74dda128139f7a3534580d0b51120c6c676ae7de015f2eb672a9e7a1a7988484dc4cdab53ac18a6bc30bcaff2a69060067fa45ba4b7d1ce7fe5ed7f4ed83b38ee5aced62b57ecade07ea4f3cccd36b54a4eaa1fba0d41a8daf11c1f80882d87b1c285af0589fb96c1e5a6171c32c5756b5a9671747e037abf10f7f62effefa8182bee94becefb9aa94e8cb7806557c8d9f54e29ac5e8fc3d28d5885b2ec38f67466ee988e98bd979f878810d8157cea64fe913197de561a468919c64c8fcc7cbcca73e6c3ebdcffe42a5252d60109f922224892bdc7877462d7dfc899a129aa0ef69789d0a12fc74053369df3c89e92e592dd5efc02112648dfbb9e5dde704f407e43387b72be4474482b83c28fa10662263f8d42d4a52de276e1ddb40178a9b52f969d2ce02edeb9829c1f2229a6f31485f6b4e69ccbefd6ecf78fafbf55547eed720d2a9aa22906eec5f144e7cca01218e84e972adf9bac44e4c9f4bd2348d19db85f63fb53b6f37957ffbd387da4f1d5f23bd63a34bf8f22061b3753c01abcba3de9feb375b7eedb9821f59f2d03fb6839955e00715a6ad6bf2bc407bd563d601e8a3e4138c7db74b54d9f52fa73617a31e846aa13f7ef4b1c3f937d7f254f4224f36bd360077f39c901a805fdc54638597341b3e7ab0e0cb96886cf14f59d4ee3a3532e93bfcce74b2282287b9478c151c38c9c12eb409c9707ef1a906e87923f2bb31def91980dca03738824601f711e24a4011052ef21adb934e9b25e47450d27f1715f16c19430aadf7360cf0e4808d45f6fa7d188f856731bdbc20965dbdbaa4ca2f49005f5a07eb9fd2e6fd7129df1abc8df95827b37c4344029c3eeec2a69878fcd32", 0x1000, 0xc001, &(0x7f0000000280)={0x2, 0x4e23, @private=0xa010100}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000180)={0x0, <r4=>0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000680)={{0x1, 0x5, 0x1c2a, 0xd835, 'syz1\x00', 0x6}, 0x2, 0x20, 0x51917bb8, r4, 0x7, 0x6, 'syz0\x00', &(0x7f00000001c0)=['workdir', '-%&#\x00', ':\x81\x00', '\x00', '\x00', '\x00', '.-\x00'], 0x15})
mount$bind(0x0, &(0x7f0000000400)='./file0/../file0\x00', 0x0, 0x20000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000002, 0x12, r3, 0x180000000)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
read$FUSE(r5, &(0x7f0000006540)={0x2020}, 0x2076)

38.745745319s ago: executing program 9 (id=3747):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0xa8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYRES8=r0, @ANYRES64=r0, @ANYRES64=r0, @ANYRESHEX=r0], 0x24}, 0x1, 0x0, 0x0, 0x40000c0}, 0x24044011)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff50323030302e7500000000000000"], 0x15)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000140)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000004c0), 0x208e24b)
cachestat(r4, &(0x7f0000000040)={0x1f00, 0x1f}, &(0x7f0000000080), 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180"], 0x15)
r5 = dup(r3)
r6 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x900, 0x0)
ioctl$DVD_READ_STRUCT(r6, 0x5392, &(0x7f00000008c0)=@physical={0x0, 0xfc, [{0x0, 0xc, 0x6, 0x9, 0xf, 0x0, 0x3, 0x3, 0x9, 0x1, 0x7, 0xd, 0x100}, {0x6, 0x2, 0x6, 0x0, 0x7, 0x1, 0x2, 0x4, 0xc, 0x0, 0x5, 0x2e8, 0x7}, {0x7, 0x4, 0x3, 0x0, 0xc, 0x1, 0x2, 0x8, 0x4, 0x1, 0x1000, 0x8, 0xff}, {0x9, 0x4, 0x8, 0x0, 0x8, 0x1, 0x3, 0x0, 0xe, 0x0, 0x0, 0x401, 0x400}]})
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x40080, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB, @ANYRESHEX=r5, @ANYBLOB=',access=client,k'])
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xa, [@fwd={0x8}, @struct={0x0, 0x1, 0x0, 0x4, 0x1, 0x0, [{0xd}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f]}}, &(0x7f00000003c0)=""/4096, 0x46, 0x1000, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r7, &(0x7f0000006180)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_DIRENT(r7, &(0x7f0000000440)=ANY=[@ANYBLOB="0001000000000000", @ANYRES64=r8, @ANYBLOB='\a\x00\x00\x00'], 0x100)
r9 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close(0x3)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x2848c0, 0x0)
read$char_usb(r9, &(0x7f00000009c0)=""/73, 0x49)

38.408644254s ago: executing program 9 (id=3752):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r2, 0x8948, &(0x7f0000000580)={'bond0\x00', 0x10001}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000002040)={0x8, 0x0, &(0x7f0000002540)=[@acquire], 0x0, 0x0, 0x0}) (async, rerun: 64)
r4 = dup3(r3, r1, 0x0) (rerun: 64)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x8, 0x0, &(0x7f0000000240)=[@acquire], 0x0, 0x0, 0x0}) (async)
r5 = add_key$user(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000080)="03", 0x1, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r6, 0x0) (async, rerun: 64)
keyctl$update(0x2, r5, &(0x7f0000000280)="21eeaaf3f9", 0x5) (async, rerun: 64)
r7 = socket(0x10, 0x6, 0xdc) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r4)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x40, r10, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r12}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xa2a}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xd}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}]]}, 0x40}}, 0x0) (async, rerun: 32)
sendmsg$NL80211_CMD_SET_CQM(r7, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0xc4, r8, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x2400, 0x2}}}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x5c1}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x406}]}, @NL80211_ATTR_CQM={0x64, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x612, 0xa3]}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x10, 0x1, [0x0, 0x8, 0x6]}, @NL80211_ATTR_CQM_TXE_PKTS={0x8}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0xd}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x8}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x4}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0xaf8e, 0x3]}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x2}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0xb]}]}, @NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x4}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x1f}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4}, 0x4004001) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="9c000000180001002cbd7000ffdbdf251d0102001500020003000020000300005bb267ea48f41e7a0200000008000500faff050615000d"], 0x9c}, 0x1, 0x0, 0x0, 0x2004c014}, 0x20000080)

38.398041154s ago: executing program 40 (id=3752):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r2, 0x8948, &(0x7f0000000580)={'bond0\x00', 0x10001}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000002040)={0x8, 0x0, &(0x7f0000002540)=[@acquire], 0x0, 0x0, 0x0}) (async, rerun: 64)
r4 = dup3(r3, r1, 0x0) (rerun: 64)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x8, 0x0, &(0x7f0000000240)=[@acquire], 0x0, 0x0, 0x0}) (async)
r5 = add_key$user(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000080)="03", 0x1, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r6, 0x0) (async, rerun: 64)
keyctl$update(0x2, r5, &(0x7f0000000280)="21eeaaf3f9", 0x5) (async, rerun: 64)
r7 = socket(0x10, 0x6, 0xdc) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r4)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x40, r10, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r12}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xa2a}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xd}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}]]}, 0x40}}, 0x0) (async, rerun: 32)
sendmsg$NL80211_CMD_SET_CQM(r7, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0xc4, r8, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x2400, 0x2}}}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x5c1}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x406}]}, @NL80211_ATTR_CQM={0x64, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x612, 0xa3]}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x10, 0x1, [0x0, 0x8, 0x6]}, @NL80211_ATTR_CQM_TXE_PKTS={0x8}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0xd}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x8}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x4}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0xaf8e, 0x3]}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x2}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0xb]}]}, @NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x4}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x1f}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4}, 0x4004001) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="9c000000180001002cbd7000ffdbdf251d0102001500020003000020000300005bb267ea48f41e7a0200000008000500faff050615000d"], 0x9c}, 0x1, 0x0, 0x0, 0x2004c014}, 0x20000080)

19.484891419s ago: executing program 0 (id=4040):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000180))
r4 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000340), 0x1, 0x0)
fcntl$dupfd(r4, 0x406, r1)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f0000000280)={0x1, 0x5, 0x4, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0)
write$sndseq(r1, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0xfd, @tick, {}, {}, @raw32}], 0x1c)

19.484523369s ago: executing program 0 (id=4041):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000340)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
recvmsg(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000063c0)=""/4097, 0x1001}], 0x1}, 0x102)
syz_open_dev$usbfs(&(0x7f0000000140), 0x8f, 0x400a00)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2, 0x0, 0x8000}, 0x0)

18.522221428s ago: executing program 0 (id=4046):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x338, 0x1a0, 0x2b8, 0x25c, 0x1a0, 0x7, 0x268, 0x3a8, 0x3a8, 0x268, 0x3a8, 0x7fffffe, 0x0, {[{{@uncond, 0x16c, 0x138, 0x1a0, 0xa010000, {}, [@common=@unspec=@physdev={{0x68}, {'vxcan1\x00', {0xff}, 'bridge_slave_1\x00', {0xff}, 0x13, 0x2}}, @common=@inet=@socket3={{0x28, 'socket\x00', 0x2}, 0xe}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x9, 0x0, 0x0, 0x14, 'syz1\x00', 'syz0\x00'}}}, {{@ipv6={@local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [], [], 'sit0\x00', 'ipvlan0\x00'}, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
mlock2(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1)
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x5, &(0x7f00000001c0)=0xffffffffffffffff, 0x80, 0x0)
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
prctl$PR_GET_TSC(0x19, &(0x7f00000001c0))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x3}, 0x8)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB='&\x00'/12, @ANYRES32, @ANYBLOB="fc4dd0bbac0f0b67851d3338dbc32302fca149216533bd6f1113705c41dd13624d423ebc2ec2b9c032d687b0a295ebea759a9a9f7658a08a6a2d826aab80e11e8cf887fa3a087bcf87865e265ca3a914d2a2c321bd5d4c85606581b311aeccd8e10e9497098b1c871ac39b225f21faacaf73f1e0d62c10a099114cbaf3b1134d9325758a706a4d00495d68a01ea8f93cf10794999aa1c814ed66a0de95083dd01b2c11287a27374d86d3f496f7a074588f3a9e0a9126d2abbb965de892dba83a3f68f73b", @ANYRES64=0x0], 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r3, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r1}, 0x20)
recvmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000000340)=""/157, 0x9d}], 0x1}, 0xfffffffc}], 0x1, 0x142, 0x0)

18.521332923s ago: executing program 0 (id=4048):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0xd0001})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000001c0)="65d80cf3666636260f2195f30f38f620f33e80cf280f00da66b9e502000066b800a0000066ba000000000f300f32b850008ee86766c74424000e0000006766c7442402000000006766c744240600000000670f01142426660f01df", 0x5b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17.400726528s ago: executing program 0 (id=4053):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newtaction={0x18, 0x30, 0x9, 0x1, 0x1000000, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000800}, 0xc0)

17.39978452s ago: executing program 0 (id=4055):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000740), 0xffffffffffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@o_path={0x0}, 0x18)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r4, 0x5452, &(0x7f0000000200)=0x1000000000003b)
shutdown(r5, 0x2)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r7 = dup(r6)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000009000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000050000f58f04"])
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="3679994769b759c00c7f00005484cf000000000000009911a800"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x400}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000100), &(0x7f0000000140)=0x4)
r9 = openat$cgroup_procs(r8, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
r10 = getpgid(0xffffffffffffffff)
write$cgroup_pid(r9, &(0x7f00000000c0)=r10, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r12 = openat$cgroup_procs(r11, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
unshare(0x22020400)
write$cgroup_pid(r12, &(0x7f00000001c0), 0x12)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000ff9000/0x4000)=nil)
unshare(0x2040400)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="01002abd7000fedbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40000)

1.806319999s ago: executing program 3 (id=4288):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb35bdabb49f35c25d456591f0c15a08769bcd5107053ea1f85250ac10e50c14ffda0a7a98740f8cb9694c01f2babb95936415d219753d982b3e6ab52070adabe6f61dce71ee97249cf86cdd7b9a6b4b3d24ddebcf8ea9f1ae197c9a9cd65f15210181d736b2d3da7d24857a899b7c335b2", 0x75)
r3 = openat$cgroup_ro(r0, &(0x7f0000000100)='memory.stat\x00', 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESHEX=r4, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f000000e280)={0x2020, 0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(r5, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c918cd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r5, &(0x7f0000000380)={0x50, 0x0, r6}, 0x50)
syz_fuse_handle_req(r5, &(0x7f00000021c0)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45e9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f6a7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e5", 0x2000, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x1, {0x2000, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, r7}}}, 0x0, 0x0, 0x0, 0x0})
r8 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r9=>0x0}, &(0x7f00000000c0)=0xc)
setresgid(0xffffffffffffffff, 0x0, r9)
fchown(r3, r7, r9)
r10 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r10, &(0x7f0000000140)=[{&(0x7f0000000000)="480000001400190d090043102b0d8c562c84ed7a80ffebc1060f0000ecffa1f1a8b25ec91df590eac75a6279110600000000e400000f7f89000600200000000101ff010fec5b6d00", 0x48}], 0x1)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r10, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x20, r11, 0x200, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xc4ea, 0xe}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x20}, 0x8000)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r11, 0x200, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004885}, 0x0)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r14=>0x0})
r15 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_NAN(r15, &(0x7f0000006e40)={0x0, 0x0, &(0x7f0000006e00)={&(0x7f0000006dc0)={0x1c, r13, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r14}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x40)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r8, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x7c, r11, 0xb02, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r14}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x5f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x70}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x5a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7f}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x50}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x77}]}, 0x7c}, 0x1, 0x0, 0x0, 0xc884}, 0x848)
write$qrtrtun(r0, &(0x7f0000000900)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35c498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c1761f1322b03cc9ea586d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc2", 0x3ea)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)

1.721371521s ago: executing program 4 (id=4291):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="540000001000010400000000000000000000fffe", @ANYRES32=r2, @ANYBLOB="00000000000000003400128009000100626f6e64000000002400028005001600000000000500110001000000080007"], 0x54}}, 0x0)

1.720761173s ago: executing program 3 (id=4292):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
syz_clone(0x40000000, 0x0, 0x51, 0x0, 0x0, 0x0)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = getpid()
fcntl$setownex(r3, 0xf, &(0x7f0000000100)={0x2, r4})
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000001c0)=<r5=>0x0)
fcntl$setown(r2, 0x8, r5)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r9)
sendmsg$NLBL_CIPSOV4_C_ADD(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000c00)=ANY=[@ANYBLOB="e0000000", @ANYRES16=r10, @ANYBLOB="01000000000000000000010000000800010000000000140004800500030007000000050003000100000008000200010000000800020001000000a00008801c000780080085000200000008000600000000000800050040"], 0xe0}}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)={0x50, r12, 0x1, 0x0, 0x25dfdbfe, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xe}, @DEVLINK_ATTR_RATE_TX_MAX={0xc}]}, 0x50}}, 0x811)
write$UHID_INPUT(r8, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b0732306c090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb000000002f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d6ced5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed700129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb21fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r13 = socket$nl_route(0x10, 0x3, 0x0)
r14 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r14, &(0x7f0000001080)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r14, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r15 = accept4(r14, 0x0, 0x0, 0x0)
sendmmsg$inet(r15, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)="8800", 0x2}], 0x8}}], 0x1, 0x884)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r13, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r16=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@ipv4_newaddr={0x28, 0x14, 0x4, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r16}, [@IFA_FLAGS={0x8, 0x8, 0x200}, @IFA_LOCAL={0x8, 0x2, @loopback}]}, 0x28}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000003000000400001802c0004001420010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)

1.657393446s ago: executing program 4 (id=4293):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r2)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000220000000a0001007770616e3000000005002000000004000500200000000000050020000000000009001f"], 0x44}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x4, 0x5, 0x2, 0x1ff, 0x30, @mcast2, @remote, 0x18, 0x80, 0x100, 0x5}})

1.657121681s ago: executing program 4 (id=4294):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x101c}, 0x1, 0xffffffffff600000}, 0x0)
pipe(&(0x7f0000000680)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000001c0)=[{&(0x7f00000006c0)='=Ers8', 0x5}], 0x1, 0x4)
write(r1, &(0x7f0000001100)="94", 0x1)
r4 = socket(0x10, 0x80002, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000013c0)={'veth1_macvtap\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000002840)=ANY=[@ANYBLOB="500000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d616373656300001800028005000900010000000c000100000000000000000008000500", @ANYRES32=r6], 0x50}}, 0x800)
sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x0)
tee(r0, r3, 0xaf5, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0xa0, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f)
r8 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bind$nfc_llcp(0xffffffffffffffff, &(0x7f00000000c0)={0x27, 0x0, 0x0, 0x7, 0x0, 0x0, "edd0961fcbe3a714779b769277aa362003e40900661e12bcca7f88cd6d07f364ac21a4b612bf8bcc2e8ea25b96f8fffffffffffffffe700a13056afd600927", 0xffffffffffffffff}, 0x60)
r11 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r11, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20)
setsockopt$XDP_UMEM_REG(r11, 0x11b, 0x4, &(0x7f0000000380)={0x0, 0x1048000, 0x0, 0x7, 0x5}, 0x20)
recvmsg(r9, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCADDRT(r7, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0xfffe, @remote}, {0x2, 0x4e23, @rand_addr=0x64010102}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000})

1.292400918s ago: executing program 41 (id=4055):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000740), 0xffffffffffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@o_path={0x0}, 0x18)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r4, 0x5452, &(0x7f0000000200)=0x1000000000003b)
shutdown(r5, 0x2)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r7 = dup(r6)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000009000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000050000f58f04"])
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="3679994769b759c00c7f00005484cf000000000000009911a800"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x400}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000100), &(0x7f0000000140)=0x4)
r9 = openat$cgroup_procs(r8, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
r10 = getpgid(0xffffffffffffffff)
write$cgroup_pid(r9, &(0x7f00000000c0)=r10, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r12 = openat$cgroup_procs(r11, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
unshare(0x22020400)
write$cgroup_pid(r12, &(0x7f00000001c0), 0x12)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000ff9000/0x4000)=nil)
unshare(0x2040400)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="01002abd7000fedbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40000)

781.049395ms ago: executing program 3 (id=4307):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000300)={0xd0001})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000001c0)="65d80cf3666636260f2195f30f38f620f33e80cf280f00da66b9e502000066b800a0000066ba000000000f300f32b850008ee86766c74424000e0000006766c7442402000000006766c744240600000000670f01142426660f01df", 0x5b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

770.801175ms ago: executing program 4 (id=4308):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000580), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="34fffff0", @ANYRES16=r0, @ANYBLOB="0103000000000000000001"], 0x34}}, 0x0)

695.196545ms ago: executing program 4 (id=4309):
r0 = socket$packet(0x11, 0x3, 0x300)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(r2, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
sendmsg(r2, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)="02", 0x1}], 0x1}, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
sendto$inet(r2, &(0x7f0000000300)="b3", 0x1, 0x0, 0x0, 0x0)
sendto$inet6(r2, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0x3}, 0x8)
close(r2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
r3 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r3, 0x1, &(0x7f0000000340)={0x2000, r4}, 0x0)
landlock_restrict_self(r3, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendto$packet(r0, &(0x7f0000000000)="4d80f3878e66be1a80bcad0027c4", 0xe, 0x0, &(0x7f0000000080)={0x11, 0x0, r5, 0x1, 0x4, 0x6, @multicast}, 0x14)
socket$inet_udp(0x2, 0x2, 0x0)

695.02597ms ago: executing program 4 (id=4310):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc3400000000001090224"], 0x0) (async)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc3400000000001090224"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0) (async)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = fsopen(0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000000)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc9e}, 0x1)
syz_open_dev$vim2m(&(0x7f0000000040), 0x1000001, 0x2) (async)
r5 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1000001, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000000)={0x980902, 0x4})
r6 = add_key(&(0x7f0000000000)='cifs.idmap\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="c30000009e000000620a00ff000000007100080400000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000000000000000500000000000000950000ed00000200"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d) (async)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="c30000009e000000620a00ff000000007100080400000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000000000000000500000000000000950000ed00000200"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d)
r7 = request_key(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000100)='\x00', r6)
keyctl$clear(0x7, r7) (async)
keyctl$clear(0x7, r7)

609.757226ms ago: executing program 3 (id=4311):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5400000010000104000000000000000000e0ffff", @ANYRES32=r2, @ANYBLOB="00000000000000003400128009000100626f6e64000000002400028005001600000000000500110001000000080007"], 0x54}}, 0x0)

609.63157ms ago: executing program 3 (id=4312):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x8, 0x36000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3600000000, 0x0, 0x0, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]})

545.829509ms ago: executing program 3 (id=4313):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_int(r3, 0x6, 0xa, &(0x7f0000001100)=0x4, 0x4)
setsockopt$sock_int(r3, 0x1, 0x7, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r2, &(0x7f0000000300), 0x20000000}, 0x20)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'vlan0\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'gretap0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000380)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r7}, @IFLA_HSR_SLAVE1={0x8, 0x1, r8}, @IFLA_HSR_PROTOCOL={0x5, 0x7, 0x1}]}}}]}, 0x48}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r10}, 0x10)
r11 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r11, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=@allocspi={0xf8, 0x16, 0xe32b7fa974c0285, 0x0, 0x0, {{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@multicast2}, {@in6=@local, 0x0, 0x6c}, @in=@multicast2}}}, 0xf8}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001c0001"], 0x14}}, 0x0)
close(r0)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000540)={0x2ec, r12, 0x8, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x400, 0x18}}}}, [@NL80211_ATTR_REKEY_DATA={0x24, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="f9645e3c7c2b87865a6b6763c8b1ab52"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "b825b29d556d5061"}]}, @NL80211_ATTR_REKEY_DATA={0x70, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="1f5949a3bd1918f4eec366bf5651f3cac673c5f27e0d7d11"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="bc83b0ac58ed4d9daf319204afe94104e2d515c18cba229a09345a25e3d222c4"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="a399261deee935018ac7476cf5fdf75c9279e8b0dceecdb96961411a147642c3"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x7a95}]}, @NL80211_ATTR_REKEY_DATA={0x5c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "76365f4787cd09d1"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="d52cb5ca048d48abe4ad5d62a715d22c9685b6b8f0049597"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xc3}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "b538e7fb2d73d72b"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="ac0a1ac841395c74c8e00dc1859ef62c"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x2}]}, @NL80211_ATTR_REKEY_DATA={0x3c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="9a88bc283fc60b197dc7cc8081e6eb1f"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="3b5fd8117185bf38f5946ad4623d11fa06ead6a939f42df8a9633fb9a49feba7"}]}, @NL80211_ATTR_REKEY_DATA={0x44, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "6b46662f3883c641"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x5}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xafe2}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="77909d3af7e4d2a7d3a53f2d847275a523d3734e2d456d6c960f48bc32b2f401"}]}, @NL80211_ATTR_REKEY_DATA={0x2c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "3a690e85263cb0ae"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="3efa356e0ac97cc3d814ed500be2cf73075b335d6d752489"}]}, @NL80211_ATTR_REKEY_DATA={0x34, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x6}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="f61b6f6a74953d6681f1cbedc86422201d570f299288fa80"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "e227fbf3d6c68fdf"}]}, @NL80211_ATTR_REKEY_DATA={0x88, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "6add8e90f57f895b"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "af0c5e41f24c520b"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "dbed2878b6b8d620"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "f300300da1cd3662"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="597a31ef9fcd2a45438d4d6eb28df2ad02fac269514443b9ff0b4b2ccb0cd78f"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "fff283e124938266"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="1905200280f2b65ef169e314492f0053"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xffff}]}, @NL80211_ATTR_REKEY_DATA={0x74, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="2f700ad4b62fee1972a9dd24a67a1591"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="95aa17dffd582bb900ef0d3a6d41efe61567cfb18f96690f"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "167defcb51f67603"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="69db587f65dfdc3263858bc7c4f041af"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="72738c21b05d1946cb572ef0ca4cbb00"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "79d139a9dd2d1c86"}]}]}, 0x2ec}, 0x1, 0x0, 0x0, 0x44}, 0x20000000)
bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000300)={r2, &(0x7f0000000240), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000017010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

417.775457ms ago: executing program 8 (id=4314):
pipe2(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$TUNSETVNETBE(r5, 0x400454de, &(0x7f0000000100)=0x1)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r5, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800030020"], 0xfdef)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r8, 0xc048aec8, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0xffffffff})
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000a40)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r3}, &(0x7f0000000440), &(0x7f0000000500)=r2}, 0x20)
close_range(r1, 0xffffffffffffffff, 0x0)

235.078206ms ago: executing program 8 (id=4315):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="beef915d564c90c200"/24, 0x18)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
bind$alg(r0, &(0x7f0000001100)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-asm\x00'}, 0x58)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000100), 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x2c, 0x17, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}}, 0x4880)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r4, 0x10d, 0xc, &(0x7f0000000100), &(0x7f0000000000)=0x4)
r5 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000180)={r6, 0x8}, 0x8)
r7 = accept$alg(r0, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
fcntl$setsig(r0, 0xa, 0x10)
write$binfmt_elf64(r8, &(0x7f0000000c40)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e0000000000000000000000000040000000000000000000000000000000000000000000380001000000000000000300000000000000000000000000000000000000000000000000000000000000000800"/120], 0x78)
close(r8)
ioctl$VIDIOC_ENCODER_CMD(r8, 0xc028564d, &(0x7f00000010c0)={0x3, 0x1, [0x4, 0x6, 0x63b9, 0x7, 0x4, 0xd, 0xd2, 0xffff0000]})
read$alg(r7, &(0x7f0000000080)=""/4114, 0x1012)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000000)=0x1b)
writev(r9, &(0x7f00000003c0)=[{&(0x7f00000002c0)=':', 0x1}], 0x1)
write$binfmt_script(r7, &(0x7f0000004180), 0xff77)

97.066016ms ago: executing program 8 (id=4316):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000580), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="34ffffff", @ANYRES16=r0, @ANYBLOB="0103000000000000000001"], 0x34}}, 0x0)

94.112762ms ago: executing program 8 (id=4317):
r0 = fanotify_init(0x200, 0x0)
memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcfJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
r1 = dup(r0)
fanotify_mark(r0, 0x1, 0x48001059, r1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x111, 0xa}}, 0x20)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

92.629856ms ago: executing program 8 (id=4319):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) (async)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x6}}, './file0\x00'}) (async)
read$FUSE(r0, &(0x7f0000004180)={0x2020}, 0x2020)

0s ago: executing program 8 (id=4320):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5400000010000104000000000000000000f0ffff", @ANYRES32=r2, @ANYBLOB="00000000000000003400128009000100626f6e64000000002400028005001600000000000500110001000000080007"], 0x54}}, 0x0)

kernel console output (not intermixed with test programs):

23578][T18619] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3781'.
[  293.829602][ T5304] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  293.865672][T18612] lo speed is unknown, defaulting to 1000
[  294.000632][   T35] usb 13-1: new high-speed USB device number 18 using dummy_hcd
[  294.114896][   T72] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  294.146854][T18644] random: crng reseeded on system resumption
[  294.182509][   T35] usb 13-1: Using ep0 maxpacket: 16
[  294.186633][   T35] usb 13-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  294.189137][   T35] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.191584][   T35] usb 13-1: Product: syz
[  294.192733][   T35] usb 13-1: Manufacturer: syz
[  294.193972][   T35] usb 13-1: SerialNumber: syz
[  294.206480][   T35] r8152-cfgselector 13-1: Unknown version 0x0000
[  294.208325][   T35] r8152-cfgselector 13-1: config 0 descriptor??
[  294.268803][   T72] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[  294.271056][   T72] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  294.274370][   T72] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  294.277790][   T72] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  294.279886][   T72] usb 8-1: Manufacturer: syz
[  294.282297][   T72] usb 8-1: config 0 descriptor??
[  294.343053][   T72] rc_core: IR keymap rc-hauppauge not found
[  294.345586][   T72] Registered IR keymap rc-empty
[  294.347551][   T72] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0
[  294.350764][   T72] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input39
[  294.352709][T18485] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  294.366458][T18485] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  294.374396][T18485] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  294.380061][T18485] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  294.411588][   T35] r8152-cfgselector 13-1: Unknown version 0x0000
[  294.413278][   T35] r8152-cfgselector 13-1: bad CDC descriptors
[  294.421722][   T35] r8152-cfgselector 13-1: USB disconnect, device number 18
[  294.438499][   T39] audit: type=1400 audit(4318560420.182:3843): avc:  denied  { ioctl } for  pid=18643 comm="syz.0.3785" path="socket:[86098]" dev="sockfs" ino=86098 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[  294.439301][T18644] overlayfs: disabling nfs_export due to verity=on
[  294.453390][T18485] 8021q: adding VLAN 0 to HW filter on device bond0
[  294.465360][T18485] 8021q: adding VLAN 0 to HW filter on device team0
[  294.471566][T11295] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.473464][T11295] bridge0: port 1(bridge_slave_0) entered forwarding state
[  294.480202][T11295] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.482077][T11295] bridge0: port 2(bridge_slave_1) entered forwarding state
[  294.517476][   T39] audit: type=1400 audit(4318560420.266:3844): avc:  denied  { egress } for  pid=72 comm="kworker/3:1" daddr=ff02::16 netif=wpan1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  294.580732][T18485] 8021q: adding VLAN 0 to HW filter on device batadv0
[  294.690380][T18485] veth0_vlan: entered promiscuous mode
[  294.696067][T18485] veth1_vlan: entered promiscuous mode
[  294.706647][T18485] veth0_macvtap: entered promiscuous mode
[  294.712337][T18485] veth1_macvtap: entered promiscuous mode
[  294.719166][T18485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.721870][T18485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.726352][T18485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.728953][T18485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.731506][T18485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.734571][T18485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.737931][T18485] batman_adv: batadv0: Interface activated: batadv_slave_0
[  294.744265][T18485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.747091][T18485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.749578][T18485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.752133][T18485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.755236][T18485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.757787][T18485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.760198][T18485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.762795][T18485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.765229][T18485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.767833][T18485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.771050][T18485] batman_adv: batadv0: Interface activated: batadv_slave_1
[  294.775777][T18485] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.778029][T18485] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.780400][T18485] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.782930][T18485] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.823731][T11303] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.825872][T11303] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.835586][T11303] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.837653][T11303] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.869905][T18685] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3753'.
[  294.872266][T18685] bond0: option ad_select: unable to set because the bond device is up
[  295.010784][   T39] audit: type=1400 audit(4318560420.780:3845): avc:  denied  { write } for  pid=18697 comm="syz.4.3789" name="event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  295.053520][T18710] tipc: Started in network mode
[  295.056466][T18710] tipc: Node identity ac14142f, cluster identity 4711
[  295.058816][T18710] tipc: New replicast peer: 0.0.0.0
[  295.060571][T18710] tipc: Enabled bearer <udp:syz2>, priority 10
[  295.062839][T18716] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3794'.
[  295.065288][T18716] bond0: option ad_select: unable to set because the bond device is up
[  295.068972][T18710] tipc: New replicast peer: 100.1.1.0
[  295.124739][T18729] netlink: 191416 bytes leftover after parsing attributes in process `syz.4.3796'.
[  295.127350][T18729] netlink: zone id is out of range
[  295.140027][T18729] netlink: 191416 bytes leftover after parsing attributes in process `syz.4.3796'.
[  295.153140][T18729] netlink: zone id is out of range
[  295.201680][T18743] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3801'.
[  295.378903][T18757] syz.8.3804: attempt to access beyond end of device
[  295.378903][T18757] nbd8: rw=0, sector=16, nr_sectors = 8 limit=0
[  295.382477][T18757] REISERFS warning (device nbd8): sh-2006 read_super_block: bread failed (dev nbd8, block 2, size 4096)
[  295.385321][T18757] syz.8.3804: attempt to access beyond end of device
[  295.385321][T18757] nbd8: rw=0, sector=128, nr_sectors = 8 limit=0
[  295.388663][T18757] REISERFS warning (device nbd8): sh-2006 read_super_block: bread failed (dev nbd8, block 16, size 4096)
[  295.393252][T18757] REISERFS warning (device nbd8): sh-2021 reiserfs_fill_super: can not find reiserfs on nbd8
[  295.415041][T18757] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3804'.
[  295.579615][T18795] netlink: 'syz.8.3808': attribute type 10 has an invalid length.
[  295.585280][T18795] geneve0: entered promiscuous mode
[  295.595576][T18795] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  295.620048][ T1130] bond0: (slave geneve0): link status definitely up, 0 Mbps full duplex
[  295.633651][T18799] ipt_REJECT: TCP_RESET invalid for non-tcp
[  295.676765][ T5952] Bluetooth: hci1: command tx timeout
[  296.133862][   T30] tipc: Node number set to 2886997039
[  296.337507][T18872] netlink: 'syz.8.3822': attribute type 9 has an invalid length.
[  296.486201][T18870] Invalid logical block size (8)
[  296.628787][ T9110] usb 8-1: USB disconnect, device number 11
[  296.773884][T18923] nfs: Unknown parameter 'aG'
[  296.859351][T18935] bond0: option ad_select: unable to set because the bond device is up
[  296.973065][T18957] FAULT_INJECTION: forcing a failure.
[  296.973065][T18957] name failslab, interval 1, probability 0, space 0, times 0
[  296.976525][T18957] CPU: 0 UID: 0 PID: 18957 Comm: syz.4.3839 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  296.979185][T18957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  296.981865][T18957] Call Trace:
[  296.982725][T18957]  <TASK>
[  296.983536][T18957]  dump_stack_lvl+0x16c/0x1f0
[  296.984792][T18957]  should_fail_ex+0x497/0x5b0
[  296.985997][T18957]  ? fs_reclaim_acquire+0xae/0x150
[  296.987288][T18957]  should_failslab+0xc2/0x120
[  296.988513][T18957]  __kmalloc_noprof+0xcb/0x400
[  296.989725][T18957]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  296.991130][T18957]  tomoyo_realpath_from_path+0xb9/0x720
[  296.992510][T18957]  ? tomoyo_path_number_perm+0x232/0x590
[  296.993903][T18957]  tomoyo_path_number_perm+0x245/0x590
[  296.995284][T18957]  ? tomoyo_path_number_perm+0x232/0x590
[  296.996770][T18957]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  296.998285][T18957]  ? trace_lock_acquire+0x14a/0x1d0
[  296.999636][T18957]  ? lock_acquire+0x2f/0xb0
[  297.000813][T18957]  ? __fget_files+0x40/0x3f0
[  297.002015][T18957]  ? __fget_files+0x244/0x3f0
[  297.003212][T18957]  security_file_ioctl+0x9b/0x240
[  297.004508][T18957]  __x64_sys_ioctl+0xbb/0x220
[  297.005724][T18957]  do_syscall_64+0xcd/0x250
[  297.006880][T18957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.008409][T18957] RIP: 0033:0x7f6d3c17e719
[  297.009519][T18957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.014322][T18957] RSP: 002b:00007f6d3cfe3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  297.016420][T18957] RAX: ffffffffffffffda RBX: 00007f6d3c335f80 RCX: 00007f6d3c17e719
[  297.018406][T18957] RDX: 0000000020000180 RSI: 00000000c008561c RDI: 0000000000000003
[  297.020546][T18957] RBP: 00007f6d3cfe3090 R08: 0000000000000000 R09: 0000000000000000
[  297.022537][T18957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.024534][T18957] R13: 0000000000000000 R14: 00007f6d3c335f80 R15: 00007ffef82352f8
[  297.026558][T18957]  </TASK>
[  297.030280][T18957] ERROR: Out of memory at tomoyo_realpath_from_path.
[  297.659127][ T5952] Bluetooth: hci1: command 0x0419 tx timeout
[  298.273569][ T5304] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  298.280108][ T5304] Bluetooth: hci0: Injecting HCI hardware error event
[  298.314941][ T5952] Bluetooth: hci0: hardware error 0x00
[  299.554239][T18988] __nla_validate_parse: 4 callbacks suppressed
[  299.554258][T18988] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3844'.
[  299.558170][T18988] bond0: option ad_select: unable to set because the bond device is up
[  299.595343][T19001] FAULT_INJECTION: forcing a failure.
[  299.595343][T19001] name failslab, interval 1, probability 0, space 0, times 0
[  299.598488][T19001] CPU: 0 UID: 0 PID: 19001 Comm: syz.3.3849 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  299.601275][T19001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  299.603938][T19001] Call Trace:
[  299.604808][T19001]  <TASK>
[  299.605674][T19001]  dump_stack_lvl+0x16c/0x1f0
[  299.606902][T19001]  should_fail_ex+0x497/0x5b0
[  299.608088][T19001]  ? fs_reclaim_acquire+0xae/0x150
[  299.609476][T19001]  should_failslab+0xc2/0x120
[  299.610787][T19001]  __kmalloc_noprof+0xcb/0x400
[  299.612070][T19001]  ? d_absolute_path+0x137/0x1b0
[  299.613416][T19001]  tomoyo_encode2+0x100/0x3e0
[  299.614669][T19001]  tomoyo_encode+0x29/0x50
[  299.615907][T19001]  tomoyo_realpath_from_path+0x19d/0x720
[  299.617380][T19001]  tomoyo_path_number_perm+0x245/0x590
[  299.618768][T19001]  ? tomoyo_path_number_perm+0x232/0x590
[  299.620585][T19001]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  299.622611][T19001]  ? trace_lock_acquire+0x14a/0x1d0
[  299.624329][T19001]  ? lock_acquire+0x2f/0xb0
[  299.625520][T19001]  ? __fget_files+0x40/0x3f0
[  299.626830][T19001]  ? __fget_files+0x244/0x3f0
[  299.628107][T19001]  security_file_ioctl+0x9b/0x240
[  299.629400][T19001]  __x64_sys_ioctl+0xbb/0x220
[  299.630605][T19001]  do_syscall_64+0xcd/0x250
[  299.631814][T19001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.633323][T19001] RIP: 0033:0x7f809ef7e719
[  299.634474][T19001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.639639][T19001] RSP: 002b:00007f809fe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  299.641801][T19001] RAX: ffffffffffffffda RBX: 00007f809f135f80 RCX: 00007f809ef7e719
[  299.644236][T19001] RDX: 0000000020000180 RSI: 00000000c008561c RDI: 0000000000000003
[  299.646638][T19001] RBP: 00007f809fe37090 R08: 0000000000000000 R09: 0000000000000000
[  299.649044][T19001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.651459][T19001] R13: 0000000000000000 R14: 00007f809f135f80 R15: 00007ffd6f129b88
[  299.653900][T19001]  </TASK>
[  299.657125][ T5304] Bluetooth: hci1: command 0x0419 tx timeout
[  299.660587][T19001] ERROR: Out of memory at tomoyo_realpath_from_path.
[  299.734551][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  299.734563][   T39] audit: type=1400 audit(4318560425.747:3849): avc:  denied  { node_bind } for  pid=19019 comm="syz.4.3855" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  299.756299][T19020] sctp: [Deprecated]: syz.4.3855 (pid 19020) Use of int in max_burst socket option deprecated.
[  299.756299][T19020] Use struct sctp_assoc_value instead
[  299.832169][   T39] audit: type=1400 audit(4318560425.842:3850): avc:  denied  { setopt } for  pid=19019 comm="syz.4.3855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  299.832235][T19028] ax25_connect(): syz.4.3855 uses autobind, please contact jreuter@yaina.de
[  299.851035][   T39] audit: type=1400 audit(4318560425.863:3851): avc:  denied  { nosuid_transition } for  pid=19027 comm="syz.8.3856" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process2 permissive=1
[  299.861023][   T39] audit: type=1400 audit(4318560425.863:3852): avc:  denied  { transition } for  pid=19027 comm="syz.8.3856" path=2F6D656D66643AA39F6EB4645204693502ACCEE1889D5B4038D7CE1F2039497F151D933DB5E75C274CE6D28EBC294A7454447181CF81BAE531F5202864656C6574656429 dev="tmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  299.871339][   T39] audit: type=1400 audit(4318560425.863:3853): avc:  denied  { entrypoint } for  pid=19027 comm="syz.8.3856" path=2F6D656D66643AA39F6EB4645204693502ACCEE1889D5B4038D7CE1F2039497F151D933DB5E75C274CE6D28EBC294A7454447181CF81BAE531F5202864656C6574656429 dev="tmpfs" ino=51 scontext=system_u:object_r:hugetlbfs_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  299.881304][   T39] audit: type=1400 audit(4318560425.863:3854): avc:  denied  { share } for  pid=19027 comm="syz.8.3856" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  299.887084][   T39] audit: type=1400 audit(4318560425.863:3855): avc:  denied  { noatsecure } for  pid=19027 comm="syz.8.3856" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  299.939805][T19050] FAULT_INJECTION: forcing a failure.
[  299.939805][T19050] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.945400][T19050] CPU: 2 UID: 0 PID: 19050 Comm: syz.0.3861 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  299.949026][T19050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  299.952496][T19050] Call Trace:
[  299.953598][T19050]  <TASK>
[  299.954560][T19050]  dump_stack_lvl+0x16c/0x1f0
[  299.956078][T19050]  should_fail_ex+0x497/0x5b0
[  299.957653][T19050]  _copy_from_user+0x2e/0xd0
[  299.959161][T19050]  video_usercopy+0xed4/0x1600
[  299.960770][T19050]  ? __pfx___video_do_ioctl+0x10/0x10
[  299.962605][T19050]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  299.964924][T19050]  ? __pfx_video_usercopy+0x10/0x10
[  299.966692][T19050]  v4l2_ioctl+0x1ba/0x250
[  299.968106][T19050]  ? __pfx_v4l2_ioctl+0x10/0x10
[  299.969685][T19050]  __x64_sys_ioctl+0x18f/0x220
[  299.971224][T19050]  do_syscall_64+0xcd/0x250
[  299.972714][T19050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.974619][T19050] RIP: 0033:0x7f3c8097e719
[  299.975995][T19053] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3862'.
[  299.976053][T19050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.985713][T19050] RSP: 002b:00007f3c817a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  299.988508][T19050] RAX: ffffffffffffffda RBX: 00007f3c80b35f80 RCX: 00007f3c8097e719
[  299.990996][T19050] RDX: 0000000020000180 RSI: 00000000c008561c RDI: 0000000000000003
[  299.993482][T19050] RBP: 00007f3c817a0090 R08: 0000000000000000 R09: 0000000000000000
[  299.995965][T19050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.998707][T19050] R13: 0000000000000000 R14: 00007f3c80b35f80 R15: 00007ffe432861d8
[  300.001442][T19050]  </TASK>
[  300.198359][T19084] autofs: Unknown parameter '¼/ˆW@žËT'
[  300.250973][T19091] FAULT_INJECTION: forcing a failure.
[  300.250973][T19091] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.255860][T19091] CPU: 2 UID: 0 PID: 19091 Comm: syz.8.3874 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  300.258816][T19091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  300.261525][T19091] Call Trace:
[  300.262390][T19091]  <TASK>
[  300.263127][T19091]  dump_stack_lvl+0x16c/0x1f0
[  300.264663][T19091]  should_fail_ex+0x497/0x5b0
[  300.266323][T19091]  _copy_to_user+0x32/0xd0
[  300.267498][T19091]  video_usercopy+0xf37/0x1600
[  300.268841][T19091]  ? __pfx___video_do_ioctl+0x10/0x10
[  300.270266][T19091]  ? __pfx_video_usercopy+0x10/0x10
[  300.271638][T19091]  v4l2_ioctl+0x1ba/0x250
[  300.272770][T19091]  ? __pfx_v4l2_ioctl+0x10/0x10
[  300.274226][T19091]  __x64_sys_ioctl+0x18f/0x220
[  300.275561][T19091]  do_syscall_64+0xcd/0x250
[  300.276781][T19091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.278314][T19091] RIP: 0033:0x7f166777e719
[  300.279645][T19091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.284926][T19091] RSP: 002b:00007f16684a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  300.288001][T19091] RAX: ffffffffffffffda RBX: 00007f1667935f80 RCX: 00007f166777e719
[  300.290165][T19091] RDX: 0000000020000180 RSI: 00000000c008561c RDI: 0000000000000003
[  300.292122][T19091] RBP: 00007f16684a8090 R08: 0000000000000000 R09: 0000000000000000
[  300.294156][T19091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.296444][T19091] R13: 0000000000000000 R14: 00007f1667935f80 R15: 00007fff058d40e8
[  300.298447][T19091]  </TASK>
[  300.401640][ T5952] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  300.412470][   T39] audit: type=1400 audit(4318560426.451:3856): avc:  denied  { accept } for  pid=19098 comm="syz.3.3877" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  300.431757][   T39] audit: type=1400 audit(4318560426.472:3857): avc:  denied  { ioctl } for  pid=19098 comm="syz.3.3877" path="/dev/uinput" dev="devtmpfs" ino=943 ioctlcmd=0x5504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  300.440656][T19099] input: syz0 as /devices/virtual/input/input40
[  300.590671][ T9110] usb 13-1: new low-speed USB device number 19 using dummy_hcd
[  300.724002][ T9110] usb 13-1: device descriptor read/64, error -71
[  300.822827][T19125] FAULT_INJECTION: forcing a failure.
[  300.822827][T19125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.827180][T19125] CPU: 3 UID: 0 PID: 19125 Comm: syz.4.3883 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  300.830937][T19125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  300.834454][T19125] Call Trace:
[  300.835530][T19125]  <TASK>
[  300.836519][T19125]  dump_stack_lvl+0x16c/0x1f0
[  300.838028][T19125]  should_fail_ex+0x497/0x5b0
[  300.839811][T19125]  _copy_to_user+0x32/0xd0
[  300.841355][T19125]  simple_read_from_buffer+0xd0/0x160
[  300.843211][T19125]  proc_fail_nth_read+0x198/0x270
[  300.844848][T19125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  300.846422][T19125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  300.848188][T19125]  vfs_read+0x1df/0xbe0
[  300.849526][T19125]  ? __fget_files+0x23a/0x3f0
[  300.851089][T19125]  ? fdget_pos+0x24c/0x360
[  300.852612][T19125]  ? __pfx_lock_release+0x10/0x10
[  300.854284][T19125]  ? trace_lock_acquire+0x14a/0x1d0
[  300.856077][T19125]  ? __pfx_vfs_read+0x10/0x10
[  300.857543][T19125]  ? __pfx___mutex_lock+0x10/0x10
[  300.859344][T19125]  ? __fget_files+0x244/0x3f0
[  300.861094][T19125]  ksys_read+0x12f/0x260
[  300.862550][T19125]  ? __pfx_ksys_read+0x10/0x10
[  300.864176][T19125]  do_syscall_64+0xcd/0x250
[  300.865396][T19125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.866870][T19125] RIP: 0033:0x7f6d3c17d15c
[  300.868021][T19125] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  300.873897][T19125] RSP: 002b:00007f6d3cfe3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  300.876188][T19125] RAX: ffffffffffffffda RBX: 00007f6d3c335f80 RCX: 00007f6d3c17d15c
[  300.878772][T19125] RDX: 000000000000000f RSI: 00007f6d3cfe30a0 RDI: 0000000000000004
[  300.881660][T19125] RBP: 00007f6d3cfe3090 R08: 0000000000000000 R09: 0000000000000000
[  300.884362][T19125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.886941][T19125] R13: 0000000000000000 R14: 00007f6d3c335f80 R15: 00007ffef82352f8
[  300.888929][T19125]  </TASK>
[  300.962062][ T9110] usb 13-1: new low-speed USB device number 20 using dummy_hcd
[  301.085518][ T9110] usb 13-1: device descriptor read/64, error -71
[  301.136746][   T39] audit: type=1400 audit(4318560427.217:3858): avc:  denied  { read } for  pid=19145 comm="syz.4.3889" name="file0" dev="tmpfs" ino=234 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  301.190439][ T9110] usb usb13-port1: attempt power cycle
[  301.204661][T19148] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3889'.
[  301.514462][ T9110] usb 13-1: new low-speed USB device number 21 using dummy_hcd
[  301.534416][ T9110] usb 13-1: device descriptor read/8, error -71
[  301.771891][ T9110] usb 13-1: new low-speed USB device number 22 using dummy_hcd
[  301.791174][ T9110] usb 13-1: device descriptor read/8, error -71
[  301.904731][ T9110] usb usb13-port1: unable to enumerate USB device
[  301.932604][T19180] can: request_module (can-proto-0) failed.
[  302.026574][T19199] netlink: 'syz.4.3907': attribute type 7 has an invalid length.
[  302.029555][T19199] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3907'.
[  302.159067][T19211] ALSA: mixer_oss: invalid OSS volume 'DIGIT'
[  302.204020][T19218] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3913'.
[  302.210615][T19218] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  302.213866][T19218] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  302.217355][T19218] bridge1: entered promiscuous mode
[  302.574176][T19229] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3918'.
[  302.907020][T19240] mkiss: ax0: crc mode is auto.
[  303.121096][T15168] IPVS: starting estimator thread 0...
[  303.121602][T19258] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3927'.
[  303.125634][T19258] bond0: option ad_select: unable to set because the bond device is up
[  303.209339][T19260] IPVS: using max 34 ests per chain, 81600 per kthread
[  303.379588][T19297] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3940'.
[  303.382337][T19297] bond0: option ad_select: unable to set because the bond device is up
[  303.387295][T15168] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  303.533353][T15168] usb 5-1: Using ep0 maxpacket: 8
[  303.535940][T15168] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  303.538677][T15168] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  303.541041][T15168] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.544435][T15168] usb 5-1: config 0 descriptor??
[  303.745897][T15168] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  303.935982][   T30] usb 5-1: USB disconnect, device number 14
[  303.936032][    C1] iowarrior 5-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  303.942029][   T30] iowarrior 5-1:0.0: I/O-Warror #0 now disconnected
[  303.971303][ T1321] usb 13-1: new high-speed USB device number 23 using dummy_hcd
[  304.035498][T19329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3950'.
[  304.038010][T19329] bond0: option ad_select: unable to set because the bond device is up
[  304.140188][ T1321] usb 13-1: Using ep0 maxpacket: 8
[  304.147194][ T1321] usb 13-1: config index 0 descriptor too short (expected 5924, got 36)
[  304.150722][ T1321] usb 13-1: config 250 has an invalid interface number: 228 but max is -1
[  304.154083][ T1321] usb 13-1: config 250 has 1 interface, different from the descriptor's value: 0
[  304.156963][ T1321] usb 13-1: config 250 has no interface number 0
[  304.159013][ T1321] usb 13-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  304.162839][ T1321] usb 13-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  304.166401][ T1321] usb 13-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 26
[  304.169657][ T1321] usb 13-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  304.173872][ T1321] usb 13-1: config 250 interface 228 has no altsetting 0
[  304.177714][ T1321] usb 13-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  304.181218][ T1321] usb 13-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  304.183977][ T1321] usb 13-1: Product: syz
[  304.183997][ T1321] usb 13-1: SerialNumber: syz
[  304.188172][ T1321] hub 13-1:250.228: bad descriptor, ignoring hub
[  304.190668][ T1321] hub 13-1:250.228: probe with driver hub failed with error -5
[  304.266828][   T30] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  304.382598][ T1321] usblp 13-1:250.228: usblp0: USB Bidirectional printer dev 23 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  304.419294][   T30] usb 5-1: Using ep0 maxpacket: 8
[  304.426921][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  304.430114][   T30] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  304.432612][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.444662][   T30] usb 5-1: config 0 descriptor??
[  304.679410][    C2] usblp0: nonzero read bulk status received: -71
[  304.682747][   T30] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  304.756131][T19375] Failed to enqueue queue_pair DETACH event datagram for context (ID=0x0)
[  304.854805][   T30] usb 5-1: USB disconnect, device number 15
[  304.857387][   T30] iowarrior 5-1:0.0: I/O-Warror #1 now disconnected
[  305.048541][T19409] netlink: 'syz.3.3970': attribute type 9 has an invalid length.
[  305.053111][T19409] netlink: 134640 bytes leftover after parsing attributes in process `syz.3.3970'.
[  305.100823][T19413] ieee802154 phy0 wpan0: encryption failed: -22
[  305.106275][ T9110] usb 13-1: USB disconnect, device number 23
[  305.109322][ T9110] usblp0: removed
[  305.133389][   T39] kauditd_printk_skb: 5 callbacks suppressed
[  305.133406][   T39] audit: type=1326 audit(4318560431.376:3864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19414 comm="syz.3.3972" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f809ef7e719 code=0x0
[  305.438463][T19427] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3975'.
[  305.507112][T19434] No control pipe specified
[  305.819776][ T9110] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  305.919625][T19471] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  305.919625][T19471] The task syz.4.3988 (19471) triggered the difference, watch for misbehavior.
[  305.958690][ T9110] usb 8-1: device descriptor read/64, error -71
[  305.974253][T19478] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3990'.
[  306.206497][T19500] 9pnet_virtio: no channels available for device syz
[  306.236634][ T9110] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  306.258137][T19505] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3997'.
[  306.315305][T19509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3999'.
[  306.386289][ T9110] usb 8-1: device descriptor read/64, error -71
[  306.514675][ T9110] usb usb8-port1: attempt power cycle
[  306.619950][T19533] vxcan1: tx drop: invalid sa for name 0x0000000000000003
[  306.628664][T19533] ufs: failed to set blocksize
[  306.672259][T19539] loop2: detected capacity change from 0 to 7
[  306.685510][T19539] Dev loop2: unable to read RDB block 7
[  306.685539][T19541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4009'.
[  306.687464][T19539]  loop2: unable to read partition table
[  306.687599][T19539] loop2: partition table beyond EOD, truncated
[  306.694070][T19539] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  306.757876][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.758525][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.765187][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.769621][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.774929][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.779287][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.783158][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.786593][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.790060][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.794301][T19554] syz.8.4013[19554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  306.810269][T19556] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4015'.
[  306.888753][ T9110] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  306.921883][ T9110] usb 8-1: device descriptor read/8, error -71
[  307.198464][ T9110] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  307.220374][ T9110] usb 8-1: device descriptor read/8, error -71
[  307.337585][ T9110] usb usb8-port1: unable to enumerate USB device
[  307.401538][ T5293] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  307.565075][ T5293] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  307.567514][ T5293] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.569647][ T5293] usb 9-1: Product: syz
[  307.570767][ T5293] usb 9-1: Manufacturer: syz
[  307.572075][ T5293] usb 9-1: SerialNumber: syz
[  307.575751][ T5293] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  307.591246][ T5293] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  307.811924][   T39] audit: type=1400 audit(4318560433.883:3865): avc:  denied  { ioctl } for  pid=19584 comm="syz.8.4024" path="/dev/usbmon0" dev="devtmpfs" ino=737 ioctlcmd=0x9203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  307.847668][T19587] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4025'.
[  307.848033][T19589] netlink: 928 bytes leftover after parsing attributes in process `syz.8.4026'.
[  307.850852][T19587] unsupported nlmsg_type 40
[  307.942866][T19595] overlayfs: failed to resolve './file1': -2
[  308.043337][   T57] usb 9-1: USB disconnect, device number 4
[  308.092915][T19608] ip6t_srh: unknown srh match flags  B153
[  308.440073][T19635] ALSA: seq fatal error: cannot create timer (-22)
[  308.464894][   T39] audit: type=1400 audit(4318560434.491:3866): avc:  denied  { map } for  pid=19578 comm="syz.4.4021" path="/dev/input/event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  308.754809][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  308.756373][ T5293] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive
[  308.756471][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  308.758302][ T5293] ath9k_htc: Failed to initialize the device
[  308.763475][   T57] usb 9-1: ath9k_htc: USB layer deinitialized
[  308.996679][T19649] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4044'.
[  309.069398][   T57] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  309.243265][   T57] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  309.245801][   T57] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.247764][   T57] usb 9-1: Product: syz
[  309.248833][   T57] usb 9-1: Manufacturer: syz
[  309.250014][   T57] usb 9-1: SerialNumber: syz
[  309.364294][   T57] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  309.375624][ T5293] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  309.424896][T19666] xt_socket: unknown flags 0xc
[  309.584563][   T39] audit: type=1400 audit(4318560435.549:3867): avc:  denied  { read } for  pid=19675 comm="syz.3.4049" path="socket:[90572]" dev="sockfs" ino=90572 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  309.908728][   T57] usb 9-1: USB disconnect, device number 5
[  310.030984][ T5304] Bluetooth: hci1: command 0x0419 tx timeout
[  310.399431][T19682] netlink: 'syz.4.4050': attribute type 11 has an invalid length.
[  310.448469][T19684] xt_nat: multiple ranges no longer supported
[  310.458296][ T5293] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive
[  310.460551][ T5293] ath9k_htc: Failed to initialize the device
[  310.463175][   T57] usb 9-1: ath9k_htc: USB layer deinitialized
[  310.906264][T19712] __nla_validate_parse: 2 callbacks suppressed
[  310.906276][T19712] netlink: 88 bytes leftover after parsing attributes in process `syz.3.4060'.
[  310.912177][T19712] openvswitch: netlink: Message has 168 unknown bytes.
[  311.537459][T19726] overlayfs: refusing to follow metacopy origin for (/file0)
[  311.650023][T19608] warn_alloc: 4 callbacks suppressed
[  311.650042][T19608] syz.8.4031: vmalloc error: size 3932160, failed to allocated page array size 7680, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  311.659006][T19608] CPU: 3 UID: 0 PID: 19608 Comm: syz.8.4031 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  311.662385][T19608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  311.666039][T19608] Call Trace:
[  311.667141][T19608]  <TASK>
[  311.668264][T19608]  dump_stack_lvl+0x16c/0x1f0
[  311.670044][T19608]  warn_alloc+0x24d/0x3a0
[  311.671969][T19608]  ? __pfx_warn_alloc+0x10/0x10
[  311.673841][T19608]  ? __get_vm_area_node+0x190/0x2d0
[  311.675759][T19608]  ? __get_vm_area_node+0x1bc/0x2d0
[  311.678069][T19608]  __vmalloc_node_range_noprof+0x114a/0x15a0
[  311.680215][T19608]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  311.682552][T19608]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  311.685073][T19608]  ? __get_vm_area_node+0x190/0x2d0
[  311.687082][T19608]  ? __get_vm_area_node+0x1bc/0x2d0
[  311.688991][T19608]  __vmalloc_node_range_noprof+0xd85/0x15a0
[  311.691027][T19608]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  311.693147][T19608]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  311.695332][T19608]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  311.697566][T19608]  ? rcu_is_watching+0x12/0xc0
[  311.699446][T19608]  ? rcu_is_watching+0x12/0xc0
[  311.701246][T19608]  ? trace_kmalloc+0x2d/0xe0
[  311.703103][T19608]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[  311.705273][T19608]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  311.707689][T19608]  __kvmalloc_node_noprof+0x14f/0x1a0
[  311.709680][T19608]  ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  311.711724][T19608]  __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[  311.713811][T19608]  vivid_update_format_cap+0x127b/0x2530
[  311.715771][T19608]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  311.717947][T19608]  ? v4l2_find_dv_timings_cap+0x133/0x450
[  311.720070][T19608]  ? v4l2_match_dv_timings+0x1df/0x1010
[  311.721737][T19608]  vivid_vid_cap_s_dv_timings+0xc0f/0xfb0
[  311.723439][T19608]  vidioc_s_dv_timings+0xa5/0xc0
[  311.725324][T19608]  ? v4l_stub_s_dv_timings+0x1b/0x60
[  311.727296][T19608]  __video_do_ioctl+0xaf0/0xf00
[  311.728934][T19608]  ? __pfx___video_do_ioctl+0x10/0x10
[  311.730862][T19608]  ? __might_fault+0xe3/0x190
[  311.732548][T19608]  video_usercopy+0x4ce/0x1600
[  311.734212][T19608]  ? __pfx___video_do_ioctl+0x10/0x10
[  311.736030][T19608]  ? __pfx_video_usercopy+0x10/0x10
[  311.737782][T19608]  v4l2_ioctl+0x1ba/0x250
[  311.739384][T19608]  ? __pfx_v4l2_ioctl+0x10/0x10
[  311.741295][T19608]  __x64_sys_ioctl+0x18f/0x220
[  311.743133][T19608]  do_syscall_64+0xcd/0x250
[  311.744422][T19608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.746030][T19608] RIP: 0033:0x7f166777e719
[  311.747247][T19608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.752357][T19608] RSP: 002b:00007f16684a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  311.755256][T19608] RAX: ffffffffffffffda RBX: 00007f1667935f80 RCX: 00007f166777e719
[  311.757977][T19608] RDX: 0000000020000040 RSI: 00000000c0845657 RDI: 0000000000000003
[  311.760640][T19608] RBP: 00007f16677f175e R08: 0000000000000000 R09: 0000000000000000
[  311.763120][T19608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  311.765942][T19608] R13: 0000000000000000 R14: 00007f1667935f80 R15: 00007fff058d40e8
[  311.768909][T19608]  </TASK>
[  311.770086][    C3] vkms_vblank_simulate: vblank timer overrun
[  311.775615][T19608] Mem-Info:
[  311.776707][T19608] active_anon:7281 inactive_anon:2332 isolated_anon:0
[  311.776707][T19608]  active_file:2356 inactive_file:53757 isolated_file:0
[  311.776707][T19608]  unevictable:1596 dirty:146 writeback:0
[  311.776707][T19608]  slab_reclaimable:8093 slab_unreclaimable:92457
[  311.776707][T19608]  mapped:18805 shmem:2487 pagetables:1262
[  311.776707][T19608]  sec_pagetables:320 bounce:0
[  311.776707][T19608]  kernel_misc_reclaimable:0
[  311.776707][T19608]  free:378679 free_pcp:12321 free_cma:0
[  311.793394][T19608] Node 0 active_anon:26672kB inactive_anon:9328kB active_file:9424kB inactive_file:214924kB unevictable:3044kB isolated(anon):0kB isolated(file):0kB mapped:75216kB dirty:584kB writeback:0kB shmem:6408kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:14992kB pagetables:5088kB sec_pagetables:1280kB all_unreclaimable? yes
[  311.803737][T19608] Node 1 active_anon:408kB inactive_anon:0kB active_file:0kB inactive_file:104kB unevictable:3340kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  311.814835][T19608] Node 0 DMA free:2360kB boost:2048kB min:2388kB low:2472kB high:2556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:284kB local_pcp:156kB free_cma:0kB
[  311.821999][T19608] lowmem_reserve[]: 0 1214 0 0 0
[  311.823236][T19608] Node 0 DMA32 free:59408kB boost:24576kB min:52212kB low:59120kB high:66028kB reserved_highatomic:0KB active_anon:26672kB inactive_anon:9328kB active_file:9424kB inactive_file:214924kB unevictable:3044kB writepending:584kB present:2080628kB managed:1272192kB mlocked:0kB bounce:0kB free_pcp:8888kB local_pcp:8188kB free_cma:0kB
[  311.833137][T19608] lowmem_reserve[]: 0 0 0 0 0
[  311.834696][T19608] Node 1 Normal free:1455004kB boost:0kB min:39600kB low:49500kB high:59400kB reserved_highatomic:0KB active_anon:284kB inactive_anon:0kB active_file:0kB inactive_file:104kB unevictable:3340kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:40824kB local_pcp:1240kB free_cma:0kB
[  311.836309][T19735] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4069'.
[  311.842117][T19608] lowmem_reserve[]:
[  311.844313][T19735] bond0: option ad_select: unable to set because the bond device is up
[  311.844356][T19608]  0 0 0 0 0
[  311.850532][T19608] Node 0 DMA: 0*4kB 1*8kB (U) 2*16kB (UM) 1*32kB (U) 2*64kB (UM) 1*128kB (M) 2*256kB (UM) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2376kB
[  311.855458][T19608] Node 0 DMA32: 56*4kB (U) 176*8kB (UME) 76*16kB (UME) 211*32kB (UME) 77*64kB (UME) 39*128kB (UME) 12*256kB (UME) 9*512kB (UME) 9*1024kB (UM) 9*2048kB (M) 1*4096kB (U) = 58944kB
[  311.860168][T19608] Node 1 Normal: 2*4kB (UE) 3*8kB (UE) 2*16kB (E) 8*32kB (ME) 10*64kB (E) 4*128kB (UME) 1*256kB (M) 5*512kB (UME) 30*1024kB (UME) 9*2048kB (UM) 342*4096kB (UM) = 1454272kB
[  311.865929][T19608] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  311.868456][T19608] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  311.870882][T19608] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  311.873653][T19608] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  311.879742][T19608] 58601 total pagecache pages
[  311.881667][T19608] 1 pages in swap cache
[  311.883245][T19608] Free swap  = 124176kB
[  311.884772][T19608] Total swap = 124996kB
[  311.886297][T19608] 1048443 pages RAM
[  311.887532][T19608] 0 pages HighMem/MovableOnly
[  311.889065][T19608] 281074 pages reserved
[  311.890959][T19608] 0 pages cma reserved
[  312.006991][T19742] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4072'.
[  312.010398][T11304] bond0: (slave bond_slave_0): interface is now down
[  312.012945][T11304] bond0: (slave bond_slave_1): interface is now down
[  312.017099][T19742] bond0: option ad_select: unable to set because the bond device is up
[  312.238155][T11303] bond0: (slave bond_slave_0): interface is now down
[  312.240459][T11303] bond0: (slave bond_slave_1): interface is now down
[  312.251595][T11303] bond0: now running without any active interface!
[  312.317667][T19747] Cannot find add_set index 0 as target
[  312.355951][T19749] program syz.3.4075 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  312.454148][T19757] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4078'.
[  312.458064][T19757] bond0: option ad_select: unable to set because the bond device is up
[  312.552376][T19761] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4080'.
[  312.798828][T15387] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  312.809570][   T39] audit: type=1326 audit(4318560438.552:3868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.815427][   T39] audit: type=1326 audit(4318560438.552:3869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.821721][   T39] audit: type=1326 audit(4318560438.552:3870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.827950][   T39] audit: type=1326 audit(4318560438.552:3871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.836236][   T39] audit: type=1326 audit(4318560438.552:3872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.842420][   T39] audit: type=1326 audit(4318560438.552:3873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.847956][   T39] audit: type=1326 audit(4318560438.552:3874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.856161][   T39] audit: type=1326 audit(4318560438.552:3875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.862982][   T39] audit: type=1326 audit(4318560438.552:3876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.869101][   T39] audit: type=1326 audit(4318560438.552:3877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19766 comm="syz.8.4083" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f166777e719 code=0x7fc00000
[  312.933945][T19772] FAULT_INJECTION: forcing a failure.
[  312.933945][T19772] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.940243][T19772] CPU: 0 UID: 0 PID: 19772 Comm: syz.8.4085 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  312.944234][T19772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  312.947658][T19772] Call Trace:
[  312.948841][T19772]  <TASK>
[  312.949653][T19772]  dump_stack_lvl+0x16c/0x1f0
[  312.951162][T19772]  should_fail_ex+0x497/0x5b0
[  312.952481][T19772]  _copy_from_user+0x2e/0xd0
[  312.953742][T19772]  copy_msghdr_from_user+0x99/0x160
[  312.955367][T19772]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  312.957461][T19772]  ? __pfx___lock_acquire+0x10/0x10
[  312.959187][T19772]  ___sys_sendmsg+0xff/0x1e0
[  312.960608][T19772]  ? __pfx____sys_sendmsg+0x10/0x10
[  312.962402][T19772]  ? lock_acquire+0x2f/0xb0
[  312.963921][T19772]  ? __fget_files+0x40/0x3f0
[  312.965196][T19772]  ? fdget+0x176/0x210
[  312.966308][T19772]  __sys_sendmsg+0x117/0x1f0
[  312.967823][T19772]  ? __pfx___sys_sendmsg+0x10/0x10
[  312.969508][T19772]  ? __fget_files+0x244/0x3f0
[  312.971209][T19772]  do_syscall_64+0xcd/0x250
[  312.972705][T19772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.974638][T19772] RIP: 0033:0x7f166777e719
[  312.976227][T19772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.983210][T19772] RSP: 002b:00007f16684a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  312.985880][T19772] RAX: ffffffffffffffda RBX: 00007f1667935f80 RCX: 00007f166777e719
[  312.988475][T19772] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000004
[  312.990719][T19772] RBP: 00007f16684a8090 R08: 0000000000000000 R09: 0000000000000000
[  312.993265][T19772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.995340][T19772] R13: 0000000000000000 R14: 00007f1667935f80 R15: 00007fff058d40e8
[  312.997950][T19772]  </TASK>
[  313.001949][T15387] usb 9-1: Using ep0 maxpacket: 32
[  313.007954][T15387] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  313.027242][T15387] usb 9-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  313.029752][T15387] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.031987][T15387] usb 9-1: Product: syz
[  313.033152][T15387] usb 9-1: Manufacturer: syz
[  313.034588][T15387] usb 9-1: SerialNumber: syz
[  313.041411][T15387] usb 9-1: config 0 descriptor??
[  313.043573][T19763] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  313.056554][T15387] hub 9-1:0.0: bad descriptor, ignoring hub
[  313.058565][T15387] hub 9-1:0.0: probe with driver hub failed with error -5
[  313.061785][T15387] input: syz syz as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input44
[  313.231087][T19786] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4088'.
[  313.234250][T19786] bond0: option ad_select: unable to set because the bond device is up
[  313.274825][T19763] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4081'.
[  313.358877][T15387] usb 9-1: USB disconnect, device number 6
[  313.361014][    C3] usbtouchscreen 9-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  313.487438][T19800] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19800 comm=syz.3.4092
[  313.492644][T19800] netlink: 'syz.3.4092': attribute type 1 has an invalid length.
[  313.511890][T19800] bond1: entered promiscuous mode
[  313.513238][T19800] bond1: entered allmulticast mode
[  313.515373][T19800] 8021q: adding VLAN 0 to HW filter on device bond1
[  313.527874][T19800] 8021q: adding VLAN 0 to HW filter on device batadv1
[  313.534423][T19800] bond1: (slave batadv1): making interface the new active one
[  313.537903][T19800] batadv1: entered promiscuous mode
[  313.539942][T19800] batadv1: entered allmulticast mode
[  313.543148][T19800] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  313.595299][T19803] xt_connbytes: Forcing CT accounting to be enabled
[  313.598091][T19803] xt_bpf: check failed: parse error
[  313.959440][T19821] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4098'.
[  313.963071][T19821] bond0: option ad_select: unable to set because the bond device is up
[  314.007601][T19824] netlink: 'syz.4.4099': attribute type 2 has an invalid length.
[  314.012076][T19824] : entered promiscuous mode
[  314.090230][T19829] vlan2: entered allmulticast mode
[  314.094026][T19829] bond0: entered allmulticast mode
[  314.095667][T19829] bond_slave_0: entered allmulticast mode
[  314.097170][T19829] bond_slave_1: entered allmulticast mode
[  314.098875][T19829] syz_tun: entered allmulticast mode
[  314.100735][T19829] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  314.106971][T19829] bond0: left allmulticast mode
[  314.108739][T19829] bond_slave_0: left allmulticast mode
[  314.110619][T19829] bond_slave_1: left allmulticast mode
[  314.112623][T19829] syz_tun: left allmulticast mode
[  314.115455][T19829] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[  314.300462][T19840] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  314.333668][T19842] FAULT_INJECTION: forcing a failure.
[  314.333668][T19842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.338948][T19842] CPU: 3 UID: 0 PID: 19842 Comm: syz.8.4106 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  314.341966][T19842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  314.345102][T19842] Call Trace:
[  314.346065][T19842]  <TASK>
[  314.346852][T19842]  dump_stack_lvl+0x16c/0x1f0
[  314.348302][T19842]  should_fail_ex+0x497/0x5b0
[  314.349649][T19842]  _copy_from_user+0x2e/0xd0
[  314.350887][T19842]  input_event_from_user+0x134/0x3b0
[  314.352207][T19842]  ? __pfx_input_event_from_user+0x10/0x10
[  314.353667][T19842]  ? __pfx___might_resched+0x10/0x10
[  314.354977][T19842]  ? input_inject_event+0x193/0x370
[  314.356273][T19842]  evdev_write+0x377/0x750
[  314.357408][T19842]  ? __pfx_evdev_write+0x10/0x10
[  314.358713][T19842]  ? bpf_lsm_file_permission+0x9/0x10
[  314.360177][T19842]  ? security_file_permission+0x71/0x210
[  314.361591][T19842]  ? __pfx_evdev_write+0x10/0x10
[  314.362840][T19842]  vfs_write+0x24c/0x1150
[  314.363933][T19842]  ? __fget_files+0x23a/0x3f0
[  314.365163][T19842]  ? __pfx_lock_release+0x10/0x10
[  314.366443][T19842]  ? trace_lock_acquire+0x14a/0x1d0
[  314.367791][T19842]  ? __pfx_vfs_write+0x10/0x10
[  314.369001][T19842]  ? lock_acquire+0x2f/0xb0
[  314.370135][T19842]  ? __fget_files+0x40/0x3f0
[  314.371279][T19842]  ? __fget_files+0x244/0x3f0
[  314.372508][T19842]  ksys_write+0x1fa/0x260
[  314.373634][T19842]  ? __pfx_ksys_write+0x10/0x10
[  314.374905][T19842]  do_syscall_64+0xcd/0x250
[  314.376168][T19842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.377804][T19842] RIP: 0033:0x7f166777e719
[  314.379036][T19842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.384803][T19842] RSP: 002b:00007f16684a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  314.387352][T19842] RAX: ffffffffffffffda RBX: 00007f1667935f80 RCX: 00007f166777e719
[  314.390407][T19842] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  314.393259][T19842] RBP: 00007f16684a8090 R08: 0000000000000000 R09: 0000000000000000
[  314.395576][T19842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.397659][T19842] R13: 0000000000000000 R14: 00007f1667935f80 R15: 00007fff058d40e8
[  314.399757][T19842]  </TASK>
[  314.434256][ T5989] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  314.451873][T19853] netlink: 72 bytes leftover after parsing attributes in process `syz.3.4109'.
[  314.454698][T19853] netlink: 'syz.3.4109': attribute type 2 has an invalid length.
[  314.459310][T19853] netlink: 'syz.3.4109': attribute type 2 has an invalid length.
[  314.533770][T19858] FAULT_INJECTION: forcing a failure.
[  314.533770][T19858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.537103][T19858] CPU: 3 UID: 0 PID: 19858 Comm: syz.3.4111 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  314.539774][T19858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  314.542558][T19858] Call Trace:
[  314.543475][T19858]  <TASK>
[  314.544219][T19858]  dump_stack_lvl+0x16c/0x1f0
[  314.545440][T19858]  should_fail_ex+0x497/0x5b0
[  314.546686][T19858]  _copy_from_iter+0x2a1/0x1560
[  314.547936][T19858]  ? __pfx__copy_from_iter+0x10/0x10
[  314.549393][T19858]  ? __virt_addr_valid+0x1a4/0x590
[  314.550725][T19858]  ? __virt_addr_valid+0x5e/0x590
[  314.552244][T19858]  ? __phys_addr_symbol+0x30/0x80
[  314.553531][T19858]  ? __check_object_size+0x488/0x710
[  314.554946][T19858]  netlink_sendmsg+0x813/0xd70
[  314.556126][T19858]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.557643][T19858]  ____sys_sendmsg+0xaaf/0xc90
[  314.558997][T19858]  ? copy_msghdr_from_user+0x10b/0x160
[  314.560484][T19858]  ? __pfx_____sys_sendmsg+0x10/0x10
[  314.561930][T19858]  ? __pfx___lock_acquire+0x10/0x10
[  314.563456][T19858]  ___sys_sendmsg+0x135/0x1e0
[  314.564661][T19858]  ? __pfx____sys_sendmsg+0x10/0x10
[  314.565948][T19858]  ? lock_acquire+0x2f/0xb0
[  314.567155][T19858]  ? __fget_files+0x40/0x3f0
[  314.568308][T19858]  ? fdget+0x176/0x210
[  314.569316][T19858]  __sys_sendmsg+0x117/0x1f0
[  314.570539][T19858]  ? __pfx___sys_sendmsg+0x10/0x10
[  314.571849][T19858]  ? __fget_files+0x244/0x3f0
[  314.573348][T19858]  do_syscall_64+0xcd/0x250
[  314.574651][T19858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.576161][T19858] RIP: 0033:0x7f809ef7e719
[  314.577272][T19858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.582038][T19858] RSP: 002b:00007f809fe37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.584147][T19858] RAX: ffffffffffffffda RBX: 00007f809f135f80 RCX: 00007f809ef7e719
[  314.586099][T19858] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000004
[  314.588023][T19858] RBP: 00007f809fe37090 R08: 0000000000000000 R09: 0000000000000000
[  314.589955][T19858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.591951][T19858] R13: 0000000000000000 R14: 00007f809f135f80 R15: 00007ffd6f129b88
[  314.593886][T19858]  </TASK>
[  314.615869][ T5989] usb 9-1: Using ep0 maxpacket: 8
[  314.618433][ T5989] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  314.621292][T19860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4112'.
[  314.623677][ T5989] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  314.626196][ T5989] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.634000][ T5989] usb 9-1: config 0 descriptor??
[  314.746425][ T5997] usb 13-1: new high-speed USB device number 24 using dummy_hcd
[  314.758725][T19868] netlink: 'syz.3.4115': attribute type 10 has an invalid length.
[  314.767076][T19868] 8021q: adding VLAN 0 to HW filter on device team0
[  314.770029][T19868] bond0: (slave team0): Enslaving as an active interface with an up link
[  314.834389][T19871] FAULT_INJECTION: forcing a failure.
[  314.834389][T19871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.837701][T19871] CPU: 1 UID: 0 PID: 19871 Comm: syz.3.4116 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  314.840423][T19871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  314.843077][T19871] Call Trace:
[  314.844018][T19871]  <TASK>
[  314.844746][T19871]  dump_stack_lvl+0x16c/0x1f0
[  314.845899][T19871]  should_fail_ex+0x497/0x5b0
[  314.847288][T19871]  _copy_from_user+0x2e/0xd0
[  314.848479][T19871]  input_event_from_user+0x134/0x3b0
[  314.849819][T19871]  ? __pfx_input_event_from_user+0x10/0x10
[  314.851300][T19871]  ? __pfx___might_resched+0x10/0x10
[  314.852644][T19871]  ? input_inject_event+0x193/0x370
[  314.853422][ T5989] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  314.854011][T19871]  evdev_write+0x377/0x750
[  314.857649][T19871]  ? __pfx_evdev_write+0x10/0x10
[  314.858923][T19871]  ? bpf_lsm_file_permission+0x9/0x10
[  314.860422][T19871]  ? security_file_permission+0x71/0x210
[  314.861891][T19871]  ? __pfx_evdev_write+0x10/0x10
[  314.863183][T19871]  vfs_write+0x24c/0x1150
[  314.864261][T19871]  ? __fget_files+0x23a/0x3f0
[  314.865541][T19871]  ? __pfx_lock_release+0x10/0x10
[  314.866764][T19871]  ? trace_lock_acquire+0x14a/0x1d0
[  314.868170][T19871]  ? __pfx_vfs_write+0x10/0x10
[  314.869382][T19871]  ? lock_acquire+0x2f/0xb0
[  314.870583][T19871]  ? __fget_files+0x40/0x3f0
[  314.871824][T19871]  ? __fget_files+0x244/0x3f0
[  314.873012][T19871]  ksys_write+0x1fa/0x260
[  314.874080][T19871]  ? __pfx_ksys_write+0x10/0x10
[  314.875385][T19871]  do_syscall_64+0xcd/0x250
[  314.876530][T19871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.878001][T19871] RIP: 0033:0x7f809ef7e719
[  314.879177][T19871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.884002][T19871] RSP: 002b:00007f809fe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  314.886027][T19871] RAX: ffffffffffffffda RBX: 00007f809f135f80 RCX: 00007f809ef7e719
[  314.887969][T19871] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  314.889900][T19871] RBP: 00007f809fe37090 R08: 0000000000000000 R09: 0000000000000000
[  314.891839][T19871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.893756][T19871] R13: 0000000000000000 R14: 00007f809f135f80 R15: 00007ffd6f129b88
[  314.895691][T19871]  </TASK>
[  314.905043][ T5997] usb 13-1: Using ep0 maxpacket: 8
[  314.909167][ T5997] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  314.911521][ T5997] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  314.913985][ T5997] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  314.917161][ T5997] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  314.920475][ T5997] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  314.923122][ T5997] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.069189][    C0] iowarrior 9-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  315.069187][ T9110] usb 9-1: USB disconnect, device number 7
[  315.074287][ T9110] iowarrior 9-1:0.0: I/O-Warror #0 now disconnected
[  315.130924][T19882] netlink: 'syz.3.4120': attribute type 2 has an invalid length.
[  315.146247][ T5997] usb 13-1: GET_CAPABILITIES returned 0
[  315.147659][ T5997] usbtmc 13-1:16.0: can't read capabilities
[  315.154880][T19884] FAULT_INJECTION: forcing a failure.
[  315.154880][T19884] name failslab, interval 1, probability 0, space 0, times 0
[  315.158294][T19884] CPU: 1 UID: 0 PID: 19884 Comm: syz.3.4121 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  315.161287][T19884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  315.164160][T19884] Call Trace:
[  315.165077][T19884]  <TASK>
[  315.165849][T19884]  dump_stack_lvl+0x16c/0x1f0
[  315.167076][T19884]  should_fail_ex+0x497/0x5b0
[  315.168300][T19884]  ? fs_reclaim_acquire+0xae/0x150
[  315.169611][T19884]  should_failslab+0xc2/0x120
[  315.170815][T19884]  __kmalloc_cache_noprof+0x6b/0x300
[  315.172243][T19884]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  315.174075][T19884]  ? genl_start+0x1e7/0x950
[  315.175253][T19884]  genl_start+0x1e7/0x950
[  315.176351][T19884]  __netlink_dump_start+0x607/0x970
[  315.177714][T19884]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  315.179186][T19884]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  315.180810][T19884]  ? __pfx_genl_get_cmd+0x10/0x10
[  315.182087][T19884]  ? __pfx_genl_start+0x10/0x10
[  315.183352][T19884]  ? __pfx_genl_dumpit+0x10/0x10
[  315.184659][T19884]  ? __pfx_genl_done+0x10/0x10
[  315.185955][T19884]  ? __radix_tree_lookup+0x21f/0x2c0
[  315.187419][T19884]  genl_rcv_msg+0x470/0x800
[  315.188769][T19884]  ? __pfx_genl_rcv_msg+0x10/0x10
[  315.190153][T19884]  ? __pfx_smc_pnet_dump_start+0x10/0x10
[  315.191604][T19884]  ? __pfx_smc_pnet_dump+0x10/0x10
[  315.192933][T19884]  ? __pfx___lock_acquire+0x10/0x10
[  315.194252][T19884]  netlink_rcv_skb+0x16b/0x440
[  315.195446][T19884]  ? __pfx_genl_rcv_msg+0x10/0x10
[  315.196695][T19884]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  315.198032][T19884]  ? down_read+0xc9/0x330
[  315.199152][T19884]  ? __pfx_down_read+0x10/0x10
[  315.200360][T19884]  ? netlink_deliver_tap+0x1ae/0xd90
[  315.201679][T19884]  ? selinux_nlmsg_lookup+0x265/0x4b0
[  315.203036][T19884]  genl_rcv+0x28/0x40
[  315.204026][T19884]  netlink_unicast+0x53c/0x7f0
[  315.205404][T19884]  ? __pfx_netlink_unicast+0x10/0x10
[  315.206755][T19884]  netlink_sendmsg+0x8b8/0xd70
[  315.207995][T19884]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.209419][T19884]  ____sys_sendmsg+0xaaf/0xc90
[  315.210624][T19884]  ? copy_msghdr_from_user+0x10b/0x160
[  315.212057][T19884]  ? __pfx_____sys_sendmsg+0x10/0x10
[  315.213432][T19884]  ? __pfx___lock_acquire+0x10/0x10
[  315.214791][T19884]  ___sys_sendmsg+0x135/0x1e0
[  315.215997][T19884]  ? __pfx____sys_sendmsg+0x10/0x10
[  315.217294][T19884]  ? lock_acquire+0x2f/0xb0
[  315.218456][T19884]  ? __fget_files+0x40/0x3f0
[  315.219660][T19884]  ? fdget+0x176/0x210
[  315.220695][T19884]  __sys_sendmsg+0x117/0x1f0
[  315.221855][T19884]  ? __pfx___sys_sendmsg+0x10/0x10
[  315.223198][T19884]  ? __fget_files+0x244/0x3f0
[  315.224518][T19884]  do_syscall_64+0xcd/0x250
[  315.225856][T19884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.227760][T19884] RIP: 0033:0x7f809ef7e719
[  315.228960][T19884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.234432][T19884] RSP: 002b:00007f809fe37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.236980][T19884] RAX: ffffffffffffffda RBX: 00007f809f135f80 RCX: 00007f809ef7e719
[  315.239538][T19884] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000004
[  315.241882][T19884] RBP: 00007f809fe37090 R08: 0000000000000000 R09: 0000000000000000
[  315.243902][T19884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.245956][T19884] R13: 0000000000000000 R14: 00007f809f135f80 R15: 00007ffd6f129b88
[  315.248038][T19884]  </TASK>
[  315.334673][T19893] xt_hashlimit: size too large, truncated to 1048576
[  315.364595][   T57] usb 13-1: USB disconnect, device number 24
[  315.906528][T19898] FAULT_INJECTION: forcing a failure.
[  315.906528][T19898] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.910147][T19898] CPU: 3 UID: 0 PID: 19898 Comm: syz.4.4125 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  315.912755][T19898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  315.915336][T19898] Call Trace:
[  315.916155][T19898]  <TASK>
[  315.916916][T19898]  dump_stack_lvl+0x16c/0x1f0
[  315.918129][T19898]  should_fail_ex+0x497/0x5b0
[  315.919413][T19898]  _copy_from_user+0x2e/0xd0
[  315.920696][T19898]  input_event_from_user+0x134/0x3b0
[  315.922129][T19898]  ? __pfx_input_event_from_user+0x10/0x10
[  315.923731][T19898]  ? __pfx___might_resched+0x10/0x10
[  315.925230][T19898]  ? input_inject_event+0x193/0x370
[  315.926525][T19898]  evdev_write+0x377/0x750
[  315.927633][T19898]  ? __pfx_evdev_write+0x10/0x10
[  315.928932][T19898]  ? bpf_lsm_file_permission+0x9/0x10
[  315.930238][T19898]  ? security_file_permission+0x71/0x210
[  315.931670][T19898]  ? __pfx_evdev_write+0x10/0x10
[  315.932927][T19898]  vfs_write+0x24c/0x1150
[  315.934052][T19898]  ? __fget_files+0x23a/0x3f0
[  315.935286][T19898]  ? __pfx_lock_release+0x10/0x10
[  315.936604][T19898]  ? trace_lock_acquire+0x14a/0x1d0
[  315.937922][T19898]  ? __pfx_vfs_write+0x10/0x10
[  315.939206][T19898]  ? lock_acquire+0x2f/0xb0
[  315.940406][T19898]  ? __fget_files+0x40/0x3f0
[  315.941559][T19898]  ? __fget_files+0x244/0x3f0
[  315.942771][T19898]  ksys_write+0x1fa/0x260
[  315.943835][T19898]  ? __pfx_ksys_write+0x10/0x10
[  315.945081][T19898]  do_syscall_64+0xcd/0x250
[  315.946232][T19898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.947786][T19898] RIP: 0033:0x7f6d3c17e719
[  315.948968][T19898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.953809][T19898] RSP: 002b:00007f6d3cfe3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  315.955848][T19898] RAX: ffffffffffffffda RBX: 00007f6d3c335f80 RCX: 00007f6d3c17e719
[  315.957793][T19898] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  315.959734][T19898] RBP: 00007f6d3cfe3090 R08: 0000000000000000 R09: 0000000000000000
[  315.961718][T19898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.963617][T19898] R13: 0000000000000000 R14: 00007f6d3c335f80 R15: 00007ffef82352f8
[  315.965527][T19898]  </TASK>
[  316.062302][T19921] "syz.8.4133" (19921) uses obsolete ecb(arc4) skcipher
[  316.607281][T19933] netlink: 'syz.4.4138': attribute type 10 has an invalid length.
[  316.610493][T19933] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.612718][T19933] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.618535][T19933] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.620377][T19933] bridge0: port 2(bridge_slave_1) entered forwarding state
[  316.622655][T19933] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.624543][T19933] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.628538][T19933] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  316.642751][T19933] __nla_validate_parse: 1 callbacks suppressed
[  316.642768][T19933] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4138'.
[  316.648922][T19933] bridge_slave_1: left allmulticast mode
[  316.650889][T19933] bridge_slave_1: left promiscuous mode
[  316.652791][T19933] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.656120][T19933] bridge_slave_0: left allmulticast mode
[  316.658393][T19933] bridge_slave_0: left promiscuous mode
[  316.659946][T19933] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.674978][T19933] bond0: (slave bridge0): Releasing backup interface
[  316.872868][T19949] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4141'.
[  316.875108][T19949] bond0: option ad_select: unable to set because the bond device is up
[  316.878749][T19945] FAULT_INJECTION: forcing a failure.
[  316.878749][T19945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.886515][T19945] CPU: 0 UID: 0 PID: 19945 Comm: syz.3.4140 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  316.889384][T19945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  316.892087][T19945] Call Trace:
[  316.892972][T19945]  <TASK>
[  316.893739][T19945]  dump_stack_lvl+0x16c/0x1f0
[  316.894998][T19945]  should_fail_ex+0x497/0x5b0
[  316.896229][T19945]  _copy_from_user+0x2e/0xd0
[  316.897445][T19945]  input_event_from_user+0x134/0x3b0
[  316.898813][T19945]  ? __pfx_input_event_from_user+0x10/0x10
[  316.900304][T19945]  ? __pfx___might_resched+0x10/0x10
[  316.901631][T19945]  ? input_inject_event+0x193/0x370
[  316.902906][T19945]  evdev_write+0x377/0x750
[  316.904057][T19945]  ? __pfx_evdev_write+0x10/0x10
[  316.905364][T19945]  ? bpf_lsm_file_permission+0x9/0x10
[  316.906710][T19945]  ? security_file_permission+0x71/0x210
[  316.908188][T19945]  ? __pfx_evdev_write+0x10/0x10
[  316.909515][T19945]  vfs_write+0x24c/0x1150
[  316.910609][T19945]  ? __fget_files+0x23a/0x3f0
[  316.911842][T19945]  ? __pfx_lock_release+0x10/0x10
[  316.913124][T19945]  ? trace_lock_acquire+0x14a/0x1d0
[  316.914450][T19945]  ? __pfx_vfs_write+0x10/0x10
[  316.915667][T19945]  ? lock_acquire+0x2f/0xb0
[  316.916835][T19945]  ? __fget_files+0x40/0x3f0
[  316.918012][T19945]  ? __fget_files+0x244/0x3f0
[  316.919237][T19945]  ksys_write+0x1fa/0x260
[  316.920388][T19945]  ? __pfx_ksys_write+0x10/0x10
[  316.921621][T19945]  do_syscall_64+0xcd/0x250
[  316.922794][T19945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.924317][T19945] RIP: 0033:0x7f809ef7e719
[  316.925440][T19945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.930309][T19945] RSP: 002b:00007f809fe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  316.932444][T19945] RAX: ffffffffffffffda RBX: 00007f809f135f80 RCX: 00007f809ef7e719
[  316.934469][T19945] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  316.936738][T19945] RBP: 00007f809fe37090 R08: 0000000000000000 R09: 0000000000000000
[  316.938864][T19945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.940915][T19945] R13: 0000000000000000 R14: 00007f809f135f80 R15: 00007ffd6f129b88
[  316.942961][T19945]  </TASK>
[  316.974939][T19953] binder: BINDER_SET_CONTEXT_MGR already set
[  316.976672][T19953] binder: 19952:19953 ioctl 4018620d 20004a80 returned -16
[  316.996452][T19955] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4144'.
[  317.037816][T19953] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4143'.
[  317.145213][T19969] loop2: detected capacity change from 0 to 7
[  317.155297][T19969] Dev loop2: unable to read RDB block 7
[  317.156829][T19969]  loop2: unable to read partition table
[  317.158438][T19969] loop2: partition table beyond EOD, truncated
[  317.160368][T19969] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  317.203861][T19955] hsr_slave_1 (unregistering): left promiscuous mode
[  317.211217][T19966] pim6reg1: entered promiscuous mode
[  317.212693][T19966] pim6reg1: entered allmulticast mode
[  317.217796][T19966] binder: BC_ATTEMPT_ACQUIRE not supported
[  317.219315][T19966] binder: 19965:19966 ioctl c0306201 20000500 returned -22
[  317.375097][T19995] lo speed is unknown, defaulting to 1000
[  317.390677][T19996] netlink: 'syz.3.4150': attribute type 11 has an invalid length.
[  317.464612][T20001] FAULT_INJECTION: forcing a failure.
[  317.464612][T20001] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.467966][T20001] CPU: 2 UID: 0 PID: 20001 Comm: syz.4.4152 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  317.470709][T20001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  317.473410][T20001] Call Trace:
[  317.474281][T20001]  <TASK>
[  317.475058][T20001]  dump_stack_lvl+0x16c/0x1f0
[  317.476317][T20001]  should_fail_ex+0x497/0x5b0
[  317.477553][T20001]  _copy_from_user+0x2e/0xd0
[  317.478794][T20001]  copy_msghdr_from_user+0x99/0x160
[  317.480242][T20001]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  317.481689][T20001]  ? __pfx___lock_acquire+0x10/0x10
[  317.483298][T20001]  ___sys_sendmsg+0xff/0x1e0
[  317.484494][T20001]  ? __pfx____sys_sendmsg+0x10/0x10
[  317.485812][T20001]  ? lock_acquire+0x2f/0xb0
[  317.486979][T20001]  ? __fget_files+0x40/0x3f0
[  317.488159][T20001]  ? fdget+0x176/0x210
[  317.489197][T20001]  __sys_sendmsg+0x117/0x1f0
[  317.490360][T20001]  ? __pfx___sys_sendmsg+0x10/0x10
[  317.491647][T20001]  ? __fget_files+0x244/0x3f0
[  317.493307][T20001]  do_syscall_64+0xcd/0x250
[  317.494713][T20001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.496479][T20001] RIP: 0033:0x7f6d3c17e719
[  317.497602][T20001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.503640][T20001] RSP: 002b:00007f6d3cfe3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.505801][T20001] RAX: ffffffffffffffda RBX: 00007f6d3c335f80 RCX: 00007f6d3c17e719
[  317.507848][T20001] RDX: 00000000000000c0 RSI: 0000000020000240 RDI: 0000000000000003
[  317.509996][T20001] RBP: 00007f6d3cfe3090 R08: 0000000000000000 R09: 0000000000000000
[  317.512041][T20001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.514091][T20001] R13: 0000000000000000 R14: 00007f6d3c335f80 R15: 00007ffef82352f8
[  317.516103][T20001]  </TASK>
[  317.539738][T20008] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4154'.
[  317.542222][T20008] bond0: option ad_select: unable to set because the bond device is up
[  317.566245][T20010] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-tlb(5)
[  317.632299][T20012] FAULT_INJECTION: forcing a failure.
[  317.632299][T20012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.635969][T20012] CPU: 0 UID: 0 PID: 20012 Comm: syz.4.4156 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  317.638791][T20012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  317.641481][T20012] Call Trace:
[  317.642339][T20012]  <TASK>
[  317.643081][T20012]  dump_stack_lvl+0x16c/0x1f0
[  317.644278][T20012]  should_fail_ex+0x497/0x5b0
[  317.645461][T20012]  _copy_from_user+0x2e/0xd0
[  317.646625][T20012]  input_event_from_user+0x134/0x3b0
[  317.647945][T20012]  ? __pfx_input_event_from_user+0x10/0x10
[  317.649368][T20012]  ? __pfx___might_resched+0x10/0x10
[  317.650672][T20012]  ? input_inject_event+0x193/0x370
[  317.651940][T20012]  evdev_write+0x377/0x750
[  317.653032][T20012]  ? __pfx_evdev_write+0x10/0x10
[  317.654154][T20012]  ? bpf_lsm_file_permission+0x9/0x10
[  317.655366][T20012]  ? security_file_permission+0x71/0x210
[  317.656754][T20012]  ? __pfx_evdev_write+0x10/0x10
[  317.657984][T20012]  vfs_write+0x24c/0x1150
[  317.659064][T20012]  ? __fget_files+0x23a/0x3f0
[  317.660256][T20012]  ? __pfx_lock_release+0x10/0x10
[  317.661503][T20012]  ? trace_lock_acquire+0x14a/0x1d0
[  317.662808][T20012]  ? __pfx_vfs_write+0x10/0x10
[  317.664010][T20012]  ? lock_acquire+0x2f/0xb0
[  317.665169][T20012]  ? __fget_files+0x40/0x3f0
[  317.666377][T20012]  ? __fget_files+0x244/0x3f0
[  317.667603][T20012]  ksys_write+0x1fa/0x260
[  317.668720][T20012]  ? __pfx_ksys_write+0x10/0x10
[  317.669955][T20012]  do_syscall_64+0xcd/0x250
[  317.671071][T20012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.672510][T20012] RIP: 0033:0x7f6d3c17e719
[  317.673615][T20012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.678290][T20012] RSP: 002b:00007f6d3cfe3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  317.680487][T20012] RAX: ffffffffffffffda RBX: 00007f6d3c335f80 RCX: 00007f6d3c17e719
[  317.682627][T20012] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  317.684666][T20012] RBP: 00007f6d3cfe3090 R08: 0000000000000000 R09: 0000000000000000
[  317.686522][T20012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  317.688406][T20012] R13: 0000000000000000 R14: 00007f6d3c335f80 R15: 00007ffef82352f8
[  317.690374][T20012]  </TASK>
[  318.433059][T20041] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4164'.
[  318.436329][T20041] bond0: option ad_select: unable to set because the bond device is up
[  318.501184][T20043] FAULT_INJECTION: forcing a failure.
[  318.501184][T20043] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  318.504459][T20043] CPU: 1 UID: 0 PID: 20043 Comm: syz.3.4165 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  318.507152][T20043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  318.509883][T20043] Call Trace:
[  318.510745][T20043]  <TASK>
[  318.511500][T20043]  dump_stack_lvl+0x16c/0x1f0
[  318.512718][T20043]  should_fail_ex+0x497/0x5b0
[  318.513919][T20043]  _copy_from_user+0x2e/0xd0
[  318.515109][T20043]  input_event_from_user+0x134/0x3b0
[  318.516465][T20043]  ? __pfx_input_event_from_user+0x10/0x10
[  318.517938][T20043]  ? __pfx___might_resched+0x10/0x10
[  318.519256][T20043]  ? input_inject_event+0x193/0x370
[  318.520681][T20043]  evdev_write+0x377/0x750
[  318.521826][T20043]  ? __pfx_evdev_write+0x10/0x10
[  318.523091][T20043]  ? bpf_lsm_file_permission+0x9/0x10
[  318.524472][T20043]  ? security_file_permission+0x71/0x210
[  318.525895][T20043]  ? __pfx_evdev_write+0x10/0x10
[  318.527165][T20043]  vfs_write+0x24c/0x1150
[  318.528272][T20043]  ? __fget_files+0x23a/0x3f0
[  318.529470][T20043]  ? __pfx_lock_release+0x10/0x10
[  318.530728][T20043]  ? trace_lock_acquire+0x14a/0x1d0
[  318.532080][T20043]  ? __pfx_vfs_write+0x10/0x10
[  318.533312][T20043]  ? lock_acquire+0x2f/0xb0
[  318.534468][T20043]  ? __fget_files+0x40/0x3f0
[  318.535742][T20043]  ? __fget_files+0x244/0x3f0
[  318.537054][T20043]  ksys_write+0x1fa/0x260
[  318.538344][T20043]  ? __pfx_ksys_write+0x10/0x10
[  318.539806][T20043]  do_syscall_64+0xcd/0x250
[  318.541065][T20043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.542615][T20043] RIP: 0033:0x7f809ef7e719
[  318.543820][T20043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.548830][T20043] RSP: 002b:00007f809fe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  318.550972][T20043] RAX: ffffffffffffffda RBX: 00007f809f135f80 RCX: 00007f809ef7e719
[  318.552992][T20043] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  318.554988][T20043] RBP: 00007f809fe37090 R08: 0000000000000000 R09: 0000000000000000
[  318.557057][T20043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  318.559126][T20043] R13: 0000000000000000 R14: 00007f809f135f80 R15: 00007ffd6f129b88
[  318.561206][T20043]  </TASK>
[  318.674545][T20061] loop2: detected capacity change from 0 to 7
[  318.678356][T20061] Dev loop2: unable to read RDB block 7
[  318.680150][T20061]  loop2: unable to read partition table
[  318.681860][T20061] loop2: partition table beyond EOD, truncated
[  318.682523][T20063] block device autoloading is deprecated and will be removed.
[  318.683615][T20061] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  318.833818][T20076] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4177'.
[  318.872629][T20073] FAULT_INJECTION: forcing a failure.
[  318.872629][T20073] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  318.877051][T20073] CPU: 1 UID: 0 PID: 20073 Comm: syz.3.4176 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  318.880661][T20073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  318.884272][T20073] Call Trace:
[  318.885485][T20073]  <TASK>
[  318.886353][T20073]  dump_stack_lvl+0x16c/0x1f0
[  318.887665][T20073]  should_fail_ex+0x497/0x5b0
[  318.888978][T20073]  _copy_from_user+0x2e/0xd0
[  318.890683][T20073]  input_event_from_user+0x134/0x3b0
[  318.892452][T20073]  ? __pfx_input_event_from_user+0x10/0x10
[  318.894286][T20073]  ? __pfx___might_resched+0x10/0x10
[  318.895612][T20073]  ? input_inject_event+0x193/0x370
[  318.896916][T20073]  evdev_write+0x377/0x750
[  318.898051][T20073]  ? __pfx_evdev_write+0x10/0x10
[  318.899370][T20073]  ? bpf_lsm_file_permission+0x9/0x10
[  318.900745][T20073]  ? security_file_permission+0x71/0x210
[  318.902144][T20073]  ? __pfx_evdev_write+0x10/0x10
[  318.903351][T20073]  vfs_write+0x24c/0x1150
[  318.904442][T20073]  ? __fget_files+0x23a/0x3f0
[  318.905508][T20086] FAULT_INJECTION: forcing a failure.
[  318.905508][T20086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  318.905699][T20073]  ? __pfx_lock_release+0x10/0x10
[  318.911709][T20073]  ? trace_lock_acquire+0x14a/0x1d0
[  318.913790][T20073]  ? __pfx_vfs_write+0x10/0x10
[  318.915515][T20073]  ? lock_acquire+0x2f/0xb0
[  318.917086][T20073]  ? __fget_files+0x40/0x3f0
[  318.918712][T20073]  ? __fget_files+0x244/0x3f0
[  318.920299][T20073]  ksys_write+0x1fa/0x260
[  318.921506][T20073]  ? __pfx_ksys_write+0x10/0x10
[  318.922772][T20073]  do_syscall_64+0xcd/0x250
[  318.924282][T20073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.926169][T20073] RIP: 0033:0x7f809ef7e719
[  318.927301][T20073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.933171][T20073] RSP: 002b:00007f809fe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  318.936215][T20073] RAX: ffffffffffffffda RBX: 00007f809f135f80 RCX: 00007f809ef7e719
[  318.939160][T20073] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  318.941706][T20073] RBP: 00007f809fe37090 R08: 0000000000000000 R09: 0000000000000000
[  318.944320][T20073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  318.946997][T20073] R13: 0000000000000000 R14: 00007f809f135f80 R15: 00007ffd6f129b88
[  318.949780][T20073]  </TASK>
[  318.950882][T20086] CPU: 2 UID: 0 PID: 20086 Comm: syz.8.4180 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  318.953806][T20086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  318.956607][T20086] Call Trace:
[  318.957506][T20086]  <TASK>
[  318.958300][T20086]  dump_stack_lvl+0x16c/0x1f0
[  318.959589][T20086]  should_fail_ex+0x497/0x5b0
[  318.960988][T20086]  _copy_from_iter+0x2a1/0x1560
[  318.962330][T20086]  ? __pfx__copy_from_iter+0x10/0x10
[  318.964136][T20086]  ? __virt_addr_valid+0x1a4/0x590
[  318.965603][T20086]  ? __virt_addr_valid+0x5e/0x590
[  318.966966][T20086]  ? __phys_addr_symbol+0x30/0x80
[  318.968493][T20086]  ? __check_object_size+0x488/0x710
[  318.970018][T20086]  netlink_sendmsg+0x813/0xd70
[  318.971266][T20086]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.972629][T20086]  ____sys_sendmsg+0xaaf/0xc90
[  318.973862][T20086]  ? copy_msghdr_from_user+0x10b/0x160
[  318.975211][T20086]  ? __pfx_____sys_sendmsg+0x10/0x10
[  318.976560][T20086]  ? __pfx___lock_acquire+0x10/0x10
[  318.977905][T20086]  ___sys_sendmsg+0x135/0x1e0
[  318.979114][T20086]  ? __pfx____sys_sendmsg+0x10/0x10
[  318.980509][T20086]  ? lock_acquire+0x2f/0xb0
[  318.981912][T20086]  ? __fget_files+0x40/0x3f0
[  318.983361][T20086]  ? fdget+0x176/0x210
[  318.984548][T20086]  __sys_sendmsg+0x117/0x1f0
[  318.985857][T20086]  ? __pfx___sys_sendmsg+0x10/0x10
[  318.987147][T20086]  ? __fget_files+0x244/0x3f0
[  318.988351][T20086]  do_syscall_64+0xcd/0x250
[  318.989486][T20086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.990957][T20086] RIP: 0033:0x7f166777e719
[  318.992088][T20086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.996816][T20086] RSP: 002b:00007f16684a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.999074][T20086] RAX: ffffffffffffffda RBX: 00007f1667935f80 RCX: 00007f166777e719
[  319.001305][T20086] RDX: 00000000000000c0 RSI: 0000000020000240 RDI: 0000000000000003
[  319.003404][T20086] RBP: 00007f16684a8090 R08: 0000000000000000 R09: 0000000000000000
[  319.005470][T20086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.007538][T20086] R13: 0000000000000000 R14: 00007f1667935f80 R15: 00007fff058d40e8
[  319.010001][T20086]  </TASK>
[  319.010943][    C2] vkms_vblank_simulate: vblank timer overrun
[  319.204730][T20107] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4184'.
[  319.211370][T20104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  319.310267][T20104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  319.521688][T20113] tipc: Enabling <eth:lo> not permitted
[  319.523325][T20113] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  319.703659][T20119] FAULT_INJECTION: forcing a failure.
[  319.703659][T20119] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.707251][T20119] CPU: 1 UID: 0 PID: 20119 Comm: syz.4.4190 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  319.710070][T20119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  319.712852][T20119] Call Trace:
[  319.713718][T20119]  <TASK>
[  319.714489][T20119]  dump_stack_lvl+0x16c/0x1f0
[  319.715684][T20119]  should_fail_ex+0x497/0x5b0
[  319.716893][T20119]  _copy_from_user+0x2e/0xd0
[  319.718072][T20119]  input_event_from_user+0x134/0x3b0
[  319.719410][T20119]  ? __pfx_input_event_from_user+0x10/0x10
[  319.720867][T20119]  ? __pfx___might_resched+0x10/0x10
[  319.722628][T20119]  ? input_inject_event+0x82/0x370
[  319.724424][T20119]  evdev_write+0x377/0x750
[  319.725987][T20119]  ? __pfx_evdev_write+0x10/0x10
[  319.727708][T20119]  ? bpf_lsm_file_permission+0x9/0x10
[  319.729487][T20119]  ? security_file_permission+0x71/0x210
[  319.731345][T20119]  ? __pfx_evdev_write+0x10/0x10
[  319.733002][T20119]  vfs_write+0x24c/0x1150
[  319.734466][T20119]  ? __fget_files+0x23a/0x3f0
[  319.736094][T20119]  ? __pfx_lock_release+0x10/0x10
[  319.737780][T20119]  ? trace_lock_acquire+0x14a/0x1d0
[  319.739638][T20119]  ? __pfx_vfs_write+0x10/0x10
[  319.741493][T20119]  ? lock_acquire+0x2f/0xb0
[  319.742905][T20119]  ? __fget_files+0x40/0x3f0
[  319.744144][T20119]  ? __fget_files+0x244/0x3f0
[  319.745388][T20119]  ksys_write+0x1fa/0x260
[  319.746503][T20119]  ? __pfx_ksys_write+0x10/0x10
[  319.747747][T20119]  do_syscall_64+0xcd/0x250
[  319.749302][T20119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.751309][T20119] RIP: 0033:0x7f6d3c17e719
[  319.752811][T20119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.759018][T20119] RSP: 002b:00007f6d3cfe3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  319.761198][T20119] RAX: ffffffffffffffda RBX: 00007f6d3c335f80 RCX: 00007f6d3c17e719
[  319.763329][T20119] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  319.765494][T20119] RBP: 00007f6d3cfe3090 R08: 0000000000000000 R09: 0000000000000000
[  319.767487][T20119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  319.769502][T20119] R13: 0000000000000000 R14: 00007f6d3c335f80 R15: 00007ffef82352f8
[  319.771564][T20119]  </TASK>
[  319.978032][T20135] sctp: [Deprecated]: syz.3.4195 (pid 20135) Use of struct sctp_assoc_value in delayed_ack socket option.
[  319.978032][T20135] Use struct sctp_sack_info instead
[  319.987549][T20135] sctp: [Deprecated]: syz.3.4195 (pid 20135) Use of struct sctp_assoc_value in delayed_ack socket option.
[  319.987549][T20135] Use struct sctp_sack_info instead
[  320.037069][T20144] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4197'.
[  320.312614][ T5997] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  320.381042][T20151] FAULT_INJECTION: forcing a failure.
[  320.381042][T20151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  320.384277][T20151] CPU: 1 UID: 0 PID: 20151 Comm: syz.4.4200 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  320.387301][T20151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  320.390634][T20151] Call Trace:
[  320.391578][T20151]  <TASK>
[  320.392414][T20151]  dump_stack_lvl+0x16c/0x1f0
[  320.393812][T20151]  should_fail_ex+0x497/0x5b0
[  320.395072][T20151]  _copy_from_user+0x2e/0xd0
[  320.396295][T20151]  input_event_from_user+0x134/0x3b0
[  320.397571][T20151]  ? __pfx_input_event_from_user+0x10/0x10
[  320.399049][T20151]  ? __pfx___might_resched+0x10/0x10
[  320.400362][T20151]  ? input_inject_event+0x51/0x370
[  320.401935][T20151]  evdev_write+0x377/0x750
[  320.403147][T20151]  ? __pfx_evdev_write+0x10/0x10
[  320.404471][T20151]  ? bpf_lsm_file_permission+0x9/0x10
[  320.405958][T20151]  ? security_file_permission+0x71/0x210
[  320.407668][T20151]  ? __pfx_evdev_write+0x10/0x10
[  320.409260][T20151]  vfs_write+0x24c/0x1150
[  320.410547][T20151]  ? __fget_files+0x23a/0x3f0
[  320.412006][T20151]  ? __pfx_lock_release+0x10/0x10
[  320.413383][T20151]  ? trace_lock_acquire+0x14a/0x1d0
[  320.414682][T20151]  ? __pfx_vfs_write+0x10/0x10
[  320.415888][T20151]  ? lock_acquire+0x2f/0xb0
[  320.417059][T20151]  ? __fget_files+0x40/0x3f0
[  320.418215][T20151]  ? __fget_files+0x244/0x3f0
[  320.419399][T20151]  ksys_write+0x1fa/0x260
[  320.420472][T20151]  ? __pfx_ksys_write+0x10/0x10
[  320.421655][T20151]  do_syscall_64+0xcd/0x250
[  320.422846][T20151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.424541][T20151] RIP: 0033:0x7f6d3c17e719
[  320.425823][T20151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.431011][T20151] RSP: 002b:00007f6d3cfe3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  320.433271][T20151] RAX: ffffffffffffffda RBX: 00007f6d3c335f80 RCX: 00007f6d3c17e719
[  320.435349][T20151] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  320.437321][T20151] RBP: 00007f6d3cfe3090 R08: 0000000000000000 R09: 0000000000000000
[  320.439233][T20151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  320.441356][T20151] R13: 0000000000000000 R14: 00007f6d3c335f80 R15: 00007ffef82352f8
[  320.443289][T20151]  </TASK>
[  320.494640][ T5997] usb 8-1: Using ep0 maxpacket: 8
[  320.497223][ T5997] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  320.500235][ T5997] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  320.503527][ T5997] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.512079][ T5997] usb 8-1: config 0 descriptor??
[  320.557084][T20159] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20159 comm=syz.4.4202
[  320.564294][T20159] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4202'.
[  320.573966][T20159] bond2: entered promiscuous mode
[  320.575282][T20159] bond2: entered allmulticast mode
[  320.576832][T20159] 8021q: adding VLAN 0 to HW filter on device bond2
[  320.593407][T20159] 8021q: adding VLAN 0 to HW filter on device batadv1
[  320.595862][T20159] batadv1: entered promiscuous mode
[  320.597479][T20159] batadv1: entered allmulticast mode
[  320.599269][T20159] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  320.732190][ T5997] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  320.840511][T20175] hfs: can't find a HFS filesystem on dev sr0
[  320.953446][ T5997] usb 8-1: USB disconnect, device number 16
[  320.953513][    C0] iowarrior 8-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  320.959125][ T5997] iowarrior 8-1:0.0: I/O-Warror #0 now disconnected
[  321.815505][   T39] kauditd_printk_skb: 435 callbacks suppressed
[  321.815522][   T39] audit: type=1400 audit(4318560446.982:4313): avc:  denied  { setopt } for  pid=20189 comm="syz.4.4212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  322.001343][ T5304] Bluetooth: hci1: command 0x0419 tx timeout
[  322.199467][T20199] __nla_validate_parse: 3 callbacks suppressed
[  322.199479][T20199] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4215'.
[  322.205841][T20199] overlay: ./file1 is not a directory
[  322.245258][   T39] audit: type=1400 audit(4318560447.385:4314): avc:  denied  { map } for  pid=20201 comm="syz.4.4216" path="/153/file0/cgroup.kill" dev="9p" ino=38535336 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  322.282021][T20202] openvswitch: netlink: Actions may not be safe on all matching packets
[  322.462818][T20207] unknown channel width for channel at 909000KHz?
[  322.464813][T20207] unknown channel width for channel at 909000KHz?
[  322.466498][T20207] unknown channel width for channel at 909000KHz?
[  322.486486][T20209] FAULT_INJECTION: forcing a failure.
[  322.486486][T20209] name failslab, interval 1, probability 0, space 0, times 0
[  322.493346][T20209] CPU: 0 UID: 0 PID: 20209 Comm: syz.3.4219 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  322.496495][T20209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  322.499523][T20209] Call Trace:
[  322.500511][T20209]  <TASK>
[  322.501320][T20209]  dump_stack_lvl+0x16c/0x1f0
[  322.502553][T20209]  should_fail_ex+0x497/0x5b0
[  322.503757][T20209]  ? fs_reclaim_acquire+0xae/0x150
[  322.505066][T20209]  should_failslab+0xc2/0x120
[  322.506255][T20209]  __kmalloc_noprof+0xcb/0x400
[  322.507821][T20209]  ? hlock_class+0x4e/0x130
[  322.508983][T20209]  offload_action_alloc+0x29/0xf0
[  322.510303][T20209]  tcf_action_offload_add_ex+0x1b7/0x670
[  322.511771][T20209]  ? __pfx_tcf_action_offload_add_ex+0x10/0x10
[  322.513358][T20209]  ? __pfx___lock_acquire+0x10/0x10
[  322.514725][T20209]  tcf_action_init+0x663/0x9c0
[  322.515960][T20209]  ? __pfx_tcf_action_init+0x10/0x10
[  322.517316][T20209]  ? lock_acquire.part.0+0x11b/0x380
[  322.518833][T20209]  ? is_bpf_text_address+0x94/0x1a0
[  322.520579][T20209]  ? hlock_class+0x4e/0x130
[  322.522061][T20209]  ? __pfx___lock_acquire+0x10/0x10
[  322.523738][T20209]  ? hlock_class+0x4e/0x130
[  322.525011][T20209]  ? __lock_acquire+0xbdd/0x3ce0
[  322.526734][T20209]  tcf_action_add+0xfd/0x5d0
[  322.528413][T20209]  ? __pfx_tcf_action_add+0x10/0x10
[  322.529979][T20209]  ? __pfx_lock_release+0x10/0x10
[  322.531489][T20209]  ? __nla_parse+0x40/0x60
[  322.532891][T20209]  tc_ctl_action+0x35d/0x470
[  322.534325][T20209]  ? __pfx_tc_ctl_action+0x10/0x10
[  322.535983][T20209]  ? __pfx_tc_ctl_action+0x10/0x10
[  322.537697][T20209]  rtnetlink_rcv_msg+0x3c7/0xea0
[  322.538990][T20209]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  322.540406][T20209]  netlink_rcv_skb+0x16b/0x440
[  322.541923][T20209]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  322.543719][T20209]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  322.545480][T20209]  ? netlink_deliver_tap+0x1ae/0xd90
[  322.547208][T20209]  netlink_unicast+0x53c/0x7f0
[  322.548902][T20209]  ? __pfx_netlink_unicast+0x10/0x10
[  322.550580][T20209]  netlink_sendmsg+0x8b8/0xd70
[  322.552156][T20209]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.553886][T20209]  ____sys_sendmsg+0xaaf/0xc90
[  322.555459][T20209]  ? copy_msghdr_from_user+0x10b/0x160
[  322.557112][T20209]  ? __pfx_____sys_sendmsg+0x10/0x10
[  322.558494][T20209]  ? __pfx___lock_acquire+0x10/0x10
[  322.560389][T20209]  ___sys_sendmsg+0x135/0x1e0
[  322.562021][T20209]  ? __pfx____sys_sendmsg+0x10/0x10
[  322.563640][T20209]  ? lock_acquire+0x2f/0xb0
[  322.565170][T20209]  ? __fget_files+0x40/0x3f0
[  322.566699][T20209]  ? fdget+0x176/0x210
[  322.568196][T20209]  __sys_sendmsg+0x117/0x1f0
[  322.569744][T20209]  ? __pfx___sys_sendmsg+0x10/0x10
[  322.571559][T20209]  ? __fget_files+0x244/0x3f0
[  322.573218][T20209]  do_syscall_64+0xcd/0x250
[  322.574687][T20209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.576264][T20209] RIP: 0033:0x7f809ef7e719
[  322.577721][T20209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.583822][T20209] RSP: 002b:00007f809fe37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.586379][T20209] RAX: ffffffffffffffda RBX: 00007f809f135f80 RCX: 00007f809ef7e719
[  322.588929][T20209] RDX: 00000000000000c0 RSI: 0000000020000240 RDI: 0000000000000003
[  322.591467][T20209] RBP: 00007f809fe37090 R08: 0000000000000000 R09: 0000000000000000
[  322.593965][T20209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.596474][T20209] R13: 0000000000000000 R14: 00007f809f135f80 R15: 00007ffd6f129b88
[  322.598570][T20209]  </TASK>
[  322.620580][T20211] mkiss: ax0: crc mode is auto.
[  322.677260][T20219] FAULT_INJECTION: forcing a failure.
[  322.677260][T20219] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.681097][T20219] CPU: 2 UID: 0 PID: 20219 Comm: syz.8.4223 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  322.683984][T20219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  322.686851][T20219] Call Trace:
[  322.687709][T20219]  <TASK>
[  322.688685][T20219]  dump_stack_lvl+0x16c/0x1f0
[  322.689927][T20219]  should_fail_ex+0x497/0x5b0
[  322.691139][T20219]  _copy_from_user+0x2e/0xd0
[  322.692368][T20219]  input_event_from_user+0x134/0x3b0
[  322.693757][T20219]  ? __pfx_input_event_from_user+0x10/0x10
[  322.695271][T20219]  ? __pfx___might_resched+0x10/0x10
[  322.696657][T20219]  ? input_inject_event+0x193/0x370
[  322.697974][T20219]  evdev_write+0x377/0x750
[  322.699122][T20219]  ? __pfx_evdev_write+0x10/0x10
[  322.700401][T20219]  ? bpf_lsm_file_permission+0x9/0x10
[  322.701759][T20219]  ? security_file_permission+0x71/0x210
[  322.703160][T20219]  ? __pfx_evdev_write+0x10/0x10
[  322.704436][T20219]  vfs_write+0x24c/0x1150
[  322.705553][T20219]  ? __fget_files+0x23a/0x3f0
[  322.706769][T20219]  ? __pfx_lock_release+0x10/0x10
[  322.708077][T20219]  ? trace_lock_acquire+0x14a/0x1d0
[  322.709431][T20219]  ? __pfx_vfs_write+0x10/0x10
[  322.710786][T20219]  ? lock_acquire+0x2f/0xb0
[  322.711973][T20219]  ? __fget_files+0x40/0x3f0
[  322.713221][T20219]  ? __fget_files+0x244/0x3f0
[  322.714489][T20219]  ksys_write+0x1fa/0x260
[  322.715623][T20219]  ? __pfx_ksys_write+0x10/0x10
[  322.716899][T20219]  do_syscall_64+0xcd/0x250
[  322.718075][T20219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.719586][T20219] RIP: 0033:0x7f166777e719
[  322.720836][T20219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.725970][T20219] RSP: 002b:00007f16684a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  322.728330][T20219] RAX: ffffffffffffffda RBX: 00007f1667935f80 RCX: 00007f166777e719
[  322.730379][T20219] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000009
[  322.732345][T20219] RBP: 00007f16684a8090 R08: 0000000000000000 R09: 0000000000000000
[  322.734316][T20219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  322.736336][T20219] R13: 0000000000000000 R14: 00007f1667935f80 R15: 00007fff058d40e8
[  322.738358][T20219]  </TASK>
[  322.739223][    C2] vkms_vblank_simulate: vblank timer overrun
[  322.747985][T20225] tipc: Started in network mode
[  322.751192][T20225] tipc: Node identity f7, cluster identity 4711
[  322.759094][T20225] tipc: Node number set to 247
[  322.765348][   T39] audit: type=1400 audit(4318560447.871:4315): avc:  denied  { write } for  pid=20224 comm="syz.3.4225" name="renderD128" dev="devtmpfs" ino=634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  322.765926][T20225] openvswitch: netlink: Message has 1 unknown bytes.
[  322.774187][T20225] openvswitch: netlink: Actions may not be safe on all matching packets
[  322.821506][T20233] xt_nat: multiple ranges no longer supported
[  322.846208][T20235] FAULT_INJECTION: forcing a failure.
[  322.846208][T20235] name failslab, interval 1, probability 0, space 0, times 0
[  322.850492][T20235] CPU: 3 UID: 0 PID: 20235 Comm: syz.3.4230 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  322.854038][T20235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  322.857631][T20235] Call Trace:
[  322.858841][T20235]  <TASK>
[  322.859862][T20235]  dump_stack_lvl+0x16c/0x1f0
[  322.861342][T20235]  should_fail_ex+0x497/0x5b0
[  322.862583][T20235]  ? fs_reclaim_acquire+0xae/0x150
[  322.863929][T20235]  should_failslab+0xc2/0x120
[  322.865200][T20235]  kmem_cache_alloc_node_noprof+0x71/0x310
[  322.866752][T20235]  ? __alloc_skb+0x2b1/0x380
[  322.868046][T20235]  __alloc_skb+0x2b1/0x380
[  322.869320][T20235]  ? __pfx___alloc_skb+0x10/0x10
[  322.870764][T20235]  ? __free_zapped_classes+0x2a0/0x320
[  322.872204][T20235]  tcf_action_add+0x242/0x5d0
[  322.873423][T20235]  ? __pfx_tcf_action_add+0x10/0x10
[  322.874729][T20235]  ? __pfx_lock_release+0x10/0x10
[  322.876059][T20235]  ? __nla_parse+0x40/0x60
[  322.877211][T20235]  tc_ctl_action+0x35d/0x470
[  322.878753][T20235]  ? __pfx_tc_ctl_action+0x10/0x10
[  322.880324][T20235]  ? __pfx_tc_ctl_action+0x10/0x10
[  322.881669][T20235]  rtnetlink_rcv_msg+0x3c7/0xea0
[  322.882971][T20235]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  322.884452][T20235]  netlink_rcv_skb+0x16b/0x440
[  322.885742][T20235]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  322.887130][T20235]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  322.888535][T20235]  ? netlink_deliver_tap+0x1ae/0xd90
[  322.889910][T20235]  netlink_unicast+0x53c/0x7f0
[  322.891132][T20235]  ? __pfx_netlink_unicast+0x10/0x10
[  322.892535][T20235]  netlink_sendmsg+0x8b8/0xd70
[  322.893805][T20235]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.895229][T20235]  ____sys_sendmsg+0xaaf/0xc90
[  322.896528][T20235]  ? copy_msghdr_from_user+0x10b/0x160
[  322.898104][T20235]  ? __pfx_____sys_sendmsg+0x10/0x10
[  322.899610][T20235]  ? __pfx___lock_acquire+0x10/0x10
[  322.901069][T20235]  ___sys_sendmsg+0x135/0x1e0
[  322.902303][T20235]  ? __pfx____sys_sendmsg+0x10/0x10
[  322.903601][T20235]  ? lock_acquire+0x2f/0xb0
[  322.904743][T20235]  ? __fget_files+0x40/0x3f0
[  322.905884][T20235]  ? fdget+0x176/0x210
[  322.906888][T20235]  __sys_sendmsg+0x117/0x1f0
[  322.908042][T20235]  ? __pfx___sys_sendmsg+0x10/0x10
[  322.909310][T20235]  ? __fget_files+0x244/0x3f0
[  322.910500][T20235]  do_syscall_64+0xcd/0x250
[  322.911605][T20235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.913085][T20235] RIP: 0033:0x7f809ef7e719
[  322.914167][T20235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.918901][T20235] RSP: 002b:00007f809fe37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.921124][T20235] RAX: ffffffffffffffda RBX: 00007f809f135f80 RCX: 00007f809ef7e719
[  322.923134][T20235] RDX: 00000000000000c0 RSI: 0000000020000240 RDI: 0000000000000003
[  322.925120][T20235] RBP: 00007f809fe37090 R08: 0000000000000000 R09: 0000000000000000
[  322.927122][T20235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.929157][T20235] R13: 0000000000000000 R14: 00007f809f135f80 R15: 00007ffd6f129b88
[  322.931334][T20235]  </TASK>
[  323.060896][T20249] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  323.072484][T20249] kvm: pic: non byte read
[  323.077087][T20249] kvm: pic: level sensitive irq not supported
[  323.077367][T20249] kvm: pic: non byte read
[  323.082835][T20249] kvm: pic: level sensitive irq not supported
[  323.083417][T20249] kvm: pic: non byte read
[  323.087846][T20249] kvm: pic: level sensitive irq not supported
[  323.088105][T20249] kvm: pic: non byte read
[  323.092028][   T57] usb 13-1: new full-speed USB device number 25 using dummy_hcd
[  323.274688][   T57] usb 13-1: config 0 has an invalid descriptor of length 111, skipping remainder of the config
[  323.277754][   T57] usb 13-1: config 0 has no interfaces?
[  323.279405][   T57] usb 13-1: New USB device found, idVendor=046d, idProduct=c50c, bcdDevice= 0.00
[  323.282161][   T57] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.288009][   T57] usb 13-1: config 0 descriptor??
[  323.298581][T20258] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.300596][T20258] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.337170][ T5293] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  323.447532][T20265] lo speed is unknown, defaulting to 1000
[  323.508058][ T5293] usb 9-1: Using ep0 maxpacket: 8
[  323.511033][ T5293] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  323.512947][ T5293] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  323.517842][   T57] usb 13-1: string descriptor 0 read error: -71
[  323.523379][   T57] usb 13-1: USB disconnect, device number 25
[  323.525072][ T5293] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  323.527940][ T5293] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  323.531041][ T5293] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  323.535187][ T5293] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  323.537260][ T5293] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  323.540804][ T5293] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  323.543862][ T5293] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  323.546631][ T5293] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  323.550285][ T5293] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  323.552196][ T5293] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  323.554999][ T5293] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  323.557832][ T5293] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  323.560676][ T5293] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  323.565963][ T5293] usb 9-1: string descriptor 0 read error: -22
[  323.567575][ T5293] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  323.569865][ T5293] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.575228][ T5293] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  323.834954][ T5997] usb 9-1: USB disconnect, device number 8
[  324.263027][T20282] FAULT_INJECTION: forcing a failure.
[  324.263027][T20282] name failslab, interval 1, probability 0, space 0, times 0
[  324.266418][T20282] CPU: 0 UID: 0 PID: 20282 Comm: syz.8.4246 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  324.269174][T20282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  324.271823][T20282] Call Trace:
[  324.272680][T20282]  <TASK>
[  324.273451][T20282]  dump_stack_lvl+0x16c/0x1f0
[  324.274675][T20282]  should_fail_ex+0x497/0x5b0
[  324.275956][T20282]  ? fs_reclaim_acquire+0xae/0x150
[  324.277252][T20282]  should_failslab+0xc2/0x120
[  324.278454][T20282]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  324.279794][T20282]  ? skb_clone+0x190/0x3f0
[  324.280932][T20282]  skb_clone+0x190/0x3f0
[  324.282004][T20282]  netlink_trim+0x1b3/0x250
[  324.283148][T20282]  netlink_broadcast_filtered+0xc7/0xef0
[  324.284549][T20282]  ? __pfx_tcf_action_dump_1+0x10/0x10
[  324.285950][T20282]  ? __nla_put+0x27/0x40
[  324.287007][T20282]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  324.288762][T20282]  nlmsg_notify+0x9e/0x220
[  324.290251][T20282]  tcf_action_add+0x364/0x5d0
[  324.291811][T20282]  ? __pfx_tcf_action_add+0x10/0x10
[  324.293603][T20282]  ? __pfx_lock_release+0x10/0x10
[  324.295387][T20282]  ? __nla_parse+0x40/0x60
[  324.296977][T20282]  tc_ctl_action+0x35d/0x470
[  324.298592][T20282]  ? __pfx_tc_ctl_action+0x10/0x10
[  324.300692][T20282]  ? __pfx_tc_ctl_action+0x10/0x10
[  324.302435][T20282]  rtnetlink_rcv_msg+0x3c7/0xea0
[  324.304132][T20282]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  324.306090][T20282]  netlink_rcv_skb+0x16b/0x440
[  324.307788][T20282]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  324.309645][T20282]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  324.310974][T20282]  ? netlink_deliver_tap+0x1ae/0xd90
[  324.312431][T20282]  netlink_unicast+0x53c/0x7f0
[  324.313937][T20282]  ? __pfx_netlink_unicast+0x10/0x10
[  324.315478][T20282]  netlink_sendmsg+0x8b8/0xd70
[  324.316649][T20282]  ? __pfx_netlink_sendmsg+0x10/0x10
[  324.318220][T20282]  ____sys_sendmsg+0xaaf/0xc90
[  324.319782][T20282]  ? copy_msghdr_from_user+0x10b/0x160
[  324.321497][T20282]  ? __pfx_____sys_sendmsg+0x10/0x10
[  324.323141][T20282]  ? __pfx___lock_acquire+0x10/0x10
[  324.324931][T20282]  ___sys_sendmsg+0x135/0x1e0
[  324.326456][T20282]  ? __pfx____sys_sendmsg+0x10/0x10
[  324.328162][T20282]  ? lock_acquire+0x2f/0xb0
[  324.329609][T20282]  ? __fget_files+0x40/0x3f0
[  324.331173][T20282]  ? fdget+0x176/0x210
[  324.332627][T20282]  __sys_sendmsg+0x117/0x1f0
[  324.334413][T20282]  ? __pfx___sys_sendmsg+0x10/0x10
[  324.335984][T20282]  ? __fget_files+0x244/0x3f0
[  324.337340][T20282]  do_syscall_64+0xcd/0x250
[  324.338792][T20282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.340668][T20282] RIP: 0033:0x7f166777e719
[  324.342107][T20282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.347656][T20282] RSP: 002b:00007f16684a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  324.349692][T20282] RAX: ffffffffffffffda RBX: 00007f1667935f80 RCX: 00007f166777e719
[  324.351613][T20282] RDX: 00000000000000c0 RSI: 0000000020000240 RDI: 0000000000000003
[  324.353593][T20282] RBP: 00007f16684a8090 R08: 0000000000000000 R09: 0000000000000000
[  324.356210][T20282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  324.358946][T20282] R13: 0000000000000000 R14: 00007f1667935f80 R15: 00007fff058d40e8
[  324.361599][T20282]  </TASK>
[  324.429637][T20289] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4247'.
[  324.432060][T20289] bond0: option ad_select: unable to set because the bond device is up
[  324.487010][T20294] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4251'.
[  324.574646][T20304] ieee802154 phy0 wpan0: encryption failed: -22
[  324.585119][T20304] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  324.638149][   T39] audit: type=1400 audit(4318560449.630:4316): avc:  denied  { read } for  pid=20301 comm="syz.4.4255" name="file0" dev="overlay" ino=38535338 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  324.711285][T20316] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4259'.
[  324.807059][T20334] syz.3.4263: attempt to access beyond end of device
[  324.807059][T20334] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[  324.810451][T20334] vxfs: unable to read disk superblock at 1
[  324.812866][T20334] syz.3.4263: attempt to access beyond end of device
[  324.812866][T20334] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0
[  324.816245][T20334] vxfs: unable to read disk superblock at 8
[  324.817822][T20334] vxfs: can't find superblock.
[  324.988739][T20347] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4269'.
[  325.053651][   T39] audit: type=1326 audit(4318560450.014:4317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20346 comm="syz.4.4269" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6d3c17e719 code=0x0
[  325.735049][   T57] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  325.742157][   T57] hid-generic 0000:0000:0000.000D: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  325.937514][T20372] netlink: 'syz.4.4279': attribute type 4 has an invalid length.
[  325.945880][T20377] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4281'.
[  325.948553][T20377] bond0: option ad_select: unable to set because the bond device is up
[  326.131940][T20399] xt_CT: No such helper "pptp"
[  326.196363][T20407] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=35 sclass=netlink_tcpdiag_socket pid=20407 comm=syz.3.4288
[  326.211568][T20409] dummy0: entered promiscuous mode
[  326.214880][T20409] dummy0: left promiscuous mode
[  326.237223][T20411] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4291'.
[  326.239576][T20411] bond0: option ad_select: unable to set because the bond device is up
[  326.322932][T20413] lo speed is unknown, defaulting to 1000
[  326.332423][T20421] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  326.383348][T20429] xt_cgroup: invalid path, errno=-2
[  326.388718][T20413] netlink: 128 bytes leftover after parsing attributes in process `syz.3.4292'.
[  326.411269][T20413] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4292'.
[  326.413691][T20413] tipc: Invalid UDP bearer configuration
[  326.413714][T20413] tipc: Enabling of bearer <udp:s1> rejected, failed to enable media
[  326.687718][T20438] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4301'.
[  326.690212][T20438] bond0: option ad_select: unable to set because the bond device is up
[  326.763407][   T64] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  326.769375][   T64] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  326.772969][   T64] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  326.776981][   T64] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  326.779923][T20446] netlink: 'syz.8.4304': attribute type 10 has an invalid length.
[  326.782283][   T64] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  326.784995][   T64] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  326.785121][T20446] bond0: (slave bond_slave_0): Releasing backup interface
[  326.789614][T20446] bond_slave_0: left promiscuous mode
[  326.831731][T20448] FAULT_INJECTION: forcing a failure.
[  326.831731][T20448] name failslab, interval 1, probability 0, space 0, times 0
[  326.835242][T20448] CPU: 0 UID: 0 PID: 20448 Comm: syz.8.4305 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  326.837990][T20448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  326.840786][T20448] Call Trace:
[  326.841673][T20448]  <TASK>
[  326.842458][T20448]  dump_stack_lvl+0x16c/0x1f0
[  326.843699][T20448]  should_fail_ex+0x497/0x5b0
[  326.844946][T20448]  should_failslab+0xc2/0x120
[  326.846193][T20448]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  326.847590][T20448]  ? skb_clone+0x190/0x3f0
[  326.848793][T20448]  skb_clone+0x190/0x3f0
[  326.849953][T20448]  netlink_deliver_tap+0xab3/0xd90
[  326.851309][T20448]  netlink_unicast+0x6b4/0x7f0
[  326.852578][T20448]  ? __pfx_netlink_unicast+0x10/0x10
[  326.853952][T20448]  nlmsg_notify+0x1c6/0x220
[  326.855123][T20448]  tcf_action_add+0x364/0x5d0
[  326.856361][T20448]  ? __pfx_tcf_action_add+0x10/0x10
[  326.857706][T20448]  ? __pfx_lock_release+0x10/0x10
[  326.859030][T20448]  ? __nla_parse+0x40/0x60
[  326.860201][T20448]  tc_ctl_action+0x35d/0x470
[  326.861405][T20448]  ? __pfx_tc_ctl_action+0x10/0x10
[  326.862709][T20448]  ? __pfx_tc_ctl_action+0x10/0x10
[  326.864007][T20448]  rtnetlink_rcv_msg+0x3c7/0xea0
[  326.865281][T20448]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  326.866688][T20448]  netlink_rcv_skb+0x16b/0x440
[  326.868044][T20448]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  326.869496][T20448]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  326.870906][T20448]  ? netlink_deliver_tap+0x1ae/0xd90
[  326.872327][T20448]  netlink_unicast+0x53c/0x7f0
[  326.873589][T20448]  ? __pfx_netlink_unicast+0x10/0x10
[  326.874973][T20448]  netlink_sendmsg+0x8b8/0xd70
[  326.876237][T20448]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.877617][T20448]  ____sys_sendmsg+0xaaf/0xc90
[  326.878883][T20448]  ? copy_msghdr_from_user+0x10b/0x160
[  326.880305][T20448]  ? __pfx_____sys_sendmsg+0x10/0x10
[  326.881679][T20448]  ? __pfx___lock_acquire+0x10/0x10
[  326.883032][T20448]  ___sys_sendmsg+0x135/0x1e0
[  326.884279][T20448]  ? __pfx____sys_sendmsg+0x10/0x10
[  326.885636][T20448]  ? lock_acquire+0x2f/0xb0
[  326.886812][T20448]  ? __fget_files+0x40/0x3f0
[  326.888035][T20448]  ? fdget+0x176/0x210
[  326.889106][T20448]  __sys_sendmsg+0x117/0x1f0
[  326.890266][T20448]  ? __pfx___sys_sendmsg+0x10/0x10
[  326.891583][T20448]  ? __fget_files+0x244/0x3f0
[  326.892832][T20448]  do_syscall_64+0xcd/0x250
[  326.894026][T20448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.895601][T20448] RIP: 0033:0x7f166777e719
[  326.896795][T20448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.901791][T20448] RSP: 002b:00007f16684a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.903990][T20448] RAX: ffffffffffffffda RBX: 00007f1667935f80 RCX: 00007f166777e719
[  326.906053][T20448] RDX: 00000000000000c0 RSI: 0000000020000240 RDI: 0000000000000003
[  326.908168][T20448] RBP: 00007f16684a8090 R08: 0000000000000000 R09: 0000000000000000
[  326.910266][T20448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  326.912337][T20448] R13: 0000000000000000 R14: 00007f1667935f80 R15: 00007fff058d40e8
[  326.914382][T20448]  </TASK>
[  326.958711][T20443] lo speed is unknown, defaulting to 1000
[  327.063997][T20443] chnl_net:caif_netlink_parms(): no params data found
[  327.114330][T20443] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.116386][T20443] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.119054][T20443] bridge_slave_0: entered allmulticast mode
[  327.122812][T20443] bridge_slave_0: entered promiscuous mode
[  327.126741][T20443] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.128627][T20443] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.130622][T20443] bridge_slave_1: entered allmulticast mode
[  327.135902][T20443] bridge_slave_1: entered promiscuous mode
[  327.176391][T20443] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  327.180248][T20443] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  327.223097][T20443] team0: Port device team_slave_0 added
[  327.227767][T20443] team0: Port device team_slave_1 added
[  327.257895][T20443] batman_adv: batadv0: Adding interface: batadv_slave_0
[  327.259886][T20443] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  327.266656][T20443] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  327.271771][T20443] batman_adv: batadv0: Adding interface: batadv_slave_1
[  327.273687][T20443] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  327.280365][T20443] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  327.293139][T20464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  327.295645][T20464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  327.321401][T20443] hsr_slave_0: entered promiscuous mode
[  327.323784][T20443] hsr_slave_1: entered promiscuous mode
[  327.325686][T20443] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  327.327678][T20443] Cannot create hsr debugfs directory
[  327.329270][T20468] bond0: option ad_select: unable to set because the bond device is up
[  327.398689][   T64] Bluetooth: hci3: command 0x0406 tx timeout
[  327.420412][T20443] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.462648][T20473] dummy0: entered promiscuous mode
[  327.465867][T20473] dummy0: left promiscuous mode
[  327.505097][T20443] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.537370][ T6010] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  327.582302][T20443] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.663830][T20443] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.676272][ T6010] usb 9-1: device descriptor read/64, error -71
[  327.810277][T20443] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  327.825174][T20443] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  327.833335][T20443] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  327.836634][T20443] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  327.881611][T20443] 8021q: adding VLAN 0 to HW filter on device bond0
[  327.892511][T20443] 8021q: adding VLAN 0 to HW filter on device team0
[  327.897935][T20492] 9p filesystem being mounted at /375/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  327.898252][ T1231] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.903274][ T1231] bridge0: port 1(bridge_slave_0) entered forwarding state
[  327.916893][T11304] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.918765][T11304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  327.943469][ T6010] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  328.004320][T20499] __nla_validate_parse: 1 callbacks suppressed
[  328.004331][T20499] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4320'.
[  328.008529][T20499] bond0: option ad_select: unable to set because the bond device is up
[  328.016998][T20443] 8021q: adding VLAN 0 to HW filter on device batadv0
[  328.033335][T20502] netlink: 14 bytes leftover after parsing attributes in process `syz.8.4321'.
[  328.036179][T20502] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4321'.
[  328.038537][T20502] bridge_slave_1: left allmulticast mode
[  328.040310][T20502] bridge_slave_1: left promiscuous mode
[  328.041870][T20502] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.045011][T20502] bridge_slave_0: left allmulticast mode
[  328.046518][T20502] bridge_slave_0: left promiscuous mode
[  328.048064][T20502] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.050519][T11301] 
[  328.052146][T11301] =============================
[  328.053450][T11301] WARNING: suspicious RCU usage
[  328.054738][T11301] 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0 Not tainted
[  328.057540][T11301] -----------------------------
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  328.059327][T11301] net/sched/sch_generic.c:1290 suspicious rcu_dereference_protected() usage!
[  328.062013][T11301] 
[  328.062013][T11301] other info that might help us debug this:
[  328.062013][T11301] 
[  328.064785][T11301] 
[  328.064785][T11301] rcu_scheduler_active = 2, debug_locks = 1
[  328.066880][T11301] 3 locks held by kworker/u32:26/11301:
[  328.068530][T11301]  #0: ffff888029f47148 ((wq_completion)bond0#11){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0
[  328.071361][T11301]  #1: ffffc9000da57d80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  328.074699][T11301]  #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bond_mii_monitor+0x140/0x2d90
[  328.077320][T11301] 
[  328.077320][T11301] stack backtrace:
[  328.078885][T11301] CPU: 3 UID: 0 PID: 11301 Comm: kworker/u32:26 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  328.081759][T11301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  328.084613][T11301] Workqueue: bond0 bond_mii_monitor
[  328.085982][T11301] Call Trace:
[  328.086863][T11301]  <TASK>
[  328.087654][T11301]  dump_stack_lvl+0x16c/0x1f0
[  328.088904][T11301]  lockdep_rcu_suspicious+0x210/0x3c0
[  328.090312][T11301]  dev_deactivate_queue+0x167/0x190
[  328.091681][T11301]  dev_deactivate_many+0xe7/0xb20
[  328.093013][T11301]  dev_deactivate+0xf9/0x1c0
[  328.094231][T11301]  ? __pfx_dev_deactivate+0x10/0x10
[  328.095595][T11301]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  328.097160][T11301]  linkwatch_do_dev+0x11e/0x160
[  328.098453][T11301]  linkwatch_sync_dev+0x181/0x210
[  328.099784][T11301]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  328.101458][T11301]  ethtool_op_get_link+0x1d/0x70
[  328.102765][T11301]  bond_check_dev_link+0x197/0x490
[  328.104030][ T6010] usb 9-1: device descriptor read/64, error -71
[  328.104116][T11301]  ? __pfx_bond_check_dev_link+0x10/0x10
[  328.107322][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.108626][T11301]  bond_mii_monitor+0x3c1/0x2d90
[  328.109948][T11301]  ? __pfx_bond_mii_monitor+0x10/0x10
[  328.111361][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.112630][T11301]  ? trace_lock_acquire+0x14a/0x1d0
[  328.113991][T11301]  ? process_one_work+0x921/0x1ba0
[  328.115352][T11301]  ? lock_acquire+0x2f/0xb0
[  328.116560][T11301]  ? process_one_work+0x921/0x1ba0
[  328.117909][T11301]  process_one_work+0x9c5/0x1ba0
[  328.119234][T11301]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  328.120711][T11301]  ? __pfx_process_one_work+0x10/0x10
[  328.122121][T11301]  ? assign_work+0x1a0/0x250
[  328.123353][T11301]  worker_thread+0x6c8/0xf00
[  328.124587][T11301]  ? __pfx_worker_thread+0x10/0x10
[  328.125932][T11301]  kthread+0x2c1/0x3a0
[  328.127020][T11301]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.128418][T11301]  ? __pfx_kthread+0x10/0x10
[  328.129658][T11301]  ret_from_fork+0x45/0x80
[  328.130837][T11301]  ? __pfx_kthread+0x10/0x10
[  328.132072][T11301]  ret_from_fork_asm+0x1a/0x30
[  328.133550][T11301]  </TASK>
[  328.136887][T11301] 
[  328.137601][T11301] =============================
[  328.138872][T11301] WARNING: suspicious RCU usage
[  328.140146][T11301] 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0 Not tainted
[  328.142038][T11301] -----------------------------
[  328.143261][T11301] include/linux/rtnetlink.h:100 suspicious rcu_dereference_protected() usage!
[  328.145453][T11301] 
[  328.145453][T11301] other info that might help us debug this:
[  328.145453][T11301] 
[  328.148106][T11301] 
[  328.148106][T11301] rcu_scheduler_active = 2, debug_locks = 1
[  328.150128][T11301] 3 locks held by kworker/u32:26/11301:
[  328.151513][T11301]  #0: ffff888029f47148 ((wq_completion)bond0#11){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0
[  328.154159][T11301]  #1: ffffc9000da57d80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  328.157416][T11301]  #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bond_mii_monitor+0x140/0x2d90
[  328.159882][T11301] 
[  328.159882][T11301] stack backtrace:
[  328.161394][T11301] CPU: 2 UID: 0 PID: 11301 Comm: kworker/u32:26 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  328.164119][T11301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  328.166777][T11301] Workqueue: bond0 bond_mii_monitor
[  328.168122][T11301] Call Trace:
[  328.168978][T11301]  <TASK>
[  328.169732][T11301]  dump_stack_lvl+0x16c/0x1f0
[  328.170902][T11301]  lockdep_rcu_suspicious+0x210/0x3c0
[  328.172245][T11301]  dev_deactivate_many+0x8af/0xb20
[  328.173585][T11301]  dev_deactivate+0xf9/0x1c0
[  328.174792][T11301]  ? __pfx_dev_deactivate+0x10/0x10
[  328.176090][T11301]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  328.177640][T11301]  linkwatch_do_dev+0x11e/0x160
[  328.178939][T11301]  linkwatch_sync_dev+0x181/0x210
[  328.180277][T11301]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  328.181754][T11301]  ethtool_op_get_link+0x1d/0x70
[  328.183061][T11301]  bond_check_dev_link+0x197/0x490
[  328.184426][T11301]  ? __pfx_bond_check_dev_link+0x10/0x10
[  328.185878][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.187147][T11301]  bond_mii_monitor+0x3c1/0x2d90
[  328.188471][T11301]  ? __pfx_bond_mii_monitor+0x10/0x10
[  328.189887][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.191161][T11301]  ? trace_lock_acquire+0x14a/0x1d0
[  328.192525][T11301]  ? process_one_work+0x921/0x1ba0
[  328.193871][T11301]  ? lock_acquire+0x2f/0xb0
[  328.195072][T11301]  ? process_one_work+0x921/0x1ba0
[  328.196417][T11301]  process_one_work+0x9c5/0x1ba0
[  328.197724][T11301]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  328.199205][T11301]  ? __pfx_process_one_work+0x10/0x10
[  328.200627][T11301]  ? assign_work+0x1a0/0x250
[  328.201815][T11301]  worker_thread+0x6c8/0xf00
[  328.203026][T11301]  ? __pfx_worker_thread+0x10/0x10
[  328.204390][T11301]  kthread+0x2c1/0x3a0
[  328.205480][T11301]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.206863][T11301]  ? __pfx_kthread+0x10/0x10
[  328.208098][T11301]  ret_from_fork+0x45/0x80
[  328.209284][T11301]  ? __pfx_kthread+0x10/0x10
[  328.210508][T11301]  ret_from_fork_asm+0x1a/0x30
[  328.211783][T11301]  </TASK>
[  328.213196][T11301] BUG: sleeping function called from invalid context at net/core/dev.c:11284
[  328.215505][T11301] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 11301, name: kworker/u32:26
[  328.218003][T11301] preempt_count: 0, expected: 0
[  328.219300][T11301] RCU nest depth: 1, expected: 0
[  328.220613][T11301] 3 locks held by kworker/u32:26/11301:
[  328.222356][T11301]  #0: ffff888029f47148 ((wq_completion)bond0#11){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0
[  328.222984][ T6010] usb usb9-port1: attempt power cycle
[  328.225208][T11301]  #1: ffffc9000da57d80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  328.230841][T11301]  #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bond_mii_monitor+0x140/0x2d90
[  328.234168][T11301] CPU: 3 UID: 0 PID: 11301 Comm: kworker/u32:26 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  328.237866][T11301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  328.241475][T11301] Workqueue: bond0 bond_mii_monitor
[  328.243129][T11301] Call Trace:
[  328.243926][T11301]  <TASK>
[  328.244802][T11301]  dump_stack_lvl+0x16c/0x1f0
[  328.246054][T11301]  __might_resched+0x3c0/0x5e0
[  328.247329][T11301]  ? __pfx___might_resched+0x10/0x10
[  328.248734][T11301]  ? dev_deactivate_many+0x260/0xb20
[  328.250125][T11301]  synchronize_net+0x1b/0x60
[  328.251345][T11301]  dev_deactivate_many+0x2a1/0xb20
[  328.252711][T11301]  dev_deactivate+0xf9/0x1c0
[  328.253927][T11301]  ? __pfx_dev_deactivate+0x10/0x10
[  328.255293][T11301]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  328.256862][T11301]  linkwatch_do_dev+0x11e/0x160
[  328.258144][T11301]  linkwatch_sync_dev+0x181/0x210
[  328.259479][T11301]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  328.260965][T11301]  ethtool_op_get_link+0x1d/0x70
[  328.262266][T11301]  bond_check_dev_link+0x197/0x490
[  328.263626][T11301]  ? __pfx_bond_check_dev_link+0x10/0x10
[  328.265100][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.266327][T11301]  bond_mii_monitor+0x3c1/0x2d90
[  328.267612][T11301]  ? __pfx_bond_mii_monitor+0x10/0x10
[  328.269020][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.270254][T11301]  ? trace_lock_acquire+0x14a/0x1d0
[  328.271632][T11301]  ? process_one_work+0x921/0x1ba0
[  328.273001][T11301]  ? lock_acquire+0x2f/0xb0
[  328.274190][T11301]  ? process_one_work+0x921/0x1ba0
[  328.275537][T11301]  process_one_work+0x9c5/0x1ba0
[  328.276857][T11301]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  328.278344][T11301]  ? __pfx_process_one_work+0x10/0x10
[  328.279760][T11301]  ? assign_work+0x1a0/0x250
[  328.281020][T11301]  worker_thread+0x6c8/0xf00
[  328.282240][T11301]  ? __pfx_worker_thread+0x10/0x10
[  328.283584][T11301]  kthread+0x2c1/0x3a0
[  328.284670][T11301]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.286040][T11301]  ? __pfx_kthread+0x10/0x10
[  328.287255][T11301]  ret_from_fork+0x45/0x80
[  328.288439][T11301]  ? __pfx_kthread+0x10/0x10
[  328.289682][T11301]  ret_from_fork_asm+0x1a/0x30
[  328.290966][T11301]  </TASK>
[  328.292331][T11301] 
[  328.292999][T11301] =============================
[  328.294290][T11301] WARNING: suspicious RCU usage
[  328.295545][T11301] 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0 Tainted: G        W         
[  328.297866][T11301] -----------------------------
[  328.299432][T11301] kernel/rcu/tree_exp.h:946 Illegal synchronize_rcu_expedited() in RCU read-side critical section!
[  328.303045][T11301] 
[  328.303045][T11301] other info that might help us debug this:
[  328.303045][T11301] 
[  328.306515][T11301] 
[  328.306515][T11301] rcu_scheduler_active = 2, debug_locks = 1
[  328.309305][T11301] 3 locks held by kworker/u32:26/11301:
[  328.311163][T11301]  #0: ffff888029f47148 ((wq_completion)bond0#11){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0
[  328.314746][T11301]  #1: ffffc9000da57d80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  328.318806][T11301]  #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bond_mii_monitor+0x140/0x2d90
[  328.322036][T11301] 
[  328.322036][T11301] stack backtrace:
[  328.324023][T11301] CPU: 3 UID: 0 PID: 11301 Comm: kworker/u32:26 Tainted: G        W          6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  328.328125][T11301] Tainted: [W]=WARN
[  328.329441][T11301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  328.332941][T11301] Workqueue: bond0 bond_mii_monitor
[  328.334726][T11301] Call Trace:
[  328.335902][T11301]  <TASK>
[  328.336894][T11301]  dump_stack_lvl+0x16c/0x1f0
[  328.338485][T11301]  lockdep_rcu_suspicious+0x210/0x3c0
[  328.340304][T11301]  synchronize_rcu_expedited+0x1e5/0x450
[  328.342169][T11301]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  328.344243][T11301]  ? dump_stack_lvl+0x1a1/0x1f0
[  328.345879][T11301]  ? dump_stack_lvl+0x1a3/0x1f0
[  328.347438][T11301]  ? add_taint+0x5f/0xd0
[  328.348868][T11301]  ? __pfx___might_resched+0x10/0x10
[  328.350671][T11301]  ? dev_deactivate_many+0x260/0xb20
[  328.352503][T11301]  synchronize_net+0x3e/0x60
[  328.354051][T11301]  dev_deactivate_many+0x2a1/0xb20
[  328.355732][T11301]  dev_deactivate+0xf9/0x1c0
[  328.357364][T11301]  ? __pfx_dev_deactivate+0x10/0x10
[  328.359085][T11301]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  328.360983][T11301]  linkwatch_do_dev+0x11e/0x160
[  328.362613][T11301]  linkwatch_sync_dev+0x181/0x210
[  328.364310][T11301]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  328.366168][T11301]  ethtool_op_get_link+0x1d/0x70
[  328.367833][T11301]  bond_check_dev_link+0x197/0x490
[  328.369612][T11301]  ? __pfx_bond_check_dev_link+0x10/0x10
[  328.371509][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.373071][T11301]  bond_mii_monitor+0x3c1/0x2d90
[  328.374681][T11301]  ? __pfx_bond_mii_monitor+0x10/0x10
[  328.376475][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.378131][T11301]  ? trace_lock_acquire+0x14a/0x1d0
[  328.379909][T11301]  ? process_one_work+0x921/0x1ba0
[  328.381650][T11301]  ? lock_acquire+0x2f/0xb0
[  328.383164][T11301]  ? process_one_work+0x921/0x1ba0
[  328.384886][T11301]  process_one_work+0x9c5/0x1ba0
[  328.386592][T11301]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  328.388513][T11301]  ? __pfx_process_one_work+0x10/0x10
[  328.390334][T11301]  ? assign_work+0x1a0/0x250
[  328.391926][T11301]  worker_thread+0x6c8/0xf00
[  328.393514][T11301]  ? __pfx_worker_thread+0x10/0x10
[  328.395244][T11301]  kthread+0x2c1/0x3a0
[  328.396674][T11301]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.398462][T11301]  ? __pfx_kthread+0x10/0x10
[  328.400064][T11301]  ret_from_fork+0x45/0x80
[  328.401595][T11301]  ? __pfx_kthread+0x10/0x10
[  328.403176][T11301]  ret_from_fork_asm+0x1a/0x30
[  328.404836][T11301]  </TASK>
[  328.406513][T11301] ------------[ cut here ]------------
[  328.408334][T11301] Voluntary context switch within RCU read-side critical section!
[  328.408390][T11301] WARNING: CPU: 3 PID: 11301 at kernel/rcu/tree_plugin.h:331 rcu_note_context_switch+0xc5c/0x1ae0
[  328.414509][T11301] Modules linked in:
[  328.415829][T11301] CPU: 3 UID: 0 PID: 11301 Comm: kworker/u32:26 Tainted: G        W          6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  328.419957][T11301] Tainted: [W]=WARN
[  328.421263][T11301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  328.424802][T11301] Workqueue: bond0 bond_mii_monitor
[  328.426584][T11301] RIP: 0010:rcu_note_context_switch+0xc5c/0x1ae0
[  328.428790][T11301] Code: 79 00 4c 8b 54 24 30 48 8b 44 24 28 8b 4c 24 10 e9 c6 03 00 00 c6 05 52 c3 d2 0e 01 90 48 c7 c7 40 a5 6e 8b e8 f5 1d d9 ff 90 <0f> 0b 90 90 e9 a8 f4 ff ff 38 d0 7f 08 84 c0 0f 85 2b 08 00 00 80
[  328.435190][T11301] RSP: 0018:ffffc9000da574f8 EFLAGS: 00010086
[  328.437284][T11301] RAX: 0000000000000000 RBX: ffff88806a93fe80 RCX: ffffffff814e6e79
[  328.439984][T11301] RDX: ffff888029712440 RSI: ffffffff814e6e86 RDI: 0000000000000001
[  328.442654][T11301] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  328.445250][T11301] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888029712440
[  328.447953][T11301] R13: ffff888029712440 R14: ffff888029712440 R15: ffff88806a93eec0
[  328.450604][T11301] FS:  0000000000000000(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000
[  328.453579][T11301] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  328.455759][T11301] CR2: 000000110c324ca2 CR3: 000000002ac2e000 CR4: 0000000000352ef0
[  328.458383][T11301] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  328.461133][T11301] DR3: 0000000000000007 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  328.463764][T11301] Call Trace:
[  328.464894][T11301]  <TASK>
[  328.465898][T11301]  ? __warn+0xea/0x3d0
[  328.467293][T11301]  ? hlock_class+0x4e/0x130
[  328.468834][T11301]  ? rcu_note_context_switch+0xc5c/0x1ae0
[  328.470752][T11301]  ? report_bug+0x3c0/0x580
[  328.472277][T11301]  ? handle_bug+0x54/0xa0
[  328.473733][T11301]  ? exc_invalid_op+0x17/0x50
[  328.475341][T11301]  ? asm_exc_invalid_op+0x1a/0x20
[  328.477079][T11301]  ? __warn_printk+0x199/0x350
[  328.478723][T11301]  ? __warn_printk+0x1a6/0x350
[  328.480368][T11301]  ? rcu_note_context_switch+0xc5c/0x1ae0
[  328.482263][T11301]  ? rcu_note_context_switch+0xc5b/0x1ae0
[  328.484169][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.485783][T11301]  ? schedule+0xe7/0x350
[  328.487206][T11301]  __schedule+0x297/0x5740
[  328.488704][T11301]  ? __pfx___lock_acquire+0x10/0x10
[  328.490450][T11301]  ? find_held_lock+0x2d/0x110
[  328.492040][T11301]  ? __pfx___schedule+0x10/0x10
[  328.493715][T11301]  ? schedule+0x298/0x350
[  328.495185][T11301]  ? __pfx_lock_release+0x10/0x10
[  328.496898][T11301]  ? trace_lock_acquire+0x14a/0x1d0
[  328.498694][T11301]  ? lock_acquire+0x2f/0xb0
[  328.500202][T11301]  ? schedule+0x1fd/0x350
[  328.501687][T11301]  schedule+0xe7/0x350
[  328.503088][T11301]  exp_funnel_lock+0x344/0x3b0
[  328.504745][T11301]  ? __pfx_exp_funnel_lock+0x10/0x10
[  328.506557][T11301]  ? __pfx_autoremove_wake_function+0x10/0x10
[  328.508615][T11301]  ? __pfx___might_resched+0x10/0x10
[  328.510397][T11301]  ? lockdep_rcu_suspicious+0x2ee/0x3c0
[  328.512284][T11301]  synchronize_rcu_expedited+0x290/0x450
[  328.514181][T11301]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  328.516274][T11301]  ? dump_stack_lvl+0x1a1/0x1f0
[  328.517928][T11301]  ? dump_stack_lvl+0x1a3/0x1f0
[  328.519649][T11301]  ? add_taint+0x5f/0xd0
[  328.521106][T11301]  ? __pfx___might_resched+0x10/0x10
[  328.522898][T11301]  ? dev_deactivate_many+0x260/0xb20
[  328.524821][T11301]  synchronize_net+0x3e/0x60
[  328.526442][T11301]  dev_deactivate_many+0x2a1/0xb20
[  328.528213][T11301]  dev_deactivate+0xf9/0x1c0
[  328.529721][T11301]  ? __pfx_dev_deactivate+0x10/0x10
[  328.531532][T11301]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  328.533569][T11301]  linkwatch_do_dev+0x11e/0x160
[  328.535216][T11301]  linkwatch_sync_dev+0x181/0x210
[  328.536854][T11301]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  328.538670][T11301]  ethtool_op_get_link+0x1d/0x70
[  328.540296][T11301]  bond_check_dev_link+0x197/0x490
[  328.541979][T11301]  ? __pfx_bond_check_dev_link+0x10/0x10
[  328.543796][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.545403][T11301]  bond_mii_monitor+0x3c1/0x2d90
[  328.547011][T11301]  ? __pfx_bond_mii_monitor+0x10/0x10
[  328.548774][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.550336][T11301]  ? trace_lock_acquire+0x14a/0x1d0
[  328.552011][T11301]  ? process_one_work+0x921/0x1ba0
[  328.553654][T11301]  ? lock_acquire+0x2f/0xb0
[  328.555139][T11301]  ? process_one_work+0x921/0x1ba0
[  328.556806][T11301]  process_one_work+0x9c5/0x1ba0
[  328.558448][T11301]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  328.560293][T11301]  ? __pfx_process_one_work+0x10/0x10
[  328.562051][T11301]  ? assign_work+0x1a0/0x250
[  328.563633][T11301]  worker_thread+0x6c8/0xf00
[  328.565177][T11301]  ? __pfx_worker_thread+0x10/0x10
[  328.566918][T11301]  kthread+0x2c1/0x3a0
[  328.568389][T11301]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.569736][T11301]  ? __pfx_kthread+0x10/0x10
[  328.570949][T11301]  ret_from_fork+0x45/0x80
[  328.572118][T11301]  ? __pfx_kthread+0x10/0x10
[  328.573280][T11301]  ret_from_fork_asm+0x1a/0x30
[  328.574660][T11301]  </TASK>
[  328.575627][T11301] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  328.577863][T11301] CPU: 3 UID: 0 PID: 11301 Comm: kworker/u32:26 Tainted: G        W          6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  328.581592][T11301] Tainted: [W]=WARN
[  328.582782][T11301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  328.585850][T11301] Workqueue: bond0 bond_mii_monitor
[  328.587198][T11301] Call Trace:
[  328.588085][T11301]  <TASK>
[  328.588863][T11301]  dump_stack_lvl+0x3d/0x1f0
[  328.590105][T11301]  panic+0x71d/0x800
[  328.591149][T11301]  ? __pfx_panic+0x10/0x10
[  328.592366][T11301]  ? show_trace_log_lvl+0x29d/0x3d0
[  328.593697][T11301]  ? check_panic_on_warn+0x1f/0xb0
[  328.594980][T11301]  ? rcu_note_context_switch+0xc5c/0x1ae0
[  328.596428][T11301]  check_panic_on_warn+0xab/0xb0
[  328.597722][T11301]  __warn+0xf6/0x3d0
[  328.598747][T11301]  ? hlock_class+0x4e/0x130
[  328.599935][T11301]  ? rcu_note_context_switch+0xc5c/0x1ae0
[  328.601410][T11301]  report_bug+0x3c0/0x580
[  328.602529][T11301]  handle_bug+0x54/0xa0
[  328.603569][T11301]  exc_invalid_op+0x17/0x50
[  328.604728][T11301]  asm_exc_invalid_op+0x1a/0x20
[  328.605951][T11301] RIP: 0010:rcu_note_context_switch+0xc5c/0x1ae0
[  328.607528][T11301] Code: 79 00 4c 8b 54 24 30 48 8b 44 24 28 8b 4c 24 10 e9 c6 03 00 00 c6 05 52 c3 d2 0e 01 90 48 c7 c7 40 a5 6e 8b e8 f5 1d d9 ff 90 <0f> 0b 90 90 e9 a8 f4 ff ff 38 d0 7f 08 84 c0 0f 85 2b 08 00 00 80
[  328.612470][T11301] RSP: 0018:ffffc9000da574f8 EFLAGS: 00010086
[  328.614073][T11301] RAX: 0000000000000000 RBX: ffff88806a93fe80 RCX: ffffffff814e6e79
[  328.616149][T11301] RDX: ffff888029712440 RSI: ffffffff814e6e86 RDI: 0000000000000001
[  328.618199][T11301] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  328.620223][T11301] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888029712440
[  328.622241][T11301] R13: ffff888029712440 R14: ffff888029712440 R15: ffff88806a93eec0
[  328.624260][T11301]  ? __warn_printk+0x199/0x350
[  328.625475][T11301]  ? __warn_printk+0x1a6/0x350
[  328.626720][T11301]  ? rcu_note_context_switch+0xc5b/0x1ae0
[  328.628214][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.629507][T11301]  ? schedule+0xe7/0x350
[  328.630631][T11301]  __schedule+0x297/0x5740
[  328.631816][T11301]  ? __pfx___lock_acquire+0x10/0x10
[  328.633186][T11301]  ? find_held_lock+0x2d/0x110
[  328.634451][T11301]  ? __pfx___schedule+0x10/0x10
[  328.635737][T11301]  ? schedule+0x298/0x350
[  328.636843][T11301]  ? __pfx_lock_release+0x10/0x10
[  328.638168][T11301]  ? trace_lock_acquire+0x14a/0x1d0
[  328.639565][T11301]  ? lock_acquire+0x2f/0xb0
[  328.640787][T11301]  ? schedule+0x1fd/0x350
[  328.641951][T11301]  schedule+0xe7/0x350
[  328.642992][T11301]  exp_funnel_lock+0x344/0x3b0
[  328.644257][T11301]  ? __pfx_exp_funnel_lock+0x10/0x10
[  328.645659][T11301]  ? __pfx_autoremove_wake_function+0x10/0x10
[  328.647265][T11301]  ? __pfx___might_resched+0x10/0x10
[  328.648671][T11301]  ? lockdep_rcu_suspicious+0x2ee/0x3c0
[  328.650128][T11301]  synchronize_rcu_expedited+0x290/0x450
[  328.651608][T11301]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  328.653259][T11301]  ? dump_stack_lvl+0x1a1/0x1f0
[  328.654542][T11301]  ? dump_stack_lvl+0x1a3/0x1f0
[  328.655818][T11301]  ? add_taint+0x5f/0xd0
[  328.656945][T11301]  ? __pfx___might_resched+0x10/0x10
[  328.658343][T11301]  ? dev_deactivate_many+0x260/0xb20
[  328.659733][T11301]  synchronize_net+0x3e/0x60
[  328.660961][T11301]  dev_deactivate_many+0x2a1/0xb20
[  328.662311][T11301]  dev_deactivate+0xf9/0x1c0
[  328.663525][T11301]  ? __pfx_dev_deactivate+0x10/0x10
[  328.664892][T11301]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  328.666436][T11301]  linkwatch_do_dev+0x11e/0x160
[  328.667713][T11301]  linkwatch_sync_dev+0x181/0x210
[  328.669025][T11301]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  328.670513][T11301]  ethtool_op_get_link+0x1d/0x70
[  328.671817][T11301]  bond_check_dev_link+0x197/0x490
[  328.673177][T11301]  ? __pfx_bond_check_dev_link+0x10/0x10
[  328.674655][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.675945][T11301]  bond_mii_monitor+0x3c1/0x2d90
[  328.677226][T11301]  ? __pfx_bond_mii_monitor+0x10/0x10
[  328.678617][T11301]  ? rcu_is_watching+0x12/0xc0
[  328.679872][T11301]  ? trace_lock_acquire+0x14a/0x1d0
[  328.681246][T11301]  ? process_one_work+0x921/0x1ba0
[  328.682608][T11301]  ? lock_acquire+0x2f/0xb0
[  328.683799][T11301]  ? process_one_work+0x921/0x1ba0
[  328.685105][T11301]  process_one_work+0x9c5/0x1ba0
[  328.686378][T11301]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  328.687864][T11301]  ? __pfx_process_one_work+0x10/0x10
[  328.689278][T11301]  ? assign_work+0x1a0/0x250
[  328.690455][T11301]  worker_thread+0x6c8/0xf00
[  328.691641][T11301]  ? __pfx_worker_thread+0x10/0x10
[  328.692946][T11301]  kthread+0x2c1/0x3a0
[  328.693985][T11301]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.695286][T11301]  ? __pfx_kthread+0x10/0x10
[  328.696483][T11301]  ret_from_fork+0x45/0x80
[  328.697630][T11301]  ? __pfx_kthread+0x10/0x10
[  328.698830][T11301]  ret_from_fork_asm+0x1a/0x30
[  328.700066][T11301]  </TASK>
[  328.701310][T11301] Kernel Offset: disabled
[  328.702453][T11301] Rebooting in 86400 seconds..

VM DIAGNOSIS:
13:22:50  Registers:
info registers vcpu 0

CPU#0
RAX=000000000039967f RBX=0000000000000000 RCX=ffffffff8b23a439 RDX=0000000000000000
RSI=ffffffff8b6ccfc0 RDI=ffffffff8bd1b4c0 RBP=fffffbfff1bd2af8 RSP=ffffffff8de07e20
R8 =0000000000000001 R9 =ffffed100d4c7025 R10=ffff88806a63812b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de957c0 R14=ffffffff905f5b88 R15=0000000000000000
RIP=ffffffff8b23b81f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fa7695f1440 CR3=0000000057192000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d3c1f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d3c1f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d3c1f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d3c1f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d3c1f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d3c1f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000101800000000 0000009500000000 0408007100000000 ff000a620000009e
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d3ce6d100 00007f6d3c30c440 00007f6d3c30c458 0004000b000c0008
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6d3c30c498 00007f6d3c30c490 00007f6d3c30c488 00007f6d3c30c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000005 RBX=ffff888030862f48 RCX=ffffc900043bf318 RDX=0000000000000002
RSI=ffffffff8e1b8340 RDI=ffff888030862f48 RBP=0000000000000002 RSP=ffffc900043bf280
R8 =0000000000000000 R9 =fffffbfff20beb71 R10=ffffffff905f5b8f R11=0000000000000000
R12=ffffffff8e1b8340 R13=ffffffff8e1b8340 R14=ffffc900043bf318 R15=0000000000000001
RIP=ffffffff8b2394a5 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f70dc467d60 CR3=000000000df7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70db90c6a3 00007f70db90c6a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc278e8d10 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556aadd4a0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556aae942c 000055556aae9320
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000036333935 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03e76a2d67d2b01c 71867c0ec4e075cf d4dde1b997753ee1 4fbab1c486975908
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0148100000040100 00000806060150fc 00000001000f0008 000000000000000d
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000008100040900 07f4f914045f0011 0000002448080003 40a6828010000180
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0401000000080606 0144a400080001e0 0300100001d00303 ffffffff0401c003
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02100001b00301e0 1000029003e76a2d 67d2b01c71867c0e c4e075cfd4dde1b9
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e49203a0965 6d616e206c65646f 6d0a363031203a09 096c65646f6d0a36
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 70706574730a7a48 4730362e32204020 555043202952286e 6f6558202952286c
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 630a666666666666 66667830203a0965 646f636f7263696d 0a36203a09676e69
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c66206267315f 7470652064615f74 706520796c6e6f5f 785f747065206469
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 61762066746d2072 7074762074657366 666f5f6373742079 7469726f69727078
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2074736575675f64 6574636972747365 726e752064697076 2074706520636970
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 75620a6c6d702073 636d765f776f6461 6873206469762067 65725f6369706176
info registers vcpu 2

CPU#2
RAX=00000000003122d1 RBX=0000000000000002 RCX=ffffffff8b23a439 RDX=0000000000000000
RSI=ffffffff8b6ccfc0 RDI=ffffffff8bd1b4c0 RBP=ffffed1003b55000 RSP=ffffc90000197e08
R8 =0000000000000001 R9 =ffffed100d507025 R10=ffff88806a83812b R11=0000000000000000
R12=0000000000000002 R13=ffff88801daa8000 R14=ffffffff905f5b88 R15=0000000000000000
RIP=ffffffff8b23b81f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f16684a7f98 CR3=00000000240a2000 CR4=00352ef0
DR0=fffffffffffffffc DR1=0000000000000000 DR2=0000000000000002 DR3=0000000000000800 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff058d4480 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f16677f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f16677f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f16677f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f16677f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f16677f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f16677f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850bb475 RDI=ffffffff9aaebc40 RBP=ffffffff9aaebc00 RSP=ffffc9000da57410
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000005b R14=ffffffff850bb410 R15=0000000000000000
RIP=ffffffff850bb49f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c324ca2 CR3=000000002fd28000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000007 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000001 Opmask01=0000000000040000 Opmask02=0000000002000000 Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc18dcb60 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 76616c735f656764 697262205d323035 3032545b5d373335 3833302e38323300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7661667355656764 6372622057323035 3032545157373335 3233302432323300
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e61202029636166 616520676920676e 6965722020314e20 3a306c645f746161
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202029360024 6165206220203320 3430322020313520 302038322e373220
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a513439360024 676f666865787a2a 6f627e2a6f7c6665 792a6e667f657d2a
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7e6b682a6f696b6c 786f7e64632a6d64 63797f2a7e65442a 303a7c6e6b7e6b68
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000