last executing test programs:

3m30.02545328s ago: executing program 3 (id=320):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000440)={&(0x7f0000800000/0x800000)=nil, &(0x7f000051f000/0x4000)=nil, 0x800000, 0x1, 0xfe})
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000000000070000040"])
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
syz_io_uring_setup(0x2c0e, &(0x7f0000000400)={0x0, 0xbbd6, 0xc002, 0x1000, 0x20000000}, 0x0, 0x0)

3m30.025180644s ago: executing program 3 (id=321):
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r1, 0x0, 0x0, 0xc9100121, 0x0, 0x0)
sendmsg$netlink(r0, 0x0, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x1, 0x9200000000000000)
r3 = io_uring_setup(0x479, &(0x7f0000000ac0)={0x0, 0x3, 0x2, 0x2, 0xe})
listen(0xffffffffffffffff, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000080)=0x3, 0x12)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xb, 0x6}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xcff5, 0x8001, 0xffffffffffffffff, 0x5, 0x3}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r9 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
syz_usb_disconnect(r9)
close_range(r3, 0xffffffffffffffff, 0x0)

3m30.022311626s ago: executing program 3 (id=326):
r0 = msgget$private(0x0, 0x0)
msgsnd(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="01"], 0x8, 0x0)
msgrcv(r0, &(0x7f0000000280)={0x0, ""/55}, 0x3f, 0x0, 0x86b1b18158a7cb82)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
socket$inet6(0xa, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'veth1_virt_wifi\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x7fff, 0x0, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x9, 0x0, r4, 0x7, '\x00', r2, 0xffffffffffffffff, 0x5, 0x2, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000680)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$unix(r5, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r5], 0x18}, 0x0)
recvmsg$unix(r6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@cred={{0x1c}}], 0x20}, 0x121)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000340)={0x1d, r8, 0x0, {0x1, 0x0, 0x6}, 0x1}, 0x18)
setsockopt$sock_int(r7, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005)
close(r7)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000020000000000000000", @ANYRES32=r3], 0x20}, 0x1, 0x0, 0x0, 0x4004}, 0x0)

3m29.770059823s ago: executing program 3 (id=335):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000040)={0x26, 0x1, 0x0, "4f80ff259b1c2ce2d2226bfb771f00ff065e07079c5e6f426ebb117c0caba25f", 0x47504a4d})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x11, &(0x7f0000000080)=0x1, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x85, &(0x7f00000004c0)={r5, @in={{0x2, 0xfffe, @empty}}, 0x0, 0x7ffe}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000001c0)={r5, @in={{0x2, 0x4e24, @empty}}, 0x180000, 0x5, 0x3ffff, 0x2, 0xb5, 0xfffffffc, 0x4}, 0x9c)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r8)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)={0x4c, r9, 0x815, 0x70bd2d, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x80}, {0x6, 0x11, 0xf}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000002)
sendmsg$DEVLINK_CMD_RATE_SET(r3, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x41004000}, 0xc, &(0x7f0000000280)={&(0x7f0000000680)={0x1114, r9, 0x1, 0x70bd29, 0x25dfdbff, {}, [@DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x31c}, @DEVLINK_ATTR_RATE_NODE_NAME={0x1f, 0xa8, @random="a3dcc576784dae0feb763c2cfd1d31bace3c4b697e3ad70f5bb140"}, @DEVLINK_ATTR_RATE_NODE_NAME={0x1004, 0xa8, @random="d1299ef2911a0d04c0348d6fe36ba1501fda8e1ac8dd041233f1afd4e99464472dc63de8b64be3e989b9b670018680224b01c5415571284d60bc60ae95750ff42d822df02117f0d8be7e69082625a6ae8058bb2057542627e0826fd5d81936330d2aa2036b8607c88abc7b19e5e8a1f71485e460ffcece419ceb5e4ce4efbea2bda73539652d6609af37edb44e841e31364f9a12e399e2f39180e9c43bed18b87e16f2e54e5637d0a2e6a2f9ca53e7bcdf46dc7d3547bec8d3707d5f40c98d774e6b15cd0e2a28a590318579d6dd39b595ca954b3f8975d91f0a0bfbe53458dcc510288009e34fe22e818650e84d229907c59d4a3bc4ef28d86e35995e54d948f847a6fd01b3f04cdc3dd7288cc1a8073dbaf3c470b82c288d74eb67621c4f75ea5ab5a567d6fa7c8056e19006b9e270f5fd796f7e8f221d1014fef348db2d6b2592cad68982a405cb6cfb8376e11ac04435fe88fa3a10da7464837aec08ad664afeb52359c178c029ede6ecef7792b7e8f5f44058ac4d0f88eb1a09953a5a69fb2a98d3ed878f7cd846a97ee484373dabe1c71b0fdb2db9a6498d360e5cd9e79e45f70a3ac3d137c014a77d00636899217b052aa2f0d0ed3ec3267f75f9b079776d1bbe7bab547c0b759ac8a94aae6bb600be7d19b256173aab03ad20f50b0e67d61d230ba7662f2bede2d9e01035b04515253166fce34e2e31ff9becc2033e5ee55c98b6241cebec84f73e5e938ea9cbffd9beeb74a445afbc9f74d51611038971058481f296d85b293dec1156ba540a1a0035e5bf7d2574c86d83abaa95a8e76d4a277f6a065f4a0d322fad171879d5a3cca1e6e434e45ec7bdc4b469c7ece9e3278fa2083fd00e02d366e68e58cd41d8187e015ed3abb2d9c1d08054bfbf7d25deab8c3c95d6c83f5c1b8f165da56bc06ced4515d4f03838f43ef3f47864c0d9d2e933ffb4ec380f51b45bb50b5a405a654e5e61eab2ba2fe98097379776c4c47e70b1aab85ba9b9dc0b6817f0c5fe5bce1a8d4aedf06769c17fb768ed6c12eb3923aa80bb064f285f52323f26425e02e901bcee9af7b015b21ec7f8c9b3c738fb74879dcc8535d02bcaefd37fe2843a6391df75edef5b6ae43708eb0bdd15e1cde7e914193576343676520fcba7ce1fbc450ef7cbb6e26625232169337f64329a091835a2aca6fa1956d0ce439c6e85b886ec6e92decd7fa69083866010c17ba1ce54d631102136ef4a865d7105a6dca89848cf30cc45f96a358336034327f67d7f54fbdb54029369c88963c5b4bdf6955d3bae59a6ebc632a4f7bd8182373597f670e91ba05c33bc6b200db5bd99be61cc2443d92851bb8a3ebc081c5558f67dbf10d72114a0a11bd9f829ee7f6bb904d71cfeb94046c3c27246c280ecef972fbba21cc6c63710e7a603efa6984dda0748ffd83a624fdc5e6eaf0c26c588550c24c48e255b0b5892b2823092eb2fcc629d64588a0a495b4fa1c39f4cf64fa0f9df3d34f1f865f6328d82b656c1ddd35ee7993f2b54e07ae2576b5e1e337eec42c8ec7427f7a4c53f0533571978958a630005fc84d0dda6960519d30ca182ca1d6eab08597f62c4bd042312302b109a3a8c43f81ce1cdc1abc5609861fb76ab612a8adfa78bf682e67b8c3d8a0e5d272b633fd2204f1c701715731f0cac22081e14c7410da4b31df6e0bc1036572604d67ddba4cd7a671af871d5e8f99ea1c14e04d46314e82b242170cd15d65d2e71747e1de382d4ee61719c2eb7e86ca549649113b2d58180a3df5288a367ebac5c8474d1760cfffe2b4fdb9b7c54667120c33a48b3c57272a191ba23ba66661feda46b85af41e08af5d829ea19a656afae3d13471cb334c42667b7b8b4644b511dbb86292b2459622675eaf56f2269ad17f6096855457b7c3fcd159692a17c3567edffb6876cd70d56e407fdfd0ae0b090feeb9ed282b9a0097085d898b691dce65bfde398f7b5e947fcc5ef2ff0450cde8223a15d2e93160438fdd42c402f1a32f06f2256958af11ba508e5bfbcef41f8314499e17ec74935c6e7e3b6bc7a31da8e0b835a1fdb235aad7a671c21f7d2c7d22b540cb5efb056657fce46eda07b4a5a97d405305ae2955aa5a6d058fd53acf1c87af8378468572afb00f36ca6633aa7a03f6d59c048b248d60f0a269e214452f55dec166933bb966fe9503aee25d3ece77e21dc162dfcdf4dc34010bf5c9dadb442a7c4e181a6ced053d8981110b4855912015dfaf78798ae7a39a054e280d95da3f0f15b6a4acd78d99c077044b460f5e2a3b79557dbad7c21bd572ad2428bb28ddce2772fa00966378fe93aad132d634429ddcb15f0aa3425258e0531d5c59931d4915dab1cd47f7c46f1cd186bc61c62cdb20e0df95ca35cf360be1c5cfbdde4494e39503120d95fff38527aa5f837401db15c6ddf3be0bbef583e454e483913ddda82a0e15fd08d974831920c54162471ed83b05b1cc6172f41634bdc75e4767c9026dcc811e7e231dfb6257f0f309b9b4754f57f6c9d1a0d9f8fae824f6ee14d110cdd3f9304e745614ca3f8c22d9a2a667d842c2c6b57e3eedbaf73d7c14b930a073b4f6dac63999d3e30d11ccb98c57bb242f243fd883c453d5b7545990ce883dd9dd6d92151e1254db167f4aad4afeff087b92668f52e02789007efa8a9a7152936e995d1378823771776ad1062cebc6d6d08caf37fdde698e8ea277580f75da2f17ca863e88a70df23ed5cefc4562ef3842107caef9fb09ee40f742e71a8482e4edb0ef235fe709625095bb26550215b8f35381ed669dfe9e27990970ac2d75265de65147871803425a04b2cd20b92c3c99da74f007ddd54101430f57352040388e859f1f3575f5c963c4c973b0b07824281d1f6a79f2120ae57c3a8111962918abb664f53d687d1693d8dd3c9012835678abafa21083d34147624163a501916d4e9abfab245836a260a0bacc67bedec9c96f4147dbb96f1ea229a97c3cf4ae30a6ded43f0f5e2a8780215850665a9cc90e6ade92c78804691045d5196ea1923ab1e290fb92f1c284c7def6dca85be43261537581248478014c52befb726b03e143cd91dcc18eef64c6e443a77def2552a8a2a239c89df5360fc4affdfb6b2983d519ae166f710f453440556d1283d9f0afb5730af8d2842d8b1bce98f48c851fc999b70adbfa48dfd10ddd4c1e88eec430f128b390777b20aeb3a7d0163683ee09e1c2395f14af6c0d63192c2256012fce48cb6e453157bb8921a30e1894557b4635b30f5dff19cc5a78e04c6c375d071c59c223fac15cc20b276a1b0a383c916c65b4792693ad041688c488827d4ca72f1afc22af4a8cf469bee812857a1c9b5ae7dd7465c72bc71fa5335320b233f62760a08509084902bc871f6d21872870b24ea952f8ec5233f5331f77cfd689d50d78a81f2a80acb9c233f3a00d48cf99293c29af2b08678513190c3b533d8f3305739615911564a6b92075123fabc902c03ac7c04c2d690ba54a61eafcfa7395264ba8f0f6970a1fb42ecaefee7527389a0cd8fb8d30440b985c11eb84cb63559c68c1b4d93588c7724855dcc1f8a8069ec72fb15aae79b9f66daffd32f56ec60e7690bc345902f053404a23b0a54aeed0bd7c2b454e93b851444808002e5d58ded81329ad5c9d315563e99c79d15daaed6d91494c0e13b6d6cde49ac43674d66bd155cc56fbe4ae5715eff9b8c2b5cb3cbe2a21989503f0b92332a8d2fd9e44b86a42476687d201335a3654e959cadfbc9c65eded862eecdb99b3af7fb4dd912c61e0b9d6cc2d999636a6b4795143d87fbd23cc6761231d5a7d006b6eec1298f87a8405689a2719bebc85493ff16e3601e9b2a573bbacf4c81170eb6ccc74c76daecd8f58508689417a63d09c8f352577b7373be2b91bc1eebafb734bc2a7889c0f9e0d7ff541905e4757945688aca7132e359343c8aa5fabc5ffd3bbf74b40a940f0f84f4fd4797ea65bab585c7943efac9cf02d339e3730b8bd6cb79aa5eaa453b8750dc96c1ec41fdd3c84853e16e295d2ef23e63c6e4f22b0081558959eac161131c0c72eb26a7e9dfac148247ec82e1ab4e0f657e2116042024fc9e27414081c6f62f0509d126c315b3d3878e47a6b79a04670442c7a2396928c4650d7397ec060af4a582a0445a4cdd7bc464a06d0db175d83d044225abf2931b60862e36befc316f4558cdc429f85d58b777d70d5eef9dc845136bee21fb60b73e79596a27ecbadbcce698be78ea272953d270616f1b66baa847bbc60f223a7266432ae2fc661bc9f72de05d26b08bc0b6bd0c4c5aeb905e78a54b96a82aac1d5bbb22aa943d6b8b86f637020d82f7f74fa1b8b71113d15b85b79b3e09148a5cbf19f8f88ad8397274352660ba89bd1dec33ff78d4f35a541c5047ae60b61f7f7eada7fa44aac24acadbea6a50f71f0cd5f3455dbd77bd03a7125201a7bd0f0301e22f558ea4f1de3f6bb326b9402a78ab8b321802361bdf6a8b1e15a6431898a8147bc8d85170cd3b1a99063b00073e9f14e44dab81c6ec2f12ee7f8e068f44c92b21b6cad22033222275a024467fbe78135211d9d88682ae51eb01efb727373c03fe7c32d5571ae859480e536f90fc64394320c906c51dc99a9f34f870e6740365998f6d0c88299442ab263257b84eb0ed3efd1ec3dc2dfacdd5b064dc9f4dea4644b48cb17432cf139114ea3b29c300bbdabed5eb79255ad3774f11c44ebe44c67ba58f0699dac31acf427b13dd7daf17956c6c4804cb2e9321d517ee46e89676f3f858acf3ae6e2235bc27a51eaa4aefdf8b5479e64cefc59749678bb694c1e087546c426cba4a3ffdb8bc5c42d6983fddf82591782bc2b2763efc84b9d5d756d06d9f5312b2a156cc1be96f8c6c7a163dd8f7ca8fd3931f0dc407bc5690978ad64660c78d39d856bad75f3a1b118cb5ad036118e286b243397ac149431de6b953d4d7d0078c8b8077ae16a28aafc583a9b516363c5b5db0fb82787b34f50ad8d03026d3fa6a9f6adff980d6ebabd8a3d3a640e2e4c62dd7685619c57319d5df24fcf950322186c892fea8c23456c4c153a3a32979b9463b01b20f4af2683d5a2601aa8fc6450cf291ef3a38eda291b527eac1f6c041227fe1de64b58643c0daf992d28712fbf80ef14786a3affca5a2c24ee3e90a6b54b9b8dde6d4c37a656c9a73c8bf046d4327c8a5cc5f830635799798683d9df172e57d06cd46b902f0913867d05e04ed61e81330c8baa2a608d6cea561faa72f02e8042dd109ee0a1921118282ba145aae7e895dbc26c92b84dce793bd1dca354b2a5762956f3e1cf4bb0a3ca753f722f26569f2baecc2eea918d2560af3af7117a9961df22e3b32c3404b820687047876f6b736837fb9d40aef257cb1edc02a7d8dea6dff0f1ab5d6fa5a9d79611607e8a3788c9d9884eb2d27f0fed480d2e17272c981b6d0f9705ac23e8578fb4462128e4a55229f4757a1817bef076fad90e0ab26895f20adf1072b4494f7491f5584cda613351d043631fed71855aeb50cc9cebf552425f19942e9574fff571bda7ee6cda3191098c4363f2b6f5f41e55f40ba77d9691a1ec7ccb11f269e0117610c4127f819aac3691985fda4afd429338082be2b1f0ea2381cfcce275154a9165238a42cd2f0b339faf9ad65fc6906042046c8f0e973bb8a0b0b3153d529d7157448e313bed745d65cd1b32fcd207ebad468a4667773c19a447a8671a91ca550c8e4c57f8d7e9bb6490118424c965a989884bbbef3d910515ee03585443f26988038"}, @DEVLINK_ATTR_RATE_NODE_NAME={0x6e, 0xa8, @random="84fdbcb65ce8c84b221d39d6e0b66aa580fbc8cedc0c5e62e921e024407fbff3037854bcb556a2130e11c2d05795523072b1a2c302da4cfbbfa5a75f4bcc8695dbd18576dc104c2cec23bfd9a836d91555fbd16888d03cd55bcc6717597cb55b968dfa79781161168098"}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x40}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_TX_MAX={0xc}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}]}, 0x1114}, 0x1, 0x0, 0x0, 0x80}, 0xc000)
unshare(0x22020600)
setns(r7, 0x24020000)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
r10 = syz_pidfd_open(0x0, 0x0)
setns(r10, 0x24020000)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})

3m28.861213275s ago: executing program 3 (id=340):
mkdir(&(0x7f0000000100)='./file0\x00', 0x11c)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0)
recvmmsg$unix(r0, &(0x7f0000001840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40010102, 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='vxfs\x00', 0x11, 0x0)

3m28.011995393s ago: executing program 3 (id=348):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0}) (async)
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4004550c, 0x0) (async)
r1 = syz_open_dev$video4linux(&(0x7f0000001dc0), 0x5, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000002580)={0x0, @motion_det})
ioctl$VIDIOC_SUBDEV_S_CROP(r1, 0xc038563c, &(0x7f0000000000)={0x1, 0x0, {0x846, 0x4, 0x7ff}}) (async)
r2 = gettid()
ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f0000000180)=0x1) (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) (async)
r4 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000006ac0), 0x0, 0x0)
fstatfs(r4, &(0x7f0000007580)=""/19)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0x3, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=ANY=[@ANYBLOB="010000f111b6000691bc000000e59a4fc2a9010a0b94678771f579b56ed2721bed03619a3538c55631ee04e3b89a164dde3f49343a4ecd2aabcce2f56520beb6e064ecc37dd3aea627d00ffd09956ad6f8f42ef5c93747cdc3bd93719bae70174dfa90d014983744ff37744eb8434aa65c1e4290e74925216eef56c36a8920bdcbfc05d43db3eef19ebdf061f552", @ANYRES32=r0, @ANYRESDEC=0x0, @ANYRES16], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r6}, &(0x7f0000000200), &(0x7f0000000640)=r5}, 0x20) (async)
r7 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ppoll(&(0x7f0000000180)=[{r7, 0x1}], 0x1, 0x0, 0x0, 0x0) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001380)={r6, &(0x7f00000004c0)}, 0x20) (async)
timer_create(0x2, &(0x7f0000000080)={0x0, 0x5, 0x4, @tid=r2}, &(0x7f00000000c0)=<r8=>0x0)
timer_delete(r8)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.stat\x00', 0x275a, 0x0) (async)
r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='timers\x00')
read$FUSE(r10, &(0x7f0000000540)={0x2020}, 0x2020) (async)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r4)
sendmsg$DEVLINK_CMD_RATE_NEW(r10, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000002640)=ANY=[@ANYBLOB="48010000", @ANYRES16=r11, @ANYBLOB="000827bd387000fddbdf254c000000dc00a800dc3d79bc0ca6c0fbfd74a7dcf5a39a9913cdba02c12a69d55ea208114aa6953c447ad32ec03bf304529cff8a8c394abf8524b1acd3c7f3c283bcaa38bd800b38109c7f1d6d731b7ddc8239bf5e7622b89ae599d1315e9a7815cb60ed16219a756334472c8880e62d79296f2de7bcdfcfff5bd34445e272942af1a643dab6353f7f850d98be67599623dc32b08e749eff1c0c64cd51f793217173d8288e9ca1a1804b9f5c0b61de95ec84fca380fb9413231fa3548d8ac308877098449132dde1c2fb8beca3bbfd1059a642ece2ab9ca7afa3d6cc272fc14808000300010000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000f00a9007365636f6e646e616d6500000c00a60008000000000000000c00a70009000000000000000800030002000000"], 0x148}, 0x1, 0x0, 0x0, 0x40004}, 0x4004) (async)
write$binfmt_script(r9, &(0x7f0000000000), 0x208e24b) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x10010, r9, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

3m27.946275264s ago: executing program 32 (id=348):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0}) (async)
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4004550c, 0x0) (async)
r1 = syz_open_dev$video4linux(&(0x7f0000001dc0), 0x5, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000002580)={0x0, @motion_det})
ioctl$VIDIOC_SUBDEV_S_CROP(r1, 0xc038563c, &(0x7f0000000000)={0x1, 0x0, {0x846, 0x4, 0x7ff}}) (async)
r2 = gettid()
ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f0000000180)=0x1) (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) (async)
r4 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000006ac0), 0x0, 0x0)
fstatfs(r4, &(0x7f0000007580)=""/19)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0x3, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=ANY=[@ANYBLOB="010000f111b6000691bc000000e59a4fc2a9010a0b94678771f579b56ed2721bed03619a3538c55631ee04e3b89a164dde3f49343a4ecd2aabcce2f56520beb6e064ecc37dd3aea627d00ffd09956ad6f8f42ef5c93747cdc3bd93719bae70174dfa90d014983744ff37744eb8434aa65c1e4290e74925216eef56c36a8920bdcbfc05d43db3eef19ebdf061f552", @ANYRES32=r0, @ANYRESDEC=0x0, @ANYRES16], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r6}, &(0x7f0000000200), &(0x7f0000000640)=r5}, 0x20) (async)
r7 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ppoll(&(0x7f0000000180)=[{r7, 0x1}], 0x1, 0x0, 0x0, 0x0) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001380)={r6, &(0x7f00000004c0)}, 0x20) (async)
timer_create(0x2, &(0x7f0000000080)={0x0, 0x5, 0x4, @tid=r2}, &(0x7f00000000c0)=<r8=>0x0)
timer_delete(r8)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.stat\x00', 0x275a, 0x0) (async)
r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='timers\x00')
read$FUSE(r10, &(0x7f0000000540)={0x2020}, 0x2020) (async)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r4)
sendmsg$DEVLINK_CMD_RATE_NEW(r10, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000002640)=ANY=[@ANYBLOB="48010000", @ANYRES16=r11, @ANYBLOB="000827bd387000fddbdf254c000000dc00a800dc3d79bc0ca6c0fbfd74a7dcf5a39a9913cdba02c12a69d55ea208114aa6953c447ad32ec03bf304529cff8a8c394abf8524b1acd3c7f3c283bcaa38bd800b38109c7f1d6d731b7ddc8239bf5e7622b89ae599d1315e9a7815cb60ed16219a756334472c8880e62d79296f2de7bcdfcfff5bd34445e272942af1a643dab6353f7f850d98be67599623dc32b08e749eff1c0c64cd51f793217173d8288e9ca1a1804b9f5c0b61de95ec84fca380fb9413231fa3548d8ac308877098449132dde1c2fb8beca3bbfd1059a642ece2ab9ca7afa3d6cc272fc14808000300010000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000f00a9007365636f6e646e616d6500000c00a60008000000000000000c00a70009000000000000000800030002000000"], 0x148}, 0x1, 0x0, 0x0, 0x40004}, 0x4004) (async)
write$binfmt_script(r9, &(0x7f0000000000), 0x208e24b) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x10010, r9, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

2m50.220909025s ago: executing program 4 (id=1134):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$dri(&(0x7f0000000080), 0x2, 0x800)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'team_slave_1\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000b8b000/0x3000)=nil, 0x930, 0x300000b, 0x12, r5, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x60, r4, 0x1, 0x3000000, 0x25dfdbff, {0x1, 0x6c00000000000000}, [{{0x8, 0x1, r3}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x44}}, {0x8, 0x6, r1}}}]}}]}, 0x60}, 0x1, 0xf000}, 0x0)

2m50.219532619s ago: executing program 4 (id=1136):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0)
mknodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r2, &(0x7f0000000100)='./file1\x00', r2, &(0x7f0000000240)='./file0\x00', 0x0)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(&(0x7f0000001540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file0\x00')
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0xfffffffd, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
socket$packet(0x11, 0x3, 0x300) (async)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0x2, 0x4) (async)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) (async)
socket$inet6(0xa, 0x80002, 0x0) (async)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) (async)
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) (async)
mknodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) (async)
chdir(&(0x7f0000000140)='./bus\x00') (async)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) (async)
linkat(r2, &(0x7f0000000100)='./file1\x00', r2, &(0x7f0000000240)='./file0\x00', 0x0) (async)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
rename(&(0x7f0000001540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file0\x00') (async)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0xfffffffd, @mcast2, 0x9}, 0x1c) (async)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) (async)

2m50.141645451s ago: executing program 4 (id=1138):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000140), 0x1, 0x2)
pwritev(r1, &(0x7f00000000c0)=[{&(0x7f0000000240)="28bba7", 0x3}], 0x1, 0x7, 0x96)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$binfmt_aout(r2, &(0x7f00000006c0)={{0x10b, 0x3, 0x4e, 0x1ed, 0x2c7, 0xfffff95e, 0x2b6, 0xbb2b}}, 0x20)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x581, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x4d014}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22004002}, 0x4040800)

2m50.041802151s ago: executing program 4 (id=1139):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x29, 0x301, 0x70bd26, 0x25dfdbfb, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x44800}, 0x0)
r3 = syz_clone(0x40000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$setregs(0xd, r3, 0x2, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r3, 0x200, &(0x7f0000000080)={&(0x7f00000000c0)=""/112, 0x70})
getdents64(r2, 0x0, 0x0)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000080)={0x2a, 0x6, 0x0, {0x1, 0x200000000004, 0x1, 0x2, '\x00', 0x8}}, 0x2a)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)={0xb0, 0x0, 0x0, [{{0x200000000004, 0x0, 0x0, 0x2, 0x0, 0x0, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4000, 0x0, 0x0, 0x0, 0x2000}}, {0x0, 0x0, 0x1, 0x0, '\x00'}}]}, 0x0, 0x0, 0x0})

2m49.771014104s ago: executing program 4 (id=1140):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x40000012})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x100, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000280)=[0x1], &(0x7f0000000200), &(0x7f0000000240), 0x0, 0x7f})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="150000001000000008"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

2m49.655640241s ago: executing program 4 (id=1144):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000001740)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000000080)=ANY=[], 0x12f4}}, 0x0)
read$alg(r1, &(0x7f0000000a00)=""/4096, 0x1000)
read$alg(r1, &(0x7f00000004c0)=""/40, 0x28)
syz_emit_ethernet(0x2e, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000008100000008004500001c000000000073907800000000ffffffff0000000000089078bfae4d67d05b5408853034948a7cc1181e01a26fcf2f7d11e4743261e38a91586126841fe9398e353d78c68830229d5775582a4fbc81d1a24a7af0dd1292d22ddb1cf8ade3833dad2efaedcaaeeed5c5539cbe9dbaa226468028e536a64f43511708ca3ae7b8b79cfd3afe"], 0x0)

2m49.588920888s ago: executing program 33 (id=1144):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000001740)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000000080)=ANY=[], 0x12f4}}, 0x0)
read$alg(r1, &(0x7f0000000a00)=""/4096, 0x1000)
read$alg(r1, &(0x7f00000004c0)=""/40, 0x28)
syz_emit_ethernet(0x2e, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000008100000008004500001c000000000073907800000000ffffffff0000000000089078bfae4d67d05b5408853034948a7cc1181e01a26fcf2f7d11e4743261e38a91586126841fe9398e353d78c68830229d5775582a4fbc81d1a24a7af0dd1292d22ddb1cf8ade3833dad2efaedcaaeeed5c5539cbe9dbaa226468028e536a64f43511708ca3ae7b8b79cfd3afe"], 0x0)

2m38.001872262s ago: executing program 5 (id=1347):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYRESDEC=r0], 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x24)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x200080, 0x0)

2m38.001714561s ago: executing program 5 (id=1348):
syz_emit_ethernet(0x34e, &(0x7f0000000780)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00cd04", 0x318, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x5a, 0x1, 0x0, 0x0, [{0x3, 0xa, "a78c000005dc8080a2030003004003493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34060600000000000000dac15084dbaf736b41e5af0502"}, {0x0, 0x2000000000000199, "000005000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf3915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea468000000000054740a5d4901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2bce9ac946a3f0e2bc4000091394c02bcfbbb7d71138537d68e2d2c6393a9f3cc271a9ff09a48b5b303f4f0"}, {0xe, 0x7, "b8a3e10000a3e1100000006f00ffc0ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0xc, "5e14ccb44d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d260600aa89c8f267d76ece1c9f6ae2e1eb3d8bf9c6ab2642c4808298e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c"}]}}}}}}, 0x0)

2m37.763607105s ago: executing program 5 (id=1350):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4000})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='timerslack_ns\x00')
lseek(r2, 0xae7d, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
prlimit64(0x0, 0x7, &(0x7f00000000c0), 0x0)
fanotify_init(0x200, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xcaa3db5b8522cddd, 0xf}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x10001, 0x4, 0x5a8b, 0x578, 0xd, 0x44, 0xffff, 0x8, 0xfff}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x80010}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@getchain={0x24, 0x66, 0xf05, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x4, 0xd}, {0x1, 0xfff1}, {0xf, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004}, 0x20004804)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000380), 0x101ffff, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000100)={0x1, @pix={0x3, 0x8, 0x56555941, 0x2, 0x8001, 0x300000, 0x0, 0xffff, 0x0, 0x1, 0x1, 0x7}})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f0000002140)={0x2020, 0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(r5, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x4000, 0x0, {0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3ff, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r5, &(0x7f0000000340)={0x50, 0xfffffffffffffff5, r7, {0x7, 0x29, 0x0, 0x10809048, 0x206, 0x0, 0x450d, 0x0, 0x0, 0x0, 0x8}}, 0x50)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$FIBMAP(r8, 0x401070c9, &(0x7f0000000000))

2m37.690230754s ago: executing program 5 (id=1353):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = memfd_secret(0x80000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x13, r1, 0x0)
ftruncate(r1, 0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='devices.list\x00', 0x275a, 0x0)
add_key(&(0x7f0000000380)='cifs.spnego\x00', &(0x7f00000003c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000740)={0x30}, 0x30)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
statx(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0, 0x7ff, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000a40), 0x8000, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000780)={0xc8, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xde}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1c0000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x400}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8be2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x7f}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x7}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010100}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x100}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x800}]}, 0xc8}, 0x1, 0x0, 0x0, 0x44041}, 0x40)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$ARCH_GET_GS(0x1e, r6, &(0x7f0000000100), 0x1004)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}]}, 0x64}}, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@ifindex, r4, 0x2f, 0x4, 0x0, @void, @value=r0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000c00"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000001680)={@fallback=r7, r7, 0x2f, 0x0, 0x0, @void, @value}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)

2m37.592188362s ago: executing program 5 (id=1355):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_to_team\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb000008000300030000000a000400aaaaaaaab1aa000008000500", @ANYRES32=r1], 0x68}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r1, {0x2}}}, 0x24}}, 0x0)

2m36.962397308s ago: executing program 5 (id=1361):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x44082, 0x0)
r1 = socket(0x2, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1}})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'})
setreuid(0xee01, 0xffffffffffffffff)
r2 = getuid()
setfsuid(r2)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x2, 0xb, 0x0, 0x0, 0x2}, 0x10}}, 0x20004040)
madvise(&(0x7f0000003000/0x3000)=nil, 0x3000, 0xf)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000006000000180100006020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000035000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000240)=@generic={0x0, r5}, 0x18)
madvise(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x17)
madvise(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x9)
set_mempolicy_home_node(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x0)

2m36.922350318s ago: executing program 34 (id=1361):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x44082, 0x0)
r1 = socket(0x2, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1}})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'})
setreuid(0xee01, 0xffffffffffffffff)
r2 = getuid()
setfsuid(r2)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x2, 0xb, 0x0, 0x0, 0x2}, 0x10}}, 0x20004040)
madvise(&(0x7f0000003000/0x3000)=nil, 0x3000, 0xf)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000006000000180100006020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000035000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000240)=@generic={0x0, r5}, 0x18)
madvise(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x17)
madvise(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x9)
set_mempolicy_home_node(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x0)

1m57.251518563s ago: executing program 6 (id=2414):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48)
writev(r1, &(0x7f0000002640), 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000300), &(0x7f00000002c0)=@tcp6=r2}, 0x47)
recvmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)

1m56.381877564s ago: executing program 6 (id=2419):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f020001be3e7d2a182f", 0x0, 0x104, 0x6000000000000000, 0x10c, 0x0, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x50)

1m56.381361349s ago: executing program 6 (id=2421):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_to_team\x00', <r1=>0x0})
sendmsg$nl_route(r0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r1, {0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)

1m56.28168806s ago: executing program 6 (id=2424):
socket$inet6(0xa, 0x80803, 0x87)
syz_emit_ethernet(0xba, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x84, 0x2b, 0x0, @rand_addr=' \x01\x00', @local, {[@hopopts={0x87}, @routing={0x3b, 0x2, 0x1, 0x0, 0x0, [@remote]}], {0x4e21, 0x4e23, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x4, "34e540e3dd227ff71fcd0abe58075273e435d14b3a977b28387a1ae7465338d4", "5cb275b40fd4031ec1941ebfaa96d7bf", {"ac0ea900c400f000", "0667f5c2b37bbd83be6ba638018bb23c"}}}}}}}}, 0x0)

1m56.281466433s ago: executing program 6 (id=2425):
mkdir(&(0x7f0000000300)='./bus\x00', 0x90)
mount$9p_virtio(&(0x7f0000000440), &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=virtio,mmap,cache=none,cache=loose,posixacl'])
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
pipe(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$fuse(0x0, 0x0, 0x0, 0x100000, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r4 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
setpgid(r4, 0x0)
r5 = getpgid(r4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000840)='./bus\x00', 0xa4)
chdir(&(0x7f0000000140)='./bus\x00')
setpgid(0x0, r5)
pread64(r2, &(0x7f0000000540)=""/141, 0x8d, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(r6, 0x0, 0x20000000)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040090}, 0xc0)

1m56.181647954s ago: executing program 6 (id=2426):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x40, r1, 0x1, 0x0, 0x2, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_MASK={0x4}]}]}, 0x40}, 0x1, 0x7900000000000000, 0x0, 0x800}, 0x24000010)

1m41.171178725s ago: executing program 35 (id=2426):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x40, r1, 0x1, 0x0, 0x2, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_MASK={0x4}]}]}, 0x40}, 0x1, 0x7900000000000000, 0x0, 0x800}, 0x24000010)

34.69996986s ago: executing program 2 (id=3825):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x24000420)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_init(0x200, 0x40800) (async)
r2 = fanotify_init(0x200, 0x40800)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x7)
ioctl$SIOCAX25OPTRT(r3, 0x89e7, &(0x7f0000000040)={@default, @bcast, 0x2, 0x20}) (async)
ioctl$SIOCAX25OPTRT(r3, 0x89e7, &(0x7f0000000040)={@default, @bcast, 0x2, 0x20})
fanotify_mark(r2, 0x261, 0x4800003e, r1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='memory.current\x00', 0x275a, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='memory.current\x00', 0x275a, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r4)
add_key(0x0, 0x0, &(0x7f0000000100)="305c0605e182d1447ad1ad83700398d1c7d7982b8f57fb20a3adc9e3baa292ce8f0a861e6417acfc8648ad1b93d502b0cd490e35d53ddf6fd0461690982b2369490100b06df5aa", 0x47, 0xfffffffffffffffe)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYRES32=0x41424344], 0x0)
r6 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f", 0x7, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYBLOB="ebffffffffffffff280012800b"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) (async)
r7 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r6, r7, r6}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
dup(r9) (async)
r10 = dup(r9)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r9, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
sendmsg$IPVS_CMD_SET_SERVICE(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r5, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20048895}, 0x80) (async)
sendmsg$IPVS_CMD_SET_SERVICE(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r5, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20048895}, 0x80)
r12 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
r13 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_SET_DEF(r13, 0x4b72, &(0x7f0000000000)={0x2, 0x1, 0x4, 0x9, 0x2f, &(0x7f00000002c0)="2479a40f4cd0934faa5241a3f6b81407f8fd542cb9c8d32df6bfed774183bc3ff177cd6e8a1abbd2a7e89b2297e4101c08f41935fd8ee2ac675ba78b7cef959cf013cee9a563ce790e61bcfd4e27316fdc269d667ad52eb80a314ef607bc01c6662ec35718d9b7046aeb35525933281aafbb35d84b94af17db9bb6fd21d4b99b1a798a2dbe28aafc784ff02c265eedf89d664450aa60cd987d528d861774cfdbea25fa3198c6a6c6a4a8f6747ce8965910fb0e02e20bba1281b8c747fdae0252ad0b4a34584dbc65233a303d74819d35aba1f5727625f1dc17b388344edc02d81a1a67bd758aebe5afbfa5baa640f981c3384a2460cf0f52888a3a05bcd28e792e7fbf1868c3c3b00ad3811036abd744914a9b973947768b6b6fbc2c8bc34b3dcaef127b1173648821bc3ad300d3ce2d1abdb262067244becb3b4f06943098435f14306814bcf7ba91aca34583526159b6e4abcb9f510ca51d63d26745357c3b06abbc9f050fa6b06907df44b89ab2bf005bb00c7ce0696834cd06114fee68c57cba1b12b10f318304905eed71e968678843de2358251b29ae9b050a538d81ac862948cdf90816732726c792fba72f6ade55f66a32928895ab14c7bc46f19c8a79b5eb8435a859ae3b5bbcdb53b751c443f29670321927891f0f0f4f7d93aaa3a7590ccc4611a2ab3f35429412e6b6ac2bb8cafd32433406b3a648281188038038a9ca733b368e9d843c6086fb5e7e5c86fa7a4e5ec9dee50badd15486d5fbc884fd4a22bcf77644c1320aa388009ffc2cfc91dd2fb54732d595bfcbf22f3e675dae797aef999c04a20d02186676c1f3f1e54e6e270d70ff85720e50b8682385d35af4f79c32a0b7f75e06c920593d75395ad87668d93c9c6f567e21c775d9a337cdc93a2638b31051cfef9df6600a70b996ef18a194bc98deab1bdadc0685597a562c8486269f298a6a98543185fc5ed32490c3a227c120a5761ccf4efd6d9599a1ad0f43e996f381e16720f06e0b4b46ae8e3719e5c0344af158deaf0c526b3ece205499dd15a0d9103b35ad6a8b480aecaab72c14aa20feccbb5909e2c1a1d225e962c4d909d9afaa1ac410a8e1137b46abac7ff5480f564c835d35fdb02c68d12ed39c1a2e011f3ceb46d6240aa7697a70c148aed38ef84a66597f8bd8b91793b907671a9bf7f17b50650cebb002a0a7d3da49feeb248edd13beebf5eff073b0feb732eabe7ad3068245fb8fadb5d06ff22e3e12be0c27b48b928d6c9708644bd6eae9cc615e59a92a7ff496a2f460e930d0ad6bf77f4ba0d684cd8ea36a85eafe04d5984e4e4582f09e2d3e603b3d2522ccd593ccbc8d5dd2dd89adc1030990c395d248d72a2784bad56a00bc6df149ad2af0ac52cac087f2b70e5933870661c140464b68c5c5a8decac71874daae1df2787ab406c33bdf1a8fc32f1712"}) (async)
ioctl$KDFONTOP_SET_DEF(r13, 0x4b72, &(0x7f0000000000)={0x2, 0x1, 0x4, 0x9, 0x2f, &(0x7f00000002c0)="2479a40f4cd0934faa5241a3f6b81407f8fd542cb9c8d32df6bfed774183bc3ff177cd6e8a1abbd2a7e89b2297e4101c08f41935fd8ee2ac675ba78b7cef959cf013cee9a563ce790e61bcfd4e27316fdc269d667ad52eb80a314ef607bc01c6662ec35718d9b7046aeb35525933281aafbb35d84b94af17db9bb6fd21d4b99b1a798a2dbe28aafc784ff02c265eedf89d664450aa60cd987d528d861774cfdbea25fa3198c6a6c6a4a8f6747ce8965910fb0e02e20bba1281b8c747fdae0252ad0b4a34584dbc65233a303d74819d35aba1f5727625f1dc17b388344edc02d81a1a67bd758aebe5afbfa5baa640f981c3384a2460cf0f52888a3a05bcd28e792e7fbf1868c3c3b00ad3811036abd744914a9b973947768b6b6fbc2c8bc34b3dcaef127b1173648821bc3ad300d3ce2d1abdb262067244becb3b4f06943098435f14306814bcf7ba91aca34583526159b6e4abcb9f510ca51d63d26745357c3b06abbc9f050fa6b06907df44b89ab2bf005bb00c7ce0696834cd06114fee68c57cba1b12b10f318304905eed71e968678843de2358251b29ae9b050a538d81ac862948cdf90816732726c792fba72f6ade55f66a32928895ab14c7bc46f19c8a79b5eb8435a859ae3b5bbcdb53b751c443f29670321927891f0f0f4f7d93aaa3a7590ccc4611a2ab3f35429412e6b6ac2bb8cafd32433406b3a648281188038038a9ca733b368e9d843c6086fb5e7e5c86fa7a4e5ec9dee50badd15486d5fbc884fd4a22bcf77644c1320aa388009ffc2cfc91dd2fb54732d595bfcbf22f3e675dae797aef999c04a20d02186676c1f3f1e54e6e270d70ff85720e50b8682385d35af4f79c32a0b7f75e06c920593d75395ad87668d93c9c6f567e21c775d9a337cdc93a2638b31051cfef9df6600a70b996ef18a194bc98deab1bdadc0685597a562c8486269f298a6a98543185fc5ed32490c3a227c120a5761ccf4efd6d9599a1ad0f43e996f381e16720f06e0b4b46ae8e3719e5c0344af158deaf0c526b3ece205499dd15a0d9103b35ad6a8b480aecaab72c14aa20feccbb5909e2c1a1d225e962c4d909d9afaa1ac410a8e1137b46abac7ff5480f564c835d35fdb02c68d12ed39c1a2e011f3ceb46d6240aa7697a70c148aed38ef84a66597f8bd8b91793b907671a9bf7f17b50650cebb002a0a7d3da49feeb248edd13beebf5eff073b0feb732eabe7ad3068245fb8fadb5d06ff22e3e12be0c27b48b928d6c9708644bd6eae9cc615e59a92a7ff496a2f460e930d0ad6bf77f4ba0d684cd8ea36a85eafe04d5984e4e4582f09e2d3e603b3d2522ccd593ccbc8d5dd2dd89adc1030990c395d248d72a2784bad56a00bc6df149ad2af0ac52cac087f2b70e5933870661c140464b68c5c5a8decac71874daae1df2787ab406c33bdf1a8fc32f1712"})
recvmmsg(r12, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0}, 0xfffffffc}, {{0x0, 0x0, &(0x7f0000003780)=[{&(0x7f0000003740)=""/4, 0x4}], 0x1}}], 0x2, 0x40000121, 0x0)

34.50066015s ago: executing program 2 (id=3827):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x20241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000003540)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd27, 0x8000, {0x0, 0x0, 0x0, r4, {0xf000, 0xfff3}, {}, {0xa}}, [@filter_kind_options=@f_flow={{0x9}, {0x1c, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x9200}, @TCA_FLOW_XOR={0x8, 0x7, 0x7ff}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)

34.500275258s ago: executing program 2 (id=3828):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000007a00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}, 0x2000000}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000ac0)="01", 0xfffffe9c}], 0x1}}], 0x2, 0x0)

34.428094532s ago: executing program 2 (id=3829):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r0=>0x0})
r1 = socket$inet6(0xa, 0xa, 0xabe9)
ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000100)='rose0\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@bridge_delvlan={0x64, 0x71, 0x311, 0x70bd25, 0x25dfdbfe, {0x7, 0x0, 0x0, r0}, [@BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_CMD={0x8, 0x2, 0x11}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x2}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0x40}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0x66}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x29}}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4008880}, 0x4044914)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r5, &(0x7f0000000000)={0x23, 0x16, 0x4, 0x3}, 0x10)
ioctl$SIOCPNENABLEPIPE(r5, 0x89ed, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@mpls_newroute={0x24, 0x18, 0x601, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_TTL_PROPAGATE={0x4, 0x13}]}, 0x24}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
flock(r7, 0x5)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
read$char_usb(r8, &(0x7f00000030c0)=""/4110, 0x100e)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000003e000701fcfffffffddbdf25027c0000044036800c0001"], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc0d1)

34.370432236s ago: executing program 2 (id=3832):
socket$inet6(0xa, 0x80803, 0x87)
syz_emit_ethernet(0xba, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x84, 0x2b, 0x0, @rand_addr=' \x01\x00', @local, {[@hopopts={0x87}, @routing={0x3b, 0x2, 0x1, 0x0, 0x0, [@remote]}], {0x4e21, 0x4e23, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x4, "34e540e3dd227ff71fcd0abe58075273e435d14b3a977b28387a1ae7465338d4", "5cb275b40fd4031ec1941ebfaa96d7bf", {"ac0ea900c40000fffffffffffff000", "0667f5c2b37bbd83be6ba638018bb23c"}}}}}}}}, 0x0)

34.211367645s ago: executing program 2 (id=3833):
syz_emit_ethernet(0x34e, &(0x7f0000000780)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00cd04", 0x318, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x5a, 0x1, 0x0, 0x22, [{0x3, 0xa, "a78c000005dc8080a2030003004003493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34060600000000000000dac15084dbaf736b41e5af0502"}, {0x0, 0x2000000000000199, "000005000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf3915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea468000000000054740a5d4901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2bce9ac946a3f0e2bc4000091394c02bcfbbb7d71138537d68e2d2c6393a9f3cc271a9ff09a48b5b303f4f0"}, {0xe, 0x7, "b8a3e10000a3e1100000006f00ffc0ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0xc, "5e14ccb44d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d260600aa89c8f267d76ece1c9f6ae2e1eb3d8bf9c6ab2642c4808298e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c"}]}}}}}}, 0x0)

34.178331169s ago: executing program 36 (id=3833):
syz_emit_ethernet(0x34e, &(0x7f0000000780)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00cd04", 0x318, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x5a, 0x1, 0x0, 0x22, [{0x3, 0xa, "a78c000005dc8080a2030003004003493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34060600000000000000dac15084dbaf736b41e5af0502"}, {0x0, 0x2000000000000199, "000005000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf3915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea468000000000054740a5d4901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2bce9ac946a3f0e2bc4000091394c02bcfbbb7d71138537d68e2d2c6393a9f3cc271a9ff09a48b5b303f4f0"}, {0xe, 0x7, "b8a3e10000a3e1100000006f00ffc0ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0xc, "5e14ccb44d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d260600aa89c8f267d76ece1c9f6ae2e1eb3d8bf9c6ab2642c4808298e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c"}]}}}}}}, 0x0)

5.380256653s ago: executing program 0 (id=4339):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000280)={0x0, 0x3, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x203, 0x28002)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000240)={0x20, 0x1, 0x300, 0x3, 0x0, 0xffff195f, 0x0})
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000300)={[0x3, 0x9, 0x0, 0x81, 0x108000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x8, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2, 0x2], 0xeeef0000, 0xc2250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000d00)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200000000c40, 0x0, 0x0, 0x200000000c70, 0x200000000ca0], 0x0, 0x0, &(0x7f0000000c40)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
socket$pppl2tp(0x18, 0x1, 0x1)

5.239639162s ago: executing program 0 (id=4340):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101801)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f00000001c0)={0x0})
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x8008551d, &(0x7f0000000040)={0x770d, 0x1, [{0x1, 0x1}]})
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x4001, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)

5.239155154s ago: executing program 0 (id=4342):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}}, 0x0)
syz_open_dev$rtc(0xfffffffffffffffc, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}}, 0x0) (async)
syz_open_dev$rtc(0xfffffffffffffffc, 0x0, 0x0) (async)

5.167045402s ago: executing program 0 (id=4343):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x2c, 0x1e, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb0}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@gettaction={0x20, 0x5a, 0x1, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}]}, 0x20}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@gettaction={0x20, 0x5a, 0x1, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}]}, 0x20}}, 0x0)
syz_emit_ethernet(0x24b, &(0x7f0000000280)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000000086dd60122d9202153afffe8000000000000000000000000000bbff020000000000000000000000000001010490780900000064598c3800062900fc0000f1ff0000000000000000000000000000000000003a0200b300000000fc020000000000000000000000000001892d0000000000000730000000030abf02000100000000000000100000000000000001000000000000800900000000000000e700000000000000072800000001087500000700000000000000070000000000000004000000000000000800000000000000c91020010000000000000000000000000002c2040000000d075800000003145ff9ff0800000000000000000000000000000001000000000000007f000000000000000300000000000000ff7f00000000000005000000000000000500000000000000000000000000000001000000000000000783418492336c1475e6df8943fa418b2cba08a6a974a2ba5d292692e1762e66eade864ab787e7c86d6f667c40a336a864cfdd58a0d011d865d92dfd797e3b669c49e360bb5ba336cc07db80d6887b5eb5c7e97cb346123f5d78c796cf171b80c3eac3f1da9e68bb13ef854416b61c8cb4b15dec2a1c3e26d0c5bdb5788bb977079a04010607100000000202060008365c000000000000f35a2592357bf724f842ab57862d22c7f97d04a9226436e0b3e179f6941948a1482db146acf0d9da37b71c1248a585d3dc9817137967d6a79252fe8683dbea065a3e28174f871ca6593143fd6d60cde5d3355003e7bec4d24c7d85721946009b3bf8f28bb2d8b520fe2fd7b7fdce3d7442bf20c1e6fdc2443137cd5e649575c09f9343379f36d18b1ce963225f90bfb8434ade7a69470f032392324660a9654556eaa558aee3237f38b1bf1a"], 0x0)

5.166534981s ago: executing program 0 (id=4344):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x4, 0xb}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8100}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8848}, 0x20000800)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x48c0}, 0x20001880) (fail_nth: 10)

4.920568738s ago: executing program 0 (id=4349):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f0000000200)='m', 0x1)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r2, 0x40084149, &(0x7f00000002c0)=0xfffffffffffffffe)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r2, 0x40084149, &(0x7f0000000080)=0x2)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
close(r3)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) (async)
write$dsp(r0, &(0x7f0000000200)='m', 0x1) (async)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) (async)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100)) (async)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) (async)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r2, 0x40084149, &(0x7f00000002c0)=0xfffffffffffffffe) (async)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r2, 0x40084149, &(0x7f0000000080)=0x2) (async)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0) (async)
close(r3) (async)

3.569692155s ago: executing program 8 (id=4363):
socket$nl_route(0x10, 0x3, 0x0) (async)
pipe2(&(0x7f0000000200)={<r0=>0x0, <r1=>0x0}, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x1, 0x40001043, r0, 0x0) (async)
write$FUSE_INIT(r1, &(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x29, 0xceaf, 0x44008002, 0x9, 0x2, 0x4, 0x6, 0x0, 0x0, 0x80, 0x800}}, 0x50)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x2000, 0x2}) (async)
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)

3.568396327s ago: executing program 1 (id=4364):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440100001000010000000000fcdbdf25fe800000000000000000000000000000ac1e00010000000000000000000000000000000000004c000000000032000011", @ANYRESOCT=r0, @ANYRESHEX=r0, @ANYRESOCT=r0, @ANYRES16=r0], 0x144}}, 0x4000014) (async)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) (async)
r2 = accept4(r1, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa88a800008100000086dd6076cd8a002800002001003e0f2186cfd7f0710000000000fe8000000000000000000000000000000004000000000000071800000000040000d604"], 0x0) (async)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000240)={&(0x7f000000a300)={0x8b8, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_FUNC={0x44, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TTL={0x8, 0xa, 0x9}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x1}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x3}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x8}, @NL80211_NAN_FUNC_TYPE={0x5, 0x1, 0x1}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x7}, @NL80211_NAN_FUNC_TTL={0x8, 0xa, 0x7}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x7}]}, @NL80211_ATTR_NAN_FUNC={0xf0, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TYPE={0x5}, @NL80211_NAN_FUNC_TERM_REASON={0x5, 0x10, 0x2}, @NL80211_NAN_FUNC_SERVICE_INFO={0xd9, 0xb, "dd408efb4ee43dc1d64a7be83b23bb28f7e8f45b3351a37e3ff89c48f49f204f8e0c42566e9ca825e983dc9f283b08e8c89d205140bdf169d7e409b0672f27d436b6c56b2cbfc7e6cddf7909fd3f38fce3e4693a0fec006cc6dac1821ccbe47ff309ade5b89c9d574bca61edf324e810caae321b10f2bf5f456bb7851dc613bfbed4eb82a114e085e90d166db51eee48d71702b21b87b9d654a2bf411459f3d9f53de0cf44a61442543697dc37c399c66a46e689390bda953b7b52427623800643839075646f6821748093c89d72c2064ce5ec1074"}]}, @NL80211_ATTR_NAN_FUNC={0x464, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SRF={0x21c, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0xb}, @NL80211_NAN_SRF_BF={0x103, 0x2, "5112ae5eb7f572c1712587d52afeee0b38c836bfb6ef770bc18c478ca5c849c5d8d8e6d167e2738bcd0405a3a33a7d60c8a0f30620578526b7d168d7d6a25e6f16557c23c4194d71b197fd96e13debbcab138eaafcccac0b7bbe20c24a1e5021964f1eada9769324dc4aacdbe34d3b75e648749b55188a5f0d8419a55681891cb7c62d3330f6407a81fee06c683374625e9002718963e59c101d84e289c73d3f64f486c33e83ffbf164426de37b4d34fde5fd3964bfcfcbf3fab44725ef1a745911b2cfc7bbbcc7171b3bb7b0e57596a48d33e277527f390a8d62faa58f5d8a43719c209fdd9ded34624718f3ad0107edb3769da095f9cdb66678a30050d69"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "afa01c68d64362096fd9018d2081df5e99faa123f6ec5ed0e26368dde66f3154ea4fbd39be0e27bf0145f85b6c467f90429a882a25aad9546bfbbd934b0e1ec916b128cf76bbbeda3faab18e6c5e74dcd8978f4e25e0fa914875798e44bdbdc1f89eba9ab3561baf78c474134cf38bea048e73c0876db22dc824b10a049c923e0ce5935f2898e54f1ed11056e67dc23d3897e91ea60655ec0f138b9a98eb39278436dcce0feeba6dd1eda7931b5af9f5496aecd60c0cab162ddc4d1e98cf792f6537cf2babb03938b329625cffacf08468b2290e5112c7d8b9465d6dbc4ef2245a0fa19a958ff0c3ac5ec2fd2d82c8d2c560745a05f67847e67d33fa25b1b1"}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x2}]}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0xa0, 0xd, 0x0, 0x1, [{0x99, 0x0, "a04b10c527e7eb26452333acfe8c27da2324d98b5dedb2b4e45fb42da1e082a852cae36b1e7293657c530e4fc22937c2776e9b398b7e687f0837ef31d534e70ce191bc5fec2353e79d49bd17244fdfe99d803eb04efaac34cdb92a0126591e6474509d5be5b4d5fe75d19378632ba82f8d90c4a41024f31865c4b7fb36fe3b44be35268c79ab960fafea2ee6b5884341a8bb271944"}]}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x1a0, 0xd, 0x0, 0x1, [{0x69, 0x0, "3cc540c5d08d1a25b599b2f05ae78c1425c1baeee8048e73bbe9d10232c2546bef8f9030a230ffeab00a7ab9453b3b18d760de46b2d7c06a2d257d1f572e03115249c16c06c792dca59b383caa4c97c5dd079070adaedfa1fa3b607f532bee5ec54aa7543e"}, {0x75, 0x0, "f102e91f4eec9c0fdfb6edf963575681007f5a3e9c955bc691872b8426bcdbb093262e014c4627d22f40e2ba997fc837a0cbc755449018e81820259fc675373d56e5e31edce0cb82ede13f6db3038320c14d055e2520804f96848bf2e9104d1820aa6cac09a265441898fefbb8223d8013"}, {0xb5, 0x0, "2eee09ca8d932eb6f5d97aee6fc393eaee886ea73e3953c6b0198bb7224a6bd60157af83ec99a854ac0885ce037b89b8ccafd41c8de53d06641e220b3d1e295e4c2cf4ea21d2e481b752519365c1d60c526ddbc7e8085710d0a6554fc6b2704b186d360d9d393c13378c291baaa46ea3ba614f327eb3b2a8e452d829e5e475d60a9f13e5aecca6eb99b8065550bbc5f797d9a6cb65cb82b105652a385f57db9ddfc169ef57888ff2481a2e5e41586b1f5d"}]}]}, @NL80211_ATTR_NAN_FUNC={0x8, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x2fc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TTL={0x8, 0xa, 0x81}, @NL80211_NAN_FUNC_TTL={0x8, 0xa, 0x44000}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "eb6b3f2a5d43"}, @NL80211_NAN_FUNC_TX_MATCH_FILTER={0x9, 0xe, 0x0, 0x1, [{0x2a1, 0x0, "34f639b893c993f56bea8ed8ca7c36cac06ba74dbee25afff782c684af8d1caef740b9bf69639e01ba0caacfafb63dd626b864555da3a59ab60cf6d2986683362568aeeec00172117cd66b5f613d8eca25a5af064968af94acb2cfe22f4e516592b8a21c09e2bcfb1187baf13b82a3621dc5f6cebedf53114e1176e0f60603fda036029bca9621421b91586fe53373487b74e71765a202cbdeed4ea79e63be0f2e86a1989ea81e5b0d7245df4bf599c8d8907c6f463cf741a1420fc0352150b782d41c7c06ae49761d3fb08a19d72525bf689797bec5c781bb5dee60b997aca627d57871305a4d305f631034198405f61ef1c8a327a951fed1c8c24595e2d2aca8b4097843c2c12bdc9e24c42617d964bc5f7a5f756f7a261c99ecda1ef24e660aa32640cc8719facbbfd70b15c87634ce1ce07f34a0a1f4e79d2a87af7b392ab865261859e0c467e7bc6a1bf318b519bab05b97ff0e1a92bce9827502c682a76323a1682987e9c2bff7d6df955d3c5b2f204cd0d3febb37ea804a4ddb2a0a11095cff49956ef9dfc9715be2b6f85db2818dd0abef769ea6101f0de228b1e34865095a241ec9c024d71c0c7705eb90b3f94f59851956fa70ef72331cec9d637590c099d47f17e24c9168f4800b4d8f87c41f0d58903d3a7392c7e41f2ed43975573e1c4940a3189faaa0426437c437bf8cd6a11e5dca135485af1ed52bb05dacc283bd4b552d0e7b36311f9de374a43c9bff3d986b8bddef891ef690e384446657b8e4037baa93123875c213d9163a82e44173013bd1f71e45b43107d3f2aaabcbd204fd5f416f7f97de45704b7c6d003acd509258843d084d0e4d262ec64de90ff368ef619204857d4ac24df1389042120a70604b8387e145867c866db20c339ce8dfb534710076439450fa04190030ca6db25ded3b08b0ebbf44f448"}, {0x32, 0x0, "41126ca1472c284892c413bdd1b0ca264cd410a9e6e98d262a96c499fc156d9467bfc35e63a1215c1b8c411743f4"}]}]}]}, 0x8b8}, 0x1, 0x0, 0x0, 0x20000000}, 0x40) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038400000000c0a0101000000000000000007000000090002006688194b49bb7af20900010073797a3000000000140003"], 0xd4}}, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000003e0007010300000000000000017c0000040042800c00018006000600843b0000100002800c0009"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

3.490780222s ago: executing program 1 (id=4365):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x18, 0x8, 0x40, 0x42, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
memfd_create(&(0x7f00000000c0)='\\{-\x00', 0x6)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="580100001000010000001000ffdbdf25fe8800000000000000000000000000010000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc0100180000000000000000000000010000000032000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff0000000000000000ffffffffffffff7f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000a000000af000000000000001c00170000000000000000002abd70000000400000000000000000004c001400636d6163286165732900"/272], 0x158}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0x4, 0xb}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8100}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8848}, 0x20000800)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r9, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x48c0}, 0x20001880)

3.425890492s ago: executing program 8 (id=4366):
r0 = syz_io_uring_setup(0x53f, &(0x7f0000000100)={0x0, 0x807734, 0x400, 0xfffffff8, 0xfe}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f00000002c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}) (async)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="532bccf607cab999039111f6d557ca54658b8117ba69a3914811ef8c772a324c17a6d316e0ca4f4c3d4ba0358ba451b18bd28b12bd6e7b27cfd3734375b3f4444196eb9de8e5a7d076419a9510f021d8a7e9fdbff1fb99fca313e92bb89814f22c8ecd88cf64fa0c576193863b439c328d44649e547fa08717c47b8f443de12b74051d700d8ffb0b6be2ea263d30f34a6715f0190eafa4ca6631821c5941c08ce273937c92b3667417e2e6132bfa394138f40bb54bf12ce2cc1994be", 0xbc) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000170000000c0006"], 0x20}, 0x1, 0x0, 0x0, 0x408c4}, 0x4000004) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), 0xffffffffffffffff) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$unix(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="1c", 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r6, @ANYBLOB], 0x18}, 0x41) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xfc3f, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYRES8, @ANYRESHEX=r3], 0xb8}, 0x1, 0x0, 0x0, 0x20040000}, 0x1) (async)
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0xb)
setuid(0xee01)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x1}, 0xc) (async)
r8 = socket$inet_udp(0x2, 0x2, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0)
r10 = socket$unix(0x1, 0x2, 0x0)
r11 = syz_io_uring_setup(0x497, &(0x7f0000000000)={0x0, 0x286f, 0x800, 0x2, 0x3bb}, &(0x7f0000000340)=<r12=>0x0, &(0x7f00000000c0)=<r13=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r12, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r12, r13, &(0x7f0000000100)=@IORING_OP_SYMLINKAT={0x26, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000440)='./bus/file0\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, 0x1})
io_uring_enter(r11, 0x3516, 0x0, 0x0, 0x0, 0x0) (async)
bind$unix(r10, &(0x7f0000003000)=@file={0x1}, 0x6e) (async)
listen(r10, 0x11) (async)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x8001000000000000, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x238, 0x0, 0x11, 0x148, 0xd0, 0x0, 0x1a0, 0x2a8, 0x2a8, 0x1a0, 0x2a8, 0x3, 0x0, {[{{@ip={@local, @private=0x1a010100, 0xffffff00, 0xffffffff, 'hsr0\x00', 'macvtap0\x00', {0xff}, {}, 0x56, 0x1, 0x40}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x5, 0x5, 0x3, 0x20], 0x4, 0x5}, {0xffffffffffffffff, [0x56, 0x7], 0x0, 0x4}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x4, 0x5, 0x4, 0x5, 0x1], 0x0, 0x2}, {0x1, [0x2, 0x7, 0x4, 0x1, 0x1, 0x6], 0x0, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)

3.425595779s ago: executing program 8 (id=4367):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x4, 0xb}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8100}, @TCA_FLOWER_KEY_VLAN_ETH_TYPE={0x6, 0x19, 0x8100}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20000800)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x3f00000000000000, 0x0, 0x48c0}, 0x20001880)

3.339174087s ago: executing program 1 (id=4368):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
r4 = syz_usb_connect$hid(0x5, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="12011003000000ffbd28090940000102030109022d00010102b0050904009502030101020921ff7f014122f70409058103000202000009050203ff03290402"], &(0x7f0000000480)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x5c12f162f9c45d16, 0x0, 0x7, 0x4, 0x10, 0x25}, 0x44, &(0x7f0000000400)={0x5, 0xf, 0x44, 0x4, [@ext_cap={0x7, 0x10, 0x2, 0x18, 0x2, 0x0, 0xc}, @ssp_cap={0x24, 0x10, 0xa, 0x7, 0x6, 0x7fff, 0xf000, 0x9, [0xff0030, 0x6000, 0x3f3f, 0x0, 0xff3f0f, 0xc000]}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x1, 0x9, 0x4, 0x5}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xc, 0x2, 0x1, 0xaece}]}, 0x1, [{0x1c, &(0x7f0000000240)=@string={0x1c, 0x3, "aec20f18dc58f153c87e7fae981487846fa5cdf41414fb4d2fc4"}}]})
syz_usb_control_io$hid(r4, &(0x7f0000000680)={0x24, &(0x7f0000000500)={0x20, 0x22, 0x25, {0xffffffd4, 0x4, "db7710496f30d65e7b1d3f475d3600d92dcdeb27c7ac2b6fe84b67beb61c4f709d9cd6e73eb88a"}}, &(0x7f0000000540)={0x0, 0x3, 0xb6, @string={0xb6, 0x3, "ac330ba50b88d64275c27c900b448973440a727c441c15dcb2a1b49bf9fd48d1f76504c1855a77e8f27528b6f9adcf47213924b1ba0acaa177a4eab2222f1ab37b66d0c90d51e9e3b81e61d98c3e5602cab9a9718f0d36e50e1f41622cfa6ca45d1db1edaf2d6241b29cc10eb0101c20c3da52abefe205e1431afcea0478373c5336387622432a271b9a9577f1ca1457c3a5d800b35e3d4801058f3cad57995612ac4ae827189416949b18c4af06ae0a57b5ddb8"}}, &(0x7f0000000a80)={0x0, 0x22, 0x15, {[@global=@item_4={0x3, 0x1, 0xb, "72eb600e"}, @global=@item_012={0x1, 0x1, 0x4, "ec"}, @local=@item_012={0x2, 0x2, 0x2, 'hE'}, @main=@item_012={0x0, 0x0, 0xc, 'g'}, @local=@item_4={0x3, 0x2, 0x7, "70823393"}, @global=@item_4={0x3, 0x1, 0x5, "a2a531ea"}, @global=@item_012={0x1, 0x1, 0x0, "d9"}]}}, &(0x7f0000000640)={0x0, 0x21, 0x9, {0x9, 0x21, 0xfffa, 0xd9, 0x1, {0x22, 0x6f6}}}}, &(0x7f0000000a40)={0x2c, &(0x7f00000006c0)={0x0, 0x3a, 0x8b, "fb83618f45c8f02b36afc5f907e170f7121d90ce81e05b635f35e849d7df019a97f9ec307eaba0dc0137a651dcdb02aad2d9758697aeca2ca62de92c8d95e77c15a4f37f49b1dbc56bcf358f4c790c98c73945602b37483582ccdbfb3c4ac65fd41c46f8fc21df8b651322c9730a941dd5f34cf4a3b81af1e14dae7a725a395a52b68dd06b8def7d4dd79e"}, &(0x7f0000000780)={0x0, 0xa, 0x1, 0x8}, &(0x7f00000007c0)={0x0, 0x8, 0x1, 0x43}, &(0x7f00000009c0)={0x20, 0x1, 0x20, "8711471b6e663a85122096ffc8ab1b048c1cc54f76ae44a382351f8eb6252388"}, &(0x7f0000000a00)={0x20, 0x3, 0x1, 0x3}})
r5 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r5, &(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r6 = inotify_init()
inotify_add_watch(r6, &(0x7f0000000340)='.\x00', 0xa50003d1)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000ac0)=@generic={&(0x7f0000000600)='./file0\x00', 0x0, 0x8}, 0x18)
chdir(&(0x7f0000000380)='./bus\x00')
io_setup(0x1, &(0x7f00000004c0)=<r7=>0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r7, 0x3, &(0x7f00000002c0)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f0000000140)='i', 0x1}])
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x8, 0x2, 0x3}, 0x2000000, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)

3.229899354s ago: executing program 8 (id=4369):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x4, 0xb}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8100}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8848}, 0x20000800)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x48c0}, 0x20001880) (fail_nth: 12)

3.059836987s ago: executing program 8 (id=4370):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=ANY=[@ANYBLOB="3c00000010000104acbd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="c23b040090150000140012800b0001006c6f7770616e00000400028008000500", @ANYRES32=r2], 0x3c}}, 0x0) (async)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000180)={0xf97cff8c, 0x8, 'SE Linux', "09e0a017d3bb8822f4f2a1028de120a404884c1a20baf9fbeef1c258b199128442356f5322f0cab10d0593f8a2d4212bc5c23fed31d50048e731169fd37647b5b2b9ba2b45f4fd404b4d5878b9af37a01b05b5f9ace1e38e650b5dfe4d4e0c31f479f459b72e0fb44dc62b93a4d5bf1403e8fdc042034ff0ce"}, 0x89)

3.059612487s ago: executing program 8 (id=4371):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r1 = creat(&(0x7f0000000100)='./file0\x00', 0x40)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
unlink(&(0x7f0000000180)='./file0\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000001480)={'syztnl2\x00', &(0x7f0000001440)={'sit0\x00', <r2=>0x0, 0x700, 0x7, 0x6, 0x6, {{0x6, 0x4, 0x3, 0x9, 0x18, 0x68, 0x0, 0xff, 0x2f, 0x0, @rand_addr=0x64010102, @local, {[@ra={0x94, 0x4}]}}}}})
sendmsg$nl_route_sched(r1, &(0x7f0000001540)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001500)={&(0x7f00000014c0)=@getchain={0x3c, 0x66, 0x8, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0xd, 0xb}, {0xfff3, 0xd}, {0xffff, 0xb}}, [{0x8, 0xb, 0x9}, {0x8, 0xb, 0x1000}, {0x8, 0xb, 0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40c0}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x80, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x4360}, 0x8, 0x10000007, 0x80, 0x0, 0x1, 0x101, 0x0})
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4008550d, 0x0)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$BTRFS_IOC_SCRUB(r4, 0xc400941b, &(0x7f0000000000)={<r5=>0x0, 0x9, 0x5})
ioctl$BTRFS_IOC_DEV_INFO(r4, 0xd000941e, &(0x7f0000000400)={r5, "4bea5d320de4fd1b7fa4d41da7d882e8"})

939.271762ms ago: executing program 7 (id=4384):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x8, [{0x0, 0x2, 0x3}]}, @restrict={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = fsopen(&(0x7f0000000000)='tracefs\x00', 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDDELIO(r2, 0x4b35, 0x4)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, 0xffffffffffffffff, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000ac0)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="08030000000000001c0012000c000100626f6e64"], 0x3c}}, 0x10000000)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0xffffff1f, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300, 0x50004}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}}, 0x0)

870.593376ms ago: executing program 7 (id=4385):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000100)="89", 0x1}], 0x1)
bind(r2, &(0x7f0000000240)=@caif=@util={0x25, "ca1685f890b9a162072093e626a2aead"}, 0x80)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, 0x0}], 0x1, 0x49, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r4 = open(0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r5, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001a0001000000000000000a0080", @ANYRES16], 0x38}}, 0x0)
mknodat$loop(r4, 0x0, 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
io_setup(0x2, &(0x7f0000000200)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x700fbff, 0x4, 0x1, 0x0, r6, &(0x7f0000000180)='\x00', 0x1, 0x0, 0x0, 0x0, r6}])

580.540144ms ago: executing program 7 (id=4386):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000007a00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000ac0)="01", 0xfffffe9c}], 0x1}}], 0x2, 0xe000000)

530.203209ms ago: executing program 7 (id=4387):
r0 = socket$kcm(0x10, 0x5, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1)
syz_80211_inject_frame(0x0, 0x0, 0xb5)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000140)={0x0, 0xfffffffffffffdfc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x4040004)
r3 = accept4(r0, 0x0, 0x0, 0x80800)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGREP(r4, 0x80084522, &(0x7f0000001f40)=""/231)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x1}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
socket$kcm(0x29, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x92c0199, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90224fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)

330.722173ms ago: executing program 1 (id=4388):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40088a01, &(0x7f0000000000)=0x8000)
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r2)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r4 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x3004c080)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, 0x0, 0x0)
r5 = openat$binfmt(0xffffffffffffff9c, r3, 0x2, 0x0)
close(r5)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x1}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}, 0x1, 0x0, 0x0, 0xc040}, 0x0)
r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x842, 0x0)
r8 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r8, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=r7, @ANYBLOB="ac141410e00000010000000028000000000000000000000007"], 0x48}, 0x0)
ioctl$sock_TIOCINQ(r8, 0x541b, &(0x7f0000000180))
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockname(r9, 0x0, &(0x7f00000000c0))
close(r6)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, 0x0, 0x0)
execveat$binfmt(0xffffffffffffff9c, r3, &(0x7f0000000880), 0x0, 0x0)

330.474427ms ago: executing program 1 (id=4389):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000006ac0), 0x0, 0x0)
fstatfs(r1, &(0x7f0000007580)=""/19)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000015000103000000000000e7ff0b00000008000100", @ANYRES32=r0], 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x64800)

260.680763ms ago: executing program 1 (id=4390):
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=@gettaction={0x14, 0x32, 0x100, 0x70bd2c, 0x25dfdbfb}, 0x14}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0x4}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x1, 0x3}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80d1}, 0x10040000)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x110)
pipe2$watch_queue(&(0x7f0000000280)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r4, 0x5761, &(0x7f0000000f40)={0x5, 0x0, [{0x8000, 0x7, 0xfffff714, [0x9, 0x9, 0x1af, 0xb9a2, 0x1, 0x10, 0x8, 0x2]}, {0xfffff78a, 0x6, 0x9, [0x9f7, 0x3, 0x1, 0x0, 0x4, 0xf, 0x8, 0x200]}, {0x1ff, 0x9, 0x1ff, [0x94f, 0x1, 0x73e5d9cb, 0x9, 0x0, 0x9, 0xfffffff7, 0x400]}, {0x5, 0x7fffffff, 0xf, [0xbf, 0x100, 0x0, 0x10000, 0x8001, 0xca, 0x100, 0xf08b9bb]}, {0x2e, 0x3, 0x8, [0x8, 0x6, 0xb1, 0x7, 0x7, 0x0, 0x100, 0x4]}]})
syz_usb_connect(0x0, 0x34, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000092df5510ac05269289b201020301090222000100000000090400000103e900000907000000000000000705d77b5d"], 0x0)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$FBIOBLANK(r5, 0x4611, 0x0)
r6 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
statx(r3, &(0x7f0000000100)='./cgroup.cpu/cgroup.procs\x00', 0x4000, 0x80, &(0x7f0000000140))
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f00000000c0)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r8 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r9 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r9, 0x0)
write(r8, &(0x7f0000000180)="2cd889f0253e14f3", 0x8)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r10, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
r11 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r11, 0x0)
connect$bt_l2cap(r7, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r7, 0x6, 0x2, 0x0, &(0x7f0000000280))
sendfile(r6, r3, 0x0, 0x3a)

439.975µs ago: executing program 7 (id=4391):
socket$inet6(0xa, 0x80803, 0x87)
syz_emit_ethernet(0xaa, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x74, 0x2b, 0x0, @rand_addr=' \x01\x00', @local, {[@hopopts={0x87}, @routing={0x3b, 0x0, 0x1}], {0x4e21, 0x4e23, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x4, "34e540e3dd227ff71fcd0abe58075273e435d14b3a977b28387a1ae7465338d4", "5cb275b40fd4031ec1941ebfaa96d7bf", {"ac0ea900c40000000000007f00", "0667f5c2b37bbd83be6ba638018bb23c"}}}}}}}}, 0x0)

0s ago: executing program 7 (id=4392):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x4, 0xb}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8100}, @TCA_FLOWER_KEY_VLAN_ETH_TYPE={0x6, 0x19, 0x8100}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20000800)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x84ffffffffffffff, 0x0, 0x48c0}, 0x20001880)

0s ago: executing program 7 (id=4393):
socket$inet(0x2, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000a5517f5fbfa30000000000000703000028feffff720af0fff8ffffff71a4f0ff00000000b7060000000000012e400300000000006506020001cd00007118540000000000c3640000000000006b0a00fe00000000850000002e000000b7000000000000009500000000000000023bc065b7a379d179fc9e94af69912435f1b6a693172e6191a12bebf9f9804ea033388cd15b65877ad4b200000000000000000beca090f32050e436fe275daf51efd601b6bf01c8e8b1abe4fef3bef7074815ae98743d1ace4c46631256dd19aed0d600c0b6199fe3ff3128e599b0eaebbdbd7359a48f5b0afc3996792043a6787bac46aa7aa400000000000069669622208266f896ba2c9e73c2efeec2dc565fbafb2cb63f5fef9ab79ff8abaa8a08f54a062107e9bb3e980fff675c8d3e91df6648a7a6aebcb63e0867b75690152af27711f0cbb9c06018d21bf3f87b8eb65323b4267a526d53442db8e48dbc5ce47d67d07441a7975d5e41b14fd0154a8246249952a8b61633ce068220defe09d3b1136af6d03e9cf996c13d1bfcdc54567a9ca80dec2e943fe4ae7c617cc071f7add70cfbd48f8f6b50fe6a8297d88efa73e7e601040000b4a685969f28902bdecf66ef39755de79ed2c711477febc96231a53984d00877301d0ec62427a8e38618fdd1ce9aaed569ebc5f2e58d6028e66139a737cc7146a131d47dcebb32ed67021d76e983223c998aec22242ae54e87f438d26982876b58f9134366952f7399a733f07138a736924f3709000000e97f0c117ec439c6b7b965752bbc06eced08d97a32ae4b1ad4d11c5b6f68ee841975233e4cea13f3ef04b2cab9cc256d4539dbafd888c7097c1169e0bebcc81ca3da40bf34b6c9c1da2d6ed8acaf2a8091820ff4cf6be74ddca8bf2eed0e11b2139e8c3ec95436af5269d5792decda7d8b5dcf8640b504ba23c6d0a7f67cdfd27328100ebf9319a56f0f9cee17deecf747f3493f1dc39551f4c9a40b3e93fa80b8234ccbf39a9ef09bd97321f0dc20956f44ba2c5ec2e7569b05cf4690ddc189f174046a8b214acf23f42fb51ed4819e6b4cb5a8bf2b559d0c198fe0315483b8beb9801d06c58b22dd713fe3b7ef18e21081aacfd091b754125a488cea18255f79bebcb3051f622f8a1d9af1908e88a58774a24f35a4ccdbedea6212286c23dd89c2b4b90647f17231472af8dda7f3ab20f093aad3ce875f7458039ee6d0a50deb7bc8eb393f056a5e7725531c5485278e0362338e2e2710fe00465e0d182a322091022cf5b814eeb9b3cab21196581e4d92d0b6fe5525285eea359274f1f21d69233bbe94941f10ba292100000000000000000000000000000000c18e93a0c5231779f2ee201e9fe7e63e84b57b5f05ecd278919bad330ffcb594b8255b3085b352ca9533d6c31c1a30158c30352f8a126a65cb6582e58aa641007418611df53a601c3a8fb8d2286e86abf98136f345446730f68f5d6d1817a9e1b09e5650d2599fbe719a45337d29eb3fef5f7f565457660dec6fe903a1c2ea4f40a8ea1c179892afa219fc69a44163f0d731de418e9fd82a8c4661caea674b19242d1840d047882f640ea248457288c5ffb63e857da03ff5c0475c3cfff41c4806f1dc750eb1c45ec3a2a0b064834010604d6f88a29e8e9bda2bc9c18d1b53a08f25d62ccaa46bc0235c830a7b3fe64bc6031b431bcad6b698a1ba6027870ea9e55f57a769309f4cb2beee4ac793b989c12a5827a7957f4d8136cf918b7cbf5bc5fc64c8001992536584586edded6f65bdd371ac84fd5cc60ab79b84e9e8410ac3ec5d1ef13b317b4846d25a1c54d5666a5d133e95eff121621dff14b9de7a188b8c5387f9da63c2cce405bc44079e34e2db2b275bfbb54841d647338cad74be91144b780cf381a6860f641446ef73bd11d45f5e4df8f3c6440d8425fd7382225cf8c2cada01bf3cd5cbc6a403173e0c89a491c75efc3c21b7825a521c6011945eef94abc3000000000000000000000000000000d71b794e9b4c145caf050429937eef4364d9e1cbe9150bccd9b2e73757f1f5e8ac50736cd3cbc029ede2869642841371bb4b9c1aaa8826889a909e6716b60e4b568b6761f8ccc7d35b0e66357746b10fc481b47e67f1e14408c1ef3e018a5e647e3f607654f3bf82bcfb42be038a272d82f8362944f608b2810000000019fda0b1b607f1ab34194ed954973f7a5accc0938d3364ab07574d0b32fc30f3ab73d012b63ee905e98ab6989ec2c840cd216eb18fedfb3b204e94e170bae930660368d3799c9b1bf7556ac57164966791626f06ad2e332341965f72141ec140b80efd7720ccdaa890b79bc4523386bd66553121543c9a35b7adcf2f6b257fefef1d6e1da2ee94d3f822bf45aad21e5b5a3788ab584090664065af39b0f43968dcd7c5f8e5a8dc6298691423fbf7e8e012260bc62f9422434a547ef7ca37955d0c0db0a51f9e29cac05e5a04f94e00"/1783], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
syz_emit_ethernet(0x34e, &(0x7f0000000780)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00cd04", 0x318, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x5a, 0x1, 0x0, 0x0, [{0x3, 0xa, "a78c8080a2038080a2030003004003493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34060600000000000000dac15084dbaf736b41e5af0502"}, {0x0, 0x2000000000000199, "000005000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf3915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea468000000000054740a5d4901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2bce9ac946a3f0e2bc4000091394c02bcfbbb7d71138537d68e2d2c6393a9f3cc271a9ff09a48b5b303f4f0"}, {0xe, 0x7, "b8a3e10000a3e1100000006f00ffc0ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0xc, "5e14ccb44d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d260600aa89c8f267d76ece1c9f6ae2e1eb3d8bf9c6ab2642c4808298e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c"}]}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

fput+0x70/0xf0
[  286.482708][T17007]  ? ksys_write+0x1ac/0x250
[  286.482717][T17007]  ? __pfx_ksys_write+0x10/0x10
[  286.482728][T17007]  __x64_sys_bpf+0x78/0xc0
[  286.482740][T17007]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.482751][T17007]  do_syscall_64+0xcd/0x4c0
[  286.482764][T17007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.482774][T17007] RIP: 0033:0x7f4dd078e969
[  286.482782][T17007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.482794][T17007] RSP: 002b:00007f4dd163e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  286.482804][T17007] RAX: ffffffffffffffda RBX: 00007f4dd09b5fa0 RCX: 00007f4dd078e969
[  286.482811][T17007] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  286.482817][T17007] RBP: 00007f4dd163e090 R08: 0000000000000000 R09: 0000000000000000
[  286.482824][T17007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  286.482830][T17007] R13: 0000000000000000 R14: 00007f4dd09b5fa0 R15: 00007ffddb7eff28
[  286.482843][T17007]  </TASK>
[  286.655082][T17012] --map-set only usable from mangle table
[  286.709472][   T29] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  286.720986][T17018] netlink: 'syz.1.3787': attribute type 1 has an invalid length.
[  286.733802][T17018] bond2: entered promiscuous mode
[  286.735441][T17018] bond2: entered allmulticast mode
[  286.737312][T17018] 8021q: adding VLAN 0 to HW filter on device bond2
[  286.742608][ T5940] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  286.888675][   T29] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 40236, setting to 1024
[  286.892939][   T29] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  286.896840][   T29] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 64
[  286.909609][   T29] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  286.922814][   T29] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  286.926290][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  286.933066][   T29] usb 5-1: SerialNumber: syz
[  286.940985][T17005] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  286.943842][T17005] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  286.967870][T17033] FAULT_INJECTION: forcing a failure.
[  286.967870][T17033] name failslab, interval 1, probability 0, space 0, times 0
[  286.971879][T17033] CPU: 0 UID: 0 PID: 17033 Comm: syz.1.3792 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  286.971894][T17033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.971902][T17033] Call Trace:
[  286.971906][T17033]  <TASK>
[  286.971911][T17033]  dump_stack_lvl+0x16c/0x1f0
[  286.971927][T17033]  should_fail_ex+0x512/0x640
[  286.971943][T17033]  should_failslab+0xc2/0x120
[  286.971956][T17033]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  286.971968][T17033]  ? skb_clone+0x190/0x3f0
[  286.971981][T17033]  skb_clone+0x190/0x3f0
[  286.971993][T17033]  bpf_clone_redirect+0xb2/0x3f0
[  286.972009][T17033]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  286.972018][T17033]  ? __kernel_text_address+0xd/0x40
[  286.972039][T17033]  ? unwind_get_return_address+0x59/0xa0
[  286.972053][T17033]  ? arch_stack_walk+0xa6/0x100
[  286.972069][T17033]  ? __lock_acquire+0xb8a/0x1c90
[  286.972083][T17033]  ? __lock_acquire+0x622/0x1c90
[  286.972099][T17033]  ? find_held_lock+0x2b/0x80
[  286.972117][T17033]  ? ktime_get+0x200/0x310
[  286.972128][T17033]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.972141][T17033]  ? __pfx___cant_migrate+0x10/0x10
[  286.972152][T17033]  ? bpf_test_timer_continue+0x150/0x3c0
[  286.972166][T17033]  bpf_test_run+0x489/0xa70
[  286.972181][T17033]  ? __pfx_bpf_test_run+0x10/0x10
[  286.972204][T17033]  ? __asan_memset+0x23/0x50
[  286.972222][T17033]  bpf_prog_test_run_skb+0xb92/0x2280
[  286.972241][T17033]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  286.972256][T17033]  ? fput+0x70/0xf0
[  286.972270][T17033]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  286.972284][T17033]  __sys_bpf+0x1485/0x4d80
[  286.972298][T17033]  ? __pfx___sys_bpf+0x10/0x10
[  286.972310][T17033]  ? ksys_write+0x190/0x250
[  286.972321][T17033]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  286.972341][T17033]  ? fput+0x70/0xf0
[  286.972353][T17033]  ? ksys_write+0x1ac/0x250
[  286.972362][T17033]  ? __pfx_ksys_write+0x10/0x10
[  286.972373][T17033]  __x64_sys_bpf+0x78/0xc0
[  286.972385][T17033]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.972396][T17033]  do_syscall_64+0xcd/0x4c0
[  286.972409][T17033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.972419][T17033] RIP: 0033:0x7f80e498e969
[  286.972428][T17033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.972438][T17033] RSP: 002b:00007f80e5888038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  286.972448][T17033] RAX: ffffffffffffffda RBX: 00007f80e4bb5fa0 RCX: 00007f80e498e969
[  286.972455][T17033] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  286.972461][T17033] RBP: 00007f80e5888090 R08: 0000000000000000 R09: 0000000000000000
[  286.972467][T17033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  286.972474][T17033] R13: 0000000000000000 R14: 00007f80e4bb5fa0 R15: 00007ffce0190e28
[  286.972486][T17033]  </TASK>
[  287.177129][T17046] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=20 sclass=netlink_audit_socket pid=17046 comm=syz.2.3798
[  287.193394][T17046] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1017 sclass=netlink_xfrm_socket pid=17046 comm=syz.2.3798
[  287.240914][   T40] audit: type=1400 audit(287.123:4965): avc:  denied  { ioctl } for  pid=17053 comm="syz.1.3801" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0x8953 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  287.251945][   T40] audit: type=1400 audit(287.123:4966): avc:  denied  { mounton } for  pid=17053 comm="syz.1.3801" path="/516/file0" dev="proc" ino=4026533737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=dir permissive=1
[  287.403964][T17083] fuse: Bad value for 'fd'
[  287.407329][T17083] ubi31: attaching mtd0
[  287.411430][T17083] ubi31: scanning is finished
[  287.412934][T17083] ubi31: empty MTD device detected
[  287.425534][T17087] FAULT_INJECTION: forcing a failure.
[  287.425534][T17087] name failslab, interval 1, probability 0, space 0, times 0
[  287.429473][T17087] CPU: 0 UID: 0 PID: 17087 Comm: syz.2.3812 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  287.429495][T17087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  287.429504][T17087] Call Trace:
[  287.429508][T17087]  <TASK>
[  287.429512][T17087]  dump_stack_lvl+0x16c/0x1f0
[  287.429529][T17087]  should_fail_ex+0x512/0x640
[  287.429545][T17087]  should_failslab+0xc2/0x120
[  287.429558][T17087]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  287.429570][T17087]  ? skb_clone+0x190/0x3f0
[  287.429583][T17087]  skb_clone+0x190/0x3f0
[  287.429596][T17087]  bpf_clone_redirect+0xb2/0x3f0
[  287.429611][T17087]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  287.429621][T17087]  ? __kernel_text_address+0xd/0x40
[  287.429637][T17087]  ? unwind_get_return_address+0x59/0xa0
[  287.429651][T17087]  ? arch_stack_walk+0xa6/0x100
[  287.429667][T17087]  ? __lock_acquire+0xb8a/0x1c90
[  287.429681][T17087]  ? __lock_acquire+0x622/0x1c90
[  287.429697][T17087]  ? find_held_lock+0x2b/0x80
[  287.429715][T17087]  ? ktime_get+0x200/0x310
[  287.429726][T17087]  ? lockdep_hardirqs_on+0x7c/0x110
[  287.429739][T17087]  ? __pfx___cant_migrate+0x10/0x10
[  287.429750][T17087]  ? bpf_test_timer_continue+0x150/0x3c0
[  287.429781][T17087]  bpf_test_run+0x489/0xa70
[  287.429797][T17087]  ? __pfx_bpf_test_run+0x10/0x10
[  287.429820][T17087]  ? __asan_memset+0x23/0x50
[  287.429837][T17087]  bpf_prog_test_run_skb+0xb92/0x2280
[  287.429855][T17087]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  287.429871][T17087]  ? fput+0x70/0xf0
[  287.429884][T17087]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  287.429898][T17087]  __sys_bpf+0x1485/0x4d80
[  287.429913][T17087]  ? __pfx___sys_bpf+0x10/0x10
[  287.429925][T17087]  ? ksys_write+0x190/0x250
[  287.429936][T17087]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  287.429956][T17087]  ? fput+0x70/0xf0
[  287.429968][T17087]  ? ksys_write+0x1ac/0x250
[  287.429977][T17087]  ? __pfx_ksys_write+0x10/0x10
[  287.429989][T17087]  __x64_sys_bpf+0x78/0xc0
[  287.430001][T17087]  ? lockdep_hardirqs_on+0x7c/0x110
[  287.430011][T17087]  do_syscall_64+0xcd/0x4c0
[  287.430030][T17087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.430040][T17087] RIP: 0033:0x7f4dd078e969
[  287.430049][T17087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.430060][T17087] RSP: 002b:00007f4dd163e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  287.430071][T17087] RAX: ffffffffffffffda RBX: 00007f4dd09b5fa0 RCX: 00007f4dd078e969
[  287.430078][T17087] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  287.430084][T17087] RBP: 00007f4dd163e090 R08: 0000000000000000 R09: 0000000000000000
[  287.430091][T17087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  287.430097][T17087] R13: 0000000000000000 R14: 00007f4dd09b5fa0 R15: 00007ffddb7eff28
[  287.430110][T17087]  </TASK>
[  287.452538][T17088] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3809'.
[  287.507084][T17093] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3813'.
[  287.559580][T17083] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  287.587447][T17098] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3814'.
[  287.594847][T17100] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3814'.
[  287.776106][T17116] openvswitch: netlink: Key type 16144 is out of range max 32
[  287.961822][T17126] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3823'.
[  288.331957][   T40] audit: type=1400 audit(288.213:4967): avc:  denied  { connect } for  pid=17139 comm="syz.2.3829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  288.333014][T17140] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3829'.
[  288.340316][   T40] audit: type=1400 audit(288.213:4968): avc:  denied  { ioctl } for  pid=17139 comm="syz.2.3829" path="socket:[70309]" dev="sockfs" ino=70309 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  288.352559][   T40] audit: type=1400 audit(288.223:4969): avc:  denied  { lock } for  pid=17139 comm="syz.2.3829" path="socket:[70311]" dev="sockfs" ino=70311 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  288.569734][   T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.628703][T17152] xt_hashlimit: size too large, truncated to 1048576
[  288.656165][   T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.752101][   T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.764953][ T5938] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  288.769916][ T5938] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  288.773836][ T5938] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  288.778137][ T5938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  288.783224][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  288.819721][   T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.942123][T17156] lo speed is unknown, defaulting to 1000
[  288.954575][   T61] bridge_slave_1: left allmulticast mode
[  288.956373][   T61] bridge_slave_1: left promiscuous mode
[  288.958250][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.961953][   T61] bridge_slave_0: left promiscuous mode
[  288.963912][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.239940][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.245719][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  289.249856][   T61] bond0 (unregistering): Released all slaves
[  289.257568][   T61] bond1 (unregistering): Released all slaves
[  289.264501][   T61] bond2 (unregistering): Released all slaves
[  289.345104][   T61] : left promiscuous mode
[  289.395920][T17156] chnl_net:caif_netlink_parms(): no params data found
[  289.435430][   T61] tipc: Disabling bearer <udp:s>
[  289.442920][   T61] tipc: Left network mode
[  289.485908][   T29] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[  289.497489][   T29] usb 5-1: USB disconnect, device number 17
[  289.537815][T17179] Invalid logical block size (327681)
[  289.579853][T17156] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.582212][T17156] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.584505][T17156] bridge_slave_0: entered allmulticast mode
[  289.587283][T17156] bridge_slave_0: entered promiscuous mode
[  289.590655][T17156] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.592872][T17156] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.595126][T17156] bridge_slave_1: entered allmulticast mode
[  289.598005][T17156] bridge_slave_1: entered promiscuous mode
[  289.659109][   T40] audit: type=1400 audit(289.543:4970): avc:  denied  { compute_member } for  pid=17189 comm="syz.1.3843" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  289.659391][T17156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.671504][T17156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  289.712295][   T40] audit: type=1400 audit(289.593:4971): avc:  denied  { mounton } for  pid=17198 comm="syz.1.3845" path="/528/file0" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=dir permissive=1
[  289.783072][T17205] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3846'.
[  289.786640][T17205] Debayer A: =================  START STATUS  =================
[  289.789178][T17156] team0: Port device team_slave_0 added
[  289.792455][T17156] team0: Port device team_slave_1 added
[  289.793651][T17205] Debayer A: Debayer Mean Window Size: 3
[  289.796377][T17205] Debayer A: ==================  END STATUS  ==================
[  289.826078][   T61] hsr_slave_0: left promiscuous mode
[  289.829217][   T61] hsr_slave_1: left promiscuous mode
[  289.831252][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  289.833567][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  289.836745][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  289.840075][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  289.862418][   T61] veth1_macvtap: left promiscuous mode
[  289.864226][   T61] veth0_macvtap: left promiscuous mode
[  289.866109][   T61] veth1_vlan: left promiscuous mode
[  289.867835][   T61] veth0_vlan: left promiscuous mode
[  289.937297][T17217] FAULT_INJECTION: forcing a failure.
[  289.937297][T17217] name failslab, interval 1, probability 0, space 0, times 0
[  289.941274][T17217] CPU: 2 UID: 0 PID: 17217 Comm: syz.7.3851 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  289.941290][T17217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.941297][T17217] Call Trace:
[  289.941301][T17217]  <TASK>
[  289.941305][T17217]  dump_stack_lvl+0x16c/0x1f0
[  289.941321][T17217]  should_fail_ex+0x512/0x640
[  289.941337][T17217]  should_failslab+0xc2/0x120
[  289.941350][T17217]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  289.941363][T17217]  ? skb_clone+0x190/0x3f0
[  289.941377][T17217]  skb_clone+0x190/0x3f0
[  289.941388][T17217]  bpf_clone_redirect+0xb2/0x3f0
[  289.941405][T17217]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  289.941415][T17217]  ? __kernel_text_address+0xd/0x40
[  289.941430][T17217]  ? unwind_get_return_address+0x59/0xa0
[  289.941445][T17217]  ? arch_stack_walk+0xa6/0x100
[  289.941461][T17217]  ? __lock_acquire+0xb8a/0x1c90
[  289.941475][T17217]  ? __lock_acquire+0x622/0x1c90
[  289.941491][T17217]  ? find_held_lock+0x2b/0x80
[  289.941508][T17217]  ? ktime_get+0x200/0x310
[  289.941520][T17217]  ? lockdep_hardirqs_on+0x7c/0x110
[  289.941532][T17217]  ? __pfx___cant_migrate+0x10/0x10
[  289.941543][T17217]  ? bpf_test_timer_continue+0x150/0x3c0
[  289.941558][T17217]  bpf_test_run+0x489/0xa70
[  289.941573][T17217]  ? __pfx_bpf_test_run+0x10/0x10
[  289.941595][T17217]  ? __asan_memset+0x23/0x50
[  289.941612][T17217]  bpf_prog_test_run_skb+0xb92/0x2280
[  289.941630][T17217]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  289.941646][T17217]  ? fput+0x70/0xf0
[  289.941659][T17217]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  289.941673][T17217]  __sys_bpf+0x1485/0x4d80
[  289.941687][T17217]  ? __pfx___sys_bpf+0x10/0x10
[  289.941699][T17217]  ? ksys_write+0x190/0x250
[  289.941711][T17217]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  289.941731][T17217]  ? fput+0x70/0xf0
[  289.941761][T17217]  ? ksys_write+0x1ac/0x250
[  289.941770][T17217]  ? __pfx_ksys_write+0x10/0x10
[  289.941781][T17217]  __x64_sys_bpf+0x78/0xc0
[  289.941794][T17217]  ? lockdep_hardirqs_on+0x7c/0x110
[  289.941805][T17217]  do_syscall_64+0xcd/0x4c0
[  289.941818][T17217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.941829][T17217] RIP: 0033:0x7f90f2d8e969
[  289.941838][T17217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.941848][T17217] RSP: 002b:00007f90f3cc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  289.941859][T17217] RAX: ffffffffffffffda RBX: 00007f90f2fb5fa0 RCX: 00007f90f2d8e969
[  289.941866][T17217] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  289.941872][T17217] RBP: 00007f90f3cc3090 R08: 0000000000000000 R09: 0000000000000000
[  289.941878][T17217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  289.941884][T17217] R13: 0000000000000000 R14: 00007f90f2fb5fa0 R15: 00007fff80026688
[  289.941897][T17217]  </TASK>
[  290.422607][ T5940] Bluetooth: hci2: command tx timeout
[  290.742762][   T61] team0 (unregistering): Port device team_slave_1 removed
[  290.819978][ T5940] Bluetooth: hci0: command tx timeout
[  291.396339][T17156] batman_adv: batadv0: Adding interface: batadv_slave_0
[  291.402289][T17156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  291.410593][T17156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  291.415636][T17156] batman_adv: batadv0: Adding interface: batadv_slave_1
[  291.417812][T17156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  291.426944][T17156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  291.528480][T17156] hsr_slave_0: entered promiscuous mode
[  291.531061][T17156] hsr_slave_1: entered promiscuous mode
[  291.739544][T17276] netlink: 'syz.7.3871': attribute type 10 has an invalid length.
[  291.952216][T17156] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  291.956613][T17156] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  291.963255][T17156] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  291.967619][T17156] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  291.982316][   T40] audit: type=1400 audit(291.853:4972): avc:  denied  { read } for  pid=17295 comm="syz.0.3876" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  292.027349][   T40] audit: type=1400 audit(291.903:4973): avc:  denied  { mount } for  pid=17302 comm="syz.0.3878" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  292.043696][   T40] audit: type=1400 audit(291.913:4974): avc:  denied  { remount } for  pid=17302 comm="syz.0.3878" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  292.049105][T17156] 8021q: adding VLAN 0 to HW filter on device bond0
[  292.055058][   T40] audit: type=1400 audit(291.933:4975): avc:  denied  { unmount } for  pid=13916 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  292.067897][T17156] 8021q: adding VLAN 0 to HW filter on device team0
[  292.079465][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.081772][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[  292.105399][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.108270][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  292.151359][T17156] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  292.155153][T17156] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  292.181227][T17314] vim2m vim2m.0: vidioc_s_fmt queue busy
[  292.183389][T17314] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=17314 comm=syz.0.3882
[  292.250965][T17156] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.334527][T17320] [U] 
[  292.338111][T17340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3886'.
[  292.341212][T17340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3886'.
[  292.343981][T17339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3886'.
[  292.346727][T17339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3886'.
[  292.403473][T17156] veth0_vlan: entered promiscuous mode
[  292.417182][T17156] veth1_vlan: entered promiscuous mode
[  292.440334][T17156] veth0_macvtap: entered promiscuous mode
[  292.444332][T17156] veth1_macvtap: entered promiscuous mode
[  292.456244][T17156] batman_adv: batadv0: Interface activated: batadv_slave_0
[  292.460825][T17156] batman_adv: batadv0: Interface activated: batadv_slave_1
[  292.463060][T17353] FAULT_INJECTION: forcing a failure.
[  292.463060][T17353] name failslab, interval 1, probability 0, space 0, times 0
[  292.467073][T17353] CPU: 2 UID: 0 PID: 17353 Comm: syz.7.3889 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  292.467088][T17353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  292.467095][T17353] Call Trace:
[  292.467099][T17353]  <TASK>
[  292.467104][T17353]  dump_stack_lvl+0x16c/0x1f0
[  292.467120][T17353]  should_fail_ex+0x512/0x640
[  292.467136][T17353]  should_failslab+0xc2/0x120
[  292.467148][T17353]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  292.467160][T17353]  ? skb_clone+0x190/0x3f0
[  292.467175][T17353]  skb_clone+0x190/0x3f0
[  292.467186][T17353]  bpf_clone_redirect+0xb2/0x3f0
[  292.467203][T17353]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  292.467212][T17353]  ? __kernel_text_address+0xd/0x40
[  292.467228][T17353]  ? unwind_get_return_address+0x59/0xa0
[  292.467242][T17353]  ? arch_stack_walk+0xa6/0x100
[  292.467258][T17353]  ? __lock_acquire+0xb8a/0x1c90
[  292.467273][T17353]  ? __lock_acquire+0x622/0x1c90
[  292.467289][T17353]  ? find_held_lock+0x2b/0x80
[  292.467307][T17353]  ? ktime_get+0x200/0x310
[  292.467319][T17353]  ? lockdep_hardirqs_on+0x7c/0x110
[  292.467331][T17353]  ? __pfx___cant_migrate+0x10/0x10
[  292.467343][T17353]  ? bpf_test_timer_continue+0x150/0x3c0
[  292.467345][T17156] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  292.467358][T17353]  bpf_test_run+0x489/0xa70
[  292.467373][T17353]  ? __pfx_bpf_test_run+0x10/0x10
[  292.467396][T17353]  ? __asan_memset+0x23/0x50
[  292.467413][T17353]  bpf_prog_test_run_skb+0xb92/0x2280
[  292.467431][T17353]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  292.467446][T17353]  ? fput+0x70/0xf0
[  292.467459][T17353]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  292.467473][T17353]  __sys_bpf+0x1485/0x4d80
[  292.467487][T17353]  ? __pfx___sys_bpf+0x10/0x10
[  292.467499][T17353]  ? ksys_write+0x190/0x250
[  292.467510][T17353]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  292.467530][T17353]  ? fput+0x70/0xf0
[  292.467542][T17353]  ? ksys_write+0x1ac/0x250
[  292.467551][T17353]  ? __pfx_ksys_write+0x10/0x10
[  292.467562][T17353]  __x64_sys_bpf+0x78/0xc0
[  292.467574][T17353]  ? lockdep_hardirqs_on+0x7c/0x110
[  292.467585][T17353]  do_syscall_64+0xcd/0x4c0
[  292.467597][T17353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.467608][T17353] RIP: 0033:0x7f90f2d8e969
[  292.467616][T17353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.467627][T17353] RSP: 002b:00007f90f3cc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  292.467637][T17353] RAX: ffffffffffffffda RBX: 00007f90f2fb5fa0 RCX: 00007f90f2d8e969
[  292.467644][T17353] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  292.467650][T17353] RBP: 00007f90f3cc3090 R08: 0000000000000000 R09: 0000000000000000
[  292.467657][T17353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  292.467663][T17353] R13: 0000000000000000 R14: 00007f90f2fb5fa0 R15: 00007fff80026688
[  292.467676][T17353]  </TASK>
[  292.561038][T17156] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  292.563721][T17156] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  292.566379][T17156] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  292.620295][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.622786][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.633619][   T40] audit: type=1326 audit(292.503:4976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17281 comm="syz.1.3872" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e498e969 code=0x7fc00000
[  292.651660][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.659089][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.712894][T17370] xt_CHECKSUM: unsupported CHECKSUM operation f4
[  292.868242][T17390] netlink: 176 bytes leftover after parsing attributes in process `syz.1.3899'.
[  292.899096][ T5940] Bluetooth: hci0: command tx timeout
[  293.224359][T17433] lo speed is unknown, defaulting to 1000
[  293.374125][T17450] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3916'.
[  293.379058][T17450] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3916'.
[  293.381882][T17450] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3916'.
[  293.384899][T17450] netlink: 'syz.7.3916': attribute type 6 has an invalid length.
[  293.394296][T17450] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  293.492904][T17463] ieee802154 phy0 wpan0: encryption failed: -22
[  293.494024][T17464] netlink: 44 bytes leftover after parsing attributes in process `syz.7.3922'.
[  293.642678][T17482] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3927'.
[  293.840440][T17502] FAULT_INJECTION: forcing a failure.
[  293.840440][T17502] name failslab, interval 1, probability 0, space 0, times 0
[  293.844363][T17502] CPU: 1 UID: 0 PID: 17502 Comm: syz.0.3934 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  293.844379][T17502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  293.844386][T17502] Call Trace:
[  293.844390][T17502]  <TASK>
[  293.844394][T17502]  dump_stack_lvl+0x16c/0x1f0
[  293.844410][T17502]  should_fail_ex+0x512/0x640
[  293.844427][T17502]  should_failslab+0xc2/0x120
[  293.844440][T17502]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  293.844452][T17502]  ? skb_clone+0x190/0x3f0
[  293.844465][T17502]  skb_clone+0x190/0x3f0
[  293.844477][T17502]  bpf_clone_redirect+0xb2/0x3f0
[  293.844493][T17502]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  293.844502][T17502]  ? __kernel_text_address+0xd/0x40
[  293.844518][T17502]  ? unwind_get_return_address+0x59/0xa0
[  293.844533][T17502]  ? arch_stack_walk+0xa6/0x100
[  293.844548][T17502]  ? __lock_acquire+0xb8a/0x1c90
[  293.844563][T17502]  ? __lock_acquire+0x622/0x1c90
[  293.844579][T17502]  ? find_held_lock+0x2b/0x80
[  293.844596][T17502]  ? ktime_get+0x200/0x310
[  293.844608][T17502]  ? lockdep_hardirqs_on+0x7c/0x110
[  293.844620][T17502]  ? __pfx___cant_migrate+0x10/0x10
[  293.844631][T17502]  ? bpf_test_timer_continue+0x150/0x3c0
[  293.844646][T17502]  bpf_test_run+0x489/0xa70
[  293.844662][T17502]  ? __pfx_bpf_test_run+0x10/0x10
[  293.844684][T17502]  ? __asan_memset+0x23/0x50
[  293.844701][T17502]  bpf_prog_test_run_skb+0xb92/0x2280
[  293.844719][T17502]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  293.844734][T17502]  ? fput+0x70/0xf0
[  293.844748][T17502]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  293.844762][T17502]  __sys_bpf+0x1485/0x4d80
[  293.844776][T17502]  ? __pfx___sys_bpf+0x10/0x10
[  293.844788][T17502]  ? ksys_write+0x190/0x250
[  293.844799][T17502]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  293.844818][T17502]  ? fput+0x70/0xf0
[  293.844830][T17502]  ? ksys_write+0x1ac/0x250
[  293.844839][T17502]  ? __pfx_ksys_write+0x10/0x10
[  293.844850][T17502]  __x64_sys_bpf+0x78/0xc0
[  293.844862][T17502]  ? lockdep_hardirqs_on+0x7c/0x110
[  293.844873][T17502]  do_syscall_64+0xcd/0x4c0
[  293.844885][T17502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.844897][T17502] RIP: 0033:0x7fbef7b8e969
[  293.844905][T17502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.844915][T17502] RSP: 002b:00007fbef89c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  293.844926][T17502] RAX: ffffffffffffffda RBX: 00007fbef7db5fa0 RCX: 00007fbef7b8e969
[  293.844933][T17502] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  293.844939][T17502] RBP: 00007fbef89c5090 R08: 0000000000000000 R09: 0000000000000000
[  293.844945][T17502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  293.844951][T17502] R13: 0000000000000000 R14: 00007fbef7db5fa0 R15: 00007ffe25ed6418
[  293.844964][T17502]  </TASK>
[  293.960033][ T5929] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  294.053342][T17520] xt_hashlimit: size too large, truncated to 1048576
[  294.058126][T17520] syz.1.3942: vmalloc error: size 10485760, failed to allocated page array size 20480, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  294.064969][T17520] CPU: 3 UID: 0 PID: 17520 Comm: syz.1.3942 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  294.064987][T17520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  294.064993][T17520] Call Trace:
[  294.064998][T17520]  <TASK>
[  294.065009][T17520]  dump_stack_lvl+0x16c/0x1f0
[  294.065026][T17520]  warn_alloc+0x248/0x3a0
[  294.065038][T17520]  ? __pfx_warn_alloc+0x10/0x10
[  294.065054][T17520]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  294.065071][T17520]  ? __vmalloc_node_noprof+0xad/0xf0
[  294.065089][T17520]  __vmalloc_node_range_noprof+0x10f4/0x1520
[  294.065109][T17520]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  294.065126][T17520]  ? rcu_is_watching+0x12/0xc0
[  294.065139][T17520]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  294.065155][T17520]  ? __alloc_pages_noprof+0xb/0x1b0
[  294.065165][T17520]  ? ___kmalloc_large_node+0x84/0x1e0
[  294.065182][T17520]  __kvmalloc_node_noprof+0x308/0x620
[  294.065198][T17520]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  294.065215][T17520]  ? net_generic+0xea/0x2a0
[  294.065230][T17520]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  294.065249][T17520]  ? hashlimit_mt_check_common+0x8bb/0x1460
[  294.065267][T17520]  hashlimit_mt_check_common+0x8bb/0x1460
[  294.065287][T17520]  hashlimit_mt_check+0x71/0x90
[  294.065309][T17520]  ? __pfx_hashlimit_mt_check+0x10/0x10
[  294.065331][T17520]  xt_check_match+0x286/0xa50
[  294.065348][T17520]  ? mem_cgroup_css_alloc+0x16d2/0x1f90
[  294.065366][T17520]  ? __pfx_xt_check_match+0x10/0x10
[  294.065383][T17520]  ? xt_find_target+0x1f2/0x290
[  294.065400][T17520]  ? xt_find_match+0x1f6/0x290
[  294.065418][T17520]  find_check_entry.constprop.0+0x34e/0xa20
[  294.065439][T17520]  ? __pfx_find_check_entry.constprop.0+0x10/0x10
[  294.065460][T17520]  ? kasan_quarantine_put+0x10a/0x240
[  294.065476][T17520]  ? lockdep_hardirqs_on+0x7c/0x110
[  294.065489][T17520]  ? kfree+0x2b4/0x4d0
[  294.065503][T17520]  ? translate_table+0xc0e/0x17b0
[  294.065521][T17520]  translate_table+0xd0b/0x17b0
[  294.065542][T17520]  ? __pfx_translate_table+0x10/0x10
[  294.065557][T17520]  ? xt_alloc_table_info+0x3e/0xa0
[  294.065576][T17520]  do_ip6t_set_ctl+0x570/0xb00
[  294.065592][T17520]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  294.065610][T17520]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  294.065628][T17520]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  294.065647][T17520]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  294.065663][T17520]  nf_setsockopt+0x8d/0xf0
[  294.065679][T17520]  ipv6_setsockopt+0x135/0x170
[  294.065695][T17520]  rawv6_setsockopt+0xc2/0x510
[  294.065735][T17520]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  294.065750][T17520]  ? selinux_socket_setsockopt+0x6a/0x80
[  294.065762][T17520]  ? sock_common_setsockopt+0x2e/0xf0
[  294.065776][T17520]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  294.065790][T17520]  do_sock_setsockopt+0x224/0x470
[  294.065804][T17520]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  294.065826][T17520]  __sys_setsockopt+0x1a0/0x230
[  294.065839][T17520]  __x64_sys_setsockopt+0xbd/0x160
[  294.065848][T17520]  ? do_syscall_64+0x91/0x4c0
[  294.065860][T17520]  ? lockdep_hardirqs_on+0x7c/0x110
[  294.065870][T17520]  do_syscall_64+0xcd/0x4c0
[  294.065883][T17520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.065894][T17520] RIP: 0033:0x7f80e498e969
[  294.065904][T17520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.065915][T17520] RSP: 002b:00007f80e5888038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  294.065925][T17520] RAX: ffffffffffffffda RBX: 00007f80e4bb5fa0 RCX: 00007f80e498e969
[  294.065932][T17520] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000004
[  294.065938][T17520] RBP: 00007f80e4a10ab1 R08: 0000000000000588 R09: 0000000000000000
[  294.065944][T17520] R10: 00002000000014c0 R11: 0000000000000246 R12: 0000000000000000
[  294.065951][T17520] R13: 0000000000000000 R14: 00007f80e4bb5fa0 R15: 00007ffce0190e28
[  294.065964][T17520]  </TASK>
[  294.065968][T17520] Mem-Info:
[  294.192748][T17520] active_anon:11394 inactive_anon:0 isolated_anon:0
[  294.192748][T17520]  active_file:4907 inactive_file:53002 isolated_file:0
[  294.192748][T17520]  unevictable:1768 dirty:48 writeback:0
[  294.192748][T17520]  slab_reclaimable:7824 slab_unreclaimable:88240
[  294.192748][T17520]  mapped:25917 shmem:2509 pagetables:1383
[  294.192748][T17520]  sec_pagetables:316 bounce:0
[  294.192748][T17520]  kernel_misc_reclaimable:0
[  294.192748][T17520]  free:441397 free_pcp:3449 free_cma:0
[  294.207616][T17520] Node 0 active_anon:45576kB inactive_anon:0kB active_file:19628kB inactive_file:211756kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:103664kB dirty:192kB writeback:0kB shmem:6500kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13872kB pagetables:5532kB sec_pagetables:1264kB all_unreclaimable? no Balloon:0kB
[  294.209603][ T5929] usb 12-1: Using ep0 maxpacket: 8
[  294.218331][T17520] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:252kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  294.229918][ T5929] usb 12-1: config index 0 descriptor too short (expected 5924, got 36)
[  294.231817][T17520] Node 0 
[  294.232660][ T5929] usb 12-1: config 250 has an invalid interface number: 228 but max is -1
[  294.233608][T17520] DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  294.236253][ T5929] usb 12-1: config 250 has 1 interface, different from the descriptor's value: 0
[  294.247276][T17520] lowmem_reserve[]: 0 1235 1235
[  294.247297][ T5929] usb 12-1: config 250 has no interface number 0
[  294.247301][T17520]  1235
[  294.247323][ T5929] usb 12-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  294.248912][T17520]  1235
[  294.250826][ T5929] usb 12-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  294.251705][T17520] 
[  294.255263][ T5929] usb 12-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  294.256180][T17520] Node 0 
[  294.259800][ T5929] usb 12-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  294.260804][T17520] DMA32 free:136028kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB active_anon:45452kB inactive_anon:0kB active_file:19628kB inactive_file:211756kB unevictable:3536kB writepending:192kB present:2080628kB managed:1264976kB mlocked:0kB bounce:0kB free_pcp:2248kB local_pcp:16kB free_cma:0kB
[  294.263473][ T5929] usb 12-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  294.264409][T17520] lowmem_reserve[]:
[  294.264883][T17535] syzkaller1: entered promiscuous mode
[  294.264895][T17535] syzkaller1: entered allmulticast mode
[  294.268126][ T5929] usb 12-1: config 250 interface 228 has no altsetting 0
[  294.271115][ T5929] usb 12-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  294.278234][T17520]  0
[  294.281633][ T5929] usb 12-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  294.284104][T17520]  0
[  294.284541][ T5929] usb 12-1: Product: syz
[  294.286335][T17520]  0
[  294.288538][ T5929] usb 12-1: SerialNumber: syz
[  294.291631][T17520]  0
[  294.294928][ T5929] hub 12-1:250.228: bad descriptor, ignoring hub
[  294.295760][T17520]  0
[  294.297039][ T5929] hub 12-1:250.228: probe with driver hub failed with error -5
[  294.297883][T17520] 
[  294.297890][T17520] Node 1 Normal free:1617488kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:252kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781948kB mlocked:0kB bounce:0kB free_pcp:9100kB local_pcp:7052kB free_cma:0kB
[  294.318942][T17520] lowmem_reserve[]: 0 0 0 0 0
[  294.320473][T17520] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  294.324303][T17520] Node 0 DMA32: 43*4kB (U) 204*8kB (UME) 275*16kB (UME) 145*32kB (UME) 125*64kB (UME) 56*128kB (UME) 77*256kB (UME) 34*512kB (UME) 26*1024kB (UME) 10*2048kB (UM) 6*4096kB (UM) = 134812kB
[  294.330458][T17520] Node 1 Normal: 6*4kB (UME) 9*8kB (UE) 25*16kB (UE) 17*32kB (UME) 5*64kB (ME) 22*128kB (UME) 4*256kB (UE) 5*512kB (UME) 2*1024kB (UE) 3*2048kB (UM) 391*4096kB (M) = 1617488kB
[  294.335876][T17520] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  294.339347][T17520] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  294.342211][T17520] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  294.345167][T17520] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  294.348076][T17520] 60414 total pagecache pages
[  294.350145][T17520] 0 pages in swap cache
[  294.351464][T17520] Free swap  = 124996kB
[  294.352795][T17520] Total swap = 124996kB
[  294.354171][T17520] 1048443 pages RAM
[  294.355418][T17520] 0 pages HighMem/MovableOnly
[  294.356967][T17520] 282872 pages reserved
[  294.358290][T17520] 0 pages cma reserved
[  294.403491][T17546] overlayfs: missing 'workdir'
[  294.430204][T17549] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  294.431738][T17546] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  294.502108][ T5929] usblp 12-1:250.228: usblp0: USB Bidirectional printer dev 3 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  294.539681][ T5929] usb 12-1: USB disconnect, device number 3
[  294.543673][ T5929] usblp0: removed
[  294.614119][T17561] could not allocate digest TFM handle md4
[  294.738907][   T10] usb 13-1: new high-speed USB device number 2 using dummy_hcd
[  294.812533][T17581] IPv6: addrconf: prefix option has invalid lifetime
[  294.843074][   T40] audit: type=1400 audit(294.723:4977): avc:  denied  { getopt } for  pid=17583 comm="syz.0.3968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  294.903433][T17591] FAULT_INJECTION: forcing a failure.
[  294.903433][T17591] name failslab, interval 1, probability 0, space 0, times 0
[  294.907208][T17591] CPU: 3 UID: 0 PID: 17591 Comm: syz.0.3970 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  294.907224][T17591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  294.907230][T17591] Call Trace:
[  294.907235][T17591]  <TASK>
[  294.907240][T17591]  dump_stack_lvl+0x16c/0x1f0
[  294.907255][T17591]  should_fail_ex+0x512/0x640
[  294.907272][T17591]  should_failslab+0xc2/0x120
[  294.907284][T17591]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  294.907296][T17591]  ? skb_clone+0x190/0x3f0
[  294.907309][T17591]  skb_clone+0x190/0x3f0
[  294.907321][T17591]  bpf_clone_redirect+0xb2/0x3f0
[  294.907337][T17591]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  294.907348][T17591]  ? arch_stack_walk+0xa6/0x100
[  294.907366][T17591]  ? __pfx___schedule+0x10/0x10
[  294.907376][T17591]  ? __lock_acquire+0x622/0x1c90
[  294.907393][T17591]  ? find_held_lock+0x2b/0x80
[  294.907410][T17591]  ? preempt_schedule_thunk+0x16/0x30
[  294.907424][T17591]  ? preempt_schedule_common+0x44/0xc0
[  294.907434][T17591]  ? preempt_schedule_thunk+0x16/0x30
[  294.907447][T17591]  ? __pfx___cant_migrate+0x10/0x10
[  294.907459][T17591]  ? bpf_test_timer_continue+0x150/0x3c0
[  294.907473][T17591]  bpf_test_run+0x489/0xa70
[  294.907489][T17591]  ? __pfx_bpf_test_run+0x10/0x10
[  294.907511][T17591]  ? __asan_memset+0x23/0x50
[  294.907528][T17591]  bpf_prog_test_run_skb+0xb92/0x2280
[  294.907546][T17591]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  294.907561][T17591]  ? fput+0x70/0xf0
[  294.907575][T17591]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  294.907588][T17591]  __sys_bpf+0x1485/0x4d80
[  294.907602][T17591]  ? __pfx___sys_bpf+0x10/0x10
[  294.907614][T17591]  ? ksys_write+0x190/0x250
[  294.907626][T17591]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  294.907645][T17591]  ? fput+0x70/0xf0
[  294.907657][T17591]  ? ksys_write+0x1ac/0x250
[  294.907665][T17591]  ? __pfx_ksys_write+0x10/0x10
[  294.907677][T17591]  __x64_sys_bpf+0x78/0xc0
[  294.907689][T17591]  ? lockdep_hardirqs_on+0x7c/0x110
[  294.907700][T17591]  do_syscall_64+0xcd/0x4c0
[  294.907713][T17591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.907724][T17591] RIP: 0033:0x7fbef7b8e969
[  294.907732][T17591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.907743][T17591] RSP: 002b:00007fbef89c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  294.907753][T17591] RAX: ffffffffffffffda RBX: 00007fbef7db5fa0 RCX: 00007fbef7b8e969
[  294.907760][T17591] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  294.907766][T17591] RBP: 00007fbef89c5090 R08: 0000000000000000 R09: 0000000000000000
[  294.907772][T17591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  294.907778][T17591] R13: 0000000000000000 R14: 00007fbef7db5fa0 R15: 00007ffe25ed6418
[  294.907791][T17591]  </TASK>
[  294.909068][   T10] usb 13-1: Using ep0 maxpacket: 16
[  294.988748][ T5940] Bluetooth: hci0: command tx timeout
[  294.991530][   T10] usb 13-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  295.004518][   T10] usb 13-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  295.007366][   T10] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.015626][   T10] usb 13-1: config 0 descriptor??
[  295.183484][T17618] IPv6: addrconf: prefix option has invalid lifetime
[  295.213956][T17622] FAULT_INJECTION: forcing a failure.
[  295.213956][T17622] name failslab, interval 1, probability 0, space 0, times 0
[  295.214035][T17620] overlayfs: missing 'lowerdir'
[  295.217911][T17622] CPU: 1 UID: 0 PID: 17622 Comm: syz.7.3980 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  295.217927][T17622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.217934][T17622] Call Trace:
[  295.217938][T17622]  <TASK>
[  295.217942][T17622]  dump_stack_lvl+0x16c/0x1f0
[  295.217958][T17622]  should_fail_ex+0x512/0x640
[  295.217974][T17622]  should_failslab+0xc2/0x120
[  295.217986][T17622]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  295.217998][T17622]  ? skb_clone+0x190/0x3f0
[  295.218011][T17622]  skb_clone+0x190/0x3f0
[  295.218023][T17622]  bpf_clone_redirect+0xb2/0x3f0
[  295.218039][T17622]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  295.218049][T17622]  ? __kernel_text_address+0xd/0x40
[  295.218064][T17622]  ? unwind_get_return_address+0x59/0xa0
[  295.218079][T17622]  ? arch_stack_walk+0xa6/0x100
[  295.218094][T17622]  ? __lock_acquire+0xb8a/0x1c90
[  295.218109][T17622]  ? __lock_acquire+0x622/0x1c90
[  295.218125][T17622]  ? find_held_lock+0x2b/0x80
[  295.218143][T17622]  ? ktime_get+0x200/0x310
[  295.218154][T17622]  ? lockdep_hardirqs_on+0x7c/0x110
[  295.218167][T17622]  ? __pfx___cant_migrate+0x10/0x10
[  295.218178][T17622]  ? bpf_test_timer_continue+0x150/0x3c0
[  295.218192][T17622]  bpf_test_run+0x489/0xa70
[  295.218208][T17622]  ? __pfx_bpf_test_run+0x10/0x10
[  295.218234][T17622]  ? __asan_memset+0x23/0x50
[  295.218251][T17622]  bpf_prog_test_run_skb+0xb92/0x2280
[  295.218269][T17622]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  295.218284][T17622]  ? fput+0x70/0xf0
[  295.218298][T17622]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  295.218311][T17622]  __sys_bpf+0x1485/0x4d80
[  295.218325][T17622]  ? __pfx___sys_bpf+0x10/0x10
[  295.218337][T17622]  ? ksys_write+0x190/0x250
[  295.218348][T17622]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  295.218368][T17622]  ? fput+0x70/0xf0
[  295.218379][T17622]  ? ksys_write+0x1ac/0x250
[  295.218388][T17622]  ? __pfx_ksys_write+0x10/0x10
[  295.218400][T17622]  __x64_sys_bpf+0x78/0xc0
[  295.218412][T17622]  ? lockdep_hardirqs_on+0x7c/0x110
[  295.218422][T17622]  do_syscall_64+0xcd/0x4c0
[  295.218435][T17622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.218446][T17622] RIP: 0033:0x7f90f2d8e969
[  295.218454][T17622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.218464][T17622] RSP: 002b:00007f90f3cc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  295.218474][T17622] RAX: ffffffffffffffda RBX: 00007f90f2fb5fa0 RCX: 00007f90f2d8e969
[  295.218481][T17622] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  295.218487][T17622] RBP: 00007f90f3cc3090 R08: 0000000000000000 R09: 0000000000000000
[  295.218493][T17622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  295.218499][T17622] R13: 0000000000000000 R14: 00007f90f2fb5fa0 R15: 00007fff80026688
[  295.218512][T17622]  </TASK>
[  295.229185][   T40] audit: type=1400 audit(295.093:4978): avc:  denied  { mounton } for  pid=17619 comm="syz.1.3979" path="/561/file0/bus" dev="9p" ino=35913962 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1
[  295.318114][T17630] usb usb8: usbfs: process 17630 (syz.8.3955) did not claim interface 0 before use
[  295.343783][T17629] netlink: 'syz.0.3982': attribute type 10 has an invalid length.
[  295.353573][T17629] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  295.360334][   T10] usb 13-1: USB disconnect, device number 2
[  295.387837][T17632] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  295.390936][T17632] batman_adv: batadv0: Removing interface: batadv_slave_0
[  295.394235][T17632] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  295.397062][T17632] batman_adv: batadv0: Removing interface: batadv_slave_1
[  295.702638][T17647] IPv6: addrconf: prefix option has invalid lifetime
[  295.901034][T17655] FAULT_INJECTION: forcing a failure.
[  295.901034][T17655] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.904925][T17655] CPU: 0 UID: 0 PID: 17655 Comm: syz.8.3993 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  295.904942][T17655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.904948][T17655] Call Trace:
[  295.904952][T17655]  <TASK>
[  295.904957][T17655]  dump_stack_lvl+0x16c/0x1f0
[  295.904972][T17655]  should_fail_ex+0x512/0x640
[  295.904990][T17655]  _copy_from_iter+0x29f/0x16f0
[  295.905008][T17655]  ? __pfx__copy_from_iter+0x10/0x10
[  295.905022][T17655]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  295.905040][T17655]  copy_page_from_iter+0xde/0x180
[  295.905056][T17655]  tun_build_skb.constprop.0+0x2e8/0x14f0
[  295.905076][T17655]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  295.905099][T17655]  ? __pfx__kstrtoull+0x10/0x10
[  295.905113][T17655]  tun_get_user+0x165f/0x3b80
[  295.905133][T17655]  ? __pfx_tun_get_user+0x10/0x10
[  295.905147][T17655]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  295.905166][T17655]  ? find_held_lock+0x2b/0x80
[  295.905182][T17655]  ? tun_get+0x191/0x370
[  295.905202][T17655]  tun_chr_write_iter+0xdc/0x210
[  295.905217][T17655]  vfs_write+0x6c4/0x1150
[  295.905228][T17655]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  295.905243][T17655]  ? __pfx_vfs_write+0x10/0x10
[  295.905252][T17655]  ? find_held_lock+0x2b/0x80
[  295.905276][T17655]  ksys_write+0x12a/0x250
[  295.905285][T17655]  ? __pfx_ksys_write+0x10/0x10
[  295.905298][T17655]  do_syscall_64+0xcd/0x4c0
[  295.905311][T17655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.905322][T17655] RIP: 0033:0x7f225778d41f
[  295.905331][T17655] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  295.905341][T17655] RSP: 002b:00007f22585df000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  295.905352][T17655] RAX: ffffffffffffffda RBX: 00007f22579b5fa0 RCX: 00007f225778d41f
[  295.905358][T17655] RDX: 000000000000034e RSI: 0000200000000780 RDI: 00000000000000c8
[  295.905364][T17655] RBP: 00007f22585df090 R08: 0000000000000000 R09: 0000000000000000
[  295.905371][T17655] R10: 000000000000034e R11: 0000000000000293 R12: 0000000000000001
[  295.905377][T17655] R13: 0000000000000000 R14: 00007f22579b5fa0 R15: 00007fff33bc71f8
[  295.905390][T17655]  </TASK>
[  295.920718][   T40] audit: type=1400 audit(295.803:4979): avc:  denied  { connect } for  pid=17656 comm="syz.1.3994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  296.069312][T17669] IPv6: addrconf: prefix option has invalid lifetime
[  296.167412][T17676] syzkaller0: entered promiscuous mode
[  296.169272][T17676] syzkaller0: entered allmulticast mode
[  296.207573][T17678] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  296.207573][T17678] The task syz.1.4002 (17678) triggered the difference, watch for misbehavior.
[  296.218192][T17678] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input25
[  296.501443][T17693] FAULT_INJECTION: forcing a failure.
[  296.501443][T17693] name failslab, interval 1, probability 0, space 0, times 0
[  296.505387][T17693] CPU: 1 UID: 0 PID: 17693 Comm: syz.8.4015 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  296.505402][T17693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  296.505408][T17693] Call Trace:
[  296.505413][T17693]  <TASK>
[  296.505418][T17693]  dump_stack_lvl+0x16c/0x1f0
[  296.505436][T17693]  should_fail_ex+0x512/0x640
[  296.505460][T17693]  should_failslab+0xc2/0x120
[  296.505481][T17693]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  296.505501][T17693]  ? skb_clone+0x190/0x3f0
[  296.505525][T17693]  skb_clone+0x190/0x3f0
[  296.505546][T17693]  packet_rcv+0x610/0x15a0
[  296.505581][T17693]  packet_rcv_fanout+0x28b/0x780
[  296.505600][T17693]  ? __pfx_packet_rcv_fanout+0x10/0x10
[  296.505619][T17693]  __netif_receive_skb_core.constprop.0+0xe2d/0x4a00
[  296.505653][T17693]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  296.505704][T17693]  ? __skb_flow_dissect+0x11b2/0x7d90
[  296.505734][T17693]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  296.505769][T17693]  ? __pfx___skb_flow_dissect+0x10/0x10
[  296.505805][T17693]  ? __lock_acquire+0x622/0x1c90
[  296.505834][T17693]  __netif_receive_skb_one_core+0xb0/0x1e0
[  296.505852][T17693]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  296.505882][T17693]  ? lock_acquire+0x179/0x350
[  296.505905][T17693]  ? __phys_addr+0xe8/0x180
[  296.505934][T17693]  __netif_receive_skb+0x1d/0x160
[  296.505951][T17693]  netif_receive_skb+0x137/0x7b0
[  296.505969][T17693]  ? __pfx_netif_receive_skb+0x10/0x10
[  296.505993][T17693]  tun_rx_batched.isra.0+0x3ee/0x740
[  296.506019][T17693]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  296.506050][T17693]  ? tun_get_user+0x1c0d/0x3b80
[  296.506071][T17693]  ? rcu_is_watching+0x12/0xc0
[  296.506091][T17693]  tun_get_user+0x28a2/0x3b80
[  296.506127][T17693]  ? __pfx_tun_get_user+0x10/0x10
[  296.506149][T17693]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  296.506187][T17693]  ? find_held_lock+0x2b/0x80
[  296.506215][T17693]  ? tun_get+0x191/0x370
[  296.506243][T17693]  tun_chr_write_iter+0xdc/0x210
[  296.506270][T17693]  vfs_write+0x6c4/0x1150
[  296.506288][T17693]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  296.506315][T17693]  ? __pfx_vfs_write+0x10/0x10
[  296.506329][T17693]  ? find_held_lock+0x2b/0x80
[  296.506372][T17693]  ksys_write+0x12a/0x250
[  296.506389][T17693]  ? __pfx_ksys_write+0x10/0x10
[  296.506414][T17693]  do_syscall_64+0xcd/0x4c0
[  296.506437][T17693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.506469][T17693] RIP: 0033:0x7f225778d41f
[  296.506485][T17693] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  296.506503][T17693] RSP: 002b:00007f22585df000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  296.506521][T17693] RAX: ffffffffffffffda RBX: 00007f22579b5fa0 RCX: 00007f225778d41f
[  296.506534][T17693] RDX: 000000000000034e RSI: 0000200000000780 RDI: 00000000000000c8
[  296.506544][T17693] RBP: 00007f22585df090 R08: 0000000000000000 R09: 0000000000000000
[  296.506553][T17693] R10: 000000000000034e R11: 0000000000000293 R12: 0000000000000001
[  296.506563][T17693] R13: 0000000000000000 R14: 00007f22579b5fa0 R15: 00007fff33bc71f8
[  296.506588][T17693]  </TASK>
[  296.506996][T17693] IPv6: addrconf: prefix option has invalid lifetime
[  296.704628][T17702] IPv6: addrconf: prefix option has invalid lifetime
[  296.955165][T17710] binder: 17707:17710 ioctl c0306201 200000000680 returned -22
[  297.068986][ T5940] Bluetooth: hci0: command tx timeout
[  297.887277][T17709] lo speed is unknown, defaulting to 1000
[  297.906917][T17738] IPv6: addrconf: prefix option has invalid lifetime
[  297.909176][T17738] FAULT_INJECTION: forcing a failure.
[  297.909176][T17738] name failslab, interval 1, probability 0, space 0, times 0
[  297.913054][T17738] CPU: 1 UID: 0 PID: 17738 Comm: syz.1.4021 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  297.913069][T17738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  297.913076][T17738] Call Trace:
[  297.913080][T17738]  <TASK>
[  297.913084][T17738]  dump_stack_lvl+0x16c/0x1f0
[  297.913100][T17738]  should_fail_ex+0x512/0x640
[  297.913114][T17738]  ? addrconf_prefix_rcv+0xf4c/0x1f70
[  297.913132][T17738]  should_failslab+0xc2/0x120
[  297.913144][T17738]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  297.913156][T17738]  ? __alloc_skb+0x2b2/0x380
[  297.913174][T17738]  __alloc_skb+0x2b2/0x380
[  297.913184][T17738]  ? __pfx___alloc_skb+0x10/0x10
[  297.913196][T17738]  ? ndisc_router_discovery+0xc00/0x3550
[  297.913215][T17738]  ndisc_router_discovery+0x205e/0x3550
[  297.913236][T17738]  ? ip6t_do_table+0xbf5/0x1c30
[  297.913252][T17738]  ? __pfx_ndisc_router_discovery+0x10/0x10
[  297.913270][T17738]  ? __lock_acquire+0x622/0x1c90
[  297.913291][T17738]  ? skb_checksum+0x81f/0x980
[  297.913311][T17738]  ndisc_rcv+0x3fa/0x620
[  297.913321][T17738]  icmpv6_rcv+0x17c6/0x1c50
[  297.913339][T17738]  ? __pfx_icmpv6_rcv+0x10/0x10
[  297.913354][T17738]  ip6_protocol_deliver_rcu+0xf86/0x1520
[  297.913378][T17738]  ip6_input_finish+0x102/0x180
[  297.913395][T17738]  ip6_input+0x105/0x2f0
[  297.913405][T17738]  ip6_mc_input+0x465/0xfd0
[  297.913416][T17738]  ? __pfx_ip6_mc_input+0x10/0x10
[  297.913426][T17738]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  297.913438][T17738]  ? __pfx_ip6_mc_input+0x10/0x10
[  297.913448][T17738]  ipv6_rcv+0x45a/0x680
[  297.913457][T17738]  ? __pfx_ipv6_rcv+0x10/0x10
[  297.913465][T17738]  __netif_receive_skb_one_core+0x12d/0x1e0
[  297.913476][T17738]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  297.913494][T17738]  ? lock_acquire+0x179/0x350
[  297.913508][T17738]  ? __phys_addr+0xe8/0x180
[  297.913525][T17738]  __netif_receive_skb+0x1d/0x160
[  297.913535][T17738]  netif_receive_skb+0x137/0x7b0
[  297.913544][T17738]  ? __pfx_netif_receive_skb+0x10/0x10
[  297.913559][T17738]  tun_rx_batched.isra.0+0x3ee/0x740
[  297.913575][T17738]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  297.913592][T17738]  ? tun_get_user+0x1c0d/0x3b80
[  297.913606][T17738]  ? rcu_is_watching+0x12/0xc0
[  297.913617][T17738]  tun_get_user+0x28a2/0x3b80
[  297.913637][T17738]  ? __pfx_tun_get_user+0x10/0x10
[  297.913651][T17738]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  297.913685][T17738]  ? find_held_lock+0x2b/0x80
[  297.913704][T17738]  ? tun_get+0x191/0x370
[  297.913720][T17738]  tun_chr_write_iter+0xdc/0x210
[  297.913736][T17738]  vfs_write+0x6c4/0x1150
[  297.913746][T17738]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  297.913762][T17738]  ? __pfx_vfs_write+0x10/0x10
[  297.913770][T17738]  ? find_held_lock+0x2b/0x80
[  297.913795][T17738]  ksys_write+0x12a/0x250
[  297.913804][T17738]  ? __pfx_ksys_write+0x10/0x10
[  297.913817][T17738]  do_syscall_64+0xcd/0x4c0
[  297.913830][T17738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.913841][T17738] RIP: 0033:0x7f80e498d41f
[  297.913850][T17738] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  297.913860][T17738] RSP: 002b:00007f80e5888000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  297.913871][T17738] RAX: ffffffffffffffda RBX: 00007f80e4bb5fa0 RCX: 00007f80e498d41f
[  297.913878][T17738] RDX: 000000000000034e RSI: 0000200000000780 RDI: 00000000000000c8
[  297.913884][T17738] RBP: 00007f80e5888090 R08: 0000000000000000 R09: 0000000000000000
[  297.913890][T17738] R10: 000000000000034e R11: 0000000000000293 R12: 0000000000000001
[  297.913896][T17738] R13: 0000000000000000 R14: 00007f80e4bb5fa0 R15: 00007ffce0190e28
[  297.913910][T17738]  </TASK>
[  298.255677][T17762] __nla_validate_parse: 3 callbacks suppressed
[  298.255688][T17762] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4027'.
[  298.964232][T17806] IPv6: addrconf: prefix option has invalid lifetime
[  298.990984][T17809] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4039'.
[  299.000500][T17809] vti0: entered promiscuous mode
[  299.067489][T17814] bio_check_eod: 13 callbacks suppressed
[  299.067500][T17814] syz.0.4040: attempt to access beyond end of device
[  299.067500][T17814] nbd0: rw=4096, sector=0, nr_sectors = 2 limit=0
[  299.075674][T17814] XFS (nbd0): SB validate failed with error -5.
[  299.214772][T17836] tipc: Started in network mode
[  299.216842][T17836] tipc: Node identity , cluster identity 4711
[  299.221877][T17836] tipc: Failed to obtain node identity
[  299.224217][T17836] tipc: Enabling of bearer <eth:gre0> rejected, failed to enable media
[  299.228561][T17836] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4045'.
[  299.307201][    C0] vcan0: j1939_tp_rxtimer: 0xffff888045e78800: rx timeout, send abort
[  299.492556][T17848] IPv6: addrconf: prefix option has invalid lifetime
[  299.593436][   T40] audit: type=1400 audit(299.473:4980): avc:  denied  { listen } for  pid=17852 comm="syz.0.4052" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  299.630868][T17858] FAULT_INJECTION: forcing a failure.
[  299.630868][T17858] name failslab, interval 1, probability 0, space 0, times 0
[  299.634796][T17858] CPU: 2 UID: 0 PID: 17858 Comm: syz.8.4054 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  299.634812][T17858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  299.634819][T17858] Call Trace:
[  299.634823][T17858]  <TASK>
[  299.634828][T17858]  dump_stack_lvl+0x16c/0x1f0
[  299.634843][T17858]  should_fail_ex+0x512/0x640
[  299.634863][T17858]  should_failslab+0xc2/0x120
[  299.634876][T17858]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  299.634888][T17858]  ? skb_clone+0x190/0x3f0
[  299.634901][T17858]  skb_clone+0x190/0x3f0
[  299.634913][T17858]  bpf_clone_redirect+0xb2/0x3f0
[  299.634929][T17858]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  299.634940][T17858]  ? arch_stack_walk+0xa6/0x100
[  299.634958][T17858]  ? __pfx___schedule+0x10/0x10
[  299.634968][T17858]  ? __lock_acquire+0x622/0x1c90
[  299.634985][T17858]  ? find_held_lock+0x2b/0x80
[  299.635001][T17858]  ? preempt_schedule_thunk+0x16/0x30
[  299.635015][T17858]  ? preempt_schedule_common+0x44/0xc0
[  299.635026][T17858]  ? preempt_schedule_thunk+0x16/0x30
[  299.635038][T17858]  ? __pfx___cant_migrate+0x10/0x10
[  299.635049][T17858]  ? bpf_test_timer_continue+0x150/0x3c0
[  299.635064][T17858]  bpf_test_run+0x489/0xa70
[  299.635079][T17858]  ? __pfx_bpf_test_run+0x10/0x10
[  299.635102][T17858]  ? __asan_memset+0x23/0x50
[  299.635124][T17858]  bpf_prog_test_run_skb+0xb92/0x2280
[  299.635142][T17858]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  299.635158][T17858]  ? fput+0x70/0xf0
[  299.635171][T17858]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  299.635185][T17858]  __sys_bpf+0x1485/0x4d80
[  299.635199][T17858]  ? __pfx___sys_bpf+0x10/0x10
[  299.635211][T17858]  ? ksys_write+0x190/0x250
[  299.635222][T17858]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  299.635242][T17858]  ? fput+0x70/0xf0
[  299.635254][T17858]  ? ksys_write+0x1ac/0x250
[  299.635263][T17858]  ? __pfx_ksys_write+0x10/0x10
[  299.635274][T17858]  __x64_sys_bpf+0x78/0xc0
[  299.635286][T17858]  ? lockdep_hardirqs_on+0x7c/0x110
[  299.635297][T17858]  do_syscall_64+0xcd/0x4c0
[  299.635310][T17858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.635321][T17858] RIP: 0033:0x7f225778e969
[  299.635330][T17858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.635340][T17858] RSP: 002b:00007f22585df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  299.635350][T17858] RAX: ffffffffffffffda RBX: 00007f22579b5fa0 RCX: 00007f225778e969
[  299.635357][T17858] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  299.635363][T17858] RBP: 00007f22585df090 R08: 0000000000000000 R09: 0000000000000000
[  299.635369][T17858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  299.635375][T17858] R13: 0000000000000000 R14: 00007f22579b5fa0 R15: 00007fff33bc71f8
[  299.635387][T17858]  </TASK>
[  299.809894][    C0] vcan0: j1939_tp_rxtimer: 0xffff888045e78800: abort rx timeout. Force session deactivation
[  300.005125][T17875] IPv6: addrconf: prefix option has invalid lifetime
[  300.492249][T17920] IPv6: addrconf: prefix option has invalid lifetime
[  300.822999][T17929] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4078'.
[  300.830757][T17929] xt_CT: You must specify a L4 protocol and not use inversions on it
[  300.888739][T17931] autofs: Unknown parameter 'discard'
[  300.895871][   T40] audit: type=1400 audit(300.773:4981): avc:  denied  { setattr } for  pid=17930 comm="syz.8.4079" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  301.109135][T17949] xt_CT: You must specify a L4 protocol and not use inversions on it
[  301.230559][T17959] binder: 17958:17959 ioctl c0306201 200000000780 returned -11
[  301.238323][T17959] binder_alloc: binder_alloc_mmap_handler: 17958 200000ffd000-200001000000 already mapped failed -16
[  301.243143][   T40] audit: type=1400 audit(301.113:4982): avc:  denied  { accept } for  pid=17960 comm="syz.7.4092" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  301.243402][T17962] binder: BINDER_SET_CONTEXT_MGR already set
[  301.253059][T17962] binder: 17958:17962 ioctl 4018620d 200000000280 returned -16
[  301.255193][T17965] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4093'.
[  301.261300][T17965] tipc: Started in network mode
[  301.263356][T17965] tipc: Node identity ac14140f, cluster identity 4711
[  301.266258][T17965] tipc: New replicast peer: 172.30.1.1
[  301.268558][T17965] tipc: Enabled bearer <udp:syz2>, priority 10
[  301.417276][T17979] IPv6: addrconf: prefix option has invalid lifetime
[  301.436489][   T40] audit: type=1400 audit(301.313:4983): avc:  denied  { audit_read } for  pid=17983 comm="syz.8.4100" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  301.485710][T17988] kAFS: No cell specified
[  301.547266][   T40] audit: type=1400 audit(301.423:4984): avc:  denied  { setopt } for  pid=17994 comm="syz.8.4105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  301.591129][T18001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4108'.
[  301.592221][T18002] usb usb9: usbfs: process 18002 (syz.7.4107) did not claim interface 0 before use
[  301.809404][T18019] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4115'.
[  301.812798][T18019] xt_NFQUEUE: number of total queues is 0
[  302.018923][   T29] usb 13-1: new high-speed USB device number 3 using dummy_hcd
[  302.171547][   T29] usb 13-1: config index 0 descriptor too short (expected 23569, got 27)
[  302.174638][   T29] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  302.178987][   T29] usb 13-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  302.182627][   T29] usb 13-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  302.185182][   T29] usb 13-1: Manufacturer: syz
[  302.188273][   T29] usb 13-1: config 0 descriptor??
[  302.239154][   T29] rc_core: IR keymap rc-hauppauge not found
[  302.241539][   T29] Registered IR keymap rc-empty
[  302.245971][   T29] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/rc/rc0
[  302.250843][   T29] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/rc/rc0/input27
[  302.258763][ T1024] tipc: Node number set to 2886997007
[  302.259126][   T10] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  302.409094][ T6341] usb 13-1: USB disconnect, device number 3
[  302.419082][   T10] usb 5-1: Using ep0 maxpacket: 32
[  302.423906][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  302.427252][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  302.430318][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  302.434982][   T10] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  302.437775][   T10] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  302.440330][   T10] usb 5-1: Manufacturer: syz
[  302.443450][   T10] usb 5-1: config 0 descriptor??
[  302.827393][T18046] FAULT_INJECTION: forcing a failure.
[  302.827393][T18046] name failslab, interval 1, probability 0, space 0, times 0
[  302.831843][T18046] CPU: 2 UID: 0 PID: 18046 Comm: syz.7.4122 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  302.831865][T18046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  302.831875][T18046] Call Trace:
[  302.831880][T18046]  <TASK>
[  302.831886][T18046]  dump_stack_lvl+0x16c/0x1f0
[  302.831907][T18046]  should_fail_ex+0x512/0x640
[  302.831929][T18046]  should_failslab+0xc2/0x120
[  302.831947][T18046]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  302.831963][T18046]  ? skb_clone+0x190/0x3f0
[  302.831983][T18046]  skb_clone+0x190/0x3f0
[  302.832001][T18046]  bpf_clone_redirect+0xb2/0x3f0
[  302.832025][T18046]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  302.832040][T18046]  ? __kernel_text_address+0xd/0x40
[  302.832063][T18046]  ? unwind_get_return_address+0x59/0xa0
[  302.832084][T18046]  ? arch_stack_walk+0xa6/0x100
[  302.832111][T18046]  ? __lock_acquire+0xb8a/0x1c90
[  302.832135][T18046]  ? __lock_acquire+0x622/0x1c90
[  302.832162][T18046]  ? find_held_lock+0x2b/0x80
[  302.832191][T18046]  ? ktime_get+0x200/0x310
[  302.832208][T18046]  ? lockdep_hardirqs_on+0x7c/0x110
[  302.832226][T18046]  ? __pfx___cant_migrate+0x10/0x10
[  302.832245][T18046]  ? bpf_test_timer_continue+0x150/0x3c0
[  302.832268][T18046]  bpf_test_run+0x489/0xa70
[  302.832295][T18046]  ? __pfx_bpf_test_run+0x10/0x10
[  302.832337][T18046]  ? __asan_memset+0x23/0x50
[  302.832367][T18046]  bpf_prog_test_run_skb+0xb92/0x2280
[  302.832400][T18046]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  302.832428][T18046]  ? fput+0x70/0xf0
[  302.832452][T18046]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  302.832476][T18046]  __sys_bpf+0x1485/0x4d80
[  302.832500][T18046]  ? __pfx___sys_bpf+0x10/0x10
[  302.832521][T18046]  ? ksys_write+0x190/0x250
[  302.832542][T18046]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  302.832579][T18046]  ? fput+0x70/0xf0
[  302.832599][T18046]  ? ksys_write+0x1ac/0x250
[  302.832615][T18046]  ? __pfx_ksys_write+0x10/0x10
[  302.832636][T18046]  __x64_sys_bpf+0x78/0xc0
[  302.832657][T18046]  ? lockdep_hardirqs_on+0x7c/0x110
[  302.832675][T18046]  do_syscall_64+0xcd/0x4c0
[  302.832698][T18046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.832717][T18046] RIP: 0033:0x7f90f2d8e969
[  302.832731][T18046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.832749][T18046] RSP: 002b:00007f90f3cc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  302.832766][T18046] RAX: ffffffffffffffda RBX: 00007f90f2fb5fa0 RCX: 00007f90f2d8e969
[  302.832778][T18046] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  302.832789][T18046] RBP: 00007f90f3cc3090 R08: 0000000000000000 R09: 0000000000000000
[  302.832801][T18046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  302.832811][T18046] R13: 0000000000000000 R14: 00007f90f2fb5fa0 R15: 00007fff80026688
[  302.832837][T18046]  </TASK>
[  302.856120][   T10] input: syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5011.000F/input/input28
[  303.001076][   T10] input: syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5011.000F/input/input29
[  303.017466][   T10] kye 0003:0458:5011.000F: input,hiddev0,hidraw1: USB HID v0.00 Mouse [syz] on usb-dummy_hcd.0-1/input0
[  303.065714][T15845] usb 5-1: USB disconnect, device number 18
[  303.075363][T18060] ucma_write: process 147 (syz.8.4124) changed security contexts after opening file descriptor, this is not allowed.
[  303.086294][T18060] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4124'.
[  303.092263][T18063] IPv6: addrconf: prefix option has invalid lifetime
[  303.106652][T18061] fido_id[18061]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb5/5-1/report_descriptor': No such file or directory
[  303.135687][T18065] 9pnet: Unknown protocol version 9p20\++}
[  303.334233][T18089] No such timeout policy "syz1"
[  303.379353][ T5940] Bluetooth: hci2: command tx timeout
[  303.388783][   T40] audit: type=1804 audit(303.263:4985): pid=18097 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.4137" name="/newroot/178/file0/file0" dev="ramfs" ino=72668 res=1 errno=0
[  303.935864][   T40] audit: type=1400 audit(303.813:4986): avc:  denied  { listen } for  pid=18137 comm="syz.7.4146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  303.941914][   T40] audit: type=1400 audit(303.813:4987): avc:  denied  { accept } for  pid=18137 comm="syz.7.4146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  304.104653][T18140] lo speed is unknown, defaulting to 1000
[  304.237284][T18154] IPv6: addrconf: prefix option has invalid lifetime
[  304.282004][   T40] audit: type=1326 audit(304.163:4988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18155 comm="syz.0.4150" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbef7b8e969 code=0x7ffc0000
[  304.290882][   T40] audit: type=1326 audit(304.163:4989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18155 comm="syz.0.4150" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbef7b8e969 code=0x7ffc0000
[  304.550468][ T5940] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  304.717495][T18188] IPv6: addrconf: prefix option has invalid lifetime
[  304.722307][T18186] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  304.782571][T18192] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4159'.
[  304.859072][T18194] netlink: 'syz.0.4160': attribute type 15 has an invalid length.
[  304.863310][T18196] netlink: 'syz.0.4160': attribute type 15 has an invalid length.
[  304.874560][T18194] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4160'.
[  304.874569][T18196] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4160'.
[  304.926601][T18201] netlink: 'syz.0.4161': attribute type 15 has an invalid length.
[  304.929312][T18201] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4161'.
[  305.105823][T18214] xt_hashlimit: size too large, truncated to 1048576
[  305.174173][T18219] IPVS: sync thread started: state = MASTER, mcast_ifn = netdevsim0, syncid = 1, id = 0
[  305.262034][ T5940] Bluetooth: hci4: Malformed HCI Event
[  305.339870][T18231] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4171'.
[  305.495358][   T40] kauditd_printk_skb: 56 callbacks suppressed
[  305.495374][   T40] audit: type=1400 audit(305.373:5046): avc:  denied  { unlink } for  pid=18242 comm="syz.7.4177" name="file1" dev="9p" ino=35913861 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  305.516568][   T40] audit: type=1400 audit(305.393:5047): avc:  denied  { link } for  pid=18242 comm="syz.7.4177" name="file0" dev="9p" ino=35913861 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  305.719992][T18261] netlink: 148 bytes leftover after parsing attributes in process `syz.7.4182'.
[  305.980895][    C2] vcan0: j1939_tp_rxtimer: 0xffff88805250ec00: rx timeout, send abort
[  305.994522][T18274] program syz.7.4184 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  306.288837][   T53] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  306.484164][    C2] vcan0: j1939_tp_rxtimer: 0xffff88805250ec00: abort rx timeout. Force session deactivation
[  306.494024][   T53] usb 12-1: Using ep0 maxpacket: 32
[  306.498766][   T53] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.503111][   T53] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  306.507945][   T53] usb 12-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  306.512291][   T53] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.517619][   T53] usb 12-1: config 0 descriptor??
[  306.589245][T18301] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4193'.
[  306.592754][T18301] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4193'.
[  306.608738][ T5940] Bluetooth: hci1: unexpected event for opcode 0x1005
[  306.609015][T18301] dns_resolver: Unsupported content type (234)
[  306.616603][T18301] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4193'.
[  306.627051][T18301] SELinux:  Context Ü is not valid (left unmapped).
[  306.751126][T18319] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4202'.
[  306.754038][T18320] netlink: 'syz.8.4202': attribute type 17 has an invalid length.
[  306.761382][T18320] macvtap0: entered allmulticast mode
[  306.763681][T18320] veth0_macvtap: entered allmulticast mode
[  306.766749][T18320] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check.
[  306.861229][T18329] netlink: 'syz.1.4206': attribute type 6 has an invalid length.
[  306.938665][   T53] savu 0003:1E7D:2D5A.0010: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.7-1/input0
[  306.973014][T18346] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=18346 comm=syz.8.4214
[  306.981454][T18346] netlink: 'syz.8.4214': attribute type 17 has an invalid length.
[  307.182091][ T5929] usb 12-1: USB disconnect, device number 4
[  307.220368][ T5938] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  307.223299][   T24] usb 13-1: new full-speed USB device number 4 using dummy_hcd
[  307.225317][ T5938] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  307.228516][ T5938] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  307.231194][ T5938] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  307.250195][ T5938] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  307.317898][   T40] audit: type=1400 audit(307.193:5048): avc:  denied  { ioctl } for  pid=18370 comm="syz.0.4222" path="socket:[78044]" dev="sockfs" ino=78044 ioctlcmd=0x6686 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  307.318361][ T5938] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  307.330814][   T40] audit: type=1400 audit(307.193:5049): avc:  denied  { map } for  pid=18370 comm="syz.0.4222" path="socket:[78044]" dev="sockfs" ino=78044 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  307.379494][   T24] usb 13-1: too many configurations: 215, using maximum allowed: 8
[  307.384988][   T40] audit: type=1400 audit(307.263:5050): avc:  denied  { listen } for  pid=18372 comm="syz.0.4223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  307.385387][T18373] devpts: Unknown parameter 'žÎµWÏácLjÈc\þOuσô0x000000000000ee00'
[  307.386991][T18366] lo speed is unknown, defaulting to 1000
[  307.393355][   T24] usb 13-1: unable to read config index 0 descriptor/start: -61
[  307.403339][   T24] usb 13-1: can't read configurations, error -61
[  307.505665][T18366] chnl_net:caif_netlink_parms(): no params data found
[  307.539275][   T24] usb 13-1: new full-speed USB device number 5 using dummy_hcd
[  307.599377][T18366] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.601756][T18366] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.604498][T18366] bridge_slave_0: entered allmulticast mode
[  307.607419][T18366] bridge_slave_0: entered promiscuous mode
[  307.630987][   T46] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  307.634239][   T46] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.643827][T18366] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.647355][T18366] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.650585][T18366] bridge_slave_1: entered allmulticast mode
[  307.653749][T18366] bridge_slave_1: entered promiscuous mode
[  307.686870][T18366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  307.691969][T18366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  307.709356][   T24] usb 13-1: too many configurations: 215, using maximum allowed: 8
[  307.714441][   T24] usb 13-1: unable to read config index 0 descriptor/start: -61
[  307.717523][   T24] usb 13-1: can't read configurations, error -61
[  307.728739][   T24] usb usb13-port1: attempt power cycle
[  307.760175][   T46] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  307.763770][   T46] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.783307][T18366] team0: Port device team_slave_0 added
[  307.786884][T18366] team0: Port device team_slave_1 added
[  307.854502][   T46] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  307.857911][   T46] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.867294][T18366] batman_adv: batadv0: Adding interface: batadv_slave_0
[  307.869556][T18366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.877941][T18366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  307.882963][T18366] batman_adv: batadv0: Adding interface: batadv_slave_1
[  307.885163][T18366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.893115][T18366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  307.940383][T18366] hsr_slave_0: entered promiscuous mode
[  307.942613][T18366] hsr_slave_1: entered promiscuous mode
[  307.944651][T18366] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  307.947517][T18366] Cannot create hsr debugfs directory
[  307.962426][   T46] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  307.966485][   T46] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.028364][T18404] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  308.081774][   T24] usb 13-1: new full-speed USB device number 6 using dummy_hcd
[  308.111569][   T24] usb 13-1: too many configurations: 215, using maximum allowed: 8
[  308.116222][   T24] usb 13-1: unable to read config index 0 descriptor/start: -61
[  308.119072][   T24] usb 13-1: can't read configurations, error -61
[  308.134970][T18411] IPv6: addrconf: prefix option has invalid lifetime
[  308.265136][   T24] usb 13-1: new full-speed USB device number 7 using dummy_hcd
[  308.276462][T18422] program syz.0.4237 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  308.280811][   T24] usb 13-1: too many configurations: 215, using maximum allowed: 8
[  308.284553][   T24] usb 13-1: unable to read config index 0 descriptor/start: -61
[  308.287102][   T24] usb 13-1: can't read configurations, error -61
[  308.289314][   T24] usb usb13-port1: unable to enumerate USB device
[  308.444191][   T46]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  308.449335][   T46]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  308.453885][   T46]  (unregistering): Released all slaves
[  308.462147][   T46] bond1 (unregistering): Released all slaves
[  308.471533][   T46] bond0 (unregistering): Released all slaves
[  308.553662][   T46] bond2 (unregistering): Released all slaves
[  308.559994][   T46] bond3 (unregistering): Released all slaves
[  308.598781][ T6341] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  308.761229][ T6341] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  308.765739][ T6341] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  308.770482][ T6341] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  308.774322][ T6341] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  308.779396][ T6341] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  308.782937][ T6341] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.790608][ T6341] usb 12-1: config 0 descriptor??
[  308.804328][T18435] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  309.068302][   T46] hsr_slave_0: left promiscuous mode
[  309.072266][   T46] hsr_slave_1: left promiscuous mode
[  309.074312][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  309.076736][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  309.082823][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  309.085147][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  309.108043][   T46] veth1_macvtap: left promiscuous mode
[  309.109917][   T46] veth0_macvtap: left promiscuous mode
[  309.111707][   T46] veth1_vlan: left promiscuous mode
[  309.113388][   T46] veth0_vlan: left promiscuous mode
[  309.222368][T18423] xt_ecn: cannot match TCP bits for non-tcp packets
[  309.231309][ T6341] plantronics 0003:047F:FFFF.0011: ignoring exceeding usage max
[  309.244467][ T6341] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving
[  309.257708][ T6341] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  309.311186][ T5938] Bluetooth: hci3: command tx timeout
[  310.019495][   T46] team0 (unregistering): Port device team_slave_1 removed
[  310.639453][T18457] vlan2: entered promiscuous mode
[  310.641183][T18457] bond0: entered promiscuous mode
[  310.642856][T18457] bond_slave_0: entered promiscuous mode
[  310.644830][T18457] bond_slave_1: entered promiscuous mode
[  310.646783][T18457] mac80211_hwsim hwsim24 wlan1: entered promiscuous mode
[  310.688723][   T24] usb 12-1: reset high-speed USB device number 5 using dummy_hcd
[  310.741231][T18366] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  310.751892][T18366] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  310.757950][T18366] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  310.764260][T18366] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  310.891227][T18366] 8021q: adding VLAN 0 to HW filter on device bond0
[  310.907547][T18366] 8021q: adding VLAN 0 to HW filter on device team0
[  310.916281][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.918549][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.926776][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.929077][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.965019][T18366] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  310.968314][T18366] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  310.977242][T18479] netlink: 'syz.8.4249': attribute type 3 has an invalid length.
[  310.981279][T18479] __nla_validate_parse: 6 callbacks suppressed
[  310.981289][T18479] netlink: 199836 bytes leftover after parsing attributes in process `syz.8.4249'.
[  311.019803][   T46] IPVS: stop unused estimator thread 0...
[  311.061955][T18366] 8021q: adding VLAN 0 to HW filter on device batadv0
[  311.096239][T18366] veth0_vlan: entered promiscuous mode
[  311.103813][T18366] veth1_vlan: entered promiscuous mode
[  311.126728][T18366] veth0_macvtap: entered promiscuous mode
[  311.134095][T18366] veth1_macvtap: entered promiscuous mode
[  311.148433][T18366] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.158439][T18366] batman_adv: batadv0: Interface activated: batadv_slave_1
[  311.167100][T18366] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.170590][T18366] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.173283][T18366] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.175983][T18366] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.216553][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  311.223996][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  311.236640][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  311.241378][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  311.389221][ T5938] Bluetooth: hci3: command tx timeout
[  311.459688][ T5975] usb 12-1: USB disconnect, device number 5
[  311.537195][T18510] IPv6: addrconf: prefix option has invalid lifetime
[  313.135674][T18515] overlayfs: failed to resolve './file1/file0': -2
[  313.222707][T18530] IPv6: addrconf: prefix option has invalid lifetime
[  313.320439][T18545] syz.1.4269: attempt to access beyond end of device
[  313.320439][T18545] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  313.326768][T18545] syz.1.4269: attempt to access beyond end of device
[  313.326768][T18545] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[  313.343674][T18545] Mount JFS Failure: -5
[  313.345065][T18545] jfs_mount failed w/return code = -5
[  313.414755][T18558] IPVS: Error connecting to the multicast addr
[  313.429738][   T40] audit: type=1400 audit(313.303:5051): avc:  denied  { setattr } for  pid=18535 comm="syz.1.4269" name="midiC2D0" dev="devtmpfs" ino=1322 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  313.478628][ T5938] Bluetooth: hci3: command tx timeout
[  313.513957][T18566] Cannot find add_set index 0 as target
[  313.634637][T18577] FAULT_INJECTION: forcing a failure.
[  313.634637][T18577] name failslab, interval 1, probability 0, space 0, times 0
[  313.638504][T18577] CPU: 0 UID: 0 PID: 18577 Comm: syz.7.4280 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  313.638520][T18577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  313.638527][T18577] Call Trace:
[  313.638531][T18577]  <TASK>
[  313.638536][T18577]  dump_stack_lvl+0x16c/0x1f0
[  313.638552][T18577]  should_fail_ex+0x512/0x640
[  313.638566][T18577]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  313.638592][T18577]  should_failslab+0xc2/0x120
[  313.638605][T18577]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  313.638616][T18577]  ? __alloc_skb+0x2b2/0x380
[  313.638627][T18577]  ? bpf_lsm_capable+0x9/0x10
[  313.638644][T18577]  __alloc_skb+0x2b2/0x380
[  313.638655][T18577]  ? __pfx___alloc_skb+0x10/0x10
[  313.638665][T18577]  ? genl_rcv_msg+0x4c0/0x800
[  313.638680][T18577]  ? genl_rcv_msg+0x4bb/0x800
[  313.638699][T18577]  netlink_ack+0x15d/0xb80
[  313.638718][T18577]  netlink_rcv_skb+0x332/0x420
[  313.638731][T18577]  ? __pfx_genl_rcv_msg+0x10/0x10
[  313.638748][T18577]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  313.638768][T18577]  ? netlink_deliver_tap+0x1ae/0xd30
[  313.638783][T18577]  genl_rcv+0x28/0x40
[  313.638797][T18577]  netlink_unicast+0x53d/0x7f0
[  313.638817][T18577]  ? __pfx_netlink_unicast+0x10/0x10
[  313.638835][T18577]  netlink_sendmsg+0x8d1/0xdd0
[  313.638852][T18577]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.638871][T18577]  ____sys_sendmsg+0xa98/0xc70
[  313.638886][T18577]  ? copy_msghdr_from_user+0x10a/0x160
[  313.638898][T18577]  ? __pfx_____sys_sendmsg+0x10/0x10
[  313.638919][T18577]  ___sys_sendmsg+0x134/0x1d0
[  313.638931][T18577]  ? __pfx____sys_sendmsg+0x10/0x10
[  313.638941][T18577]  ? __lock_acquire+0x622/0x1c90
[  313.638972][T18577]  __sys_sendmsg+0x16d/0x220
[  313.638983][T18577]  ? __pfx___sys_sendmsg+0x10/0x10
[  313.639000][T18577]  ? fput+0x70/0xf0
[  313.639015][T18577]  do_syscall_64+0xcd/0x4c0
[  313.639028][T18577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.639038][T18577] RIP: 0033:0x7f90f2d8e969
[  313.639048][T18577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.639058][T18577] RSP: 002b:00007f90f3cc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  313.639069][T18577] RAX: ffffffffffffffda RBX: 00007f90f2fb5fa0 RCX: 00007f90f2d8e969
[  313.639076][T18577] RDX: 0000000004002040 RSI: 0000200000000240 RDI: 0000000000000003
[  313.639082][T18577] RBP: 00007f90f3cc3090 R08: 0000000000000000 R09: 0000000000000000
[  313.639088][T18577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.639094][T18577] R13: 0000000000000000 R14: 00007f90f2fb5fa0 R15: 00007fff80026688
[  313.639108][T18577]  </TASK>
[  313.771702][T18580] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4281'.
[  313.774559][T18580] netlink: 92 bytes leftover after parsing attributes in process `syz.7.4281'.
[  313.938699][ T1024] usb 13-1: new high-speed USB device number 8 using dummy_hcd
[  314.068719][ T5929] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[  314.088783][ T1024] usb 13-1: Using ep0 maxpacket: 16
[  314.091989][ T1024] usb 13-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  314.095538][ T1024] usb 13-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  314.106961][ T1024] usb 13-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  314.110143][ T1024] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.114297][ T1024] usb 13-1: config 0 descriptor??
[  314.117992][ T1024] usbhid 13-1:0.0: couldn't find an input interrupt endpoint
[  314.178772][T18592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4285'.
[  314.182171][T18592] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4285'.
[  314.218679][ T5929] usb 12-1: Using ep0 maxpacket: 32
[  314.228871][ T5929] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  314.234359][ T5929] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  314.237604][ T5929] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  314.240890][ T5929] usb 12-1: Product: syz
[  314.242233][ T5929] usb 12-1: Manufacturer: syz
[  314.243673][ T5929] usb 12-1: SerialNumber: syz
[  314.253513][ T5929] usb 12-1: config 0 descriptor??
[  314.255648][T18588] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[  314.258515][ T5929] hub 12-1:0.0: bad descriptor, ignoring hub
[  314.260692][ T5929] hub 12-1:0.0: probe with driver hub failed with error -5
[  314.269193][T18598] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  314.275644][ T5940] Bluetooth: hci4: hardware error 0x04
[  314.278097][T18598] set match dimension is over the limit!
[  314.321932][T18602] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (8)
[  314.356003][ T5929] usb 13-1: USB disconnect, device number 8
[  314.432965][T18614] batadv1: entered promiscuous mode
[  314.435347][ T1024] IPVS: starting estimator thread 0...
[  314.518754][T18617] IPVS: using max 44 ests per chain, 105600 per kthread
[  314.578994][ T1024] usb 12-1: USB disconnect, device number 6
[  314.673938][T18588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.677564][T18588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.695509][T18626] binder: Unknown parameter 'uid<00000000000000060929'
[  314.745056][T18631] netlink: 'syz.0.4300': attribute type 20 has an invalid length.
[  314.745501][   T40] audit: type=1400 audit(314.623:5052): avc:  denied  { read } for  pid=18629 comm="syz.0.4300" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  314.876789][T18642] FAULT_INJECTION: forcing a failure.
[  314.876789][T18642] name failslab, interval 1, probability 0, space 0, times 0
[  314.882817][T18642] CPU: 3 UID: 0 PID: 18642 Comm: syz.0.4304 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  314.882833][T18642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  314.882839][T18642] Call Trace:
[  314.882843][T18642]  <TASK>
[  314.882847][T18642]  dump_stack_lvl+0x16c/0x1f0
[  314.882863][T18642]  should_fail_ex+0x512/0x640
[  314.882879][T18642]  should_failslab+0xc2/0x120
[  314.882892][T18642]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  314.882903][T18642]  ? skb_clone+0x190/0x3f0
[  314.882917][T18642]  skb_clone+0x190/0x3f0
[  314.882929][T18642]  netlink_deliver_tap+0xabd/0xd30
[  314.882946][T18642]  netlink_unicast+0x5df/0x7f0
[  314.882966][T18642]  ? __pfx_netlink_unicast+0x10/0x10
[  314.882984][T18642]  netlink_sendmsg+0x8d1/0xdd0
[  314.883001][T18642]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.883020][T18642]  ____sys_sendmsg+0xa98/0xc70
[  314.883035][T18642]  ? copy_msghdr_from_user+0x10a/0x160
[  314.883046][T18642]  ? __pfx_____sys_sendmsg+0x10/0x10
[  314.883068][T18642]  ___sys_sendmsg+0x134/0x1d0
[  314.883079][T18642]  ? __pfx____sys_sendmsg+0x10/0x10
[  314.883090][T18642]  ? __lock_acquire+0x622/0x1c90
[  314.883120][T18642]  __sys_sendmsg+0x16d/0x220
[  314.883131][T18642]  ? __pfx___sys_sendmsg+0x10/0x10
[  314.883152][T18642]  do_syscall_64+0xcd/0x4c0
[  314.883165][T18642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.883176][T18642] RIP: 0033:0x7fbef7b8e969
[  314.883185][T18642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.883196][T18642] RSP: 002b:00007fbef89c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.883206][T18642] RAX: ffffffffffffffda RBX: 00007fbef7db5fa0 RCX: 00007fbef7b8e969
[  314.883213][T18642] RDX: 0000000020001880 RSI: 0000200000006040 RDI: 0000000000000004
[  314.883220][T18642] RBP: 00007fbef89c5090 R08: 0000000000000000 R09: 0000000000000000
[  314.883230][T18642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.883236][T18642] R13: 0000000000000000 R14: 00007fbef7db5fa0 R15: 00007ffe25ed6418
[  314.883250][T18642]  </TASK>
[  314.962105][ T5929] usb 12-1: new high-speed USB device number 7 using dummy_hcd
[  315.074491][T18647] fuse: Bad value for 'user_id'
[  315.076165][T18647] fuse: Bad value for 'user_id'
[  315.110704][ T5929] usb 12-1: Using ep0 maxpacket: 32
[  315.115346][ T5929] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  315.121053][ T5929] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  315.123871][ T5929] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  315.126656][ T5929] usb 12-1: Product: syz
[  315.128405][ T5929] usb 12-1: Manufacturer: syz
[  315.130216][ T5929] usb 12-1: SerialNumber: syz
[  315.131617][T18649] tmpfs: Unknown parameter 'trans'
[  315.134118][T18649] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  315.138640][   T40] audit: type=1400 audit(315.013:5053): avc:  denied  { shutdown } for  pid=18648 comm="syz.8.4307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  315.142280][ T5929] usb 12-1: config 0 descriptor??
[  315.146947][T18624] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  315.150327][ T5929] hub 12-1:0.0: bad descriptor, ignoring hub
[  315.150698][T18651] FAULT_INJECTION: forcing a failure.
[  315.150698][T18651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.152652][ T5929] hub 12-1:0.0: probe with driver hub failed with error -5
[  315.161356][T18651] CPU: 1 UID: 0 PID: 18651 Comm: syz.0.4308 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  315.161381][T18651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  315.161391][T18651] Call Trace:
[  315.161398][T18651]  <TASK>
[  315.161405][T18651]  dump_stack_lvl+0x16c/0x1f0
[  315.161430][T18651]  should_fail_ex+0x512/0x640
[  315.161457][T18651]  _copy_to_user+0x32/0xd0
[  315.161484][T18651]  simple_read_from_buffer+0xcb/0x170
[  315.161543][T18651]  proc_fail_nth_read+0x197/0x270
[  315.161574][T18651]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  315.161603][T18651]  ? rw_verify_area+0xcf/0x680
[  315.161627][T18651]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  315.161655][T18651]  vfs_read+0x1e4/0xc60
[  315.161684][T18651]  ? __pfx___mutex_lock+0x10/0x10
[  315.161704][T18651]  ? __pfx_vfs_read+0x10/0x10
[  315.161737][T18651]  ? __fget_files+0x20e/0x3c0
[  315.161769][T18651]  ksys_read+0x12a/0x250
[  315.161786][T18651]  ? __pfx_ksys_read+0x10/0x10
[  315.161811][T18651]  do_syscall_64+0xcd/0x4c0
[  315.161834][T18651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.161852][T18651] RIP: 0033:0x7fbef7b8d37c
[  315.161866][T18651] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  315.161899][T18651] RSP: 002b:00007fbef89c5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  315.161917][T18651] RAX: ffffffffffffffda RBX: 00007fbef7db5fa0 RCX: 00007fbef7b8d37c
[  315.161928][T18651] RDX: 000000000000000f RSI: 00007fbef89c50a0 RDI: 0000000000000004
[  315.161937][T18651] RBP: 00007fbef89c5090 R08: 0000000000000000 R09: 0000000000000000
[  315.161948][T18651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  315.161958][T18651] R13: 0000000000000000 R14: 00007fbef7db5fa0 R15: 00007ffe25ed6418
[  315.161982][T18651]  </TASK>
[  315.287223][   T40] audit: type=1400 audit(315.163:5054): avc:  denied  { execute } for  pid=18658 comm="syz.0.4312" path="/dev/video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  315.289000][T18661] FAULT_INJECTION: forcing a failure.
[  315.289000][T18661] name failslab, interval 1, probability 0, space 0, times 0
[  315.298731][T18661] CPU: 3 UID: 0 PID: 18661 Comm: syz.8.4313 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  315.298755][T18661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  315.298767][T18661] Call Trace:
[  315.298774][T18661]  <TASK>
[  315.298781][T18661]  dump_stack_lvl+0x16c/0x1f0
[  315.298806][T18661]  should_fail_ex+0x512/0x640
[  315.298829][T18661]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  315.298851][T18661]  should_failslab+0xc2/0x120
[  315.298863][T18661]  __kmalloc_cache_noprof+0x6a/0x3e0
[  315.298879][T18661]  ? tcf_chain_create+0x98/0x370
[  315.298893][T18661]  tcf_chain_create+0x98/0x370
[  315.298906][T18661]  __tcf_chain_get+0x153/0x1b0
[  315.298921][T18661]  tc_new_tfilter+0x6ed/0x2340
[  315.298941][T18661]  ? avc_has_perm_noaudit+0x117/0x3b0
[  315.298975][T18661]  ? __pfx_tc_new_tfilter+0x10/0x10
[  315.299005][T18661]  ? find_held_lock+0x2b/0x80
[  315.299022][T18661]  ? __pfx_tc_new_tfilter+0x10/0x10
[  315.299035][T18661]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  315.299050][T18661]  ? __pfx_tc_new_tfilter+0x10/0x10
[  315.299065][T18661]  rtnetlink_rcv_msg+0x95b/0xe90
[  315.299078][T18661]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  315.299095][T18661]  ? ref_tracker_free+0x37c/0x830
[  315.299111][T18661]  netlink_rcv_skb+0x155/0x420
[  315.299126][T18661]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  315.299139][T18661]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  315.299159][T18661]  ? netlink_deliver_tap+0x1ae/0xd30
[  315.299175][T18661]  netlink_unicast+0x53d/0x7f0
[  315.299191][T18661]  ? __pfx_netlink_unicast+0x10/0x10
[  315.299209][T18661]  netlink_sendmsg+0x8d1/0xdd0
[  315.299226][T18661]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.299245][T18661]  ____sys_sendmsg+0xa98/0xc70
[  315.299260][T18661]  ? copy_msghdr_from_user+0x10a/0x160
[  315.299272][T18661]  ? __pfx_____sys_sendmsg+0x10/0x10
[  315.299293][T18661]  ___sys_sendmsg+0x134/0x1d0
[  315.299305][T18661]  ? __pfx____sys_sendmsg+0x10/0x10
[  315.299315][T18661]  ? __lock_acquire+0x622/0x1c90
[  315.299345][T18661]  __sys_sendmsg+0x16d/0x220
[  315.299357][T18661]  ? __pfx___sys_sendmsg+0x10/0x10
[  315.299377][T18661]  do_syscall_64+0xcd/0x4c0
[  315.299391][T18661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.299402][T18661] RIP: 0033:0x7f225778e969
[  315.299411][T18661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.299421][T18661] RSP: 002b:00007f22585df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.299432][T18661] RAX: ffffffffffffffda RBX: 00007f22579b5fa0 RCX: 00007f225778e969
[  315.299439][T18661] RDX: 0000000020001880 RSI: 0000200000006040 RDI: 0000000000000004
[  315.299445][T18661] RBP: 00007f22585df090 R08: 0000000000000000 R09: 0000000000000000
[  315.299451][T18661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.299457][T18661] R13: 0000000000000000 R14: 00007f22579b5fa0 R15: 00007fff33bc71f8
[  315.299471][T18661]  </TASK>
[  315.426001][T18663] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18663 comm=syz.0.4314
[  315.484356][T18673] netlink: 'syz.8.4317': attribute type 6 has an invalid length.
[  315.487519][T18673] netlink: 199836 bytes leftover after parsing attributes in process `syz.8.4317'.
[  315.518940][ T6467] usb 12-1: USB disconnect, device number 7
[  315.538713][ T5938] Bluetooth: hci3: command tx timeout
[  315.936586][   T40] audit: type=1400 audit(315.813:5055): avc:  denied  { getopt } for  pid=18695 comm="syz.7.4325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  315.976116][T18698] FAULT_INJECTION: forcing a failure.
[  315.976116][T18698] name failslab, interval 1, probability 0, space 0, times 0
[  315.981539][T18698] CPU: 0 UID: 0 PID: 18698 Comm: syz.7.4326 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  315.981566][T18698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  315.981578][T18698] Call Trace:
[  315.981584][T18698]  <TASK>
[  315.981592][T18698]  dump_stack_lvl+0x16c/0x1f0
[  315.981617][T18698]  should_fail_ex+0x512/0x640
[  315.981639][T18698]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  315.981668][T18698]  should_failslab+0xc2/0x120
[  315.981687][T18698]  __kmalloc_cache_noprof+0x6a/0x3e0
[  315.981713][T18698]  ? tcf_chain_tp_find+0x2b5/0x470
[  315.981733][T18698]  ? tc_new_tfilter+0xf0c/0x2340
[  315.981758][T18698]  tc_new_tfilter+0xf0c/0x2340
[  315.981792][T18698]  ? avc_has_perm_noaudit+0x117/0x3b0
[  315.981820][T18698]  ? __pfx_tc_new_tfilter+0x10/0x10
[  315.981871][T18698]  ? find_held_lock+0x2b/0x80
[  315.981899][T18698]  ? __pfx_tc_new_tfilter+0x10/0x10
[  315.981921][T18698]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  315.981944][T18698]  ? __pfx_tc_new_tfilter+0x10/0x10
[  315.981969][T18698]  rtnetlink_rcv_msg+0x95b/0xe90
[  315.981992][T18698]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  315.982020][T18698]  ? ref_tracker_free+0x37c/0x830
[  315.982054][T18698]  netlink_rcv_skb+0x155/0x420
[  315.982079][T18698]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  315.982101][T18698]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  315.982135][T18698]  ? netlink_deliver_tap+0x1ae/0xd30
[  315.982159][T18698]  netlink_unicast+0x53d/0x7f0
[  315.982185][T18698]  ? __pfx_netlink_unicast+0x10/0x10
[  315.982215][T18698]  netlink_sendmsg+0x8d1/0xdd0
[  315.982243][T18698]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.982277][T18698]  ____sys_sendmsg+0xa98/0xc70
[  315.982303][T18698]  ? copy_msghdr_from_user+0x10a/0x160
[  315.982322][T18698]  ? __pfx_____sys_sendmsg+0x10/0x10
[  315.982359][T18698]  ___sys_sendmsg+0x134/0x1d0
[  315.982379][T18698]  ? __pfx____sys_sendmsg+0x10/0x10
[  315.982395][T18698]  ? __lock_acquire+0x622/0x1c90
[  315.982448][T18698]  __sys_sendmsg+0x16d/0x220
[  315.982468][T18698]  ? __pfx___sys_sendmsg+0x10/0x10
[  315.982505][T18698]  do_syscall_64+0xcd/0x4c0
[  315.982527][T18698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.982546][T18698] RIP: 0033:0x7f90f2d8e969
[  315.982560][T18698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.982576][T18698] RSP: 002b:00007f90f3cc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.982593][T18698] RAX: ffffffffffffffda RBX: 00007f90f2fb5fa0 RCX: 00007f90f2d8e969
[  315.982605][T18698] RDX: 0000000020001880 RSI: 0000200000006040 RDI: 0000000000000004
[  315.982615][T18698] RBP: 00007f90f3cc3090 R08: 0000000000000000 R09: 0000000000000000
[  315.982626][T18698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.982635][T18698] R13: 0000000000000000 R14: 00007f90f2fb5fa0 R15: 00007fff80026688
[  315.982660][T18698]  </TASK>
[  316.338690][ T5940] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  316.462365][T18720] syz.0.4333: attempt to access beyond end of device
[  316.462365][T18720] nbd0: rw=0, sector=0, nr_sectors = 2 limit=0
[  316.466469][T18720] FAT-fs (nbd0): unable to read boot sector
[  316.480765][T18720] binder: Unknown parameter 'uid'
[  316.903757][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  316.905811][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  317.265999][   T40] audit: type=1400 audit(317.143:5056): avc:  denied  { lock } for  pid=18732 comm="syz.7.4337" path="socket:[79953]" dev="sockfs" ino=79953 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  317.540865][T18749] netlink: 'syz.8.4341': attribute type 1 has an invalid length.
[  317.553628][T18750] bond1 (unregistering): Released all slaves
[  317.591974][T18751] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4341'.
[  317.595789][T18759] netlink: 'syz.0.4343': attribute type 2 has an invalid length.
[  317.598724][T18759] netlink: 'syz.0.4343': attribute type 2 has an invalid length.
[  317.643733][T18762] FAULT_INJECTION: forcing a failure.
[  317.643733][T18762] name failslab, interval 1, probability 0, space 0, times 0
[  317.647785][T18762] CPU: 3 UID: 0 PID: 18762 Comm: syz.0.4344 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  317.647800][T18762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  317.647808][T18762] Call Trace:
[  317.647812][T18762]  <TASK>
[  317.647817][T18762]  dump_stack_lvl+0x16c/0x1f0
[  317.647833][T18762]  should_fail_ex+0x512/0x640
[  317.647848][T18762]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  317.647866][T18762]  should_failslab+0xc2/0x120
[  317.647878][T18762]  __kmalloc_cache_noprof+0x6a/0x3e0
[  317.647894][T18762]  ? fl_change+0x168/0x4f70
[  317.647908][T18762]  fl_change+0x168/0x4f70
[  317.647923][T18762]  ? find_held_lock+0x2b/0x80
[  317.647941][T18762]  ? fl_get+0x20a/0x3b0
[  317.647951][T18762]  ? __pfx_fl_change+0x10/0x10
[  317.647962][T18762]  ? fl_get+0x214/0x3b0
[  317.647971][T18762]  ? __pfx_fl_get+0x10/0x10
[  317.647983][T18762]  ? __pfx_fl_change+0x10/0x10
[  317.647993][T18762]  tc_new_tfilter+0xa32/0x2340
[  317.648017][T18762]  ? __pfx_tc_new_tfilter+0x10/0x10
[  317.648045][T18762]  ? find_held_lock+0x2b/0x80
[  317.648061][T18762]  ? __pfx_tc_new_tfilter+0x10/0x10
[  317.648075][T18762]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  317.648088][T18762]  ? __pfx_tc_new_tfilter+0x10/0x10
[  317.648103][T18762]  rtnetlink_rcv_msg+0x95b/0xe90
[  317.648117][T18762]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  317.648133][T18762]  ? ref_tracker_free+0x37c/0x830
[  317.648149][T18762]  netlink_rcv_skb+0x155/0x420
[  317.648164][T18762]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  317.648177][T18762]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  317.648196][T18762]  ? netlink_deliver_tap+0x1ae/0xd30
[  317.648212][T18762]  netlink_unicast+0x53d/0x7f0
[  317.648228][T18762]  ? __pfx_netlink_unicast+0x10/0x10
[  317.648246][T18762]  netlink_sendmsg+0x8d1/0xdd0
[  317.648263][T18762]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.648282][T18762]  ____sys_sendmsg+0xa98/0xc70
[  317.648298][T18762]  ? copy_msghdr_from_user+0x10a/0x160
[  317.648309][T18762]  ? __pfx_____sys_sendmsg+0x10/0x10
[  317.648329][T18762]  ___sys_sendmsg+0x134/0x1d0
[  317.648342][T18762]  ? __pfx____sys_sendmsg+0x10/0x10
[  317.648352][T18762]  ? __lock_acquire+0x622/0x1c90
[  317.648381][T18762]  __sys_sendmsg+0x16d/0x220
[  317.648393][T18762]  ? __pfx___sys_sendmsg+0x10/0x10
[  317.648413][T18762]  do_syscall_64+0xcd/0x4c0
[  317.648426][T18762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.648437][T18762] RIP: 0033:0x7fbef7b8e969
[  317.648446][T18762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.648457][T18762] RSP: 002b:00007fbef89c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.648467][T18762] RAX: ffffffffffffffda RBX: 00007fbef7db5fa0 RCX: 00007fbef7b8e969
[  317.648474][T18762] RDX: 0000000020001880 RSI: 0000200000006040 RDI: 0000000000000004
[  317.648481][T18762] RBP: 00007fbef89c5090 R08: 0000000000000000 R09: 0000000000000000
[  317.648487][T18762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  317.648493][T18762] R13: 0000000000000000 R14: 00007fbef7db5fa0 R15: 00007ffe25ed6418
[  317.648507][T18762]  </TASK>
[  318.665446][T18791] binder: 18790:18791 ioctl 5761 200000000740 returned -22
[  318.823299][T18808] FAULT_INJECTION: forcing a failure.
[  318.823299][T18808] name failslab, interval 1, probability 0, space 0, times 0
[  318.828709][T18808] CPU: 1 UID: 0 PID: 18808 Comm: syz.1.4357 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  318.828727][T18808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  318.828734][T18808] Call Trace:
[  318.828738][T18808]  <TASK>
[  318.828743][T18808]  dump_stack_lvl+0x16c/0x1f0
[  318.828759][T18808]  should_fail_ex+0x512/0x640
[  318.828774][T18808]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  318.828793][T18808]  should_failslab+0xc2/0x120
[  318.828805][T18808]  __kmalloc_cache_noprof+0x6a/0x3e0
[  318.828821][T18808]  ? fl_change+0x1b0/0x4f70
[  318.828834][T18808]  fl_change+0x1b0/0x4f70
[  318.828849][T18808]  ? find_held_lock+0x2b/0x80
[  318.828867][T18808]  ? fl_get+0x20a/0x3b0
[  318.828878][T18808]  ? __pfx_fl_change+0x10/0x10
[  318.828888][T18808]  ? fl_get+0x214/0x3b0
[  318.828897][T18808]  ? __pfx_fl_get+0x10/0x10
[  318.828914][T18808]  ? __pfx_fl_change+0x10/0x10
[  318.828924][T18808]  tc_new_tfilter+0xa32/0x2340
[  318.828949][T18808]  ? __pfx_tc_new_tfilter+0x10/0x10
[  318.828977][T18808]  ? find_held_lock+0x2b/0x80
[  318.828994][T18808]  ? __pfx_tc_new_tfilter+0x10/0x10
[  318.829007][T18808]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  318.829021][T18808]  ? __pfx_tc_new_tfilter+0x10/0x10
[  318.829036][T18808]  rtnetlink_rcv_msg+0x95b/0xe90
[  318.829050][T18808]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  318.829066][T18808]  ? ref_tracker_free+0x37c/0x830
[  318.829083][T18808]  netlink_rcv_skb+0x155/0x420
[  318.829097][T18808]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  318.829110][T18808]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  318.829130][T18808]  ? netlink_deliver_tap+0x1ae/0xd30
[  318.829146][T18808]  netlink_unicast+0x53d/0x7f0
[  318.829162][T18808]  ? __pfx_netlink_unicast+0x10/0x10
[  318.829180][T18808]  netlink_sendmsg+0x8d1/0xdd0
[  318.829197][T18808]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.829217][T18808]  ____sys_sendmsg+0xa98/0xc70
[  318.829232][T18808]  ? copy_msghdr_from_user+0x10a/0x160
[  318.829244][T18808]  ? __pfx_____sys_sendmsg+0x10/0x10
[  318.829265][T18808]  ___sys_sendmsg+0x134/0x1d0
[  318.829277][T18808]  ? __pfx____sys_sendmsg+0x10/0x10
[  318.829288][T18808]  ? __lock_acquire+0x622/0x1c90
[  318.829317][T18808]  __sys_sendmsg+0x16d/0x220
[  318.829329][T18808]  ? __pfx___sys_sendmsg+0x10/0x10
[  318.829350][T18808]  do_syscall_64+0xcd/0x4c0
[  318.829364][T18808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.829375][T18808] RIP: 0033:0x7fe24838e969
[  318.829384][T18808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.829395][T18808] RSP: 002b:00007fe2491d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.829405][T18808] RAX: ffffffffffffffda RBX: 00007fe2485b5fa0 RCX: 00007fe24838e969
[  318.829412][T18808] RDX: 0000000020001880 RSI: 0000200000006040 RDI: 0000000000000004
[  318.829418][T18808] RBP: 00007fe2491d6090 R08: 0000000000000000 R09: 0000000000000000
[  318.829425][T18808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  318.829431][T18808] R13: 0000000000000000 R14: 00007fe2485b5fa0 R15: 00007ffcc9ba11d8
[  318.829444][T18808]  </TASK>
[  319.059871][T18818] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4360'.
[  319.098156][T18823] openvswitch: netlink: IPv6 tunnel dst address is zero
[  319.163808][   T40] audit: type=1400 audit(319.043:5057): avc:  denied  { ioctl } for  pid=18826 comm="syz.1.4362" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 ioctlcmd=0xf512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  319.205130][   T40] audit: type=1400 audit(319.083:5058): avc:  denied  { watch watch_reads } for  pid=18830 comm="syz.8.4363" path="pipe:[80005]" dev="pipefs" ino=80005 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  319.232146][T18835] netlink: 84 bytes leftover after parsing attributes in process `syz.1.4364'.
[  319.236910][T18835] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  319.490274][T18851] FAULT_INJECTION: forcing a failure.
[  319.490274][T18851] name failslab, interval 1, probability 0, space 0, times 0
[  319.494257][T18851] CPU: 0 UID: 0 PID: 18851 Comm: syz.8.4369 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  319.494274][T18851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  319.494281][T18851] Call Trace:
[  319.494285][T18851]  <TASK>
[  319.494290][T18851]  dump_stack_lvl+0x16c/0x1f0
[  319.494306][T18851]  should_fail_ex+0x512/0x640
[  319.494321][T18851]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  319.494340][T18851]  should_failslab+0xc2/0x120
[  319.494352][T18851]  __kmalloc_cache_noprof+0x6a/0x3e0
[  319.494368][T18851]  ? __nla_parse+0x40/0x60
[  319.494383][T18851]  ? fl_change+0x2da/0x4f70
[  319.494396][T18851]  fl_change+0x2da/0x4f70
[  319.494411][T18851]  ? find_held_lock+0x2b/0x80
[  319.494429][T18851]  ? fl_get+0x20a/0x3b0
[  319.494440][T18851]  ? __pfx_fl_change+0x10/0x10
[  319.494451][T18851]  ? fl_get+0x214/0x3b0
[  319.494460][T18851]  ? __pfx_fl_get+0x10/0x10
[  319.494471][T18851]  ? __pfx_fl_change+0x10/0x10
[  319.494482][T18851]  tc_new_tfilter+0xa32/0x2340
[  319.494505][T18851]  ? __pfx_tc_new_tfilter+0x10/0x10
[  319.494544][T18851]  ? find_held_lock+0x2b/0x80
[  319.494560][T18851]  ? __pfx_tc_new_tfilter+0x10/0x10
[  319.494574][T18851]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  319.494588][T18851]  ? __pfx_tc_new_tfilter+0x10/0x10
[  319.494603][T18851]  rtnetlink_rcv_msg+0x95b/0xe90
[  319.494617][T18851]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  319.494633][T18851]  ? ref_tracker_free+0x37c/0x830
[  319.494650][T18851]  netlink_rcv_skb+0x155/0x420
[  319.494664][T18851]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  319.494677][T18851]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  319.494697][T18851]  ? netlink_deliver_tap+0x1ae/0xd30
[  319.494716][T18851]  netlink_unicast+0x53d/0x7f0
[  319.494732][T18851]  ? __pfx_netlink_unicast+0x10/0x10
[  319.494750][T18851]  netlink_sendmsg+0x8d1/0xdd0
[  319.494766][T18851]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.494786][T18851]  ____sys_sendmsg+0xa98/0xc70
[  319.494801][T18851]  ? copy_msghdr_from_user+0x10a/0x160
[  319.494812][T18851]  ? __pfx_____sys_sendmsg+0x10/0x10
[  319.494833][T18851]  ___sys_sendmsg+0x134/0x1d0
[  319.494845][T18851]  ? __pfx____sys_sendmsg+0x10/0x10
[  319.494855][T18851]  ? __lock_acquire+0x622/0x1c90
[  319.494885][T18851]  __sys_sendmsg+0x16d/0x220
[  319.494897][T18851]  ? __pfx___sys_sendmsg+0x10/0x10
[  319.494917][T18851]  do_syscall_64+0xcd/0x4c0
[  319.494931][T18851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.494942][T18851] RIP: 0033:0x7f225778e969
[  319.494950][T18851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.494961][T18851] RSP: 002b:00007f22585df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  319.494972][T18851] RAX: ffffffffffffffda RBX: 00007f22579b5fa0 RCX: 00007f225778e969
[  319.494979][T18851] RDX: 0000000020001880 RSI: 0000200000006040 RDI: 0000000000000004
[  319.494985][T18851] RBP: 00007f22585df090 R08: 0000000000000000 R09: 0000000000000000
[  319.494991][T18851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  319.494997][T18851] R13: 0000000000000000 R14: 00007f22579b5fa0 R15: 00007fff33bc71f8
[  319.495010][T18851]  </TASK>
[  319.690377][ T5929] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  319.818958][ T5929] usb 6-1: device descriptor read/64, error -71
[  320.058737][ T5929] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  320.189178][ T5929] usb 6-1: device descriptor read/64, error -71
[  320.300720][ T5929] usb usb6-port1: attempt power cycle
[  320.412855][T18860] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4372'.
[  320.416684][T18860] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4372'.
[  320.420595][T18860] netlink: 'syz.7.4372': attribute type 10 has an invalid length.
[  320.423599][T18861] netlink: 'syz.7.4372': attribute type 10 has an invalid length.
[  320.437257][T18860] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  320.638863][ T5929] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  320.659280][ T5929] usb 6-1: device descriptor read/8, error -71
[  320.898839][ T5929] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  320.922151][ T5929] usb 6-1: device descriptor read/8, error -71
[  321.029486][ T5929] usb usb6-port1: unable to enumerate USB device
[  321.179148][ T6341] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  321.238859][T18870] autofs4:pid:18870:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e)
[  321.283918][T18872] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4376'.
[  321.319301][ T6341] usb 6-1: device descriptor read/64, error -71
[  321.415247][T18877] IPv6: addrconf: prefix option has invalid lifetime
[  321.578847][ T6341] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  321.612197][   T40] audit: type=1400 audit(321.493:5059): avc:  denied  { create } for  pid=18885 comm="syz.7.4381" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  321.612220][T18886] o2cb: This node has not been configured.
[  321.620987][T18886] o2cb: Cluster check failed. Fix errors before retrying.
[  321.623228][T18886] (syz.7.4381,18886,3):user_dlm_register:674 ERROR: status = -22
[  321.625590][T18886] (syz.7.4381,18886,3):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[  321.644186][   T40] audit: type=1400 audit(321.523:5060): avc:  denied  { append } for  pid=18885 comm="syz.7.4381" name="event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  321.729126][ T6341] usb 6-1: device descriptor read/64, error -71
[  321.787861][   T40] audit: type=1400 audit(321.663:5061): avc:  denied  { connect } for  pid=18889 comm="syz.7.4383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  321.826004][T18892] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4384'.
[  321.847078][T18892] bond1: entered promiscuous mode
[  321.849724][T18892] bond1: entered allmulticast mode
[  321.850301][ T6341] usb usb6-port1: attempt power cycle
[  321.961008][   T40] audit: type=1804 audit(321.843:5062): pid=18895 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.7.4385" name="/newroot/241/bus/file0" dev="overlay" ino=1301 res=1 errno=0
[  322.198807][ T6341] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  322.220045][ T6341] usb 6-1: device descriptor read/8, error -71
[  322.229732][T18901] netlink: 'syz.7.4387': attribute type 10 has an invalid length.
[  322.458748][ T6341] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  322.678680][ T6341] usb 6-1: device not accepting address 28, error -71
[  322.681025][ T6341] usb usb6-port1: unable to enumerate USB device
[  322.897589][T18914] ------------[ cut here ]------------
[  322.899405][T18914] UBSAN: array-index-out-of-bounds in ./include/net/ipv6.h:616:34
SYZFAIL: failed to recv rpc
[  322.901816][T18914] index 20 is out of range for type '__u8 [16]'
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  322.903939][   T40] audit: type=1400 audit(322.783:5063): avc:  denied  { write } for  pid=5895 comm="syz-executor" path="pipe:[706]" dev="pipefs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  322.905050][T18914] CPU: 0 UID: 0 PID: 18914 Comm: syz.7.4393 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  322.905068][T18914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  322.905076][T18914] Call Trace:
[  322.905081][T18914]  <TASK>
[  322.905087][T18914]  dump_stack_lvl+0x16c/0x1f0
[  322.905104][T18914]  __ubsan_handle_out_of_bounds+0x11c/0x160
[  322.905126][T18914]  ipv6_addr_prefix+0xf2/0x110
[  322.905139][T18914]  ip6_route_info_create+0x4b6/0x870
[  322.905152][T18914]  ip6_route_add+0x26/0x1d0
[  322.905164][T18914]  addrconf_prefix_route+0x2fd/0x510
[  322.905178][T18914]  ? __pfx_addrconf_prefix_route+0x10/0x10
[  322.905197][T18914]  ? lock_acquire+0x179/0x350
[  322.905213][T18914]  ? __pfx_addrconf_get_prefix_route+0x10/0x10
[  322.905226][T18914]  ? find_held_lock+0x2b/0x80
[  322.905243][T18914]  ? addrconf_prefix_rcv+0xa7e/0x1f70
[  322.905261][T18914]  addrconf_prefix_rcv+0x1808/0x1f70
[  322.905281][T18914]  ? __pfx_addrconf_prefix_rcv+0x10/0x10
[  322.905296][T18914]  ? __ipv6_chk_addr_and_flags+0x2f4/0x750
[  322.905310][T18914]  ? ndisc_router_discovery+0xc00/0x3550
[  322.905330][T18914]  ? ndisc_router_discovery+0x1c49/0x3550
[  322.905346][T18914]  ndisc_router_discovery+0x1c49/0x3550
[  322.905367][T18914]  ? ip6t_do_table+0xbf5/0x1c30
[  322.905384][T18914]  ? __pfx_ndisc_router_discovery+0x10/0x10
[  322.905402][T18914]  ? __lock_acquire+0x622/0x1c90
[  322.905422][T18914]  ? skb_checksum+0x81f/0x980
[  322.905464][T18914]  ndisc_rcv+0x3fa/0x620
[  322.905477][T18914]  icmpv6_rcv+0x17c6/0x1c50
[  322.905497][T18914]  ? __pfx_icmpv6_rcv+0x10/0x10
[  322.905512][T18914]  ip6_protocol_deliver_rcu+0xf86/0x1520
[  322.905538][T18914]  ip6_input_finish+0x102/0x180
[  322.905557][T18914]  ip6_input+0x105/0x2f0
[  322.905568][T18914]  ip6_mc_input+0x465/0xfd0
[  322.905579][T18914]  ? __pfx_ip6_mc_input+0x10/0x10
[  322.905590][T18914]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  322.905602][T18914]  ? __pfx_ip6_mc_input+0x10/0x10
[  322.905612][T18914]  ipv6_rcv+0x45a/0x680
[  322.905622][T18914]  ? __pfx_ipv6_rcv+0x10/0x10
[  322.905630][T18914]  __netif_receive_skb_one_core+0x12d/0x1e0
[  322.905642][T18914]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  322.905660][T18914]  ? lock_acquire+0x179/0x350
[  322.905673][T18914]  ? __phys_addr+0xe8/0x180
[  322.905691][T18914]  __netif_receive_skb+0x1d/0x160
[  322.905701][T18914]  netif_receive_skb+0x137/0x7b0
[  322.905718][T18914]  ? __pfx_netif_receive_skb+0x10/0x10
[  322.905734][T18914]  tun_rx_batched.isra.0+0x3ee/0x740
[  322.905752][T18914]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  322.905770][T18914]  ? tun_get_user+0x1c0d/0x3b80
[  322.905785][T18914]  ? rcu_is_watching+0x12/0xc0
[  322.905798][T18914]  tun_get_user+0x28a2/0x3b80
[  322.905820][T18914]  ? __pfx_tun_get_user+0x10/0x10
[  322.905834][T18914]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  322.905853][T18914]  ? find_held_lock+0x2b/0x80
[  322.905870][T18914]  ? tun_get+0x191/0x370
[  322.905886][T18914]  tun_chr_write_iter+0xdc/0x210
[  322.905901][T18914]  vfs_write+0x6c4/0x1150
[  322.905912][T18914]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  322.905929][T18914]  ? __pfx_vfs_write+0x10/0x10
[  322.905937][T18914]  ? find_held_lock+0x2b/0x80
[  322.905962][T18914]  ksys_write+0x12a/0x250
[  322.905971][T18914]  ? __pfx_ksys_write+0x10/0x10
[  322.905985][T18914]  do_syscall_64+0xcd/0x4c0
[  322.905998][T18914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.906009][T18914] RIP: 0033:0x7f90f2d8d41f
[  322.906018][T18914] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  322.906030][T18914] RSP: 002b:00007f90f3cc3000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  322.906040][T18914] RAX: ffffffffffffffda RBX: 00007f90f2fb5fa0 RCX: 00007f90f2d8d41f
[  322.906048][T18914] RDX: 000000000000034e RSI: 0000200000000780 RDI: 00000000000000c8
[  322.906054][T18914] RBP: 00007f90f2e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  322.906061][T18914] R10: 000000000000034e R11: 0000000000000293 R12: 0000000000000000
[  322.906068][T18914] R13: 0000000000000000 R14: 00007f90f2fb5fa0 R15: 00007fff80026688
[  322.906082][T18914]  </TASK>
[  322.906087][T18914] ---[ end trace ]---
[  323.043014][T18914] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  323.045980][T18914] CPU: 0 UID: 0 PID: 18914 Comm: syz.7.4393 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  323.049983][T18914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  323.053345][T18914] Call Trace:
[  323.054420][T18914]  <TASK>
[  323.055347][T18914]  dump_stack_lvl+0x3d/0x1f0
[  323.056809][T18914]  panic+0x71c/0x800
[  323.058050][T18914]  ? __pfx_panic+0x10/0x10
[  323.059411][T18914]  ? __pfx__printk+0x10/0x10
[  323.060884][T18914]  check_panic_on_warn+0xab/0xb0
[  323.062437][T18914]  __ubsan_handle_out_of_bounds+0x143/0x160
[  323.064285][T18914]  ipv6_addr_prefix+0xf2/0x110
[  323.065836][T18914]  ip6_route_info_create+0x4b6/0x870
[  323.067579][T18914]  ip6_route_add+0x26/0x1d0
[  323.069027][T18914]  addrconf_prefix_route+0x2fd/0x510
[  323.070676][T18914]  ? __pfx_addrconf_prefix_route+0x10/0x10
[  323.072469][T18914]  ? lock_acquire+0x179/0x350
[  323.073954][T18914]  ? __pfx_addrconf_get_prefix_route+0x10/0x10
[  323.075851][T18914]  ? find_held_lock+0x2b/0x80
[  323.077315][T18914]  ? addrconf_prefix_rcv+0xa7e/0x1f70
[  323.078977][T18914]  addrconf_prefix_rcv+0x1808/0x1f70
[  323.080611][T18914]  ? __pfx_addrconf_prefix_rcv+0x10/0x10
[  323.082369][T18914]  ? __ipv6_chk_addr_and_flags+0x2f4/0x750
[  323.084166][T18914]  ? ndisc_router_discovery+0xc00/0x3550
[  323.085967][T18914]  ? ndisc_router_discovery+0x1c49/0x3550
[  323.087696][T18914]  ndisc_router_discovery+0x1c49/0x3550
[  323.089363][T18914]  ? ip6t_do_table+0xbf5/0x1c30
[  323.090857][T18914]  ? __pfx_ndisc_router_discovery+0x10/0x10
[  323.092670][T18914]  ? __lock_acquire+0x622/0x1c90
[  323.094228][T18914]  ? skb_checksum+0x81f/0x980
[  323.095728][T18914]  ndisc_rcv+0x3fa/0x620
[  323.097051][T18914]  icmpv6_rcv+0x17c6/0x1c50
[  323.098468][T18914]  ? __pfx_icmpv6_rcv+0x10/0x10
[  323.099974][T18914]  ip6_protocol_deliver_rcu+0xf86/0x1520
[  323.101724][T18914]  ip6_input_finish+0x102/0x180
[  323.103251][T18914]  ip6_input+0x105/0x2f0
[  323.104581][T18914]  ip6_mc_input+0x465/0xfd0
[  323.106014][T18914]  ? __pfx_ip6_mc_input+0x10/0x10
[  323.107588][T18914]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  323.109209][T18914]  ? __pfx_ip6_mc_input+0x10/0x10
[  323.110809][T18914]  ipv6_rcv+0x45a/0x680
[  323.112141][T18914]  ? __pfx_ipv6_rcv+0x10/0x10
[  323.113626][T18914]  __netif_receive_skb_one_core+0x12d/0x1e0
[  323.115472][T18914]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  323.117467][T18914]  ? lock_acquire+0x179/0x350
[  323.118948][T18914]  ? __phys_addr+0xe8/0x180
[  323.120384][T18914]  __netif_receive_skb+0x1d/0x160
[  323.121999][T18914]  netif_receive_skb+0x137/0x7b0
[  323.123568][T18914]  ? __pfx_netif_receive_skb+0x10/0x10
[  323.125281][T18914]  tun_rx_batched.isra.0+0x3ee/0x740
[  323.126992][T18914]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  323.128818][T18914]  ? tun_get_user+0x1c0d/0x3b80
[  323.130689][T18914]  ? rcu_is_watching+0x12/0xc0
[  323.132710][T18914]  tun_get_user+0x28a2/0x3b80
[  323.134696][T18914]  ? __pfx_tun_get_user+0x10/0x10
[  323.136791][T18914]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  323.138902][T18914]  ? find_held_lock+0x2b/0x80
[  323.140384][T18914]  ? tun_get+0x191/0x370
[  323.141760][T18914]  tun_chr_write_iter+0xdc/0x210
[  323.143314][T18914]  vfs_write+0x6c4/0x1150
[  323.144666][T18914]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  323.146401][T18914]  ? __pfx_vfs_write+0x10/0x10
[  323.147927][T18914]  ? find_held_lock+0x2b/0x80
[  323.149417][T18914]  ksys_write+0x12a/0x250
[  323.150789][T18914]  ? __pfx_ksys_write+0x10/0x10
[  323.152354][T18914]  do_syscall_64+0xcd/0x4c0
[  323.153804][T18914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.155688][T18914] RIP: 0033:0x7f90f2d8d41f
[  323.157114][T18914] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  323.163044][T18914] RSP: 002b:00007f90f3cc3000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  323.165623][T18914] RAX: ffffffffffffffda RBX: 00007f90f2fb5fa0 RCX: 00007f90f2d8d41f
[  323.168089][T18914] RDX: 000000000000034e RSI: 0000200000000780 RDI: 00000000000000c8
[  323.170576][T18914] RBP: 00007f90f2e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  323.173091][T18914] R10: 000000000000034e R11: 0000000000000293 R12: 0000000000000000
[  323.175554][T18914] R13: 0000000000000000 R14: 00007f90f2fb5fa0 R15: 00007fff80026688
[  323.178047][T18914]  </TASK>
[  323.179589][T18914] Kernel Offset: disabled
[  323.181016][T18914] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:28:19  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85592940 RDI=ffffffff9b06d6a0 RBP=ffffffff9b06d660 RSP=ffffc9000355ea68
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff360db26 R15=dffffc0000000000
RIP=ffffffff85592967 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f90f3cc36c0 ffffffff 00c00000
GS =0000 ffff8880d676e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f90f3cc2f98 CR3=0000000024fc0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2f83488 00007f90f2f83480 00007f90f2f83478 00007f90f2f83450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f3aed100 00007f90f2f83440 00007f90f2f83458 00007f90f2f834a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2f83498 00007f90f2f83490 00007f90f2f83488 00007f90f2f83480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffed1003dacb31 RBX=ffffed1003dacb32 RCX=ffffffff822e1a31 RDX=ffffed1003dacb32
RSI=0000000000000004 RDI=ffff88801ed6598c RBP=ffffed1003dacb31 RSP=ffffc9000401f738
R8 =0000000000000000 R9 =ffffed1003dacb31 R10=ffff88801ed6598f R11=0000000000000001
R12=ffff88801ed65940 R13=0000000000000001 R14=0000000000000001 R15=ffff88801ed6598c
RIP=ffffffff822275cc RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d686e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f9ad2ee7d60 CR3=000000000e382000 CR4=00352ef0
DR0=0000000000000007 DR1=0000000000000005 DR2=0000000000000008 DR3=0000000000000002 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ad23836a3 00007f9ad23836a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeed304580 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556ad97a72 000055556ad97930
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556adafda9 000055556adaf080
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000381c003021000 0381b00300100005 90030fffffffffff ff04058003058004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01048080e2801000 0381800401000002 0806060167b602a3 8008000381e00300
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 10000381d00301f6 8080808080808081 10000381c0030210 000381b003001000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0590030fffffffff ffff040580030580 040381a003000800 038190030fffffff
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0403818003 0010000100000e08 0624100020808082 100001c080100000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85592885 RDI=ffffffff9b06d6a0 RBP=ffffffff9b06d660 RSP=ffffc9000078f880
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9b06d660 R15=ffffffff85592820
RIP=ffffffff855928af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d696e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000000148 CR3=000000000e382000 CR4=00352ef0
DR0=000000000000004b DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2e11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2f83488 00007f90f2f83480 00007f90f2f83478 00007f90f2f83450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f3aed100 00007f90f2f83440 00007f90f2f83458 00007f90f2f834a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90f2f83498 00007f90f2f83490 00007f90f2f83488 00007f90f2f83480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 000000000000009c
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000002d198d RBX=0000000000000003 RCX=ffffffff8b7c6449 RDX=0000000000000000
RSI=ffffffff8de06e7d RDI=ffffffff8c1531c0 RBP=ffffed1003bd9000 RSP=ffffc90000197df8
R8 =0000000000000001 R9 =ffffed100d4e663d R10=ffff88806a7331eb R11=0000000000000001
R12=0000000000000003 R13=ffff88801dec8000 R14=ffffffff90a78750 R15=0000000000000000
RIP=ffffffff8b7c4faf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6a6e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3cb402 CR3=000000004a264000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc9ba1560 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe248411a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe248411a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe248411a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe248411aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe248411b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe248411c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000