last executing test programs:

7m52.064513298s ago: executing program 3 (id=370):
ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40449426, &(0x7f00000000c0)={{}, 0x0, 0x0, 0x9, 0x8})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r2, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x61)
dup2(r2, r0)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x6ee9, &(0x7f0000000080)={0x0, 0x6a44, 0x1, 0x0, 0x67}, &(0x7f0000ff0000), &(0x7f00000001c0))
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='mpol=prefer=rele:0'])
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000001680), 0x20a3)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095", @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

7m51.294173084s ago: executing program 3 (id=373):
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
r0 = socket$kcm(0x25, 0x1, 0x0)
recvmsg$kcm(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x160)
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
move_mount(r1, 0x0, r1, &(0x7f00000003c0)='./file0\x00', 0x40)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000100))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newtaction={0xdac, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0xd98, 0x1, [@m_police={0xd4c, 0x1a, 0x0, 0x0, {{0xb}, {0xc40, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE64={0xc, 0x8, 0x81}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x2}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x40}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0xfffffffa, 0x6, 0x5, 0x6, 0x8, 0xc2, 0x6cb, 0x2, 0xffa, 0x10, 0x9, 0x0, 0x3, 0x3, 0x1, 0x58, 0x6, 0x5, 0x80, 0x7, 0x0, 0x7bf5c33c, 0x1, 0x3, 0x8e6, 0x1, 0xfffffffa, 0x0, 0x1, 0x4f, 0x4, 0x2, 0x0, 0x7, 0x6, 0x8, 0xf, 0x5, 0xf17, 0x1, 0x3, 0x0, 0x8, 0xb, 0xfffffffa, 0xfffffffd, 0x8000, 0xa, 0x3, 0x3, 0x81, 0x5, 0x1, 0xff, 0x7, 0x2, 0x1000, 0x6, 0x1, 0x4, 0x0, 0x1, 0x200, 0x7, 0xb6, 0x80000000, 0x0, 0x5, 0x5, 0x0, 0x5, 0x0, 0x0, 0x6, 0x9, 0x5, 0x7, 0xc20, 0x4, 0x10000, 0xc3, 0x7f, 0x9, 0x0, 0x7ff, 0x1, 0x3, 0x1, 0x2, 0x0, 0x9, 0x7ff, 0x7e, 0x9, 0x8, 0x5, 0x5, 0x8001, 0x4, 0xe18c, 0x7, 0x9, 0xfffffff9, 0x5, 0x3, 0xc65, 0x6, 0xfff, 0xffffff80, 0x5, 0x0, 0x3d, 0x3, 0x2, 0xd, 0xee, 0xc00, 0xd, 0x235, 0xffffff81, 0xa, 0x9, 0x9, 0x9, 0x101, 0x74, 0x3, 0x6, 0x7, 0x6e, 0x8, 0x6, 0xffff, 0xffffffff, 0x3, 0xff2, 0x101, 0x6c9e59f6, 0x18, 0x1, 0x3, 0x5, 0xffffff81, 0x101, 0x2, 0x78a, 0xe3c, 0x200, 0x6, 0xfffffe01, 0xe350, 0x1b9d, 0x7, 0x4, 0xf, 0xfffffff1, 0x7, 0x87, 0x7, 0x93c, 0x2, 0x12, 0x5, 0x40, 0x0, 0x3, 0xff, 0x1, 0x8, 0x800, 0xd, 0x3, 0xd, 0x3, 0x4, 0x4149, 0x80000000, 0x6, 0xdb3, 0x623, 0xffff, 0xfffffffd, 0x401, 0x8, 0x7fffffff, 0x7, 0x40, 0xd, 0x722a75d2, 0x0, 0xb, 0x401, 0xa9bd, 0x4, 0x7, 0x1, 0x400, 0x0, 0x4, 0x3, 0x80000000, 0x7fffffff, 0x8, 0x4, 0x40, 0x3, 0x7fff, 0x33, 0x1edf, 0x8, 0x6, 0x7, 0x5, 0x13, 0x2, 0x8, 0x0, 0x2, 0x2, 0x65b, 0x80000000, 0x3, 0xfffffff7, 0x5, 0x1, 0xffff, 0x8, 0x4, 0x9, 0xffff, 0xed, 0x7, 0x1, 0xb, 0x93b8, 0x0, 0x3f8c3396, 0x7fffffff, 0xf, 0x0, 0xfffffffe, 0x3, 0xa0, 0x400, 0x3, 0x1, 0x9, 0x0, 0x2, 0x6, 0x9, 0x5, 0x8, 0x1000, 0x7fffffff]}, @TCA_POLICE_RATE={0x404, 0x2, [0x2, 0xe7, 0x9, 0x68, 0x8, 0x875, 0x8, 0xfffffc01, 0x4, 0x2, 0x5, 0x1, 0x0, 0x9, 0x3ff, 0xf2, 0x2, 0xff, 0xffffff01, 0x3, 0x8338, 0xd78, 0x10000, 0x3, 0x0, 0x7, 0x4, 0x1, 0x8, 0x9, 0x9, 0x7, 0x7fffffff, 0x1000, 0xe, 0xd5a, 0x9, 0x7, 0x4, 0x9, 0x0, 0xfffffffa, 0x8, 0x1, 0x2, 0x7f, 0x8, 0x10000, 0x6, 0x8, 0x3, 0x1, 0x3, 0x44, 0x8000, 0x5, 0x9, 0xa6f, 0x6, 0xf, 0xec, 0x6, 0x200, 0x4, 0x9, 0xd, 0x3b05, 0x7, 0x1, 0x5, 0x6, 0x4, 0x7ff, 0x5, 0x5, 0x10001, 0x28, 0xfffffff3, 0x8, 0x5, 0x1, 0x2, 0x10001, 0x4, 0xee, 0x4, 0x7ff, 0x0, 0x40, 0x133f, 0x9, 0x28000, 0x9, 0x3ff, 0x80000001, 0x9, 0x8, 0x9, 0xbd, 0x6, 0x800, 0x7763, 0x2, 0x3, 0x1, 0x3, 0x8, 0x3, 0x6d4f, 0xe5, 0x3, 0x8, 0xffffffff, 0x5930, 0xf7e8, 0xcd, 0x7a, 0x4, 0x9, 0x3, 0x0, 0x1000, 0x8, 0x6, 0x9, 0x2, 0x0, 0x8, 0x1, 0x7, 0x5, 0xfffffffb, 0x200, 0x3, 0x3, 0x5, 0x1, 0x7fff, 0x10000, 0xe, 0x400, 0x94, 0xfffff801, 0x7a9067ab, 0x9, 0x7fff, 0x6, 0x1, 0x4, 0x6, 0x4, 0x4, 0x0, 0x1, 0x7, 0x9, 0x4, 0x6, 0xfffffff9, 0x5, 0x9, 0x800, 0xd52, 0xc08, 0x0, 0xfffffffb, 0x960, 0xf, 0x8, 0x3, 0xffffffff, 0x8, 0xd3f, 0x6, 0x8000, 0x400, 0xffffffff, 0x2, 0x2, 0x1000, 0xc, 0x80000000, 0x8, 0x5, 0xffffd1ab, 0x8, 0x1, 0x5, 0xffff7fff, 0x3, 0x12200000, 0x80, 0x0, 0x1, 0x9, 0x5, 0x8, 0xe4a, 0x0, 0x4, 0x1, 0x13e1, 0x8, 0x3, 0x2, 0x10, 0x101, 0x473f, 0x9, 0x2b86, 0x3, 0x5, 0xd004, 0x1, 0x3cdb, 0x7, 0xc5b, 0xfffffffd, 0x6, 0x200, 0x100, 0x40, 0x4, 0xf, 0x200, 0x0, 0x6, 0x38, 0x1, 0x1, 0x0, 0xd, 0xffff723a, 0x100, 0xf, 0xfffffff4, 0x4, 0x10001, 0xb, 0x847, 0x100, 0x0, 0x0, 0x1, 0x6, 0x7fffffff, 0x0, 0xd, 0x0, 0x6, 0xffffffff, 0x4, 0x4, 0x1, 0x7fffffff, 0x4]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0x0, 0x101, 0x4, 0x8, 0x9, 0x5e4, 0x1, 0xfffffffc, 0x5, 0xfff, 0x292eb0c4, 0x4, 0x3, 0x54e1abbc, 0x100, 0x40c7, 0x3, 0x2860000, 0x1, 0x3, 0xffff, 0x0, 0xa, 0x3, 0x80000001, 0xfffffff9, 0x5, 0x0, 0xf9, 0x80000001, 0x3ff, 0x3, 0xb, 0x8, 0x2, 0x0, 0x3, 0x9, 0xfffffff9, 0x8, 0x5, 0x0, 0x0, 0x4, 0x57c6291b, 0x40, 0x4, 0x7eb0f610, 0x3e, 0x5, 0xd5e6, 0xe56, 0x10000, 0x8, 0x7fff, 0x2, 0x40, 0x40, 0x2, 0x0, 0x0, 0x0, 0x8, 0x6df, 0x7, 0x5b, 0xb, 0xffffd524, 0x80000000, 0x0, 0x6, 0x2, 0x80000000, 0x6, 0x80, 0x3, 0x1ff, 0x1000, 0x20db, 0x40, 0x2, 0x7fffffff, 0x6, 0x1, 0x8a7, 0x0, 0xb1, 0x0, 0x8, 0x10001, 0x10001, 0xfffffffd, 0x7ff, 0x79, 0x3, 0x1ff, 0x7f, 0x7, 0x5, 0x7f, 0x10000, 0x83f3, 0x4, 0x7ef5, 0x7, 0x7, 0x5, 0x7ff, 0x0, 0x4e, 0x4, 0xc, 0x0, 0x1, 0x85a, 0x3, 0x8, 0x53, 0xfffff77c, 0x0, 0x80000001, 0x8000, 0x2, 0x0, 0x2d6b, 0x200, 0x4, 0x33, 0x6, 0xbed, 0x7ff, 0x6, 0x5, 0x8, 0x7, 0x3, 0x8, 0x7ff, 0x6, 0x9951, 0x7, 0x9, 0x5, 0x10000, 0x6, 0x2, 0x26ec, 0x0, 0x8000, 0x3, 0x2b3e, 0xb17b, 0xe, 0x7ba, 0x8000, 0x7, 0xf79, 0xd3c, 0x5, 0x0, 0x9, 0x7, 0x8, 0x9, 0x4, 0x8, 0x8, 0x5, 0x10, 0x2, 0x8, 0xdaf, 0x8, 0x4, 0x2, 0x745, 0x1, 0x0, 0x3, 0x4, 0xf4, 0x7f, 0x9, 0x1, 0x2, 0xffff, 0x8, 0x5, 0x3, 0x2, 0x8, 0xf60, 0x4, 0x0, 0xffffffff, 0x9, 0x3, 0x40, 0x0, 0x5, 0x3ea, 0x0, 0x1, 0x4d0eba58, 0xfffffffa, 0x0, 0x7fffffff, 0x9, 0x73, 0x81, 0xc70, 0x7, 0x2, 0xc5c, 0x7, 0x6, 0x80000, 0xc, 0x2, 0xb, 0x7f, 0x1, 0x3, 0xffffffff, 0xf, 0x4, 0x5, 0x9, 0x6, 0x1, 0x1, 0x3, 0x2, 0xcc, 0x40, 0x81, 0x7fffffff, 0x0, 0x6, 0x3, 0x0, 0x1, 0x7, 0x8001, 0xfffffff9, 0x7, 0x9, 0xfffffffd, 0x3, 0x167, 0x2, 0x7, 0x2, 0x1, 0x5]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xd}]]}, {0xe1, 0x6, "0b3144cac06ce2148e109f6c77e619971857ca59ff73f33fd5590f5ec46c042c1a103b2f42c7a108ece8d9a32e748d8033578f18700b7929a4117c896cf56e2042f6b4a8be38530e592459633b0aa669063f7035b6012b01684bba2dc998b1cea657357a7b362b3de39f0a346d5592fcfb61f9e07416057a8358c4abc6d2286e9caf0cabbc757e59b5e041e6835a58c99cfb65af6b9dad034202d1d36f196d022c11ef8f6d2a2531fdbf4ac2b9087fc700b4d5821784d5312c7abb8d681e39c65fff09351d6c371ec417f158b18aba491fcb8bf9beab16ffaf8e1c79da"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff, 0x4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xdac}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010001000000fbdbdf250f00000008000300", @ANYRES32=r5, @ANYBLOB="08003900000800eecdebe5b790faa61243582bf8994eaaa1485c99043a8e3d32db54df2ece6fead92ee39c4def8d7e11455cfa10b6502ba8fcf2c16852c668150fd0aecb65f14897ef0801bf1c453ea0e53eea83b71b698157fe580ad906a9224794af5c82c2e4263545929e223f5763a537a0fe33afff000aa5828943517f84c8ba8454bd5368ec1640584f9cbc603953568ebb45e65172df2ae2fe515a889d9923484b8849b4978f505d106cfe0c2aeb2c0692b1b8b50793416b89c15e8cec28a3443a5e5e6a2d5518d20678e7cf8e8706c89e9acfc6cdf1e5e7130e"], 0x24}}, 0x24014040)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x2fc, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x268, 0xffffff7a, 0xffffffff, 0x268, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x0, 0x41}, 0x6, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "e4ff0100cbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9eb85f401b0000000000ffffff7f00", 0x7d}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x2, 0x0, 'snmp_trap\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x358)
r9 = socket$packet(0x11, 0x2, 0x300)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000241000/0x2000)=nil, 0x2000, &(0x7f0000000400)='bm\x00')
setsockopt$packet_tx_ring(r9, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa960bffffd, 0x13012, r9, 0x0)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x14)
openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000380), 0x2, 0x0)

7m50.824386939s ago: executing program 3 (id=376):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x80400, 0x0) (async)
syz_open_dev$radio(&(0x7f0000000140), 0x2, 0x2)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0x237e, 0x4, 0x2d, 0x8, 0x3, "51c813793cefcc6fbc4acfcf751e2dc54a6f37"}) (async)
ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000080)={0xf0f041})
close_range(r0, 0xffffffffffffffff, 0x0)

7m50.774360028s ago: executing program 3 (id=377):
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f00000001c0)={0x39, 0x1a, 0x4b12, 0x8, "e7ffb123f2fa1bf1f3c7452e16e7cf4b7cf54616646f5af6e0ee9df47dd58bf1"})
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="12010002000000ffb1183700400001020301090224000101b3500a0904000b0102000000000000000701225a0909058103ff03030601"], &(0x7f00000006c0)={0xa, &(0x7f0000000580)={0xa, 0x6, 0x310, 0x9, 0xf8, 0xfa, 0x40, 0x32}, 0x32, &(0x7f00000004c0)=ANY=[@ANYBLOB="050f32000603100b0b10010c0800ff050100810710020065ac000aabd708279e5f15206ddf1003000a00018083000710020a19060010100212a00800"], 0x1, [{0x7e, &(0x7f0000000700)=ANY=[@ANYBLOB="7e03b03e1feebd6eee997a2255cb203108009a2cedc1607a1d46d2b88e08f72549c08ff6f68797423e1c64225c178d70963eb611ae274e020dd685f3f6475571feab866ce339aa8d0735ba2b2880c2c0cca41d7f498df496e16ed511fde52f356146bbf6d8e292c4fccec95e2d75fd20f0d4d0ff8bd763ba8f34a72a8266a691e4989baacce3f512f27affd7e7dba9700554d16594882e76168057416ae1dc9ed3cb953855ea315313a2c1b3e74ff5c11ffc7167688e758605116bec87ddfeca480616ead4ba131f0f42e7cdbe3521bee2d893f69182e0f4d1202e581663ce80eee55423d479dd7cc600da56b7ce95c875c5b10fcfcd94950d042de48480723d7e36ded14c5f65bdf90c4e14a21dd95c3f71577b981bf93cee1d925dc577cfd75bc271fe3059eb"]}]})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
mkdir(&(0x7f0000001c00)='./file0\x00', 0x8)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000340)='./file0\x00')
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={<r2=>0x0, @loopback, @dev}, &(0x7f0000000140)=0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x3, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', r2, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1)
syz_80211_inject_frame(0x0, &(0x7f00000001c0)=ANY=[@ANYRES32], 0xb5)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000240)='system.posix_acl_default\x00', 0x0, 0x2c, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
syz_80211_inject_frame(&(0x7f0000000200), &(0x7f00000002c0)=@ctrl_frame=@bar={{}, {0x57}, @device_a, @device_a, @compressed={{0x1, 0x0, 0x1, 0x0, 0x9}, {0x3, 0x7}}}, 0x14)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r5, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c65723000f0ff00000008000500070000000a0018"], 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r6 = getpgrp(0xffffffffffffffff)
sched_setscheduler(r6, 0x3, &(0x7f00000003c0)=0x6a0)

7m49.503984574s ago: executing program 3 (id=387):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="02000000", @ANYBLOB="02000200", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020000400"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r3, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB="05000000100d00"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000004001"], 0x80}}, 0x0)

7m49.123161996s ago: executing program 3 (id=388):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
syz_open_dev$char_usb(0xc, 0xb4, 0x3)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a050400000000000000000200000088000480340001800c0001007061796c6f6164002400028008000340000000000800024000000000080001400000001008000440000000022c0001800e000100696d6d6564696174650000001800028008000140000000140c000280050001002d00000024000180090001006d6574610000000014000280080001400000001408000240000000db0900010073797a30000000000900020073797a32"], 0xdc}}, 0x0)
stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000380)=0xc)
lchown(&(0x7f0000000340)='./file0\x00', r3, r2)
r4 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='grpquota', &(0x7f0000000100)='tmpfs\x00', 0x0)
getsockopt$bt_hci(r1, 0x0, 0x3, &(0x7f0000000140)=""/28, &(0x7f00000003c0)=0x1c)

7m49.060914738s ago: executing program 32 (id=388):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
syz_open_dev$char_usb(0xc, 0xb4, 0x3)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a050400000000000000000200000088000480340001800c0001007061796c6f6164002400028008000340000000000800024000000000080001400000001008000440000000022c0001800e000100696d6d6564696174650000001800028008000140000000140c000280050001002d00000024000180090001006d6574610000000014000280080001400000001408000240000000db0900010073797a30000000000900020073797a32"], 0xdc}}, 0x0)
stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000380)=0xc)
lchown(&(0x7f0000000340)='./file0\x00', r3, r2)
r4 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='grpquota', &(0x7f0000000100)='tmpfs\x00', 0x0)
getsockopt$bt_hci(r1, 0x0, 0x3, &(0x7f0000000140)=""/28, &(0x7f00000003c0)=0x1c)

6m38.823561057s ago: executing program 2 (id=817):
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYRES8, @ANYRES32, @ANYRES32], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
connect$unix(r1, 0x0, 0x0)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x2b, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0x11e, 0x400, 0x3, 0x319}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000400)=<r5=>0x0)
r6 = socket(0x1d, 0x2, 0x6)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000340)=@IORING_OP_ACCEPT={0xd, 0x40, 0x4, r6, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0)

6m37.383938795s ago: executing program 2 (id=824):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = openat$ptp0(0xffffffffffffff9c, 0x0, 0xc0542, 0x0)
readv(r3, 0x0, 0x0)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = io_uring_setup(0x7, 0x0)
io_uring_enter(r5, 0x0, 0x54aa, 0x5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r5, 0x13, 0x0, 0x2)
bind$alg(r4, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58)
r6 = accept4(r4, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(0xffffffffffffffff, 0x18, 0x0, 0x1)
write(r6, &(0x7f0000000040)="cb", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
umount2(&(0x7f0000000340)='./file0\x00', 0x2)

6m36.457520421s ago: executing program 2 (id=833):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x3, 0x0, 0x0, 0xe, 0x0, 0x0, 0xfffffffd, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x8c, 0xc, 0x60000002}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e22, 0x0, @loopback}}]}, 0x70}, 0x1, 0x7}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, 0x0, <r2=>0x0})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000440)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000200)={&(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a80)=[{}, {}, {}], &(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000540)=[0x0], 0x39, 0x40000295, 0x5, 0x0, r5})
setsockopt$inet6_tcp_int(r3, 0x6, 0x1e, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r3, 0x0, 0x0, 0x20000045, &(0x7f00000002c0)={0xa, 0x2, 0x395, @empty}, 0x1c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
setitimer(0x0, 0x0, 0x0)
getitimer(0x2, &(0x7f0000000000))
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a01030000000000000000010000000900010073797a020000000000000000010000000900eaff72797a32000000000900010073797a300000000060000000060a010400000000000000000100000008000b40000000000900010073797a300000000038000480340001800a0001006c696d6974000000240002800c00024000000000800000010c00014000000000000000080800054000000001140000001100010000000000000000000000000a00"/212], 0xd4}}, 0x0)
r7 = fanotify_init(0x2, 0x0)
r8 = epoll_create1(0x0)
r9 = fcntl$dupfd(r8, 0x2, 0xffffffffffffffff)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r10, r9, 0x2)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x64)
fanotify_mark(r7, 0x11, 0x48000038, r9, 0x0)
r11 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
close_range(r11, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000080)={r2})

6m35.523439067s ago: executing program 2 (id=837):
unshare(0xa4bc55501dee1fcd)
unshare(0x4000100)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140)='configfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file1\x00')
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80, 0x0)
lseek(r2, 0x8000000000000000, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="480000001400030400000000000000000a3f0000", @ANYRES32=r3, @ANYBLOB="14000200ff2300000000000000000000000000011400060000000000060000000000000000000000080008000004"], 0x48}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r0, 0x3f, 0x0}, 0x10)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
r5 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
r7 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r7, 0xc008561c, &(0x7f0000000040)={0x980902, 0x3, @value=0x140000000000})
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
r8 = socket(0x10, 0x3, 0x0)
r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
ptrace$pokeuser(0x6, r9, 0xb0, 0x5)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x3fe3aa0262d8c583, 0x1, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xef, 0x9, 0x0, 0x7fff, 0x2, 0x9, 0x9}}, {0x4}}]}]}, 0x58}}, 0x2000400c)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)
pread64(r4, &(0x7f0000000380)=""/140, 0x8c, 0x200000000000000)
r11 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
ioctl$PAGEMAP_SCAN(r11, 0x40305828, &(0x7f00000004c0)={0x60, 0x0, &(0x7f0000162000/0x2000)=nil, &(0x7f00004fa000/0x4000)=nil, 0x0, 0x0, 0x0, 0xee, 0x0, 0x52, 0x8, 0x10})
close(r11)

6m34.660476019s ago: executing program 2 (id=845):
r0 = syz_open_dev$sndmidi(&(0x7f0000000200), 0x2, 0x501a02)
r1 = dup(r0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x85, &(0x7f00000004c0)={0x0, @in={{0x2, 0xeffe, @multicast2}}, 0x4, 0x7ffe}, 0x88)
r3 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000140)='0', 0x1)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r7 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg$unix(r7, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)
r8 = socket(0x1d, 0x2, 0x6)
socket$inet_udplite(0x2, 0x2, 0x88)
bind$can_j1939(r8, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000700)=@getqdisc={0x24, 0x26, 0x800, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0x6}, {0xffe0, 0x4}, {0x8, 0xfff3}}}, 0x24}}, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCADDRT(r9, 0x890b, &(0x7f0000000040)={0x0, @qipcrtr={0x2a, 0x4, 0x3fff}, @nfc={0x27, 0x0, 0x1, 0x4}, @in={0x2, 0x4e22, @empty}, 0xb, 0x0, 0x0, 0x0, 0x2, 0x0, 0x500000, 0x3, 0x1})
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='1', 0x1)
r10 = syz_io_uring_setup(0x4223, &(0x7f00000000c0)={0x0, 0x1c2a, 0x20, 0xfffffffc, 0x3db}, &(0x7f0000000180)=<r11=>0x0, &(0x7f00000001c0)=<r12=>0x0)
syz_io_uring_submit(r11, r12, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r10, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r13 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r13, &(0x7f0000000080)='net/fib_triestat\x00')
ptrace$setopts(0x4206, r13, 0x0, 0x0)
r14 = socket(0x2b, 0x4, 0x2)
r15 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000100703eab7070000c0002800800d7c294cdc47248", @ANYRES32=r15, @ANYBLOB="08001f000c000000"], 0x40}}, 0x0)
wait4(r13, 0x0, 0x20000000, 0x0)

6m34.503590711s ago: executing program 2 (id=847):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x20000840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000180)=ANY=[@ANYBLOB="38000000031401002dbd70ffd46a06ffffe8000900020073797a300000000008004100736977d56feec979db41e0ae274dd4dcfa91c200140033006c6f00"/72], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r5, 0x40045567, 0x0)
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x3)
write$uinput_user_dev(r5, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfaea], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)
ioctl$UI_DEV_CREATE(r5, 0x5501)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=ANY=[@ANYBLOB="0202bb082200000028bd7000fddbdf2502001300080000002dbd7000ff34000002000b0009000000070000000000000002000100000004d4f2037601010000000800120003000100b26b6e0005000000060032000400000000000000000000000a010100000000000000000000000000fc02000000000000000000000000000005000700338000000a004e200000000700000000000000000000000000000000001000000000000004000400ff000000bb00000000000000ff7f000000000000070000000000000007001900000000000a004e210000b456f68000000000000000000000000000181000000002004e2464010100"/255], 0x110}}, 0x5)

6m34.322683148s ago: executing program 33 (id=847):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x20000840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000180)=ANY=[@ANYBLOB="38000000031401002dbd70ffd46a06ffffe8000900020073797a300000000008004100736977d56feec979db41e0ae274dd4dcfa91c200140033006c6f00"/72], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r5, 0x40045567, 0x0)
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x3)
write$uinput_user_dev(r5, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfaea], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)
ioctl$UI_DEV_CREATE(r5, 0x5501)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=ANY=[@ANYBLOB="0202bb082200000028bd7000fddbdf2502001300080000002dbd7000ff34000002000b0009000000070000000000000002000100000004d4f2037601010000000800120003000100b26b6e0005000000060032000400000000000000000000000a010100000000000000000000000000fc02000000000000000000000000000005000700338000000a004e200000000700000000000000000000000000000000001000000000000004000400ff000000bb00000000000000ff7f000000000000070000000000000007001900000000000a004e210000b456f68000000000000000000000000000181000000002004e2464010100"/255], 0x110}}, 0x5)

4m15.66304572s ago: executing program 4 (id=1652):
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv(r0, &(0x7f0000000180)=[{&(0x7f0000000700)=""/71, 0x47}], 0x1) (fail_nth: 2)

4m15.452570271s ago: executing program 4 (id=1654):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc0e99db6de761f86, 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x20, 0x1, 0x2}, 0x18, 0x2) (async)
r1 = openat$apparmor_task_exec(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x4200, r1}, 0x0) (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0) (async)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000000c0)={'#! ', '', [{0x20, 'cgroup.controllers\x00'}]}, 0x18) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$setpipe(r5, 0x407, 0x7000000)
fcntl$setpipe(r5, 0x407, 0x7fff) (async)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @empty}, 0x6b) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async)
r6 = epoll_create1(0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000000000)) (async)
fcntl$dupfd(r6, 0x2, r3)

4m14.939655023s ago: executing program 4 (id=1658):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x2000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)

4m14.681570387s ago: executing program 4 (id=1660):
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)=<r0=>0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
timer_delete(r0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
futex(&(0x7f0000000040)=0x2, 0x3, 0x1, &(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)=0x1, 0x2)
readv(r1, &(0x7f0000000180)=[{&(0x7f0000000700)=""/71, 0x47}], 0x1)
timer_getoverrun(r0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000140)={0x9, <r3=>r1, 0x80000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, &(0x7f00000001c0)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r2, 0x3b89, &(0x7f00000002c0)={0x28, 0x1, r4, r5, 0x0, 0x0, 0x0, 0x1000, &(0x7f0000000780)="7de7249eccbd398899eb73fa4f770a0038ec404245efbb8d61a7d0298c4608c0d4a25d200f60e401aa321ac4c4e871119ae538834519793284587f0e18015b4afb3b2d1b9ba602569d01f7b7b86593ba7e7203ae6303e5523a556fc06e9dcff9cbbbf18dd0d882517fef97b3c27c1239d4678a352c2e4ba6d266383218fe90efb8426ebc0ecfe8871b1218684ed5af4c8945457f3f3ba3cb34cd07e809046f22d5fb1611eda4fba01be3aeb90bb184a6b46fa0e7a5a43438b3616be503d404d5303c97d226eca4580659fdb60723f4b2ed59f643cb077dc2ca9f74207fc0fcf5f97497022eeeb5f9070727eff87cdb6e903c0813d012513e4bc87d80574e02bc8085621d4409395c66f4ebe497ac6079ae29aca27a2f401545e016fb6a8499f737e25385774836f052bdcfa863a854edcf080224839bb956558ad8e2151525db0d28f79e281668ce34388f7ad8ef1f2899a6a97c5219fb222d25c67cf989366564dbb6044a5961fe9e8b6ca2a834b9a4cf179702df7351d49e546243a4679a91a2d3cdd4eb6aa17c14785ea923703de7095cacbf570f9a18f3204d7d25dad92d6a11e2ea0776fa93ad7795cdb6244b962fc0bfe87f56a6ca1ef66f3975a5c125bde1f436425056ae5ba648756607294f9685f5a3eab48cc65741ab74ea98becdd2ed268ebcfccf8e53ae7e46781d3c0937cbaf59d1ceeec2b163eb0ce4571f2291ae42828428b4cfbb8058e20b6cdca739a63f7029405d37d3e1d895294131acb07dedc99df5d95d2dcdc746461977c779e3513ad3a514cf9fe43255ffda91d30c61dd77e6326278b2dab3d0511adf61589916c4c0f150968e93afff19c2589c10be4575398ba1940da12016f304896e52a51efbf305e7c2a56fb5f9e8b0f58e462c38a663c474fc06b918272b15793477da5613ee649c25d5948676aa7ebb38233778486659653719ebd706e3b895589f6dc046edecc934e81c38046a861e1752204d90c101a826b9b6a931b688de958d481620648ef6281494d86074f6f7e19105420472d23ba7d970a9fa499ae54813186d65c95fc8035b5b97884ae73f11054edc9cfdcd6f0aa5601cf7bd68fdd3923196e726b861683027665bb710410ce3d178665ccd986490d197dfb91df41f06a7c1b9d01ab7a4fca1ee4706430f713c11e57f28899e1cd6c7d32ad2db4822101574ae893871ae402f5a0b1f53d65fe6bab65acdf94eb78b7a7747ac7a3c06c6bc60c0a47aa1e674249c8a9b8dfbc150a52a95442af5397f751719a13d9ec5964950bb421c1bca87df9b2e3c51f1865d6f797f2a5632d05e640e5f66caa754dfccb3ca61627c925de067d18f191ef93356720a9f4eeb67c055bfe139232bed2ee9232d0413d6477a1bf94e98501a81695b1c018b060b0aa0723dfcd1b1de003e3ec499130deb2fc826edcfd423c75059f60275dcc3f2757bf1284dac967e6ed2c4365bf3a4978d011499929d7f8ebbb48768d9377d67bd0f799ccc63e05fd892d974621ae994f0a53c45827878ebc60c2d357eb69fa90b537be76664424d463ceb6bb74e174b507fc2d3b781f2fedad15397f9d73e072d2e99126677fcfb1005252be09a2b3121986310a189de27ed84b486feb57ed7ceb43c6ae3a4125575a4a1e0fe3b58f9951db1cb17f33310ab2674c036eda495cda53ab0ec481bb2491f743339707aedc1640d642822be66b8122542ed5502f68a347df75bd51988719e52516510871191d6764ea7922eb17219669086f2780fdd00934325631285925bbf6e0b66272ce09f27e9e87a8cea0137b6862bf27845051aa02cd088697b67bd193cf061a5f8da92b4f592d4caadd08f2055f85d9cca5043ab45501a7c141c03cba8cd672ea57c52e7d910c35ac2f1ddd4dde73556906d604f368f1c5dc0fede7a93fedd7ea30566ea03324ea454529518886884bd21f1b09cb991207fc5910b673bbeb239a7385495f4ca76b809dee17e8b87ae338fc2f32f43c9be7dfd2e94466d56196d23d470a2837126b384918789210887da75d05df1dc9df23b5521c19b234a6f5e53d6fdff45cf401f7a9903d6ce0133be31783cdc5510a35fc42d7473e5e767f7e96baed00792e8d1dad817c9e8968f06c19106ee8ff0e431f447bb6921d2a30d4396bd9cc27f765498e301d43f986198f88a45ad874fb222e0c9ceeb81e78d6e0ba2e68271bbeaa763afbd3024dc3f4c0db93052952eb6ffb8dbbab34d590b34e3456c3df9dea035fd7d7720cd33d3733946ee90e3aac2a25b012fa26ef1f4218559934d1f0bb2e4ae1af4e1ef6fc1d0f41ef68f38b0c9cd132617cc747c0d1b4a22054a2f5710af3a7a187441723c19f7b6b1f16158abd5919bb856e0a670422335fe39b1bc41a9440a5ccac423f6c279764f5709e8b474fac07cf2416f20d32af49231a85e8ff01526755994fa89778b826f1066bccc3b2f80be2fb6692d64e0c9dc4c7ddfeecb4c49e1fb719b663fc59da819b4aca53d477e7af7c723ee899bdf43d1058223f5dc1abc7ca00f7739dbe8d16d880a9b289db757350db0134f5a5d98a9d6a90d19daf3ee11d8d7ea84f83f1fdddd47d5721801020f95346351dde42f7ef9275c6771d2424b393fd21a11e3d8af625cf025c7593de62b335bff53d86ed8785e36aca392b8b5ce60693a269ff9c01ea7742e4b6c3331d25115b9ab87d2eb210c7b769da2466cc4d218d76c8ece4b9a49d325cb3d46c141a9a1e195499e8b0225b26ec66e70963d16fc01b0848535c8ce1a01a82384efc8a2a299c7df61538a588c08c78fd9055ac52c41c4db914cc2c9de5581218eb017463331afe01764dadc75d51911fe4ab6649cbd26d3f920153c5cebf9e18f4e518a088a1435402b8bdb5f29cfce089b004ffe635af9d01f6ff8be79179db6dfc60f6ecb0fd8e8163cc82a16c1a18d2636416e45c89639eeba7909d2464f66d4f83fced3f0a710276fc619af4a2fcbeaa5253a24e2e4d2be6ede5851af2d3b641edd4d15b1cf809a2fd8b08909c82d7d7f8dcb54899985f5272b811775727e399d5ccf75dc0c226b7c084ed7dd089c570d119d2373dbd9671ad70c3351585594c5cf06fb1cd8ccc72a3b7ed0a3435e13f4141cda2884d98235c4c70d6ff610de873237815b43d1a4407ab2c81c9d04745f8a7297b7be6e990353259f2fde5b4e8168e17664ca26c0a3d27818d09a95cf2353602ae860d179bc86b20670d267dff027a7c0f2250daadc56e6a1f655ab5472474d8201648d4a133f4f59ea4bc0490a20222858ed2a797effe8d39f8cf74bd95086fa4d7ee84ed30904599680d0448f64a54f0ea5e2b6cda944551c284ad86f5f7f947098c1c4d31404602dc527930e94afd60425b6d84092d3356b6ba9dc73961628fd823c09a5ca014e4160fd3b2d93dc26b121425c9f35445b0a6483561187e0c8b4fbeaffb3517a67d9df18328c71627b07a259d38f773f7e0594a48fd497e918dff5882e231b614529e029894650136fb2965c52e16c706ba028acdf3ff16c5e215504f04bb5a8fe344fced7c575441d1e8aaa90a57ec9c342754b1f20993f4d053215c10a77f74456165bd679c435f57486ebd49e6ef47974e168a5f6ed295744775ad578f6588ec47a4573f614e0156162b718a2a04716e9c3501b0f3662e704ea39ec425c546af52e3c0e910d8136db64e3c32b48de1e6b95cb87a82c21cc2308c5f7f329953e36ab769b6278e993cab1c34ca0333ed32e366027e20cf809cfd44525d0fe0bead3224a70ece2612501e69979d1d0e0c2f0ce87347c9cd8a5bcea10fdd5a8078bab70387c96df5ad170c52359c6cd00c597a5c9bd57c6964560da60c8b1e8c8efab41f8c26c21ad9be75f90b707d4a46a0e575ea91612a49d09388c837d6284e6dd1e62493b0f66486b43c180f99a8c8607d0a7dbe86399b7f8f8f2c468b1b11b1c980a11ee26955c26d1fa40fc89489a87b42950eb959e5d7a4d092198657c647085c0f0d82d6e849b161b9b502bbe752cc9efa5fe68ab98d3d0fbba6cc83f76f54512d283f0adc6b12baaddbfbb7525058bfe6062f2386996acdd9f4ade4e4ef0d275bcaf50ed14f130b3a14ed9ca8b93e2ffe8e3affaeaf758fbd78bef8d281fef7f6b47053551f7f94dc325b9d2aa77ca6d24c072ddaea4ea356c82d6297743c013169822ebe74a9ea1dda619fe24b3f548a7db1674cb69318af76eca2d2d8bbe38d851079d9a6a16b3a15a851d345a551d6b58834aab1d236836810822e5cb0b938b3cf23856bf4b942cb9c2bd8f4b617573d11cd81b44554374d1730266651f02334c4bdfa05952cb813ca72fb7b0c027dea8d83f7452ae001d5b5dcf727bb13d6fa0fe0550f4d6a0ea8e08d11d8c1c64ffe1448c90d99f076750f929f2c4faa0b41a4286ca227d61a038368b81ec4164326bc33eb3f9c7ecb554b6ffcb3b6062772498e7adf082817b0e3e58c33059786ba9d8a7328c4c062c98a7688f05d956f6fdc4c45c4cae709e77d20677ec700a8fa2a9ed393b30e690207a24c8d8b4d9ff3242a8b81288ae60b560f4950c0e48bc43baee0fef0f9694063b5735cf2a91ab20c4a93e7c2d7d2a2bac9e5c64ebe51be44a116d6eb03c849f6570f056a5c5094eb9a84b91b69c3a0662cb12b4523f0f271498f540cf4869d4c14e68ff83de0c532bed48e068af0942d139990b2fdd5afae3903f7bba1a7d6a0496dbf8a8839400557326d4e36607f100c7ddc9d95a5482459b0e89815a1d4c12efaf3cee659f0f478df7d49b1f0002dc7f31c36cd68818b3fa7ec21542c952ea52a71af652535900206584f307e83e9d51868064b14d0cc2f661faf9a319e18ba3c848f0495099185d4249a8e75657561c9458f57e545ea85c982c4769dc66b749fcbcfe428d8050709e64e60ea54b959f2954d6143cf16bac3f65f027f83f03afe46882caf70c31cee040a2b1e56dd1c6eb17cf13755b1aaea1967804081ab8d4bd4be3562d20199b0866bc74613d7210e7bbc3ca867c2b684d36c6231e1030d90ed3c769d83213fce294e2acef83d3e5015e482bb922c7f756796a601dd470ffc45843072e61987dfb562f5b74028738f1301614dc174a00914a3c19e80f13e593e95c649646ba9b5a5a1dad13e00aa13a10b16236bce762d24c1710f0740443e550c5a023d4f85453d08e977f7082a2026842d5fb2c98757213851163460d0fcd37bed4514c1113eb389be33222b2a830e4adf02b9525a836e1500f374f8149e18ef8aa9997e5727f168ee8a212f139363d2130ae51be036a66519b635c4b61da8ab64d39d4d9189cc1e66c353697c6df3de0ed73cfb3635a2c46ce498dd560ccc56dc510392076fb5007167cdb202fc02e5573f9d70d53d6394d4c94db623ae89c94c2fdc825e37ad5e427d87f04c5e61d1b83ac922023ebf22b76b32adb08b42ceff44b7ecc067483f6958bca72cc63b03d5eec787305ebac92b3fada72788f97f5206295c0969248e777204adb269ae5286c8cabdfb0dc29a38782d42e73a1beefbdb562a930433bfb2152c2ae9d4e142d209b066537d00deb0b0183075d9aaaebd6d551a0bf49567a8c03630debd8a692125696e7209c6c92b830451161e41f4a4cff73231c7cd201501114ceb20c4e6481c24d9163359558573a8c6599532d907489ae7124885e6d39da00add2e23f3b045afbca3b139665ff4ec1da5f0fcf8731868b2df6ad02149c26a0aa69b8c143c124b996b8a342b9e47d33251debbe70e3f34948acb8bc47f398297a8c8fbfb0"})

4m13.82239909s ago: executing program 4 (id=1666):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
pipe2(&(0x7f0000000080)={<r0=>0xffffffffffffffff}, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$cgroup_ro(r0, &(0x7f00000000c0)='cgroup.freeze\x00', 0x0, 0x0)
splice(r0, 0x0, r1, 0x0, 0x26, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x24)
mount$binder(0x0, &(0x7f0000000780)='./file0\x00', &(0x7f0000000680), 0x8001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00'}, 0x10)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, &(0x7f0000000180))

4m12.922394981s ago: executing program 4 (id=1670):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f00000000c0)=0x800, &(0x7f0000000100)=0x4) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_freezer_state(r1, &(0x7f0000000140), 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x9)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x9)
write$hidraw(0xffffffffffffffff, &(0x7f0000000bc0), 0xffffffae) (async)
ioctl$HIDIOCGRDESC(r3, 0x40305829, &(0x7f0000000280)={0x102, "000000000000b60000000000001ff9c671000000a0d7964b545445170000000000003e9ec5963c8bd04ecbc0827d93920d04a5968449d06ca9266c6fbe092cbf8c05d9a9283246687ea1397782a725e29b237fc851bfc1ca8880a98448fe1961fbcfe2f3856dddcc9f29dd956454fcd69cce83c9d2ffc56b24631f0aa5defcf917ab2afbdeb6803c846a9e3efafba46a94d57b7c010000009fde0b2ca038d68d688928ddbdd249d4c67a513651ad8c8e349b08f3026bcf7beb2ca7ff653b7baf53745d91122b3253d4d996ba6b974b63a8f2712c37b251a5bac7b2e1f2e36003c9f9e78792ff7059469a1709b83cc9b5c96a3400"/258})

4m8.962336043s ago: executing program 1 (id=1688):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async, rerun: 32)
open$dir(&(0x7f00000000c0)='./file0/file0\x00', 0x101000, 0x0) (async, rerun: 32)
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
creat(&(0x7f0000000000)='./file0/file0\x00', 0x20) (async)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x1, 0xffffffff80480889, 0x1ff, 0x0, 0x0, 0x5, 0x0, 0x0, 0x8}}, 0x50)
r2 = socket$netlink(0x10, 0x3, 0x4)
write(r2, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27) (async)
syz_fuse_handle_req(r0, &(0x7f0000008280)="cab1f92d585917232bcfa47f91900c936355a83b5a41f6f43bd8b0d1a1e13674b6a8596a8376e6851e0b96decd071d92ce4887ddad2b82183858d82c7d11948024607d92ec0f1c23a4e755f29fa557d1353a3ced680f530e822eed64b4d1aaf20d1320f3583cadb9dfde95993487f96bc290dc10cfccc5ec8ea864590fc1678b79b0a36c9668b27ae142d22c305496881af0d0546076ec21e31bdab2465010e779e7140036d2b12f59b971792cfed8d07f0b8ae13ee944268f573ec11c1b14d53880a64fd2fdbe981f4d9af8863191efc03a39d5a3f19badf65dd49443297b38bf0c009eafad5879cb78e63b00e961de7d7180941f0d1e87a2635294bcb4619e9d84be1816784325d23fcb9c66388b586c8e719f3edfa2aa37cc3f6511add854c10fe546d1c11f11eeaff24cecc0d47ec8fd336ec08470f06227e4a9410074a3d715eb6a697b04bdfeda0b6753d880d012ef8fada7f4ed649ca214609e31cace9a33937813012e4c1b787d8f71ce9b495a69e5c8810ff9954b7b96743dcdd7e52ebbf526f339d3c8ad2550326d3a396de5ac90787b352feabe013c4044ca813344c97f836851d6daf2de3a8b07a61d1052bd302a641706af7629a042dc2f0374671b287f1325763e1818beba9f7cab9e25d6f8749f7dea4c5ef684723d33938aca32e19b1c6a6237d899fb397e9023764b3f4d6399885533a802e4d3ca76f2e0234ed6d7257f8cebddc900af88cc21ee2816513045e92f71fc8523894d684678f17b5fdb4adeda98fc019c0ba05efeffeff3bbda1d6d84a98002a74237cb8d13cb30d8a9a7e47e4da8273a47df4e6ea53036b5b154b9597e6eb00fcad29ed04a820b1ce807bf1818344122a6f0aac52d24426feeba0af56925cb4a1e70a84251f2b4d4693e689518a0e159647b5b60a62db699a25275520c208652ce4401bb5dcd633e7c889758d3d213f4dbe69c9bb76e80b6e892bb5f5809e042ee5cb1982a2373b1886711d1e68d0bc3d4c9d69ac605432bf84cd81104e77c71cd7c0708244fc9428edd52f8cc8f3023b4c6d3bbad7a9b874111098c4652b34c428a8f789c5e5f3f84354ab7afec1a7b11d2a34771ebad2f15c169a61b431c8a1cca9ca1596fce65242d03814ebf977da9bbde5707b22b5002cce68bd0f6d196df341c96bd0cf0916b8775e75021663ea82c99a90b844cc5f8b6c56b21b1fbbbf6fb40ed0c29ee4ecc2998df2cbe3a4d75025ef73dd9f3aa5bc7aa694fe573a73453c9ff873d0a8840afd91be319181836de45260b4e252394edae58f840858a9b64f0ff37bb1820031e563250e62ceea5a7c4d2cd4d5d10e57176fcf576e774920db06b36ea02f9cae9c1087bd1866fb4bcf7fbf393093b339860a61c61248000a2a1bbc982fa691e311fa1bf2a38afdf08b574eed0df42bdc30c3db7cdcb71687f48070077f91fef93e8e47e248d3e53e8a79fcb5a8f8aa39b3bfa2dd88d5c5840d517ae8c132d423a37a8be3301d62a99753bc72f674205a11850e045430abbdc4e68223a93c76d6d2f1d646af10a15705793e2fc5a532af3dda88f52063a091f1f79cd5a5b23ea7742b149eab1aa43c21c2f15227a1f94b5580adbb1e1c49ade49d6e8b838cff43aa2426651817f479252c8ef7af9e4a5ad33839be6c15b50016c59f13c26cfca796cfc01207acc69e9d3952f6e71c975bc77d5a001f6f6c044770f54d86a4518a4898e3136988d643dd2de907859f0b4d4de2a2d461ba5e05cff49eda86772799b2e7947fdbb89fc5b0347e87f1b9dbb94842cc1457d07f3e0c41342510f5ccb551cdf0fcac1a758041bff75812de1b2abf341ed5f667c9b0581d2c33e0b17f1b46c2287399c62252edb9c1cf2b80b7a1b4c3c903aa4cf5332a2998b9072f61f589ae5df1168f8d18e98fce2bec1d5d876f9757017b73495a4e8f4f2423cde8875aa8c95a9ce180cac6690657b8a70e5541d5ef46575cd74e063759fe4889f4d9737a6c9732f8b7f7836508814093b9bdac5733938e761b3642910d4df0b646c1b9583a502246988e9ab78de3d011e8590e48eadfcdb70c8aad6dfbe1dbd3ef20d9ba393db4e6cf91e3bb4e84883c60dc20ed974a5decde12d3c5a1c9a00999f8eefc244465f518425820b9713cbfc6027f427b9cd8756edec5b3a0301a01ebb12c6d412ee3422aeb8b291619f62f4ce41511156f73e54b5097051ea777af7cb73b36e1274ce1a3892007466cc793eb0515b8984acb99c04c7eaa51e175bd73d99bc0c67c8ea84d808a7906a6ad330ba2c9651b2ab82d0781a969873dcddb068c15b7899fd560a1c3d44b34e81cce079c46fd86522052659e2c3151c79a8ccab1dfcdb91f53ca067ea1b2aa507278e4166e817eb0d7dea67cde1598a1bdb76a8caf82add2b43fdd10bf80b0d2f32365849c425d6ac3d2d88a76378d23961eb96c8422e785ea61f33e4daec02393d51f44b177755749fe84b43f5246d20177800af05752af524265f34f62bd5167fa647d2118aa905a1af53f07e7447bee29675cc23f547339af140c0818aa974ca16da33e767d508e4f56726c7076acce57a9957d08348ef84a39188e800ca44682fccaa9ee1b42e1aaf7738dced1dce3ef2dadfcba2863f36b5f8080ed22539b5176bc2c57e52e4cfde659c1ce9e179c79f85d60ca51c7453dad593190b19a1be8f5c5b0249d70079f10f9d0f07f25a98bd95e6e6f71101842b55347ee008d58522e8f7598c1636c58fd20984a6bb17fd47e7db4bc72854054e7900cac4174cf0b4eda2406842955fd8a2ba00ea4d490dbbab02d659cea4c449d9ee37c8f35daa4740b3273693ee2c1b00965a79d18ad98ae92bf2e1ea84ff1e6181937d38765cb353c6223ead1257d88a8844cb0be17aecc2dd56b78dcd6e2999fe695db248dd68275a5ad0f223a4629b17a040a766b2bd2376d77a422375de14a3daaf4fee92f23ca831452826bc66d0cee2049acbde07bdbb6ce228147f9ed4f9437301e8ca9e1ace0684700e9623a1534212d4c557712a3196d86c86077e97172d7e89436e95e1d7e7629d5bc908e346e504839498890210ca15bea51bb2840f1275d36b99490ff0706aa3ca9e89f33fd99df863acc3bca504c15501ba9d987999ee118f47b7737d2dfe73ab257d680f983da1f5fd5975491ad966989f7b15e76e4e6b1a2987801adb3b7cd4cb1d2c9d0454429c2955643c8fb82ccf8e93051cc10081f8181af0d143deee686f67ec42db1e9914ed047e4bf0006af01028e3839451fa3e17d33586022c63cafaf6d0fc773c96143473316988d32f9943d7477604a27ae4b8a7093bee2cefe10cc02109c748d0676692a2411e5c3b4c4c1b9ac7f9b71a1a7126dacf4615e8c9c3d38f536e8b32e37f406b3dc44db80a00d6e423deec869edb32a411986be1517b6ea45e1f984a6fbd08edb25a305122fe5a90cc46af48ebc36433a1f27f43d85492ea60fd2f43125e7328da93f7aad97f97910112fed7ae7b1785822356a525df1f3ab4637b68d92ecd8d7f234973c686fb11821bb1de5f8459b57892f1dae08aae1924ee60a904d7be6e6611ec3d00002152ab7e0c29c7bf124dbec9a6eff25e619d89c27d187e3ffff63c996c33f4b7e967b607f36a8ac8dba6beb43395c9c9b2e3e36de29b07f9c2d60cdfd1d02813d4e508c56b99405b752758a01cc25bb5436ea1efd52c536fa1d2fb1cd9b1ee006d42b58600be2c1aba59c480cb6e9224d7a4df920598950634033087d3e356f35cd2f8b021d30f4ba79bc60eb6715c6c9bed84648552395cffa97c8cdb8f562f8f127f0e6f86dc61fab11ff782560d88cf2872d0e07a27f38120a0831a93c377298c2ed4fe180eb078422e5f030540fd21ebd414e6c42f1fa5491b5b8fdcada476376732edbfd66e10a475e2c0a43ccf6a41f7879f4577e987695d8d5097f6920fbe2b9ac2cb424de7afded1b5b7db89f3612c487770d58a7bb7517f1fa7a98ff6db3778d40c5f36b27d233a0c18587220f900f4a8e867e33e24c1981acb3445de995132d8fcc58f79ddb1475ba69c464071e95c0707c396c0b1b710cceb51efba5f30a271cd456d5f7216d90b412156ecb01dd41f15ac31980649c5eabc7fbb085a38318d43b0683cba055deb9dde4dc4584935473508837c1023993d50b434b311f126df6a0be0653b97a97bbc9b165098dac8dfd6ed6f033ccf7b32cfa3292296222aebfaec4dcd5066b66be45696067dfab907e2984f1bb6067c170e0617e245c9c09a85a061c4b7e2873ce0571b48d557007d5c7ddf5cc2ffa533e2a3975f3687a6d08a09dc1d285cfed129ec887d70bb5aded429b676c242d57c8f36721bf5732b1f25eced0ffedba7254486c9caab3fb3e0ad3b2dc332a06dadd39e5483a314b1d3086cc198b6b6b272fb56e35e0388b1dcddd484fde0ef9d855ca7bd98ebf0f686cec7d5e37f7b5dffbe4ab28c4422adbaef0c45649b0b830dfff90bbea3b7103ea9dd87d856ba7c5bb485319eecc71acc943c733f489ad72e13b1b232cd1eb4ce87917daad4b0405c9905f7a35501c75332d9acb36057715a6abd0958061fda860c00000000bc9aeac4f47acd022927c381012150fed83a99c2d7b268ff2e1c8d162d3feae2c5bdee747aa10566a94f13d4e1a00a4043bd179310e72ec8e4c68659be77907bba82fc416a72c0d2076821f77e8afdbeac769195a01515ab45ba73ec85a2f8a52146dbbc8d585def095aef4e4491362b596a84d2e9fd0131de2c72b71c4bd239146011eaa209957b2bb3f74bf2f42a17440749688d66a18a9d4a7d1e2bbb34dbb2a45460e69a1ec43467665c59438d35fe9b04a94e408ec4bcf7ba1a25bfc287d6189b65711904be9860f8a68d1bab99eed54890f963caef1fa0179224b650f090f67dca59f1241c2a25bc921d522f61e57d2bad88c057d3f7729499a0391fca3a62b27cc0a9b976da3eef333d88ad128ea757697ffdd50633b66b73ea3ddb565bc3d8780f9c0bb2347551969aaa500e7c030da2a92eb3f78d88b91eb547dba2e9be7ab2aa617f0890c39c73c8c2b35ff7ec529f6b8d08e3fcf2630e454bdb6474185ae72ba69310654c9c0b3ba158fe223954e1d46f9d27b0a4e090b0084918b2964bdcee31d258325b89ef96790ed1df4842b482023f1d22fb3e01280f1c8616153035f10bd65de57c1fa7d5a17e77b12e348bd3019092ef548c5249694168dd24df8a7318eccd779da4f547e9f162f484eb3ab9f5bd196f6b68656725d2624b61d09f73586753a1fb7eeb1721973f8e15522487f1dd1412b0f4846801d1abbfe53b755f15047981b162a1de04d52b4d4762ac877e4d718619e8cdba16df688fe95bdc9a1ee99c21004ba7e72985752d89d6892a4169296703fde314457f014ed89c129a4c83b5bee0bb93cb69a83313442837bc03679ee317cf8d1b908b70fae1b1461a398f310ac073642f954ab39e0eda329a94a5c12cf262ca4a25831dbc10aecf83d9d54776c379c230bb488cd6c9295bc31cfab61eb9b5486726f5c854db8aad2642d4468643f3bc8b25cdc9fda7aad04b06b61b185868a44acd46a0bd8debc1e431f19aeddfa3d0e480949bd361f6c988744acafae954c140192306c3066e8e434f70e8cd67b65a59923d166a95ca5e0515e2059e1f1aa9a74bfd49e4e37638bfa6b6117b790c4ec7f536d046c38f8ab6eedac1713bcb8860a18cac43e9add3c68c3ce5d17fbf76e966afcd3ed7795540650e093d39926f5e3719156baa54307b4f5e934f24951b3644a7657e798525d3f1207b28527a5bcdeb33e296c6c0e9e1757941ddd24a0d15c9a21918514a3143ef3fc2e775345ea10aeba6767686e9cfa646da377e88fd759a33ff20c9b258fd37d063d02fe22f090c5e324b507cd3bc42248a7abb2c7d0b1b85ecb5a67bf53a2f25d139ea523808678942e1588fd677df161b67b563a446a2cc69d9126fbf308258a13fcd6f53d92d9947311e3de4fa5acd7c2684d9eb3b4feb024e05bbf090836d92e30b68df6a7619542c9acbbb69dc73c781bdc7ef4b25c2af77186f493a5038a56508cc56b7085e13f4264e02a2a3bb515e15301371520481302f2367c883a5ac503ae4269cbbc8fb2f0f77ecaea7b8af04bc24aa90f677a72bbecfdb225864714344a8fd1c07ef664abaefe53bd76ba12c8bf45860a316812af87348682ee7005ac6a00523f4313102742ee5502d8c61c3321d1b872780192f4d00b12b38d0aedd34619c42f49b81d7bddc4ca481ed8f448bc3ad98b13f7176748838d623e007a24948480e978b80ce67ec952eca613091ad4f81cd521b2851bb8b2a6b1da0420eca80aecac9c0887988e1f29906c9ce65b990a00f22ba6f115a7a0001f511ec35dbcd401130173fded8b2e23365caf3d6d7c8f404383f16fcd76b17c220f88c1fe96211bd92c5803c63d9537a2ceb258508d9b1d74ca43174eaefd677ed6db63bb3d7712c9558c7879fbe67b7396c721407953db9dad13291f96d7d0290ad56cf1f65ccf58d3f5b8ba1f78f81d86ae0ea50926ff352d73629da44a6d31598dcdcf81355faed4f5a6ad8cc39d4a414b97f193c896bd3c270097cc96e4a5e36ca9a56a27c52a03decc4837d7b008acc1fd2724f97e0e9591afb5de3af3ec5fc16e1bee79098cc94d638375d69ae5065bedaed575e11b1b0a4d1189830856e8d48a6c50bf18cb9f8919fd8a55ad0b2f7d8c096c7f549fec8e1522be0de2a69699afe47e899ac6d5405c08e2e374326808ba76259d85b971dcce55aceed11583603dd280fd15c8e7b206e8bade3f6d83c6041838ea8b489fb9f92ab220ad5d3cd2af3f45cb2df7094d550b2cfea314469943a159e12c01897a7cc42904eeb24cc507e7ce7ffb4d22efdcd5cb5d75975582e14960fb0f2b83cb774faea32dfba7ed0e8b6a749785166cb5c77dde7498f67f7f20d0b85a7fe6e7f8a8e3f95bd795165f36440d84434cef17f81697816030e3a86bf003272ca4868ab935fa0d465fb10637a706c9fd04fa4d4eb421e87aa6628a1d6174833af4dbfceab7fc5989550c0847bf27a5243e3b318fffde95d11cf507bc4e092180dd228df9f89d193a160d50c223309eae580a09f2e78855f17f8ad25c1f5814becdfca7948c7045b242e22d5efab676fe717eb34d2f0fcb77289c8b12caadd2377b7ccdcfab61900971b4a2ac132587174117428739ebb109fa133e483956bd499dfa530cbb3d1df42309f6f0755b043d85776807f25c3b4b518a2274671eb38f3e82ad4397377f85201771877a7cc43b838791a4d4d655ecadf03d8c1687e961c83dbb64c4d54d4b745a3abca7e381a00c6f51f48f6f7ce29ec656d89a1fab216675febedfe6b08c35add5aeb8cf6c0b226d309a222e1783e45e560f6ea64bf7706787f199116341f874321b52b1135830ab8979ae5546aad4ecfdac0045d4d15b4ed2fe26e484793db6aa61d40333355fa96ac5d1b8a5b5fc033475cba14f344007bfd82deb64b5c2eda6c0d528e4de0c21802d6b27554c0e2090f2c4ebd19208ce904cc02756b44bb2f8ebc1d37961c0957a4815487cbf76fdbe1f2b77b563a5663a00952c92579399f7acc1d41d9289ea0345f02f6f760ced802c8e0b14760a43dd04e6c371ceab9f5cb3617cd7ab31457b6821c6a4f34b243fba61f5c553e58ca253d5723382cf5d3f8357347ee2af2d48d86367f993e4b80b849dd3f50b2a89338af97e11b9a796ae2548856cce01334bca0c558e160f16e74699c7eaefd699acdf4d5019bf70f2d9c083f62b5254262f05c01dba59b1779502d3ad310a3039447d730a2cebb1242331a9849921c07336e985a844c55ce6129a650b3fd7cbda52a0cfdf0ef566f24adb8c959e442e9d5663fa16561b185cfb18355863d9b9f91c3829c4b0ba580668402a7a100fcd4a4e901b660863a9537f46e4f36446945e8f62e53e8282ccd7cfe14fca161d7daf592188eb2e11e275f616f4e692db8f318e8fb635d1a2582a3c8ad3050995f4cd810c04b23aaa6b26a2276133b443280f0526c9b1c016a7fdc052eff91d167b2813ec4f868c2da5fd9568da148e0ced0229f415716c1caddba880efa2017a82829125e734b96333da0b15340c149b50be86e3017bdaae3d80ae51c35df37e67684e81b5933cc7bfbe7ef0486d57e3901f9ae3eb1d592eb3fc244ce6555d3d69922dd3dcefecbba207fcbd5144a5ff97bf2216c046348a633284db59c10662350c7484ced762f353cd01a971c88d0eabb68eef856d585e8f5a684dc948b094754362ba8d606f85a755a27895ff5b6b4ea0387574afdf362a43b5535a2838b3f00f24612b9ae47e95f15d8b828efe56152d77871cfda0e0ff9936db3fe9c49f0d0f5ef9b71b81efd2e92d0166a4970254950a51235b66866d5402740adaa584e892572a6f46714704660cfbcaa56cc27cb538a908d1ee2fc7adaa674ce7a717f6e0481a2374f768fa3df8368bf4281bce6f9777f958f36502908d7c921ba745d0cc16b8a9a67f15c26d4b005788b1e90b19cc13f3e925fc14ef31d624c7500710d8f80e5bd4b14dd6bf70c210db6077c69d2d1751fe999442502d3542be12b732e3793e6c5e5c33a15a792ea344b0ed0be1ebb1d4e896e3e62d8d85afad2ae134dabc4f0d3fc719c6245d3bfafa42f0cdc9c0d5c4ba5c20b9da975bfd2f211bee8589ce1dc9652c2c3cee2a5e8a00049e42afe4403a905b60e0dcda1120d32ce36b91719d6308c93dfaa16c23a3b37e88194778be77d5e9e64b39477b76b4644ca32525b73bcf1fd9dc9af7776f2149e368053c58e1c93e1ec4575cb5e0b2da61d5e6b19436f3c095cdb4af4ddfc3364975700e5ff5275f9336b8cb3b959a1cd94f6b9c3a33f35e9ba4b7fea0466edf54e5e2e06a79bd170392c02b09749f3d111ef60baa8016dbf9ba581beab2c43d094add0d7fb7e16f198f3050641255f30a57c3045c1b51dd6e5d65613167596365b9c67aaa36fc89c44fbc4c8c96c328554a63a15511b04692651dd5e30780caf0dfce976c665e7b05fa6143914837bc82fb9d9dc5a1660e28a697e8a0a32eb8db109c5a045243d86ea11847fb64ec450112d77ecba32de418629a4ea2ae3f7ed3625b26def5c19813a6386ab4e43838c1fad3d4e92dfd7d3f98b3cf46d6e20304851899c59661e9639f3ff52fa023114907d930d74d605f3f7c5fd9ebb446d807e96cf3bf3517e369dc98f489026ec035a86f3719e1e50a48c0381f7fd2a7eea1d3a09ef7a0ba50b2ae28c2c955db4761ac005226ebc0c18d108e8ac066371be249b80eed88afee799411a50381cacb2d5164f0827720eb9d11b5cc548c2e145291dfbc5d4f70646dfbca077ce8ad3a3f8c627021295cbef70f5013c53e8fce32116e678a7b1dc535d43b429d330e9193f8de1a6c1da4353a86bc722ef1cffe59a012ff9c5f45b85e55ebdaa6b36a519c544ef8a86095e522d7dfbb9cac41e826fcc4bc676297141195f839ebcd8f64599fb15856960f97bc70d2336507d5060282d0988f354eb757c6f4b0ee77e2c0889e5336633ac28e2651c98e7f2fa4c163f8fc196b6798c1400c46710abed12a33a95afa56c7fe55de0b48cc984c80f6d98d212daeefdbcb457217b3962436e481d70967cab6b0943d5da59021ea9fbebf66e86943e029ef95d46d347b834098e1c8fb4c35d15945bc2e336f74c6c80430ad5fc4f5b9c6b41245ecf151eea90763ce3e09e050ae1c0925fa7a5ddbb7f210226cdcf9ee406041b73a5988646b90ed382d08e7a147078f9de025f5617017ec70f65dd25d7ccdb47ad7209474f4ca461ca46f0afe3cb405c3b72d320016d01b62def93fa4fa5a34df145c526fc497329a9e29ce17a929893f7beb417c88804418271dbeb51115821db4737b9cc467f190209649f543675defbf95640d20cdd124e85788b703213f4e99b4f36b74b5d44b67b7bc995ba133da4ae92f3a3db49c9ec039e0285001fc16760da0d07552e1ad621a4bac6d0b6409316e8a78273b79aa70df0e3ca024336d42c530550be8c68897bfa6a44f595bf5be48f8b25b48825ebcba815db4b3124522bc71e3970dbcafd479a6dab40f745a655cc3f9dd5aeb046d25baaaa160ba21f8b3c0292329ae107483c8caafcd70d041facfbf705dda95370a91879fc0ab9132e3b7b02cad69417178c4f34909df7a373bacb289476c25c901be7b52aabfdfcb3415ef3a565c7de2f0128c63e16984e2e98ad23e06b890f22894ebeceefdb472192e501e2c791232933b52ea4b9c4e9fe3654b8b1e08048fbcf58fada1cd49ca6658ce6ecd12102d90c81eac26090efa36514553abb298f7cf1a43bd6d473c1436b6be9e87445de726cfffb00c72de49db0585d677d5b245e15f9a53b4c258ba2fd67d38afd9ccd0d409c0bad675fcfbc1f4e5166fd1b29203274f758f55a266b8f7c9ec8ef1dd4913727fa392ce6b11baf902ea708adddd836982a609718c1dfb810aee6f21e47c27dc6b4eeebe5fc21aae6fe7d2908679c873e2aa45a1ee14cd7e10586216d5e17cdbfacd4bfedf00b7ba7fc46d4ac90667329ba76b4fcc6b991a55c9ed159a2fb9525c975bc0aa4a291fdde14a78b95adcde52fcb5a893ee7b4df6631b3ed5a9d9d9ebe36c7cedea777a9e67faad7f7004f0a820aeb6636f24685a15d12abc639aab2233b36584670c667f9e7a3fe1195d35b268d1052d5b4c9625dc963640c2c5e6c37d36acc31755b34f3ee2af7b7ba5dbe105322a3741c567c9edd817f6488fe69301b19481fe2e2cf74b19d4b224598b0ce1fa151fa1ef3d69aaeaab397a5eac72e0b969a09b85e3258e891db207393bc281afa93468b29b7e55cc2decf8292fc68e1a02b2faa873a846680992b37a548c8f724c0125027faa58be5b2836206cc34c063b50270d7fc968dab0d38072ca90bdef91119b72ab417d811d2f32bd41e6ab2bc5b5293f92f7a0a4f172bfea5403cd418db95e1a4232f78f6afd3d13978e206d85fa9ebe2abe444db065d03b6169bc9f0dbfc19237a74bd13c1ef844f839b20018fdaf1be6f1a171f6f3ce2205fdcce38330b88ceba0c5eae812e12be99993d265f806e61ec42c9527287967a1c3b27afb1edc35a5d17bb7f4d20ea708c62c9170ba2ab710f2d7f5dca7b33e0f9434cf0b6ee846fc8bc45d39f252ec682732fb090f46032491155d83a30894a259e037e57de7523481bcc2d704d8d728fbdf048df30f7e4861f62b8e63de47b3838b5062ccd2c125bc581024ea76bd4b1f53057f37d329f7861a2a70fd3b6d6fe252a1b892192ed75c585ab809f702e27e237c4aa2dc947585c2086eeaa29c3ff7e02cb7d3a0aa3a8156d2897daa9c45a2e28ba14fd40c8a3a058805e4b5b10641c3c25b9ab80cce83206b13a1e2bc362eb5ab7e0e677c01fc0486aa32862ad0afa4f1cc8496b961a0eec71c26ad107ead599d8ddd59d85adceb3ea442efcf8ed64f4c66547344dc81ef5b6ac102434395203f58d59656d41dcc192774d70f4f2964e304efde831126d402a240325e603347aa43626b5eb69b0", 0x2000, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x90, 0x0, 0x0, {0x1, 0x1, 0x41a, 0x0, 0xfffffffe, 0x8000, {0x0, 0x0, 0xfffffffffffffffa, 0x40a004fc, 0x2, 0x3, 0xeffffffc, 0x7, 0x0, 0x2000, 0x6, 0x0, 0xee01, 0xfffffffd}}}, 0x0, 0x0, 0x0, 0x0, 0x0})

4m8.882455299s ago: executing program 1 (id=1689):
r0 = socket(0x10, 0x3, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000180)={0x1, 0x1, 0x1000, 0xfe, &(0x7f0000000040)="047b8304d2cc93e701b2f815874b2ecd42d57cfec59336693ea190a6a15349e0ae3cf1097dc4f60f386a5d8e8a9ea301e52792e095dfb0234fd21d2586ded94d1cc66e1e0adb3248b263600b6269b8b3a8e65a883b11fb7e032e598be246a7530bf6339ec5fb16135b1467b06d16a2b28469b7cb0bbbc313c4f1aff5585dc374e023885444417f438fef74047e7a34678d32b19b80cd2d54974db66e3ad37a9538563195010a0f1c9277b74dceb70e2783257740744e2a7d04cc538a09ad91d31df8ff11bbcf5f01546c3f46eb4ca26919b76cd7b1e16290c5b07f0902c2377e2d06437f6a9c1cddf2c01bb35c692de0330ab3065540352ae4b510476a45", 0x30, 0x0, &(0x7f0000000140)="0ca448977088042c28b8fa13151ccfe6be34177c5e38d8ec7662718d555275a2cef9eaa4736bbcd19bcc233cd7eed958"}) (async)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000180)={0x1, 0x1, 0x1000, 0xfe, &(0x7f0000000040)="047b8304d2cc93e701b2f815874b2ecd42d57cfec59336693ea190a6a15349e0ae3cf1097dc4f60f386a5d8e8a9ea301e52792e095dfb0234fd21d2586ded94d1cc66e1e0adb3248b263600b6269b8b3a8e65a883b11fb7e032e598be246a7530bf6339ec5fb16135b1467b06d16a2b28469b7cb0bbbc313c4f1aff5585dc374e023885444417f438fef74047e7a34678d32b19b80cd2d54974db66e3ad37a9538563195010a0f1c9277b74dceb70e2783257740744e2a7d04cc538a09ad91d31df8ff11bbcf5f01546c3f46eb4ca26919b76cd7b1e16290c5b07f0902c2377e2d06437f6a9c1cddf2c01bb35c692de0330ab3065540352ae4b510476a45", 0x30, 0x0, &(0x7f0000000140)="0ca448977088042c28b8fa13151ccfe6be34177c5e38d8ec7662718d555275a2cef9eaa4736bbcd19bcc233cd7eed958"})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB="ec000000100001000000000000000000ac1414aa000000000000000000000000ac1414aa00000000000000000000000000000000000000000000005a42ff4af85b0000000000e7ef582483664f30a23a3311f3c71288990cedf46b672c7b3fc0de1c538d0f05abd9e9c040315d6f4e4ca4980cd17cfd2dfab2fbc4b1bf2d85390bc1d56b5425497c431278778afcd267b86bf493b40cfa33b3f3bc11b4e79a3d6321f0dde3a2a21915862a9dcded83feff6622d4cff09c09fd516b148f0dc68aa7be06c1af63f788c7f98b70d17a4c4077d92ca73b3c84d3a6cbfe6bed37ec28b3d4341ec0b1350e503b64a699496844fa9c52ae067dd634b0cf096a30380bc18d6464c1ef05f455b5c2926d4b1228db2ac58caba564c27299376b2aa41dfa47e437640986cf258cb86578518eb9bb184ef528bb250df5a807f5a666535701b97774729324c0230b0372bbcc023da6ae89c40ceb7f2fb15684b2", @ANYRES32=0x0, @ANYRES64=r1, @ANYBLOB="fc02000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000"], 0xec}}, 0x0) (async)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB="ec000000100001000000000000000000ac1414aa000000000000000000000000ac1414aa00000000000000000000000000000000000000000000005a42ff4af85b0000000000e7ef582483664f30a23a3311f3c71288990cedf46b672c7b3fc0de1c538d0f05abd9e9c040315d6f4e4ca4980cd17cfd2dfab2fbc4b1bf2d85390bc1d56b5425497c431278778afcd267b86bf493b40cfa33b3f3bc11b4e79a3d6321f0dde3a2a21915862a9dcded83feff6622d4cff09c09fd516b148f0dc68aa7be06c1af63f788c7f98b70d17a4c4077d92ca73b3c84d3a6cbfe6bed37ec28b3d4341ec0b1350e503b64a699496844fa9c52ae067dd634b0cf096a30380bc18d6464c1ef05f455b5c2926d4b1228db2ac58caba564c27299376b2aa41dfa47e437640986cf258cb86578518eb9bb184ef528bb250df5a807f5a666535701b97774729324c0230b0372bbcc023da6ae89c40ceb7f2fb15684b2", @ANYRES32=0x0, @ANYRES64=r1, @ANYBLOB="fc02000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000"], 0xec}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

4m8.88174184s ago: executing program 1 (id=1690):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000095000000000000001a9fc19a31222d90cb2faf008c79d4b7"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x68040200)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000011c0)=@IORING_OP_FSYNC={0x3, 0xd, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x8)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="340000000d06010100000000000000000300000a100003006269746d61703a706f72740005000100070000000500050003000000c72c3809c5bee47c7213e30e00c6062530fe04ae93da58fd06c866dca45d471fd7bfec905321ecb3d4f3a01a399e90d465f17db05e8f239363916db1eb881d1727606eb858eaff8820457a6e04d4c0b3c49d4eaba4b572"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4004050)
ioperm(0x0, 0x8, 0x6)
r6 = syz_open_dev$swradio(&(0x7f0000000080), 0x1, 0x2)
r7 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000240)={0x1c})
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r8, 0x100000)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01002dbd7000fdd9df258800000008000300", @ANYRES32=r10, @ANYBLOB="0007e5c7c5ffff0000000000"], 0x28}}, 0x4004810)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x20, r11, 0x400, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x32}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x8004)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000000))

4m7.972644215s ago: executing program 1 (id=1693):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
openat$dlm_monitor(0xffffff9c, &(0x7f0000000000), 0x40, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = dup(r4)
pwritev2(r5, &(0x7f0000000500)=[{&(0x7f0000000180)=')', 0x1}], 0x1, 0xd8c1, 0x205c, 0x5)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
pwritev2(r6, &(0x7f0000000980)=[{0x0}, {&(0x7f0000000500)="be81e1310fb465f31a42f6efa58772d291c57be2782f6ff63ea3517e50771580447f7d195ee15e186027d518b2c77a051895fece1dc014c33d6928ab0376cf4077399b51451472f53be50af6897bc0fa353cad9156d19de3665191fdf17a2f07f4286cea5c10fbb81feb85e406524a47b1978139eaa8", 0x76}, {0x0}], 0x3, 0x5, 0xa, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0xfe)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)

4m6.860838507s ago: executing program 1 (id=1696):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="02000000", @ANYBLOB="02000200", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r4, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB="05000000100d00"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000004001"], 0x80}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

4m6.350257519s ago: executing program 1 (id=1702):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = fsopen(0x0, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xe6)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
open(0x0, 0x60840, 0x1d2)
fsmount(r6, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r7=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)=@newlink={0x80, 0x10, 0x403, 0x0, 0x7000000, {}, [@IFLA_LINKINFO={0x50, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x40, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_EGRESS_QOS={0x28, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x40, 0x6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x400}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x9}}]}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_MASTER={0x8, 0xa, r7}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x80}, 0x1, 0xba01, 0x0, 0x4004001}, 0x0)

4m6.275362008s ago: executing program 34 (id=1702):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = fsopen(0x0, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xe6)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
open(0x0, 0x60840, 0x1d2)
fsmount(r6, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r7=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)=@newlink={0x80, 0x10, 0x403, 0x0, 0x7000000, {}, [@IFLA_LINKINFO={0x50, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x40, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_EGRESS_QOS={0x28, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x40, 0x6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x400}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x9}}]}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_MASTER={0x8, 0xa, r7}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x80}, 0x1, 0xba01, 0x0, 0x4004001}, 0x0)

3m57.847393692s ago: executing program 35 (id=1670):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f00000000c0)=0x800, &(0x7f0000000100)=0x4) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_freezer_state(r1, &(0x7f0000000140), 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x9)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x9)
write$hidraw(0xffffffffffffffff, &(0x7f0000000bc0), 0xffffffae) (async)
ioctl$HIDIOCGRDESC(r3, 0x40305829, &(0x7f0000000280)={0x102, "000000000000b60000000000001ff9c671000000a0d7964b545445170000000000003e9ec5963c8bd04ecbc0827d93920d04a5968449d06ca9266c6fbe092cbf8c05d9a9283246687ea1397782a725e29b237fc851bfc1ca8880a98448fe1961fbcfe2f3856dddcc9f29dd956454fcd69cce83c9d2ffc56b24631f0aa5defcf917ab2afbdeb6803c846a9e3efafba46a94d57b7c010000009fde0b2ca038d68d688928ddbdd249d4c67a513651ad8c8e349b08f3026bcf7beb2ca7ff653b7baf53745d91122b3253d4d996ba6b974b63a8f2712c37b251a5bac7b2e1f2e36003c9f9e78792ff7059469a1709b83cc9b5c96a3400"/258})

36.970105177s ago: executing program 7 (id=2866):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000095000000000000001a9fc19a31222d90cb2faf008c79d4b7"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x68040200)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000011c0)=@IORING_OP_FSYNC={0x3, 0xd, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x8)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="340000000d06010100000000000000000300000a100003006269746d61703a706f72740005000100070000000500050003000000c72c3809c5bee47c7213e30e00c6062530fe04ae93da58fd06c866dca45d471fd7bfec905321ecb3d4f3a01a399e90d465f17db05e8f239363916db1eb881d1727606eb858eaff8820457a6e04d4c0b3c49d4eaba4b572ef3d44bb6f753cce8f1e7572a12e2219bb37e801e171e9aae4072a12d25b31c68f5f22793e60d6b5ac25d6a890c0"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4004050)
ioperm(0x0, 0x8, 0x6)
r6 = syz_open_dev$swradio(&(0x7f0000000080), 0x1, 0x2)
r7 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000240)={0x1c})
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r8, 0x100000)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00', @ANYRES16=r11, @ANYBLOB="01002dbd7000fdd9df258800000008000300", @ANYRES32=r10, @ANYBLOB="0007e5c7c5ffff0000000000"], 0x28}}, 0x4004810)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x20, r11, 0x400, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x32}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x8004)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000000))

36.070557332s ago: executing program 7 (id=2873):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="02000000", @ANYBLOB="02000200", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020000400"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r4, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB="05000000100d00"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000004001"], 0x80}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

35.64287111s ago: executing program 7 (id=2875):
openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x28c}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x20, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000003c0)={'sit0\x00', &(0x7f0000000340)={'syztnl2\x00', <r5=>0x0, 0xf850, 0x10, 0x7, 0xffffff0a, {{0xc, 0x4, 0x0, 0x7, 0x30, 0x67, 0x0, 0xe, 0x2f, 0x0, @broadcast, @rand_addr=0x64010102, {[@generic={0x9e, 0xf, "ea0818daec5dab3c68fc2d45b4"}, @end, @generic={0x82, 0xa, '\x00\x00\x00\x00\x00\x00\x00\x00'}, @end]}}}}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r5, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000020303000000000000000020000000100800010001"], 0x1c}}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4008, 0x3, 0x260, 0x0, 0x500b, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @local, 0x0, 0xffffff00, 'lo\x00', 'team_slave_0\x00', {}, {}, 0x1, 0x3}, 0x0, 0x90, 0xf8, 0x0, {}, [@common=@socket0={{0x20}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @empty, 0x0, 0xe, [0x0, 0x0, 0xa, 0x0, 0xfffe, 0x23, 0x1, 0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000b00000/0x1000)=nil, 0x1000, 0x17)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r8, 0xffffffffffffffff, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_init(0xf00, 0x0)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r9, 0x10e, 0xc, &(0x7f0000000640)=0x7, 0x4)

35.120661702s ago: executing program 7 (id=2883):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020000400"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r4, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000140), 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

34.760777682s ago: executing program 7 (id=2885):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x90003, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x24)
mount$binder(0x0, &(0x7f0000000780)='./file0\x00', &(0x7f0000000680), 0x8001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00'}, 0x10)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

33.850667301s ago: executing program 7 (id=2889):
r0 = syz_create_resource$binfmt(&(0x7f00000003c0)='./file1\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0)
r3 = syz_clone(0x22180, 0x0, 0xa42f, 0x0, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r3, &(0x7f0000000040)='personality\x00')
syz_open_dev$video4linux(&(0x7f0000000280), 0x2, 0x101000)
write$binfmt_aout(r2, &(0x7f00000004c0)={{0xcc, 0x9, 0x6, 0xe2, 0x1e5, 0xdf, 0x1d3, 0xa}, "1fc1e58d6d3d2065d21908e2a1d82dd5938e5fd39c4169e86ef23151d5c00ebecf0d1745a28a165464076cdd7a98a439596d65a7af14aef1b551132d04c67daaf6ccebda99646231a2a69a1551e53cd3b4266a87aa808fcd883f3c71ebea4aeb27b3c938bc191bd83146b8c35c81e4937a0171f99408104ec39d", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x99a)

18.360343761s ago: executing program 36 (id=2889):
r0 = syz_create_resource$binfmt(&(0x7f00000003c0)='./file1\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0)
r3 = syz_clone(0x22180, 0x0, 0xa42f, 0x0, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r3, &(0x7f0000000040)='personality\x00')
syz_open_dev$video4linux(&(0x7f0000000280), 0x2, 0x101000)
write$binfmt_aout(r2, &(0x7f00000004c0)={{0xcc, 0x9, 0x6, 0xe2, 0x1e5, 0xdf, 0x1d3, 0xa}, "1fc1e58d6d3d2065d21908e2a1d82dd5938e5fd39c4169e86ef23151d5c00ebecf0d1745a28a165464076cdd7a98a439596d65a7af14aef1b551132d04c67daaf6ccebda99646231a2a69a1551e53cd3b4266a87aa808fcd883f3c71ebea4aeb27b3c938bc191bd83146b8c35c81e4937a0171f99408104ec39d", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x99a)

4.202645202s ago: executing program 6 (id=3041):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0xfffffffffffffead, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x3}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000012c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001280)={&(0x7f0000001300)={0x24, 0x0, 0x20, 0x70bd6c, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x7fffffff}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
sendmsg$nl_generic(r0, 0x0, 0xc000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000080)})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000700)=ANY=[@ANYBLOB="b601000000000000bd110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03bf3a48dfe3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc36b3d7c734a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9d74aa222038994dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b223ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bf050c719661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc02846ac5791278f18c6759e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb5d5505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6ddeb67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b41f528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03d0e119c963a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac038e9e17136e7c698f73faaabb3d00000000000080014573789425c4c32da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767cd755783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf07000000eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac80574fa3ea312997ab81bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d40837dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b86670000000000000000b27a2616c03cdf6c009447a652bca9b325e73c0737d5b717945e4fe7a169c5e2c54fc71a4104aa7cf0f5d30e2fcd9503650edbd8a5971a9a1fde5e5df37469ae204a6e899eacc1e63034cbabc5604739881cb82604bed3e53696a0606b26b879ef232a1a038291389593d1575cb79aa8284cf01a7e1a456acab9d8d608ad69d4c4b56492af7004e7ed9d47c5db3d76a00bea7c804f3a3638408bc1636f1009b7f185f51606918eaa0ab6bef11ae3d300"], &(0x7f0000000080)='GPL\x00', 0x9, 0x34, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x51c, 0x0, 0x25, 0x148, 0x340, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @local, 0xffffffff, 0xff000000, 'bridge_slave_1\x00', 'veth1\x00', {0xff}, {0xff}, 0x73, 0x2, 0x48}, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [], 0x0, 0x2}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x578)

3.659354165s ago: executing program 0 (id=3045):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='rpc_call_rpcerror\x00', r0, 0x0, 0xf69}, 0x18)
io_setup(0xeb0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
io_submit(r1, 0x1, &(0x7f0000000100)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
io_cancel(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000027c0)=ANY=[@ANYBLOB="02030009100000002abd70000000000002000800080000005b0000000000000005000600000000000a00000000000002000000000000000000000000000000010000000000000000020001000000000000000200000000010001ff0100000000000000000000000000010000000000000000"], 0x80}, 0x1, 0x7}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="25003300d0000000080211000001080211000000505050505050d00003"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = io_uring_setup(0x773d, &(0x7f0000000a40)={0x0, 0x0, 0x1000, 0x2, 0x3bc})
r6 = socket$rxrpc(0x21, 0x2, 0xa)
close_range(r5, r6, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141181)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000240)='0', 0x1)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

3.597155826s ago: executing program 8 (id=3048):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)='hfsplus\x00', 0x410, &(0x7f0000000100)='barrier')
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='comm\x00')
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x15)
writev(r4, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025", 0x1d}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b484f301f11e35f22", 0x21}], 0x2)
socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r7=>0x0})
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18002000003f000000000000000000f195"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r7, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5f1, @void, @value}, 0x94)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000001000010000b77aff4076c31169b60000000000000000000800", @ANYRES32=r7, @ANYBLOB="00410000000000000c002b8008000100", @ANYRES32=r8, @ANYBLOB], 0x2c}}, 0x0)

3.47013704s ago: executing program 0 (id=3049):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020000400"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r4, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB="05000000100d00"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000004001"], 0x80}}, 0x0)

3.259258741s ago: executing program 6 (id=3050):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={0x0, 0x2, 0x6}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})
dup(0xffffffffffffffff)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r2, 0x0, 0x0, 0x300, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x28}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x10, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x20002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x22ed, &(0x7f00000002c0)={0x0, 0x5eda, 0x10100, 0x2, 0x8000}, &(0x7f0000000080), 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001140)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES16=r4, @ANYRES32=r5, @ANYRESOCT=0x0], 0x40}, 0x1, 0x0, 0x0, 0x4c000}, 0x0)
r6 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r6, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4e21, 0xffffffff, @remote, 0x4}, 0x1c)

2.878801048s ago: executing program 0 (id=3054):
socket$inet6(0xa, 0x11, 0x7)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f0000000c80)={r4, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffc]}})
r6 = dup(r5)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc2c45512, &(0x7f0000000500)={{0x8, 0x2, 0xfffffffd, 0xff, 'syz1\x00', 0x80000800}, 0x1, [0x56, 0x4, 0xa71, 0x4, 0x10000, 0x4, 0x0, 0xfffffff7, 0xfffffff8, 0x2, 0x0, 0x80000001, 0x3e, 0x10001, 0x1ff, 0x8, 0x70, 0x1, 0x8, 0x7d0f, 0x6, 0xf, 0x9, 0xb, 0x8, 0x3, 0x6, 0x0, 0xfffffff7, 0x3, 0x1, 0x80, 0x2, 0x6, 0x9, 0x100000, 0x40c1f881, 0x29b0, 0x1, 0x1a, 0x6, 0x6, 0x4, 0x8, 0x6, 0x6, 0xfff, 0x2, 0x5, 0xe1, 0x6, 0x3b233bf5, 0x1a, 0x81, 0x9, 0x4, 0x9, 0x10001, 0xc, 0x10001, 0x7d60, 0x64c2, 0x1000, 0x6, 0x81, 0x6, 0xfffffff9, 0x80000000, 0xd8, 0x6, 0x1, 0x9, 0x1, 0x7, 0x4, 0x10000, 0x5, 0xffffffff, 0x1000, 0x8, 0xd49b, 0x7f, 0x4, 0x2, 0xffff8001, 0x7, 0x4, 0x2e8d, 0x2, 0x2, 0x5, 0x800, 0x3, 0x1f, 0xffff, 0x7, 0xa7d, 0xfff, 0x6, 0x2, 0x1, 0x5, 0x9f0, 0x4, 0x8, 0x80000000, 0x2b5d, 0x8, 0x8724, 0x800, 0xffffffba, 0x4, 0x7f, 0x10001, 0x2, 0x5, 0x9, 0x6, 0xff, 0xffff, 0x73af9db5, 0xa4c, 0x6, 0x9072ee6, 0x5, 0x3, 0x5, 0x9]})
write$UHID_INPUT(r6, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
keyctl$setperm(0x5, 0x0, 0x220c)
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz0\x00', {0x0, 0x4, 0x0, 0x2}, 0x4f, [0x0, 0x0, 0x0, 0x0, 0x3, 0x6, 0x0, 0xffff9519, 0x40000000, 0x0, 0x2, 0xb, 0x0, 0xfffffe00, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x40000, 0x8000, 0x2, 0x3, 0x3, 0x7, 0x0, 0x5ff339ba, 0x200, 0x8, 0x0, 0xa345, 0x0, 0xa, 0x0, 0x1, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x800, 0x0, 0x0, 0x0, 0x8, 0xf, 0x3562, 0x69e, 0xfffffffe, 0x0, 0x0, 0x2104, 0x0, 0x200, 0x10000, 0x1000, 0x2000000, 0x3, 0x0, 0x3, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x400000, 0x0, 0x1, 0x6, 0x2, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x1, 0x100, 0x1, 0x3ff1, 0x0, 0xfffffffb, 0x80, 0xfffffffd, 0x0, 0x4, 0x4, 0x16f50, 0x0, 0x0, 0x1, 0xfffffffd, 0x0, 0x0, 0x0, 0x1000, 0x4000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0xdd, 0x20000000, 0x0, 0x0, 0x6], [0x0, 0x707, 0x101, 0x0, 0x7, 0x0, 0x6, 0x0, 0xfffffffd, 0x53, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x9, 0x10000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x483534d7, 0x6, 0x1, 0x8, 0x6, 0xd, 0x10001, 0x4, 0xfffffffd, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0xc4, 0x10000, 0x0, 0x0, 0x1, 0x8, 0x0, 0x0, 0x7, 0x1000, 0x3b6, 0x68, 0x2, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffe, 0x1], [0x0, 0x0, 0x5, 0x200003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x0, 0x2, 0x4, 0x7fffffff, 0x5, 0x0, 0x0, 0x5, 0x48, 0x0, 0xffff, 0x4, 0x0, 0x0, 0x0, 0x81, 0x87c9, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8004, 0x0, 0x0, 0x1, 0x10000, 0x9, 0x101, 0x7, 0x0, 0x0, 0x40000]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)

2.37926493s ago: executing program 8 (id=3058):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = syz_open_dev$vcsa(&(0x7f0000000100), 0x4, 0x6a0200)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000140)={"7446bdea", 0x7, 0xa, 0xc, 0x98, 0xfc, "d1ab2a6ab77da5508288dd93253a05", 't\\\v(', "e711240f", "bf6d7e9d", ["7a356b30ae9c5c3d42024e92", "1782df646aa4acc07fe763c8", "294844137ae17dd1cb143ff8", "3acebf14464dc18e480d17a5"]})
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r2, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
capset(&(0x7f00000020c0)={0x19980330}, &(0x7f0000002100)={0x0, 0x0, 0x0, 0x0, 0x9})
r3 = openat$pmem0(0xffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$BLKBSZSET(r3, 0x40041271, 0x0)
ioctl$SNDCTL_DSP_SYNC(r2, 0x5001, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
ioctl$SNDCTL_DSP_SUBDIVIDE(r2, 0xc0045009, &(0x7f0000000040)=0xffffffff)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)

2.378992063s ago: executing program 5 (id=3059):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x6, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
getsockname$packet(r0, &(0x7f00000001c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000280)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x37e2f4aba9289b81, '\x00', r2, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x100002, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl(r3, 0x3ce, &(0x7f00000002c0)="f1dd73e0613455171a9e69f2a0bd1118ca595486bd11f94b52edbc035f57178d78e5b3e79ae64d3b889e19c96304887742de1792ff514d9a4334dda9e70060807fd2cfe1dfb7a2d9c1")
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0xd)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
read$dsp(r6, &(0x7f0000000000)=""/144, 0x90)
write$cgroup_type(r4, &(0x7f0000000180), 0x40010)

2.377984249s ago: executing program 6 (id=3060):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="02000000", @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020000400"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r4, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB="05000000100d00"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000004001"], 0x80}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

1.890246828s ago: executing program 0 (id=3061):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000095000000000000001a9fc19a31222d90cb2faf008c79d4b7"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x68040200)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000011c0)=@IORING_OP_FSYNC={0x3, 0xd, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x8)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="340000000d06010100000000000000000300000a100003006269746d61703a706f72740005000100070000000500050003000000c72c3809c5bee47c7213e30e00c6062530fe04ae93da58fd06c866dca45d471fd7bfec905321ecb3d4f3a01a399e90d465f17db05e8f239363916db1eb881d1727606eb858eaff8820457a6e04d4c0b3c49d4eaba4b572ef3d44bb6f753cce8f1e7572a12e2219bb37e801e171e9aae4072a12d25b31c68f5f22793e60d6b5ac25d6a890c0"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4004050)
ioperm(0x0, 0x8, 0x6)
r6 = syz_open_dev$swradio(&(0x7f0000000080), 0x1, 0x2)
r7 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000240)={0x1c})
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r8, 0x100000)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01002dbd7000fdd9df258800000008000300", @ANYRES32=r10, @ANYBLOB="0007e5c7c5ffff0000000000"], 0x28}}, 0x4004810)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8004)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000000))

1.889719368s ago: executing program 6 (id=3062):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020000400"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r4, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB="05000000100d00"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000004001"], 0x80}}, 0x0)

1.520109835s ago: executing program 8 (id=3063):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x80a, 0xfffffffffffffffe})
r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x11, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x2000000)
getsockopt$netrom_NETROM_T2(0xffffffffffffffff, 0x103, 0x2, &(0x7f0000000340)=0x9, &(0x7f00000003c0)=0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r3, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1e67}, {&(0x7f00000000c0)=""/250, 0x4}], 0x2, 0x0, 0xd64}}], 0x300, 0x34000, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[], 0x18}}, 0x0)

1.377438251s ago: executing program 5 (id=3064):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@bridge_delneigh={0x28, 0x1d, 0x1, 0x70bd26, 0x25dfdbfc, {0xa, 0x0, 0x0, 0x0, 0x8, 0x1, 0x8}, [@NDA_DST_MAC={0xa, 0x1, @local}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004000}, 0x20008000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x40, 0x1400}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x1}]}}}]}, 0x3c}}, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$sysctl(r3, 0x0, 0x0)
write$sysctl(r3, &(0x7f0000000000)='2\x00', 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setaffinity(r4, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
openat$fb0(0xffffffffffffff9c, 0x0, 0x402, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_io_uring_setup(0x23b, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x3, 0x2)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000000)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xb}, 0x1c)

1.376925572s ago: executing program 6 (id=3065):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r3)
sendmsg$NLBL_MGMT_C_REMOVE(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r4, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20048040}, 0x10000000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0182101, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000e80)='/sys/kernel/profiling', 0x22042, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r5, 0x0, 0x2, 0x0)

1.015935463s ago: executing program 0 (id=3066):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="0200", @ANYBLOB="02000200", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020000400"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r4, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000140), 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

630.356186ms ago: executing program 8 (id=3067):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = socket(0x10, 0x3, 0x0) (async)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x20002, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) (async)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYBLOB="387dc3a0cefd81c3e8248ee081488cb3a160cc3418349a7ffce6664f", @ANYRES32=r2, @ANYRES32=r2], 0x40}}, 0x0) (async, rerun: 64)
r5 = socket(0x10, 0x3, 0x0) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'sit0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@dellink={0x38, 0x11, 0x20, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, 0x20, 0x3020}, [@IFLA_TXQLEN={0x8, 0xd, 0x6}, @IFLA_LINKMODE={0x5, 0x11, 0x4}, @IFLA_GROUP={0x8, 0x1b, 0x9}]}, 0x38}}, 0x0) (async, rerun: 64)
r7 = syz_io_uring_setup(0x8d5, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000080)=<r9=>0x0) (rerun: 64)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}) (async)
io_uring_enter(r7, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
ptrace$poke(0x5, r0, 0x0, 0x400000) (async, rerun: 64)
io_setup(0xd72, &(0x7f0000002e80)=<r10=>0x0) (async, rerun: 64)
r11 = socket$rds(0x15, 0x5, 0x0)
io_submit(r10, 0x1, &(0x7f0000002500)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r11, 0x0}]) (async, rerun: 32)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141503) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x4844}, 0x0) (async, rerun: 64)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r12 = openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async)
r13 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r13, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
bind$inet6(r1, &(0x7f0000d84000)={0xa, 0xffff, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7}, 0x1c) (async, rerun: 64)
sendto$inet6(r13, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x397, @empty}, 0x1c) (async, rerun: 64)
write$FUSE_NOTIFY_INVAL_ENTRY(r12, &(0x7f0000001fc0)=ANY=[@ANYBLOB="4200000003000000000020000000000000000000000000002100000000"], 0x42)

550.265928ms ago: executing program 8 (id=3068):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='rpc_call_rpcerror\x00', r0, 0x0, 0xf69}, 0x18)
io_setup(0xeb0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
io_submit(r1, 0x1, &(0x7f0000000100)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
io_cancel(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000027c0)=ANY=[@ANYBLOB="02030009100000002abd70000000000002000800080000005b0000000000000005000600000000000a00000000000002000000000000000000000000000000010000000000000000020001000000000000000200000000010001ff0100000000000000000000000000010000000000000000"], 0x80}, 0x1, 0x7}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="25003300d0000000080211000001080211000000505050505050d00003"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = io_uring_setup(0x773d, &(0x7f0000000a40)={0x0, 0x0, 0x1000, 0x2, 0x3bc})
r6 = socket$rxrpc(0x21, 0x2, 0xa)
close_range(r5, r6, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141181)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000240)='0', 0x1)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

489.078704ms ago: executing program 0 (id=3069):
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc008561c, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1800000055a7b8e9f1", @ANYRES32=0x0], 0x18}}, 0x0)
r0 = socket$kcm(0x29, 0x0, 0x0)
sendmsg$kcm(r0, 0xfffffffffffffffe, 0x404c040)
syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
openat$mixer(0xffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x1, 0xa, 0x3, "2e85f85a3b9156e89e82960ad936188f4429f4bf777d1b56926c75b050d4c3f0", 0x39555659})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x40004)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xc, 0x17, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x17}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x26, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x10, 0x3, 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/timer_list\x00', 0x0, 0x0)
preadv(r6, &(0x7f0000000440)=[{&(0x7f0000000180)=""/82, 0x52}], 0x1, 0xd651, 0x72b)

439.938102ms ago: executing program 6 (id=3070):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="02000000", @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020000400"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r4, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB="05000000100d00"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000004001"], 0x80}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

299.87495ms ago: executing program 5 (id=3071):
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)=<r0=>0x0)
timer_create(0x1, &(0x7f0000000040)={0x0, 0x2c, 0x0, @tid=r0}, &(0x7f0000000080)=<r1=>0x0)
r2 = openat$null(0xffffff9c, &(0x7f00000000c0), 0x600100, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xa, 0x100010, r2, 0xf4ebd000)
socket$nl_route(0x10, 0x3, 0x0)
connect$ax25(r2, &(0x7f0000000100)={{0x3, @default, 0x1}, [@default, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
readlinkat(r2, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=""/244, 0xf4)
timer_settime(r1, 0x0, &(0x7f00000002c0)={{}, {0x77359400}}, &(0x7f0000000300))
ioctl$CEC_S_MODE(r2, 0x40046109, &(0x7f0000000340)=0x7)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r2)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000004c0)={&(0x7f0000000380), 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x28, r4, 0x400, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0xf6, 0x33}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x4004044)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000500))
recvmmsg(r2, &(0x7f0000003880)=[{{&(0x7f0000000540)=@qipcrtr, 0x80, &(0x7f0000000980)=[{&(0x7f00000005c0)=""/255, 0xff}, {&(0x7f00000006c0)=""/69, 0x45}, {&(0x7f0000000740)=""/254, 0xfe}, {&(0x7f0000000840)}, {&(0x7f0000000880)=""/250, 0xfa}], 0x5, &(0x7f00000009c0)=""/23, 0x17}, 0x3}, {{&(0x7f0000000a00)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000000a80)}, 0x2dc}, {{&(0x7f0000000ac0)=@sco={0x1f, @fixed}, 0x80, &(0x7f0000000cc0)=[{&(0x7f0000000b40)=""/138, 0x8a}, {&(0x7f0000000c00)=""/152, 0x98}], 0x2, &(0x7f0000000d00)}, 0x9}, {{&(0x7f0000000d40)=@hci, 0x80, &(0x7f0000001000)=[{&(0x7f0000000dc0)=""/149, 0x95}, {&(0x7f0000000e80)=""/16, 0x10}, {&(0x7f0000000ec0)=""/16, 0x10}, {&(0x7f0000000f00)=""/23, 0x17}, {&(0x7f0000000f40)=""/60, 0x3c}, {&(0x7f0000000f80)=""/101, 0x65}], 0x6, &(0x7f0000001040)=""/43, 0x2b}, 0x6}, {{&(0x7f0000001080)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000002180)=[{&(0x7f0000001100)=""/4096, 0x1000}, {&(0x7f0000002100)=""/77, 0x4d}], 0x2}}, {{&(0x7f00000021c0)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000003440)=[{&(0x7f0000002240)=""/4096, 0x1000}, {&(0x7f0000003240)=""/78, 0x4e}, {&(0x7f00000032c0)=""/64, 0x40}, {&(0x7f0000003300)=""/96, 0x60}, {&(0x7f0000003380)=""/42, 0x2a}, {&(0x7f00000033c0)=""/97, 0x61}], 0x6, &(0x7f0000003480)=""/176, 0xb0}, 0x580b}, {{&(0x7f0000003540)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f0000003840)=[{&(0x7f00000035c0)=""/157, 0x9d}, {&(0x7f0000003680)=""/131, 0x83}, {&(0x7f0000003740)=""/127, 0x7f}, {&(0x7f00000037c0)=""/77, 0x4d}], 0x4}, 0x401}], 0x7, 0x40000000, &(0x7f0000003980)={0x77359400})
timer_getoverrun(r1)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f00000039c0), r6)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003a40), r2)
sendmsg$NL80211_CMD_NEW_STATION(r2, &(0x7f0000003b40)={&(0x7f0000003a00)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000003b00)={&(0x7f0000003a80)={0x44, r7, 0x200, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x4}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x1d, 0x13, [{0x24}, {0x9}, {0x36, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x1b}, {0xb}, {0x48}, {0x4, 0x1}, {0x74}, {0x4, 0x1}, {0xb96f7577d1a62b44}, {0x48, 0x1}, {0x36, 0x1}, {0x56, 0x1}, {0x24}, {0xb, 0x1}, {0x4, 0x1}, {0x9, 0x1}, {0x31}, {0x2}, {0xc, 0x1}, {0x48, 0x1}, {0x44, 0x1}, {0x5}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000841}, 0x844)
recvmmsg(r2, &(0x7f00000051c0)=[{{&(0x7f0000003b80)=@un=@abs, 0x80, &(0x7f0000004cc0)=[{&(0x7f0000003c00)=""/123, 0x7b}, {&(0x7f0000003c80)=""/35, 0x23}, {&(0x7f0000003cc0)=""/4096, 0x1000}], 0x3, &(0x7f0000004d00)=""/3, 0x3}, 0x6}, {{&(0x7f0000004d40)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000005180)=[{&(0x7f0000004dc0)=""/192, 0xc0}, {&(0x7f0000004e80)=""/94, 0x5e}, {&(0x7f0000004f00)=""/214, 0xd6}, {&(0x7f0000005000)=""/108, 0x6c}, {&(0x7f0000005080)=""/156, 0x9c}, {&(0x7f0000005140)}], 0x6}, 0x8}], 0x2, 0x43, &(0x7f0000005200))
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r2, 0xc01064b3, &(0x7f0000005240))
execveat(r2, &(0x7f0000005280)='./file0\x00', &(0x7f0000005400)={[&(0x7f00000052c0)='\x00', &(0x7f0000005300)='*&}\x9e]\x00', &(0x7f0000005340)='(\x00', &(0x7f0000005380)='wlan0\x00', &(0x7f00000053c0)='/dev/null\x00']}, &(0x7f0000005580)={[&(0x7f0000005440)='nl80211\x00', &(0x7f0000005480)='nl80211\x00', &(0x7f00000054c0)='nl80211\x00', &(0x7f0000005500)='\x00', &(0x7f0000005540)='\v\x00']}, 0x1000)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000005600), r2)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000005640)={'team0\x00', <r9=>0x0})
getsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f0000005680)={@dev, @multicast2, <r10=>0x0}, &(0x7f00000056c0)=0xc)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000005840)={&(0x7f00000055c0)={0x10, 0x0, 0x0, 0x608c93c6ecc6e843}, 0xc, &(0x7f0000005800)={&(0x7f0000005700)={0xf4, r8, 0x20, 0x70bd26, 0x25dfdbff, {}, [@HEADER={0x88, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x20000000}, 0x800)
r11 = openat$drirender128(0xffffff9c, &(0x7f0000005880), 0x90800, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f00000058c0)={<r12=>0x0})
ioctl$DRM_IOCTL_UNLOCK(r11, 0x4008642b, &(0x7f0000005900)={r12, 0x8})

299.595846ms ago: executing program 8 (id=3072):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000b80), r1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYBLOB="000000000000000408000a00", @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000e00)={&(0x7f0000000c40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0x3, 0x0, 0xffffff00, [{}]}]}}, &(0x7f0000000d00)=""/198, 0x32, 0xc6, 0x1, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004000000130317"], 0x328}}, 0x84)

299.388569ms ago: executing program 5 (id=3073):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0)
write$cgroup_pid(r0, &(0x7f0000000000), 0x12)
r1 = syz_io_uring_setup(0xc4f, &(0x7f0000000440)={0x0, 0xfffffffc, 0x10100, 0x7fe}, &(0x7f0000000400)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_SHUTDOWN)
io_uring_enter(r1, 0x2dbe, 0x0, 0xffffffff, 0x0, 0x0)

209.457749ms ago: executing program 5 (id=3074):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES16=r0, @ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munlock(&(0x7f00003ad000/0x4000)=nil, 0x4000)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
setxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000", @ANYBLOB="02000000", @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="0200000770db00", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="0400887f64c7000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYBLOB="100004000000000020000400"], 0x7c, 0x2)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r4, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB="05000000100d00"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000004001"], 0x80}}, 0x0)

0s ago: executing program 5 (id=3075):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x80a, 0xfffffffffffffffe})
r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x11, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x2000000)
getsockopt$netrom_NETROM_T2(0xffffffffffffffff, 0x103, 0x2, &(0x7f0000000340)=0x9, &(0x7f00000003c0)=0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r3, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1e67}, {&(0x7f00000000c0)=""/250, 0x4}], 0x2, 0x0, 0xd64}}], 0x300, 0x34000, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[], 0x18}}, 0x0)

kernel console output (not intermixed with test programs):

e type 10 has an invalid length.
[  445.973669][T14352] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2266'.
[  445.995854][T14352] team0: Port device geneve0 added
[  446.085772][ T1017] libceph: connect (1)[c::]:6789 error -13
[  446.088442][ T1017] libceph: mon0 (1)[c::]:6789 connect error
[  446.407722][ T1017] libceph: connect (1)[c::]:6789 error -13
[  446.410063][ T1017] libceph: mon0 (1)[c::]:6789 connect error
[  446.701989][T14353] ceph: No mds server is up or the cluster is laggy
[  446.772238][T14366] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2269'.
[  446.775176][T14366] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2269'.
[  446.778322][T14366] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2269'.
[  448.046492][T14399] syzkaller0: entered allmulticast mode
[  448.126058][T14400] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2275'.
[  448.878150][T14397] syzkaller0: left allmulticast mode
[  449.686039][T14433] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  449.689383][T14433] /dev/nullb0: Can't open blockdev
[  449.828575][T14438] FAULT_INJECTION: forcing a failure.
[  449.828575][T14438] name failslab, interval 1, probability 0, space 0, times 0
[  449.833091][T14438] CPU: 2 UID: 0 PID: 14438 Comm: syz.7.2291 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  449.833105][T14438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.833111][T14438] Call Trace:
[  449.833116][T14438]  <TASK>
[  449.833120][T14438]  dump_stack_lvl+0x16c/0x1f0
[  449.833139][T14438]  should_fail_ex+0x512/0x640
[  449.833155][T14438]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  449.833169][T14438]  should_failslab+0xc2/0x120
[  449.833182][T14438]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  449.833194][T14438]  ? __alloc_skb+0x2b2/0x380
[  449.833209][T14438]  __alloc_skb+0x2b2/0x380
[  449.833220][T14438]  ? __pfx___alloc_skb+0x10/0x10
[  449.833231][T14438]  ? __pfx_br_vlan_rtm_process+0x10/0x10
[  449.833252][T14438]  netlink_ack+0x15d/0xb80
[  449.833270][T14438]  netlink_rcv_skb+0x347/0x440
[  449.833284][T14438]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  449.833300][T14438]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  449.833320][T14438]  ? netlink_deliver_tap+0x1ae/0xd30
[  449.833336][T14438]  netlink_unicast+0x53a/0x7f0
[  449.833351][T14438]  ? __pfx_netlink_unicast+0x10/0x10
[  449.833368][T14438]  netlink_sendmsg+0x8d1/0xdd0
[  449.833383][T14438]  ? __pfx_netlink_sendmsg+0x10/0x10
[  449.833398][T14438]  ? __import_iovec+0x1c8/0x660
[  449.833411][T14438]  ____sys_sendmsg+0xa95/0xc70
[  449.833430][T14438]  ? __pfx_____sys_sendmsg+0x10/0x10
[  449.833449][T14438]  ? get_compat_msghdr+0x11a/0x170
[  449.833474][T14438]  ___sys_sendmsg+0x134/0x1d0
[  449.833491][T14438]  ? __pfx____sys_sendmsg+0x10/0x10
[  449.833530][T14438]  __sys_sendmsg+0x16d/0x220
[  449.833543][T14438]  ? __pfx___sys_sendmsg+0x10/0x10
[  449.833561][T14438]  ? rcu_is_watching+0x12/0xc0
[  449.833574][T14438]  __do_fast_syscall_32+0x73/0x120
[  449.833591][T14438]  do_fast_syscall_32+0x32/0x80
[  449.833607][T14438]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  449.833620][T14438] RIP: 0023:0xf7f66579
[  449.833629][T14438] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  449.833639][T14438] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  449.833650][T14438] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  449.833656][T14438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  449.833662][T14438] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  449.833668][T14438] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  449.833674][T14438] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  449.833686][T14438]  </TASK>
[  449.953226][T14440] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2288'.
[  450.730126][T14465] FAULT_INJECTION: forcing a failure.
[  450.730126][T14465] name failslab, interval 1, probability 0, space 0, times 0
[  450.735184][T14465] CPU: 2 UID: 0 PID: 14465 Comm: syz.0.2300 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  450.735207][T14465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  450.735218][T14465] Call Trace:
[  450.735226][T14465]  <TASK>
[  450.735234][T14465]  dump_stack_lvl+0x16c/0x1f0
[  450.735264][T14465]  should_fail_ex+0x512/0x640
[  450.735289][T14465]  ? fs_reclaim_acquire+0xae/0x150
[  450.735318][T14465]  should_failslab+0xc2/0x120
[  450.735340][T14465]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  450.735362][T14465]  ? security_inode_alloc+0x3b/0x2b0
[  450.735387][T14465]  security_inode_alloc+0x3b/0x2b0
[  450.735409][T14465]  inode_init_always_gfp+0xce4/0x1030
[  450.735431][T14465]  alloc_inode+0x86/0x240
[  450.735453][T14465]  new_inode+0x22/0x1c0
[  450.735472][T14465]  ? start_creating.part.0+0x25d/0x3a0
[  450.735498][T14465]  __debugfs_create_file+0x11c/0x6b0
[  450.735527][T14465]  debugfs_create_file_short+0x41/0x60
[  450.735556][T14465]  ieee80211_debugfs_recreate_netdev+0x4a6/0x17e0
[  450.735582][T14465]  ? ieee80211_clear_tpe+0x233/0x290
[  450.735605][T14465]  ? __pfx_ieee80211_debugfs_recreate_netdev+0x10/0x10
[  450.735633][T14465]  ? ieee80211_link_setup+0x77/0x90
[  450.735659][T14465]  ? ieee80211_setup_sdata+0x5b5/0xcf0
[  450.735686][T14465]  ieee80211_if_change_type+0x2ba/0x800
[  450.735715][T14465]  ieee80211_change_iface+0xa5/0x500
[  450.735744][T14465]  cfg80211_change_iface+0x582/0xdc0
[  450.735778][T14465]  nl80211_set_interface+0x911/0xcb0
[  450.735800][T14465]  ? __pfx_nl80211_set_interface+0x10/0x10
[  450.735826][T14465]  ? nl80211_pre_doit+0x71e/0xb10
[  450.735849][T14465]  ? nl80211_pre_doit+0x1b0/0xb10
[  450.735876][T14465]  genl_family_rcv_msg_doit+0x206/0x2f0
[  450.735913][T14465]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  450.735939][T14465]  ? trace_cap_capable+0x18d/0x200
[  450.735964][T14465]  ? bpf_lsm_capable+0x9/0x10
[  450.735981][T14465]  ? security_capable+0x7e/0x260
[  450.735997][T14465]  ? ns_capable+0xd7/0x110
[  450.736017][T14465]  genl_rcv_msg+0x55c/0x800
[  450.736041][T14465]  ? __pfx_genl_rcv_msg+0x10/0x10
[  450.736061][T14465]  ? __pfx___dev_queue_xmit+0x10/0x10
[  450.736078][T14465]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  450.736098][T14465]  ? __pfx_nl80211_set_interface+0x10/0x10
[  450.736111][T14465]  ? __pfx_nl80211_post_doit+0x10/0x10
[  450.736136][T14465]  ? __lock_acquire+0xaa4/0x1ba0
[  450.736164][T14465]  netlink_rcv_skb+0x16d/0x440
[  450.736183][T14465]  ? __pfx_genl_rcv_msg+0x10/0x10
[  450.736206][T14465]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  450.736241][T14465]  ? __pfx_down_read+0x10/0x10
[  450.736258][T14465]  ? netlink_deliver_tap+0x1ae/0xd30
[  450.736284][T14465]  genl_rcv+0x28/0x40
[  450.736306][T14465]  netlink_unicast+0x53a/0x7f0
[  450.736331][T14465]  ? __pfx_netlink_unicast+0x10/0x10
[  450.736361][T14465]  netlink_sendmsg+0x8d1/0xdd0
[  450.736388][T14465]  ? __pfx_netlink_sendmsg+0x10/0x10
[  450.736411][T14465]  ? __import_iovec+0x1c8/0x660
[  450.736454][T14465]  ____sys_sendmsg+0xa95/0xc70
[  450.736481][T14465]  ? __pfx_____sys_sendmsg+0x10/0x10
[  450.736503][T14465]  ? get_compat_msghdr+0x11a/0x170
[  450.736532][T14465]  ___sys_sendmsg+0x134/0x1d0
[  450.736554][T14465]  ? __pfx____sys_sendmsg+0x10/0x10
[  450.736603][T14465]  __sys_sendmsg+0x16d/0x220
[  450.736625][T14465]  ? __pfx___sys_sendmsg+0x10/0x10
[  450.736651][T14465]  ? rcu_is_watching+0x12/0xc0
[  450.736669][T14465]  ? rcu_is_watching+0x12/0xc0
[  450.736688][T14465]  __do_fast_syscall_32+0x73/0x120
[  450.736713][T14465]  do_fast_syscall_32+0x32/0x80
[  450.736735][T14465]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  450.736754][T14465] RIP: 0023:0xf706e579
[  450.736767][T14465] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  450.736782][T14465] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  450.736797][T14465] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000100
[  450.736806][T14465] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  450.736815][T14465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  450.736823][T14465] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  450.736832][T14465] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  450.736854][T14465]  </TASK>
[  450.736886][T14465] debugfs: out of free dentries, can not create file 'rc_rateidx_mcs_mask_2ghz'
[  450.946771][ T5997] libceph: connect (1)[c::]:6789 error -101
[  450.948878][ T5997] libceph: mon0 (1)[c::]:6789 connect error
[  451.034126][ T5997] libceph: connect (1)[c::]:6789 error -101
[  451.039076][ T5997] libceph: mon0 (1)[c::]:6789 connect error
[  451.312957][ T5997] libceph: connect (1)[c::]:6789 error -101
[  451.322174][ T5997] libceph: mon0 (1)[c::]:6789 connect error
[  451.560931][T14459] ceph: No mds server is up or the cluster is laggy
[  451.889141][T14485] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2305'.
[  451.899980][T14483] netlink: 'syz.0.2304': attribute type 5 has an invalid length.
[  451.902321][T14483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2304'.
[  451.948231][T14491] syzkaller0: entered allmulticast mode
[  452.488877][ T1017] IPVS: starting estimator thread 0...
[  452.642071][T14508] IPVS: using max 42 ests per chain, 100800 per kthread
[  452.771351][T14490] syzkaller0: left allmulticast mode
[  453.615100][T14528] netlink: 'syz.5.2316': attribute type 1 has an invalid length.
[  453.640886][T14528] ieee802154 phy0 wpan0: encryption failed: -22
[  453.774274][ T5997] libceph: connect (1)[c::]:6789 error -13
[  453.776343][ T5997] libceph: mon0 (1)[c::]:6789 connect error
[  454.030016][    T9] libceph: connect (1)[c::]:6789 error -13
[  454.032364][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  454.183205][T14525] ceph: No mds server is up or the cluster is laggy
[  454.497398][T14541] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2321'.
[  454.500354][T14541] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2321'.
[  454.533179][T14541] overlayfs: failed to resolve './file0': -2
[  454.907386][T12730] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  454.942988][T12730] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  455.023565][T12730] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  455.026676][T12730] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  455.029360][T12730] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  455.055852][T14550] lo speed is unknown, defaulting to 1000
[  455.147214][T14550] lo speed is unknown, defaulting to 1000
[  455.239179][T14550] chnl_net:caif_netlink_parms(): no params data found
[  455.315268][ T9726] bond0: (slave syz_tun): Releasing backup interface
[  455.363650][T14568] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2327'.
[  455.390706][T14550] bridge0: port 1(bridge_slave_0) entered blocking state
[  455.393916][T14550] bridge0: port 1(bridge_slave_0) entered disabled state
[  455.396250][T14550] bridge_slave_0: entered allmulticast mode
[  455.398939][T14550] bridge_slave_0: entered promiscuous mode
[  455.403595][T14550] bridge0: port 2(bridge_slave_1) entered blocking state
[  455.406239][T14550] bridge0: port 2(bridge_slave_1) entered disabled state
[  455.408905][T14550] bridge_slave_1: entered allmulticast mode
[  455.412910][T14550] bridge_slave_1: entered promiscuous mode
[  455.461988][T14550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  455.466487][T14550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  455.516541][T14550] team0: Port device team_slave_0 added
[  455.521907][T14550] team0: Port device team_slave_1 added
[  455.577228][T14550] batman_adv: batadv0: Adding interface: batadv_slave_0
[  455.579512][T14550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  455.592630][T14550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  455.596986][T14550] batman_adv: batadv0: Adding interface: batadv_slave_1
[  455.599236][T14550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  455.608735][T14550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  455.651381][T14550] hsr_slave_0: entered promiscuous mode
[  455.653687][T14550] hsr_slave_1: entered promiscuous mode
[  455.655810][T14550] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  455.658201][T14550] Cannot create hsr debugfs directory
[  455.901030][T14550] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.905098][T14550] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  456.007889][T14588] syzkaller0: entered allmulticast mode
[  456.012980][T14588] syzkaller0 (unregistering): left allmulticast mode
[  456.153792][T14550] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.157040][T14550] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  456.235435][T14550] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.238786][T14550] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  456.304439][T14550] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.307766][T14550] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  456.456370][T14550] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  456.461149][T14550] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  456.465657][T14550] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  456.477697][T14550] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  456.527817][T14550] 8021q: adding VLAN 0 to HW filter on device bond0
[  456.542159][T14550] 8021q: adding VLAN 0 to HW filter on device team0
[  456.548568][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.550920][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  456.556122][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.558469][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  456.562144][T14596] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2336'.
[  456.672177][T14550] 8021q: adding VLAN 0 to HW filter on device batadv0
[  456.696861][T14550] veth0_vlan: entered promiscuous mode
[  456.709076][T14550] veth1_vlan: entered promiscuous mode
[  456.722678][T14550] veth0_macvtap: entered promiscuous mode
[  456.728353][T14550] veth1_macvtap: entered promiscuous mode
[  456.738212][T14550] batman_adv: batadv0: Interface activated: batadv_slave_0
[  456.744085][T14550] batman_adv: batadv0: Interface activated: batadv_slave_1
[  456.749346][T14550] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  456.753167][T14550] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  456.756000][T14550] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  456.758865][T14550] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  456.796393][T13917] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  456.799066][T13917] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.814653][T13917] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  456.817474][T13917] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.918255][T14613] input: syz1 as /devices/virtual/input/input51
[  456.920893][   T40] audit: type=1326 audit(1747643757.990:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  456.932097][T14614] fuse: Bad value for 'fd'
[  456.935182][T14613] netlink: 'syz.0.2340': attribute type 10 has an invalid length.
[  456.938975][   T40] audit: type=1326 audit(1747643757.990:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  456.956434][   T40] audit: type=1326 audit(1747643758.010:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=197 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  456.958176][T14614] rdma_rxe: rxe_newlink: failed to add syz_tun
[  456.967352][T14613] batman_adv: batadv0: Adding interface: team0
[  456.969680][T14613] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  456.979843][   T40] audit: type=1326 audit(1747643758.010:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  456.981568][T14613] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  456.986487][   T40] audit: type=1326 audit(1747643758.010:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  456.986513][   T40] audit: type=1326 audit(1747643758.010:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  457.004133][   T40] audit: type=1326 audit(1747643758.010:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  457.011546][   T40] audit: type=1326 audit(1747643758.010:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  457.018668][   T40] audit: type=1326 audit(1747643758.010:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  457.027913][   T40] audit: type=1326 audit(1747643758.010:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14611 comm="syz.7.2339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[  457.089923][ T5950] Bluetooth: hci0: command tx timeout
[  457.492876][T14633] netlink: 'syz.0.2342': attribute type 1 has an invalid length.
[  457.495462][T14633] netlink: 'syz.0.2342': attribute type 2 has an invalid length.
[  457.551854][T14635] syzkaller0: entered allmulticast mode
[  457.558514][T14635] syzkaller0 (unregistering): left allmulticast mode
[  457.983294][T14650] deleting an unspecified loop device is not supported.
[  458.441176][T14660] exFAT-fs (nullb0): invalid boot record signature
[  458.443914][T14660] exFAT-fs (nullb0): failed to read boot sector
[  458.457590][T14660] exFAT-fs (nullb0): failed to recognize exfat type
[  458.909469][T14666] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2354'.
[  458.914237][T14666] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2354'.
[  458.963033][T14670] netlink: 136 bytes leftover after parsing attributes in process `syz.5.2356'.
[  458.966138][T14670] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  459.170246][ T5950] Bluetooth: hci0: command tx timeout
[  459.354649][T14684] syzkaller0: entered allmulticast mode
[  459.362418][T14684] syzkaller0 (unregistering): left allmulticast mode
[  459.977174][T14700] siw: device registration error -23
[  459.983178][T14700] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2364'.
[  460.497716][T14708] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.723213][T14708] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.823103][T14708] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.920023][T14708] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.115516][T14708] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  461.123554][T14708] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  461.153991][T14708] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  461.185680][T14708] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  461.260030][ T5950] Bluetooth: hci0: command tx timeout
[  462.949775][   T10] usb 10-1: new full-speed USB device number 13 using dummy_hcd
[  463.079874][   T10] usb 10-1: device descriptor read/64, error -71
[  463.177257][T14767] overlayfs: failed to resolve './file1': -2
[  463.306457][ T5997] IPVS: starting estimator thread 0...
[  463.314790][ T5997] kernel write not supported for file /535/attr/exec (pid: 5997 comm: kworker/0:4)
[  463.322141][T14776] IPVS: set_ctl: invalid protocol: 60 7.0.0.0:0
[  463.329979][ T5950] Bluetooth: hci0: command tx timeout
[  463.339864][   T10] usb 10-1: new full-speed USB device number 14 using dummy_hcd
[  463.387552][T14780] netlink: 'syz.7.2384': attribute type 1 has an invalid length.
[  463.410057][T14782] loop6: detected capacity change from 0 to 524287999
[  463.410256][T14777] IPVS: using max 42 ests per chain, 100800 per kthread
[  463.433889][T14780] 8021q: adding VLAN 0 to HW filter on device bond1
[  463.470246][   T10] usb 10-1: device descriptor read/64, error -71
[  463.501749][T14783] CIFS: Unable to determine destination address
[  463.538664][T14780] bond1: (slave veth3): Enslaving as an active interface with a down link
[  463.555756][T14780] bond1: (slave dummy0): making interface the new active one
[  463.559124][T14780] dummy0: entered promiscuous mode
[  463.561817][T14780] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  463.580110][   T10] usb usb10-port1: attempt power cycle
[  463.756700][T14786] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2385'.
[  463.919818][   T10] usb 10-1: new full-speed USB device number 15 using dummy_hcd
[  463.941275][   T10] usb 10-1: device descriptor read/8, error -71
[  464.200076][   T10] usb 10-1: new full-speed USB device number 16 using dummy_hcd
[  464.230252][   T10] usb 10-1: device descriptor read/8, error -71
[  464.679799][   T10] usb usb10-port1: unable to enumerate USB device
[  465.685747][T14820] tipc: Started in network mode
[  465.687509][T14820] tipc: Node identity 4a680b171a17, cluster identity 4711
[  465.694733][T14820] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  465.838991][T14832] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  466.184419][T14845] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2403'.
[  466.425714][T14853] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  466.819803][ T5979] tipc: Node number set to 1350503191
[  466.926193][T14871] netlink: 'syz.5.2414': attribute type 1 has an invalid length.
[  468.019810][   T65] usb 12-1: new high-speed USB device number 8 using dummy_hcd
[  468.172620][   T65] usb 12-1: Using ep0 maxpacket: 32
[  468.178366][   T65] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  468.196716][   T65] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  468.202723][   T65] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  468.210811][   T65] usb 12-1: Product: syz
[  468.212313][   T65] usb 12-1: Manufacturer: syz
[  468.213926][   T65] usb 12-1: SerialNumber: syz
[  468.224033][   T65] usb 12-1: config 0 descriptor??
[  468.226812][T14898] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  468.232761][   T65] hub 12-1:0.0: bad descriptor, ignoring hub
[  468.234788][   T65] hub 12-1:0.0: probe with driver hub failed with error -5
[  468.549851][ T1329] usb 12-1: USB disconnect, device number 8
[  468.810215][   T65] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  468.899784][ T1329] usb 12-1: new high-speed USB device number 9 using dummy_hcd
[  469.059781][ T1329] usb 12-1: Using ep0 maxpacket: 32
[  469.066637][ T1329] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  469.073768][ T1329] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  469.076737][ T1329] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  469.079458][ T1329] usb 12-1: Product: syz
[  469.092419][ T1329] usb 12-1: Manufacturer: syz
[  469.094018][ T1329] usb 12-1: SerialNumber: syz
[  469.098677][ T1329] usb 12-1: config 0 descriptor??
[  469.102167][T14898] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  469.106313][ T1329] hub 12-1:0.0: bad descriptor, ignoring hub
[  469.108336][ T1329] hub 12-1:0.0: probe with driver hub failed with error -5
[  469.419936][ T1329] usb 12-1: USB disconnect, device number 9
[  469.428930][T14937] FAULT_INJECTION: forcing a failure.
[  469.428930][T14937] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.433604][T14937] CPU: 2 UID: 0 PID: 14937 Comm: syz.6.2427 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  469.433618][T14937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  469.433624][T14937] Call Trace:
[  469.433628][T14937]  <TASK>
[  469.433633][T14937]  dump_stack_lvl+0x16c/0x1f0
[  469.433653][T14937]  should_fail_ex+0x512/0x640
[  469.433671][T14937]  _copy_from_user+0x2e/0xd0
[  469.433701][T14937]  load_msg+0x253/0x4a0
[  469.433720][T14937]  do_msgsnd+0x1a7/0x17b0
[  469.433734][T14937]  ? __pfx_do_msgsnd+0x10/0x10
[  469.433745][T14937]  ? find_held_lock+0x2b/0x80
[  469.433756][T14937]  ? __might_fault+0xe3/0x190
[  469.433773][T14937]  ? __might_fault+0xe3/0x190
[  469.433784][T14937]  ? __might_fault+0x13b/0x190
[  469.433798][T14937]  ? __ia32_compat_sys_msgsnd+0xe6/0x130
[  469.433809][T14937]  __ia32_compat_sys_msgsnd+0xe6/0x130
[  469.433821][T14937]  __do_fast_syscall_32+0x73/0x120
[  469.433839][T14937]  do_fast_syscall_32+0x32/0x80
[  469.433855][T14937]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  469.433868][T14937] RIP: 0023:0xf7fc8579
[  469.433876][T14937] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  469.433886][T14937] RSP: 002b:00000000f50c555c EFLAGS: 00000296 ORIG_RAX: 0000000000000190
[  469.433896][T14937] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080002900
[  469.433903][T14937] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 0000000000000000
[  469.433909][T14937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  469.433914][T14937] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  469.433920][T14937] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  469.433933][T14937]  </TASK>
[  469.497544][    C2] vkms_vblank_simulate: vblank timer overrun
[  469.959812][ T1329] usb 12-1: new high-speed USB device number 10 using dummy_hcd
[  470.111505][ T1329] usb 12-1: Using ep0 maxpacket: 32
[  470.114805][ T1329] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  470.120251][ T1329] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  470.127527][ T1329] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  470.132746][ T1329] usb 12-1: Product: syz
[  470.134172][ T1329] usb 12-1: Manufacturer: syz
[  470.135761][ T1329] usb 12-1: SerialNumber: syz
[  470.138628][ T1329] usb 12-1: config 0 descriptor??
[  470.147860][T14898] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  470.152290][ T1329] hub 12-1:0.0: bad descriptor, ignoring hub
[  470.154240][ T1329] hub 12-1:0.0: probe with driver hub failed with error -5
[  470.460148][ T1329] usb 12-1: USB disconnect, device number 10
[  475.050350][   T64] dummy0: left promiscuous mode
[  476.452445][T14995] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  476.466467][T14995] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  477.945600][T15036] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  478.000721][T15036] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  478.055338][T15036] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  478.118160][T15044] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  478.138195][T15044] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  478.249269][T15042] ieee802154 phy0 wpan0: encryption failed: -22
[  478.540224][T15058] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2457'.
[  478.701230][T15064] netlink: 'syz.0.2456': attribute type 13 has an invalid length.
[  478.703819][T15064] netlink: 372 bytes leftover after parsing attributes in process `syz.0.2456'.
[  478.746187][T15068] syzkaller0: entered allmulticast mode
[  479.329481][T15078] netlink: 6 bytes leftover after parsing attributes in process `syz.7.2460'.
[  479.335301][T15078] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  479.576387][T15067] syzkaller0: left allmulticast mode
[  479.980797][T15094] overlayfs: overlapping lowerdir path
[  480.390442][T15105] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  480.402848][T15105] kvm: pic: non byte read
[  480.405533][T15105] kvm: pic: level sensitive irq not supported
[  480.406043][T15105] kvm: pic: non byte read
[  480.411809][   T65] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  480.412862][T15105] kvm: pic: level sensitive irq not supported
[  480.414839][T15105] kvm: pic: non byte read
[  480.659953][    T9] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[  480.814290][    T9] usb 11-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  480.818448][    T9] usb 11-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 12591, setting to 1024
[  480.826883][    T9] usb 11-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  480.830148][    T9] usb 11-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  480.833031][    T9] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.837366][T15099] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  480.842935][    T9] usb 11-1: Quirk or no altset; falling back to MIDI 1.0
[  482.645804][ T2297] usb 11-1: USB disconnect, device number 6
[  491.761038][T15195] 9pnet_virtio: no channels available for device syz
[  492.062673][T15210] FAULT_INJECTION: forcing a failure.
[  492.062673][T15210] name failslab, interval 1, probability 0, space 0, times 0
[  492.067088][T15210] CPU: 0 UID: 0 PID: 15210 Comm: syz.0.2492 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  492.067102][T15210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  492.067108][T15210] Call Trace:
[  492.067112][T15210]  <TASK>
[  492.067117][T15210]  dump_stack_lvl+0x16c/0x1f0
[  492.067152][T15210]  should_fail_ex+0x512/0x640
[  492.067173][T15210]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  492.067187][T15210]  should_failslab+0xc2/0x120
[  492.067201][T15210]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  492.067212][T15210]  ? __pfx___might_resched+0x10/0x10
[  492.067224][T15210]  ? alloc_vmap_area+0xd9a/0x2970
[  492.067242][T15210]  alloc_vmap_area+0xd9a/0x2970
[  492.067262][T15210]  ? __pfx_alloc_vmap_area+0x10/0x10
[  492.067280][T15210]  __get_vm_area_node+0x1ca/0x330
[  492.067299][T15210]  __vmalloc_node_range_noprof+0x277/0x1540
[  492.067315][T15210]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  492.067328][T15210]  ? find_held_lock+0x2b/0x80
[  492.067342][T15210]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  492.067359][T15210]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  492.067377][T15210]  ? __pfx_aa_get_newest_label+0x10/0x10
[  492.067389][T15210]  ? rcu_is_watching+0x12/0xc0
[  492.067400][T15210]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  492.067413][T15210]  __vmalloc_noprof+0x6d/0x90
[  492.067422][T15210]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  492.067434][T15210]  bpf_prog_alloc_no_stats+0x54/0x630
[  492.067446][T15210]  ? security_capable+0x7e/0x260
[  492.067458][T15210]  bpf_prog_alloc+0x3b/0x230
[  492.067469][T15210]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  492.067484][T15210]  bpf_prog_load+0x1a04/0x2490
[  492.067502][T15210]  ? __pfx_bpf_prog_load+0x10/0x10
[  492.067527][T15210]  ? bpf_lsm_bpf+0x9/0x10
[  492.067539][T15210]  __sys_bpf+0x433c/0x4d80
[  492.067555][T15210]  ? __pfx___sys_bpf+0x10/0x10
[  492.067570][T15210]  ? ksys_write+0x190/0x240
[  492.067582][T15210]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  492.067610][T15210]  ? fput+0x70/0xf0
[  492.067622][T15210]  ? ksys_write+0x1b9/0x240
[  492.067632][T15210]  ? __pfx_ksys_write+0x10/0x10
[  492.067644][T15210]  __ia32_sys_bpf+0x76/0xe0
[  492.067660][T15210]  __do_fast_syscall_32+0x73/0x120
[  492.067677][T15210]  do_fast_syscall_32+0x32/0x80
[  492.067693][T15210]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  492.067707][T15210] RIP: 0023:0xf7fb8579
[  492.067716][T15210] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  492.067725][T15210] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  492.067735][T15210] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080008000
[  492.067742][T15210] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  492.067747][T15210] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  492.067753][T15210] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  492.067759][T15210] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  492.067771][T15210]  </TASK>
[  492.345910][T15216] lo speed is unknown, defaulting to 1000
[  492.513377][T15216] lo speed is unknown, defaulting to 1000
[  493.800354][   T40] kauditd_printk_skb: 73 callbacks suppressed
[  493.800364][   T40] audit: type=1326 audit(1747643794.880:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15221 comm="syz.6.2495" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7fc00000
[  493.809494][T15223] syz.6.2495 (15223) used greatest stack depth: 19720 bytes left
[  494.272872][T15250] random: crng reseeded on system resumption
[  495.018381][T15265] lo speed is unknown, defaulting to 1000
[  495.115390][T15265] lo speed is unknown, defaulting to 1000
[  495.645814][T15283] siw: device registration error -23
[  495.656324][T15283] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2511'.
[  496.171701][T15290] FAULT_INJECTION: forcing a failure.
[  496.171701][T15290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  496.175901][T15290] CPU: 2 UID: 0 PID: 15290 Comm: syz.0.2513 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  496.175915][T15290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  496.175922][T15290] Call Trace:
[  496.175926][T15290]  <TASK>
[  496.175930][T15290]  dump_stack_lvl+0x16c/0x1f0
[  496.175949][T15290]  should_fail_ex+0x512/0x640
[  496.175968][T15290]  _copy_to_user+0x32/0xd0
[  496.175979][T15290]  simple_read_from_buffer+0xcb/0x170
[  496.175997][T15290]  proc_fail_nth_read+0x197/0x270
[  496.176012][T15290]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  496.176044][T15290]  ? rw_verify_area+0xcf/0x680
[  496.176060][T15290]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  496.176074][T15290]  vfs_read+0x1e1/0xc70
[  496.176086][T15290]  ? __pfx___mutex_lock+0x10/0x10
[  496.176102][T15290]  ? __pfx_vfs_read+0x10/0x10
[  496.176116][T15290]  ? __fget_files+0x20e/0x3c0
[  496.176129][T15290]  ksys_read+0x12a/0x240
[  496.176139][T15290]  ? __pfx_ksys_read+0x10/0x10
[  496.176148][T15290]  ? rcu_is_watching+0x12/0xc0
[  496.176159][T15290]  ? rcu_is_watching+0x12/0xc0
[  496.176171][T15290]  __do_fast_syscall_32+0x73/0x120
[  496.176188][T15290]  do_fast_syscall_32+0x32/0x80
[  496.176204][T15290]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  496.176217][T15290] RIP: 0023:0xf7fb8579
[  496.176225][T15290] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  496.176239][T15290] RSP: 002b:00000000f50d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  496.176249][T15290] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50d6620
[  496.176255][T15290] RDX: 000000000000000f RSI: 00000000f7442ff4 RDI: 0000000000000000
[  496.176261][T15290] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  496.176266][T15290] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  496.176272][T15290] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  496.176285][T15290]  </TASK>
[  496.457722][T15296] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.588265][T15296] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.679481][T15296] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.751069][T15296] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.885734][T15296] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  496.893471][T15296] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  496.900448][T15296] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  496.904194][T15300] exFAT-fs (nullb0): invalid boot record signature
[  496.906343][T15300] exFAT-fs (nullb0): failed to read boot sector
[  496.908474][T15300] exFAT-fs (nullb0): failed to recognize exfat type
[  496.918836][T15296] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  497.839366][T15315] lo speed is unknown, defaulting to 1000
[  497.953246][T15315] lo speed is unknown, defaulting to 1000
[  498.267159][T15317] overlayfs: overlapping lowerdir path
[  498.655839][T15346] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2529'.
[  498.658877][T15346] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2529'.
[  498.669852][T15346] netlink: 'syz.0.2529': attribute type 11 has an invalid length.
[  498.992005][T15360] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  498.994139][T15360] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  498.996758][T15360] vhci_hcd vhci_hcd.0: Device attached
[  499.138643][T15372] lo speed is unknown, defaulting to 1000
[  499.169991][ T1329] vhci_hcd: vhci_device speed not set
[  499.229847][ T1329] usb 47-1: new full-speed USB device number 2 using vhci_hcd
[  499.304750][T15372] lo speed is unknown, defaulting to 1000
[  499.577005][T15381] FAULT_INJECTION: forcing a failure.
[  499.577005][T15381] name failslab, interval 1, probability 0, space 0, times 0
[  499.581246][T15381] CPU: 2 UID: 0 PID: 15381 Comm: syz.0.2539 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  499.581266][T15381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  499.581291][T15381] Call Trace:
[  499.581297][T15381]  <TASK>
[  499.581304][T15381]  dump_stack_lvl+0x16c/0x1f0
[  499.581334][T15381]  should_fail_ex+0x512/0x640
[  499.581358][T15381]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  499.581380][T15381]  should_failslab+0xc2/0x120
[  499.581402][T15381]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  499.581422][T15381]  ? getname_flags.part.0+0x4c/0x550
[  499.581448][T15381]  getname_flags.part.0+0x4c/0x550
[  499.581480][T15381]  getname_flags+0x93/0xf0
[  499.581506][T15381]  user_path_at+0x24/0x60
[  499.581522][T15381]  __ia32_compat_sys_truncate+0xf6/0x1e0
[  499.581542][T15381]  ? __pfx___ia32_compat_sys_truncate+0x10/0x10
[  499.581564][T15381]  ? rcu_is_watching+0x12/0xc0
[  499.581584][T15381]  __do_fast_syscall_32+0x73/0x120
[  499.581610][T15381]  do_fast_syscall_32+0x32/0x80
[  499.581627][T15381]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  499.581640][T15381] RIP: 0023:0xf7fb8579
[  499.581648][T15381] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  499.581659][T15381] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 000000000000005c
[  499.581669][T15381] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000000000000
[  499.581676][T15381] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  499.581682][T15381] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  499.581688][T15381] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  499.581694][T15381] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  499.581706][T15381]  </TASK>
[  499.825445][T15361] vhci_hcd: connection reset by peer
[  499.829272][   T64] vhci_hcd: stop threads
[  499.831197][   T64] vhci_hcd: release socket
[  499.834513][   T64] vhci_hcd: disconnect device
[  500.188214][T15388] FAULT_INJECTION: forcing a failure.
[  500.188214][T15388] name failslab, interval 1, probability 0, space 0, times 0
[  500.192568][T15388] CPU: 3 UID: 0 PID: 15388 Comm: syz.6.2542 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  500.192583][T15388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  500.192590][T15388] Call Trace:
[  500.192593][T15388]  <TASK>
[  500.192598][T15388]  dump_stack_lvl+0x16c/0x1f0
[  500.192618][T15388]  should_fail_ex+0x512/0x640
[  500.192635][T15388]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  500.192649][T15388]  should_failslab+0xc2/0x120
[  500.192662][T15388]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  500.192673][T15388]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  500.192685][T15388]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  500.192697][T15388]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  500.192711][T15388]  mmu_topup_memory_caches+0x25/0x170
[  500.192728][T15388]  kvm_mmu_load+0xd9/0x22a0
[  500.192745][T15388]  ? kvm_lapic_sync_to_vapic+0x208/0x6d0
[  500.192762][T15388]  ? __pfx_kvm_mmu_load+0x10/0x10
[  500.192778][T15388]  ? vmx_update_cr8_intercept+0x1fd/0x370
[  500.192794][T15388]  vcpu_run+0x3446/0x5390
[  500.192809][T15388]  ? __lock_acquire+0xaa4/0x1ba0
[  500.192828][T15388]  ? __pfx_vcpu_run+0x10/0x10
[  500.192844][T15388]  ? fpu_swap_kvm_fpstate+0x235/0x4a0
[  500.192857][T15388]  ? __local_bh_enable_ip+0xa4/0x120
[  500.192873][T15388]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  500.192887][T15388]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  500.192906][T15388]  kvm_vcpu_ioctl+0x5e9/0x1680
[  500.192922][T15388]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  500.192937][T15388]  ? tomoyo_path_number_perm+0x18d/0x580
[  500.192952][T15388]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  500.192965][T15388]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  500.192981][T15388]  ? do_vfs_ioctl+0x512/0x1990
[  500.192995][T15388]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  500.193021][T15388]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  500.193037][T15388]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  500.193052][T15388]  ? __fget_files+0x20e/0x3c0
[  500.193061][T15388]  ? __fput_deferred+0x370/0x370
[  500.193076][T15388]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  500.193092][T15388]  __ia32_compat_sys_ioctl+0x24f/0x360
[  500.193108][T15388]  __do_fast_syscall_32+0x73/0x120
[  500.193125][T15388]  do_fast_syscall_32+0x32/0x80
[  500.193141][T15388]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  500.193154][T15388] RIP: 0023:0xf7fc8579
[  500.193163][T15388] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  500.193173][T15388] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  500.193183][T15388] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ae80
[  500.193189][T15388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  500.193195][T15388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  500.193200][T15388] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  500.193206][T15388] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  500.193219][T15388]  </TASK>
[  500.386187][T15393] netlink: 'syz.6.2543': attribute type 1 has an invalid length.
[  500.403390][T15393] 8021q: adding VLAN 0 to HW filter on device bond1
[  500.420772][T15393] bond1: (slave gretap1): making interface the new active one
[  500.423852][T15393] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  500.431159][T15396] 9pnet_virtio: no channels available for device syz
[  500.728161][T15406] bridge0: port 1(vlan2) entered blocking state
[  500.730738][T15406] bridge0: port 1(vlan2) entered disabled state
[  500.733450][T15406] vlan2: entered allmulticast mode
[  500.735361][T15406] bridge0: entered allmulticast mode
[  500.743922][T15406] vlan2: left allmulticast mode
[  500.745804][T15406] bridge0: left allmulticast mode
[  500.931806][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  501.182513][T15410] 9pnet_virtio: no channels available for device syz
[  501.459403][ T5950] Bluetooth: hci3: unexpected event for opcode 0x200a
[  501.578905][T15423] netlink: 'syz.0.2552': attribute type 19 has an invalid length.
[  501.602932][T15424] Bluetooth: MGMT ver 1.23
[  501.605637][T15424] FAULT_INJECTION: forcing a failure.
[  501.605637][T15424] name failslab, interval 1, probability 0, space 0, times 0
[  501.610016][T15424] CPU: 1 UID: 0 PID: 15424 Comm: syz.6.2554 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  501.610030][T15424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  501.610037][T15424] Call Trace:
[  501.610041][T15424]  <TASK>
[  501.610045][T15424]  dump_stack_lvl+0x16c/0x1f0
[  501.610065][T15424]  should_fail_ex+0x512/0x640
[  501.610083][T15424]  should_failslab+0xc2/0x120
[  501.610097][T15424]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  501.610110][T15424]  ? __alloc_skb+0x2b2/0x380
[  501.610125][T15424]  __alloc_skb+0x2b2/0x380
[  501.610137][T15424]  ? __pfx___alloc_skb+0x10/0x10
[  501.610149][T15424]  ? __alloc_skb+0x200/0x380
[  501.610161][T15424]  ? __pfx___alloc_skb+0x10/0x10
[  501.610175][T15424]  create_monitor_ctrl_event+0x3b/0x450
[  501.610195][T15424]  mgmt_cmd_complete+0x2de/0x550
[  501.610207][T15424]  set_powered+0x46f/0x5c0
[  501.610220][T15424]  ? __pfx_set_powered+0x10/0x10
[  501.610231][T15424]  ? lockdep_init_map_type+0x5c/0x280
[  501.610246][T15424]  ? do_init_timer+0xc9/0x110
[  501.610264][T15424]  ? __pfx_mgmt_init_hdev+0x10/0x10
[  501.610277][T15424]  hci_sock_sendmsg+0x1522/0x25e0
[  501.610291][T15424]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  501.610306][T15424]  sock_write_iter+0x4ff/0x5b0
[  501.610323][T15424]  ? __pfx_sock_write_iter+0x10/0x10
[  501.610344][T15424]  ? bpf_lsm_file_permission+0x9/0x10
[  501.610354][T15424]  ? security_file_permission+0x71/0x210
[  501.610370][T15424]  ? rw_verify_area+0xcf/0x680
[  501.610387][T15424]  vfs_write+0x5ba/0x1180
[  501.610398][T15424]  ? __pfx_sock_write_iter+0x10/0x10
[  501.610415][T15424]  ? __pfx_vfs_write+0x10/0x10
[  501.610425][T15424]  ? find_held_lock+0x2b/0x80
[  501.610444][T15424]  ksys_write+0x205/0x240
[  501.610454][T15424]  ? __pfx_ksys_write+0x10/0x10
[  501.610466][T15424]  ? rcu_is_watching+0x12/0xc0
[  501.610478][T15424]  __do_fast_syscall_32+0x73/0x120
[  501.610495][T15424]  do_fast_syscall_32+0x32/0x80
[  501.610511][T15424]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  501.610524][T15424] RIP: 0023:0xf7fc8579
[  501.610533][T15424] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  501.610543][T15424] RSP: 002b:00000000f50c555c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  501.610553][T15424] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000080000040
[  501.610560][T15424] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[  501.610565][T15424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  501.610571][T15424] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  501.610578][T15424] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  501.610591][T15424]  </TASK>
[  501.631432][T15427] netlink: 'syz.7.2551': attribute type 2 has an invalid length.
[  501.717361][T15427] netlink: 244 bytes leftover after parsing attributes in process `syz.7.2551'.
[  501.970078][    T9] usb 12-1: new high-speed USB device number 11 using dummy_hcd
[  502.141243][    T9] usb 12-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  502.144710][    T9] usb 12-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  502.149459][    T9] usb 12-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  502.159394][    T9] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.165974][    T9] usb 12-1: Quirk or no altset; falling back to MIDI 1.0
[  502.181704][    T9] snd-usb-audio 12-1:27.0: probe with driver snd-usb-audio failed with error -2
[  502.347627][T15441] lo speed is unknown, defaulting to 1000
[  502.467674][T15441] lo speed is unknown, defaulting to 1000
[  502.639768][   T65] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[  502.809982][   T65] usb 11-1: Using ep0 maxpacket: 16
[  502.813042][   T65] usb 11-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  502.816643][   T65] usb 11-1: config 0 interface 0 has no altsetting 0
[  502.818825][   T65] usb 11-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  502.822602][   T65] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.826359][   T65] usb 11-1: config 0 descriptor??
[  503.076572][   T65] usbhid 11-1:0.0: can't add hid device: -71
[  503.079015][   T65] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  503.082863][   T65] usb 11-1: USB disconnect, device number 7
[  503.501351][T15460] random: crng reseeded on system resumption
[  504.359803][ T1329] vhci_hcd: vhci_device speed not set
[  504.524418][   T57] usb 12-1: USB disconnect, device number 11
[  504.528029][T15427] delete_channel: no stack
[  506.035257][T15527] 9pnet_virtio: no channels available for device syz
[  506.362495][T15539] program syz.7.2584 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  506.367330][T15539] tmpfs: Cannot change global quota limit on remount
[  506.421359][T15539] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2584'.
[  506.425465][T15539] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2584'.
[  506.436792][T15539] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2584'.
[  506.443677][T15539] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2584'.
[  506.505505][ T5950] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  506.768345][T15561] netlink: 'syz.0.2594': attribute type 15 has an invalid length.
[  507.341443][T15569] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  507.494994][T15582] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2603'.
[  507.900458][ T1487] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  508.049891][ T1487] usb 11-1: Using ep0 maxpacket: 8
[  508.053735][ T1487] usb 11-1: config index 0 descriptor too short (expected 301, got 45)
[  508.057409][ T1487] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  508.061656][ T1487] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  508.065865][ T1487] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  508.069887][ T1487] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  508.074603][ T1487] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  508.077568][ T1487] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.283524][ T1487] usb 11-1: GET_CAPABILITIES returned 0
[  508.285452][ T1487] usbtmc 11-1:16.0: can't read capabilities
[  508.406566][T15617] FAULT_INJECTION: forcing a failure.
[  508.406566][T15617] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  508.413419][T15617] CPU: 3 UID: 0 PID: 15617 Comm: syz.5.2612 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  508.413443][T15617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  508.413454][T15617] Call Trace:
[  508.413461][T15617]  <TASK>
[  508.413468][T15617]  dump_stack_lvl+0x16c/0x1f0
[  508.413500][T15617]  should_fail_ex+0x512/0x640
[  508.413531][T15617]  should_fail_alloc_page+0xe7/0x130
[  508.413556][T15617]  prepare_alloc_pages+0x3c2/0x610
[  508.413584][T15617]  ? rcu_is_watching+0x12/0xc0
[  508.413604][T15617]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  508.413626][T15617]  ? __lock_acquire+0x5ca/0x1ba0
[  508.413661][T15617]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  508.413685][T15617]  ? __lock_acquire+0x5ca/0x1ba0
[  508.413714][T15617]  ? __lock_acquire+0x5ca/0x1ba0
[  508.413738][T15617]  ? __lock_acquire+0x5ca/0x1ba0
[  508.413761][T15617]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  508.413788][T15617]  ? policy_nodemask+0xea/0x4e0
[  508.413813][T15617]  alloc_pages_mpol+0x1fb/0x550
[  508.413836][T15617]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  508.413859][T15617]  ? __lock_acquire+0x5ca/0x1ba0
[  508.413886][T15617]  folio_alloc_mpol_noprof+0x36/0x2f0
[  508.413913][T15617]  vma_alloc_folio_noprof+0xed/0x1e0
[  508.413939][T15617]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  508.413972][T15617]  do_pte_missing+0x223d/0x3fb0
[  508.414001][T15617]  __handle_mm_fault+0x103d/0x2a40
[  508.414028][T15617]  ? __pfx___handle_mm_fault+0x10/0x10
[  508.414045][T15617]  ? __pte_offset_map_lock+0x155/0x2f0
[  508.414071][T15617]  ? find_held_lock+0x2b/0x80
[  508.414087][T15617]  ? find_held_lock+0x2b/0x80
[  508.414122][T15617]  handle_mm_fault+0x3fe/0xad0
[  508.414145][T15617]  __get_user_pages+0x771/0x36f0
[  508.414183][T15617]  ? __pfx___get_user_pages+0x10/0x10
[  508.414210][T15617]  ? __pfx_down_read_killable+0x10/0x10
[  508.414231][T15617]  ? __lock_acquire+0x5ca/0x1ba0
[  508.414257][T15617]  __gup_longterm_locked+0x20d/0x1850
[  508.414294][T15617]  ? __pfx___gup_longterm_locked+0x10/0x10
[  508.414326][T15617]  ? find_held_lock+0x2b/0x80
[  508.414343][T15617]  ? sanity_check_pinned_pages+0x23/0x11e0
[  508.414376][T15617]  gup_fast_fallback+0x183d/0x2650
[  508.414415][T15617]  ? __pfx_gup_fast_fallback+0x10/0x10
[  508.414457][T15617]  pin_user_pages_fast+0xa7/0xf0
[  508.414474][T15617]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  508.414490][T15617]  ? __kmalloc_noprof+0x242/0x510
[  508.414517][T15617]  rds_info_getsockopt+0x39f/0x4f0
[  508.414540][T15617]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  508.414558][T15617]  ? find_held_lock+0x2b/0x80
[  508.414576][T15617]  ? __might_fault+0x13b/0x190
[  508.414604][T15617]  rds_getsockopt+0x173/0x2d0
[  508.414626][T15617]  ? __pfx_rds_getsockopt+0x10/0x10
[  508.414651][T15617]  do_sock_getsockopt+0x3fc/0x800
[  508.414680][T15617]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  508.414702][T15617]  ? __fget_files+0x204/0x3c0
[  508.414730][T15617]  __sys_getsockopt+0x123/0x1a0
[  508.414755][T15617]  __ia32_sys_getsockopt+0xbc/0x160
[  508.414773][T15617]  ? lockdep_hardirqs_on+0x7c/0x110
[  508.414797][T15617]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  508.414824][T15617]  __do_fast_syscall_32+0x73/0x120
[  508.414854][T15617]  do_fast_syscall_32+0x32/0x80
[  508.414880][T15617]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  508.414902][T15617] RIP: 0023:0xf7f32579
[  508.414917][T15617] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  508.414934][T15617] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  508.414951][T15617] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000114
[  508.414961][T15617] RDX: 0000000000002711 RSI: 0000000080019580 RDI: 0000000080000040
[  508.414972][T15617] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  508.414982][T15617] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  508.414992][T15617] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  508.415016][T15617]  </TASK>
[  508.564547][ T1487] usb 11-1: USB disconnect, device number 8
[  508.874588][   T24] hid (null): unknown global tag 0xe
[  508.876396][   T24] hid (null): unknown global tag 0xe
[  508.878500][   T24] hid (null): unknown global tag 0x82
[  508.882283][   T24] hid-generic 0DE2:6800000:000F.0006: reserved main item tag 0xe
[  508.885742][   T24] hid-generic 0DE2:6800000:000F.0006: unknown global tag 0xe
[  508.888703][   T24] hid-generic 0DE2:6800000:000F.0006: item 0 0 1 14 parsing failed
[  508.897618][   T24] hid-generic 0DE2:6800000:000F.0006: probe with driver hid-generic failed with error -22
[  509.039778][ T2297] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  509.192544][ T2297] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  509.197916][ T2297] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  509.201245][ T2297] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  509.205369][ T2297] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  509.208371][ T2297] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.212406][ T2297] usb 5-1: config 0 descriptor??
[  509.801130][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.809774][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.819959][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.822418][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.824846][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.827237][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.829626][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.859954][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.862427][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.864840][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.867283][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.895229][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.897715][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.909816][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.912284][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.914692][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.917125][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.919490][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.933287][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.935832][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.938281][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.959762][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.962649][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.965098][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.967383][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.992008][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.994443][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.996862][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  509.999273][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.020019][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.022438][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.024833][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.027223][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.029634][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.032185][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.034571][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.037003][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.039378][ T2297] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  510.053353][ T2297] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  510.073462][ T2297] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  510.078601][ T2297] usb 5-1: USB disconnect, device number 10
[  510.650996][T15659] FAULT_INJECTION: forcing a failure.
[  510.650996][T15659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  510.655167][T15659] CPU: 1 UID: 0 PID: 15659 Comm: syz.5.2622 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  510.655181][T15659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  510.655187][T15659] Call Trace:
[  510.655191][T15659]  <TASK>
[  510.655196][T15659]  dump_stack_lvl+0x16c/0x1f0
[  510.655215][T15659]  should_fail_ex+0x512/0x640
[  510.655234][T15659]  _copy_from_user+0x2e/0xd0
[  510.655251][T15659]  memdup_user+0x6b/0xe0
[  510.655266][T15659]  drm_mode_create_lease_ioctl+0x420/0x1fb0
[  510.655284][T15659]  ? __pfx_drm_mode_create_lease_ioctl+0x10/0x10
[  510.655305][T15659]  ? drm_is_current_master+0x2c/0x40
[  510.655322][T15659]  ? do_raw_spin_unlock+0x172/0x230
[  510.655341][T15659]  drm_ioctl_kernel+0x1f4/0x3e0
[  510.655351][T15659]  ? __pfx_drm_mode_create_lease_ioctl+0x10/0x10
[  510.655365][T15659]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  510.655381][T15659]  drm_ioctl+0x5c9/0xc30
[  510.655394][T15659]  ? __pfx_drm_mode_create_lease_ioctl+0x10/0x10
[  510.655408][T15659]  ? __pfx_drm_ioctl+0x10/0x10
[  510.655429][T15659]  drm_compat_ioctl+0x327/0x460
[  510.655445][T15659]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  510.655459][T15659]  __ia32_compat_sys_ioctl+0x24f/0x360
[  510.655477][T15659]  __do_fast_syscall_32+0x73/0x120
[  510.655494][T15659]  do_fast_syscall_32+0x32/0x80
[  510.655510][T15659]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  510.655523][T15659] RIP: 0023:0xf7f32579
[  510.655532][T15659] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  510.655543][T15659] RSP: 002b:00000000f501455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  510.655553][T15659] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c01864c6
[  510.655559][T15659] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  510.655565][T15659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  510.655571][T15659] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  510.655577][T15659] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  510.655590][T15659]  </TASK>
[  510.935030][T15661] syz.6.2624: attempt to access beyond end of device
[  510.935030][T15661] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[  510.939605][T15661] syz.6.2624: attempt to access beyond end of device
[  510.939605][T15661] nbd6: rw=0, sector=120, nr_sectors = 8 limit=0
[  510.944184][T15661] Mount JFS Failure: -5
[  510.950238][T15662] syz.6.2624: attempt to access beyond end of device
[  510.950238][T15662] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[  510.955245][T15662] syz.6.2624: attempt to access beyond end of device
[  510.955245][T15662] nbd6: rw=0, sector=120, nr_sectors = 8 limit=0
[  510.960736][T15662] Mount JFS Failure: -5
[  511.381362][T15693] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2633'.
[  511.425958][T15695] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2635'.
[  511.445919][T15699] lo speed is unknown, defaulting to 1000
[  511.535036][T15699] lo speed is unknown, defaulting to 1000
[  511.947716][T15695] Process accounting resumed
[  512.001279][T15712] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2638'.
[  512.004170][T15712] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2638'.
[  512.457566][T15726] pim6reg: entered allmulticast mode
[  512.491599][T15727] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2643'.
[  512.716208][T15741] binder: binder_mmap: 15740 80000000-80003000 bad vm_flags failed -1
[  512.812883][T15748] lo speed is unknown, defaulting to 1000
[  512.913602][T15748] lo speed is unknown, defaulting to 1000
[  513.764298][   T40] audit: type=1326 audit(1747643814.840:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15771 comm="syz.0.2656" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x0
[  514.008021][T15774] lo speed is unknown, defaulting to 1000
[  514.010071][T15774] lo speed is unknown, defaulting to 1000
[  514.012321][T15774] lo speed is unknown, defaulting to 1000
[  514.020733][T15774] infiniband sĚR4: RDMA CMA: cma_listen_on_dev, error -98
[  514.032074][T15774] lo speed is unknown, defaulting to 1000
[  514.034663][T15774] lo speed is unknown, defaulting to 1000
[  514.037417][T15774] lo speed is unknown, defaulting to 1000
[  514.040131][T15774] lo speed is unknown, defaulting to 1000
[  514.042698][T15774] lo speed is unknown, defaulting to 1000
[  514.045451][T15774] lo speed is unknown, defaulting to 1000
[  514.048110][T15774] lo speed is unknown, defaulting to 1000
[  514.050912][T15774] lo speed is unknown, defaulting to 1000
[  515.011331][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  515.013391][T15753] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  515.815588][T15753] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  515.818623][T15753] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  515.821663][T15753] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  515.823699][T15753] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  515.826369][T15753] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  515.931829][T15765] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  515.934015][T15765] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  515.936063][T15765] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  515.938167][T15765] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  516.366463][T15801] netlink: 19 bytes leftover after parsing attributes in process `syz.6.2666'.
[  517.684507][T15838] autofs: Bad value for 'fd'
[  517.797883][T15843] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2682'.
[  517.969908][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  517.969955][T12730] Bluetooth: hci4: command 0x040f tx timeout
[  517.971973][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  518.303510][T15847] netlink: 'syz.6.2676': attribute type 4 has an invalid length.
[  518.770139][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  518.772768][T15815] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  519.554210][T15815] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  519.556536][T15815] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  519.559342][T15815] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  519.805973][T15865] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967293 > 32)
[  519.836944][ T5950] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  519.921949][T15872] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2685'.
[  520.849913][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  521.312091][T15905] overlayfs: missing 'lowerdir'
[  521.381788][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2697'.
[  521.570163][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  521.570195][ T5942] Bluetooth: hci4: command 0x040f tx timeout
[  521.623722][T15918] wireguard0: entered promiscuous mode
[  521.625595][T15918] wireguard0: entered allmulticast mode
[  522.592522][T15934] bond0: (slave bond_slave_0): Releasing backup interface
[  522.822777][T15938] overlayfs: missing 'lowerdir'
[  522.901146][T15942] lo speed is unknown, defaulting to 1000
[  522.987195][T15942] lo speed is unknown, defaulting to 1000
[  522.990534][T15942] lo speed is unknown, defaulting to 1000
[  523.099867][T15896] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  523.100156][ T5942] Bluetooth: hci3: command 0x0c1a tx timeout
[  523.649881][ T5942] Bluetooth: hci0: command 0x0c1a tx timeout
[  523.811290][T15896] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  523.876253][T15896] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  523.883875][T15896] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  524.003662][T15972] FAULT_INJECTION: forcing a failure.
[  524.003662][T15972] name failslab, interval 1, probability 0, space 0, times 0
[  524.007834][T15972] CPU: 1 UID: 0 PID: 15972 Comm: syz.7.2715 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  524.007848][T15972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  524.007855][T15972] Call Trace:
[  524.007860][T15972]  <TASK>
[  524.007875][T15972]  dump_stack_lvl+0x16c/0x1f0
[  524.007897][T15972]  should_fail_ex+0x512/0x640
[  524.007920][T15972]  should_failslab+0xc2/0x120
[  524.007942][T15972]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  524.007960][T15972]  ? skb_clone+0x190/0x3f0
[  524.007980][T15972]  skb_clone+0x190/0x3f0
[  524.007998][T15972]  netlink_deliver_tap+0xabd/0xd30
[  524.008031][T15972]  netlink_unicast+0x5df/0x7f0
[  524.008052][T15972]  ? __pfx_netlink_unicast+0x10/0x10
[  524.008082][T15972]  netlink_sendmsg+0x8d1/0xdd0
[  524.008107][T15972]  ? __pfx_netlink_sendmsg+0x10/0x10
[  524.008122][T15972]  ? __import_iovec+0x1c8/0x660
[  524.008136][T15972]  ____sys_sendmsg+0xa95/0xc70
[  524.008154][T15972]  ? __pfx_____sys_sendmsg+0x10/0x10
[  524.008169][T15972]  ? get_compat_msghdr+0x11a/0x170
[  524.008188][T15972]  ___sys_sendmsg+0x134/0x1d0
[  524.008202][T15972]  ? __pfx____sys_sendmsg+0x10/0x10
[  524.008232][T15972]  __sys_sendmsg+0x16d/0x220
[  524.008245][T15972]  ? __pfx___sys_sendmsg+0x10/0x10
[  524.008264][T15972]  ? rcu_is_watching+0x12/0xc0
[  524.008277][T15972]  __do_fast_syscall_32+0x73/0x120
[  524.008295][T15972]  do_fast_syscall_32+0x32/0x80
[  524.008311][T15972]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  524.008325][T15972] RIP: 0023:0xf7f66579
[  524.008334][T15972] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  524.008344][T15972] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  524.008354][T15972] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  524.008361][T15972] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  524.008367][T15972] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  524.008373][T15972] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  524.008379][T15972] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  524.008392][T15972]  </TASK>
[  525.169871][ T5942] Bluetooth: hci2: command 0x0c1a tx timeout
[  525.868246][T16012] ipvlan2: entered promiscuous mode
[  525.871173][T16012] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  525.890034][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  525.892098][ T5950] Bluetooth: hci4: command 0x040f tx timeout
[  526.731977][T12730] Bluetooth: hci4: SCO packet for unknown connection handle 201
[  526.829947][T16027] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2728'.
[  527.009819][T12730] Bluetooth: hci3: command 0x0c1a tx timeout
[  527.080307][T15998] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  527.761693][T15998] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  527.764230][T15998] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  527.766492][T15998] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  527.902859][T16040] lo speed is unknown, defaulting to 1000
[  527.989307][T16040] lo speed is unknown, defaulting to 1000
[  527.993226][T16040] lo speed is unknown, defaulting to 1000
[  528.630706][T16069] lo speed is unknown, defaulting to 1000
[  528.705569][    C3] sr 2:0:0:0: [sr0] tag#10 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  528.708936][    C3] sr 2:0:0:0: [sr0] tag#10 CDB: ATA command pass through(16)
[  528.711326][    C3] sr 2:0:0:0: [sr0] tag#10 CDB[00]: 85 26 b6 2b fa d6 3a 5d ba 5e 98 e1 9f 27 80 c8
[  528.714358][    C3] sr 2:0:0:0: [sr0] tag#10 CDB[10]: 05 c6
[  528.758172][T16069] lo speed is unknown, defaulting to 1000
[  528.761735][T16069] lo speed is unknown, defaulting to 1000
[  529.103673][T16087] 9pnet_virtio: no channels available for device syz
[  529.169975][T12730] Bluetooth: hci2: command 0x0c1a tx timeout
[  529.345616][T16093] IPVS: set_ctl: invalid protocol: 115 127.0.0.1:20000
[  529.819951][ T5950] Bluetooth: hci4: command 0x040f tx timeout
[  529.822460][T12730] Bluetooth: hci0: command 0x0c1a tx timeout
[  530.849968][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  530.850125][T16070] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  531.539137][T16070] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  531.542139][T16070] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  531.544993][T16070] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  532.202720][T16114] usb usb1: usbfs: process 16114 (syz.0.2756) did not claim interface 6 before use
[  532.674759][T16152] lo speed is unknown, defaulting to 1000
[  532.760569][T16152] lo speed is unknown, defaulting to 1000
[  532.763754][T16152] lo speed is unknown, defaulting to 1000
[  532.930092][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  533.570358][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  533.571747][T12730] Bluetooth: hci4: command 0x040f tx timeout
[  533.849777][   T58] usb 12-1: new full-speed USB device number 12 using dummy_hcd
[  534.022738][   T58] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  534.026015][   T58] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 2
[  534.037414][   T58] usb 12-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  534.049406][   T58] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.061521][   T58] usb 12-1: config 0 descriptor??
[  534.072551][   T58] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  534.079159][   T58] dvb-usb: bulk message failed: -22 (3/0)
[  534.089582][   T58] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  534.092829][   T58] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  534.095125][   T58] usb 12-1: media controller created
[  534.097718][   T58] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  534.129426][   T58] dvb-usb: bulk message failed: -22 (6/0)
[  534.131339][   T58] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  534.141026][   T58] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.7/usb12/12-1/input/input54
[  534.162576][   T58] dvb-usb: schedule remote query interval to 150 msecs.
[  534.164836][   T58] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  534.227552][T16184] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2777'.
[  534.269148][T16169] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  534.272519][T16169] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  534.310347][T16184] ceph: No mds server is up or the cluster is laggy
[  534.315025][T16169] FAULT_INJECTION: forcing a failure.
[  534.315025][T16169] name failslab, interval 1, probability 0, space 0, times 0
[  534.319036][T16169] CPU: 1 UID: 0 PID: 16169 Comm: syz.7.2771 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  534.319051][T16169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  534.319058][T16169] Call Trace:
[  534.319073][T16169]  <TASK>
[  534.319079][T16169]  dump_stack_lvl+0x16c/0x1f0
[  534.319099][T16169]  should_fail_ex+0x512/0x640
[  534.319116][T16169]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  534.319132][T16169]  should_failslab+0xc2/0x120
[  534.319146][T16169]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  534.319160][T16169]  ? __request_module+0x2cb/0x690
[  534.319178][T16169]  kstrdup+0x53/0x100
[  534.319193][T16169]  __request_module+0x2cb/0x690
[  534.319208][T16169]  ? __pfx___request_module+0x10/0x10
[  534.319222][T16169]  ? aa_get_newest_label+0x375/0x680
[  534.319236][T16169]  ? __pfx_aa_get_newest_label+0x10/0x10
[  534.319252][T16169]  ? apparmor_capable+0x114/0x1d0
[  534.319264][T16169]  ? dev_load+0x1de/0x240
[  534.319278][T16169]  dev_load+0x1ff/0x240
[  534.319288][T16169]  devinet_ioctl+0x120/0x1f50
[  534.319305][T16169]  ? __pfx_devinet_ioctl+0x10/0x10
[  534.319319][T16169]  ? _copy_from_user+0x59/0xd0
[  534.319338][T16169]  inet_ioctl+0x3a7/0x3f0
[  534.319354][T16169]  ? __pfx_inet_ioctl+0x10/0x10
[  534.319377][T16169]  ? tomoyo_path_number_perm+0x18d/0x580
[  534.319394][T16169]  sock_do_ioctl+0x118/0x280
[  534.319410][T16169]  ? __pfx_sock_do_ioctl+0x10/0x10
[  534.319433][T16169]  compat_sock_ioctl+0x301/0x730
[  534.319451][T16169]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  534.319470][T16169]  ? __fget_files+0x20e/0x3c0
[  534.319479][T16169]  ? __fput_deferred+0x370/0x370
[  534.319496][T16169]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  534.319512][T16169]  __ia32_compat_sys_ioctl+0x24f/0x360
[  534.319529][T16169]  __do_fast_syscall_32+0x73/0x120
[  534.319546][T16169]  do_fast_syscall_32+0x32/0x80
[  534.319563][T16169]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  534.319576][T16169] RIP: 0023:0xf7f66579
[  534.319586][T16169] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  534.319596][T16169] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  534.319606][T16169] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000000008914
[  534.319612][T16169] RDX: 0000000080002280 RSI: 0000000000000000 RDI: 0000000000000000
[  534.319619][T16169] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  534.319625][T16169] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  534.319631][T16169] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  534.319644][T16169]  </TASK>
[  534.402505][   T58] dvb-usb: bulk message failed: -22 (1/0)
[  534.403544][T16168] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  534.409241][   T58] dvb-usb: error while querying for an remote control event.
[  534.423330][T12484] usb 12-1: USB disconnect, device number 12
[  534.435744][T12484] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  535.492731][T16198] loop6: detected capacity change from 0 to 524287999
[  535.556803][T16205] lo speed is unknown, defaulting to 1000
[  535.647582][T16205] lo speed is unknown, defaulting to 1000
[  535.652234][T16205] lo speed is unknown, defaulting to 1000
[  536.085937][T16219] loop2: detected capacity change from 0 to 7
[  536.090711][T16219] Dev loop2: unable to read RDB block 7
[  536.095572][T16219]  loop2: unable to read partition table
[  536.102232][T16219] loop2: partition table beyond EOD, truncated
[  536.109543][T16219] loop_reread_partitions: partition scan of loop2 (ţ袍xü—ŸŃŕ– ) failed (rc=-5)
[  536.865726][T16240] syzkaller0: entered allmulticast mode
[  536.871809][T16240] veth1_macvtap: left promiscuous mode
[  537.254388][T16246] program syz.0.2793 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  537.263207][T16246] ieee802154 phy0 wpan0: encryption failed: -22
[  537.296945][T16236] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2791'.
[  537.402420][T16249] bridge0: port 2(bridge_slave_1) entered disabled state
[  537.404961][T16249] bridge0: port 1(bridge_slave_0) entered disabled state
[  537.413677][T16249] bridge_slave_1: left allmulticast mode
[  537.415502][T16249] bridge_slave_1: left promiscuous mode
[  537.417427][T16249] bridge0: port 2(bridge_slave_1) entered disabled state
[  537.422239][T16249] bridge_slave_0: left allmulticast mode
[  537.424074][T16249] bridge_slave_0: left promiscuous mode
[  537.425947][T16249] bridge0: port 1(bridge_slave_0) entered disabled state
[  537.487858][T16250] tipc: Started in network mode
[  537.489463][T16250] tipc: Node identity d6ee56d9bada, cluster identity 4711
[  537.492267][T16250] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  537.497110][T16250] syzkaller0: MTU too low for tipc bearer
[  537.498970][T16250] tipc: Disabling bearer <eth:syzkaller0>
[  537.581683][T16231] syzkaller0: left allmulticast mode
[  537.735624][T16257] SET target dimension over the limit!
[  537.979870][   T65] usb 10-1: new full-speed USB device number 17 using dummy_hcd
[  538.149669][   T65] usb 10-1: unable to get BOS descriptor or descriptor too short
[  538.153512][   T65] usb 10-1: unable to read config index 0 descriptor/start: -71
[  538.156216][   T65] usb 10-1: can't read configurations, error -71
[  538.729922][   T58] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[  538.770633][T16290] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2807'.
[  538.960108][   T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  538.969807][   T58] usb 11-1: Using ep0 maxpacket: 8
[  538.983913][   T58] usb 11-1: config index 0 descriptor too short (expected 5924, got 36)
[  538.986689][   T58] usb 11-1: config 250 has an invalid interface number: 228 but max is -1
[  538.989502][   T58] usb 11-1: config 250 has 1 interface, different from the descriptor's value: 0
[  538.992553][   T58] usb 11-1: config 250 has no interface number 0
[  538.994643][   T58] usb 11-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  539.088326][   T58] usb 11-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  539.091882][   T58] usb 11-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid maxpacket 65535, setting to 1024
[  539.093813][   T24] usb 5-1: device descriptor read/64, error -71
[  539.095738][   T58] usb 11-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 1024
[  539.101486][   T58] usb 11-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  539.106504][   T58] usb 11-1: config 250 interface 228 has no altsetting 0
[  539.112254][   T58] usb 11-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  539.115179][   T58] usb 11-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  539.117931][   T58] usb 11-1: Product: syz
[  539.119501][   T58] usb 11-1: SerialNumber: syz
[  539.137123][   T58] hub 11-1:250.228: bad descriptor, ignoring hub
[  539.146665][   T58] hub 11-1:250.228: probe with driver hub failed with error -5
[  539.330068][   T24] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  539.459927][   T24] usb 5-1: device descriptor read/64, error -71
[  539.571203][   T24] usb usb5-port1: attempt power cycle
[  539.587951][   T58] usblp 11-1:250.228: usblp0: USB Bidirectional printer dev 9 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  540.079829][   T24] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  540.100197][   T24] usb 5-1: device descriptor read/8, error -71
[  540.359793][   T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  540.380359][   T24] usb 5-1: device descriptor read/8, error -71
[  540.453451][   T40] audit: type=1804 audit(1747643841.530:209): pid=16322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2816" name="/newroot/504/file0" dev="tmpfs" ino=2710 res=1 errno=0
[  540.490248][   T24] usb usb5-port1: unable to enumerate USB device
[  541.599508][T16342] lo speed is unknown, defaulting to 1000
[  541.677021][T16342] lo speed is unknown, defaulting to 1000
[  541.679961][ T1487] usb 11-1: USB disconnect, device number 9
[  541.683343][ T1487] usblp0: removed
[  541.685358][T16342] lo speed is unknown, defaulting to 1000
[  541.765564][T16351] lo speed is unknown, defaulting to 1000
[  541.993758][T16351] lo speed is unknown, defaulting to 1000
[  542.005239][T16351] lo speed is unknown, defaulting to 1000
[  542.117068][T16366] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  542.119262][T16366] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  542.124824][T16366] vhci_hcd vhci_hcd.0: Device attached
[  542.128183][T16367] vhci_hcd: connection closed
[  542.129262][ T1141] vhci_hcd: stop threads
[  542.132561][ T1141] vhci_hcd: release socket
[  542.134057][ T1141] vhci_hcd: disconnect device
[  542.470607][T16376] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2833'.
[  542.491790][T16376] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2833'.
[  542.494710][T16376] lo: entered promiscuous mode
[  542.572927][T16384] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2836'.
[  542.602427][T16388] FAULT_INJECTION: forcing a failure.
[  542.602427][T16388] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  542.606748][T16388] CPU: 3 UID: 0 PID: 16388 Comm: syz.5.2838 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  542.606763][T16388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  542.606770][T16388] Call Trace:
[  542.606774][T16388]  <TASK>
[  542.606779][T16388]  dump_stack_lvl+0x16c/0x1f0
[  542.606798][T16388]  should_fail_ex+0x512/0x640
[  542.606817][T16388]  _copy_from_iter+0x2a4/0x15b0
[  542.606840][T16388]  ? __alloc_skb+0x200/0x380
[  542.606853][T16388]  ? __pfx__copy_from_iter+0x10/0x10
[  542.606875][T16388]  netlink_sendmsg+0x829/0xdd0
[  542.606892][T16388]  ? __pfx_netlink_sendmsg+0x10/0x10
[  542.606907][T16388]  ? __import_iovec+0x1c8/0x660
[  542.606920][T16388]  ____sys_sendmsg+0xa95/0xc70
[  542.606937][T16388]  ? __pfx_____sys_sendmsg+0x10/0x10
[  542.606953][T16388]  ? get_compat_msghdr+0x11a/0x170
[  542.606971][T16388]  ___sys_sendmsg+0x134/0x1d0
[  542.606985][T16388]  ? __pfx____sys_sendmsg+0x10/0x10
[  542.607013][T16388]  __sys_sendmsg+0x16d/0x220
[  542.607026][T16388]  ? __pfx___sys_sendmsg+0x10/0x10
[  542.607043][T16388]  ? rcu_is_watching+0x12/0xc0
[  542.607055][T16388]  ? rcu_is_watching+0x12/0xc0
[  542.607066][T16388]  __do_fast_syscall_32+0x73/0x120
[  542.607105][T16388]  do_fast_syscall_32+0x32/0x80
[  542.607122][T16388]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  542.607135][T16388] RIP: 0023:0xf7f32579
[  542.607143][T16388] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  542.607153][T16388] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  542.607164][T16388] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080003140
[  542.607170][T16388] RDX: 0000000020040084 RSI: 0000000000000000 RDI: 0000000000000000
[  542.607177][T16388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  542.607183][T16388] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  542.607189][T16388] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  542.607202][T16388]  </TASK>
[  542.784648][T16396] FAULT_INJECTION: forcing a failure.
[  542.784648][T16396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  542.788860][T16396] CPU: 2 UID: 0 PID: 16396 Comm: syz.7.2841 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  542.788875][T16396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  542.788882][T16396] Call Trace:
[  542.788887][T16396]  <TASK>
[  542.788892][T16396]  dump_stack_lvl+0x16c/0x1f0
[  542.788912][T16396]  should_fail_ex+0x512/0x640
[  542.788930][T16396]  _copy_to_user+0x32/0xd0
[  542.788941][T16396]  __copy_siginfo_to_user32+0x96/0xf0
[  542.788957][T16396]  ? __pfx___copy_siginfo_to_user32+0x10/0x10
[  542.788975][T16396]  ? _raw_spin_unlock_irq+0x29/0x50
[  542.788990][T16396]  ? siginfo_layout+0x177/0x290
[  542.789002][T16396]  ia32_setup_rt_frame+0x6cd/0xb30
[  542.789018][T16396]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  542.789032][T16396]  arch_do_signal_or_restart+0x47b/0x7a0
[  542.789048][T16396]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  542.789067][T16396]  ? __pfx_do_readv+0x10/0x10
[  542.789086][T16396]  syscall_exit_to_user_mode+0x150/0x2a0
[  542.789103][T16396]  __do_fast_syscall_32+0x80/0x120
[  542.789121][T16396]  do_fast_syscall_32+0x32/0x80
[  542.789137][T16396]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  542.789151][T16396] RIP: 0023:0xf7f66577
[  542.789160][T16396] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  542.789170][T16396] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000091
[  542.789181][T16396] RAX: 0000000000000091 RBX: 0000000000000003 RCX: 0000000080000180
[  542.789187][T16396] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  542.789193][T16396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  542.789199][T16396] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  542.789205][T16396] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  542.789218][T16396]  </TASK>
[  543.761820][T16419] FAULT_INJECTION: forcing a failure.
[  543.761820][T16419] name failslab, interval 1, probability 0, space 0, times 0
[  543.766189][T16419] CPU: 0 UID: 0 PID: 16419 Comm: syz.7.2848 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  543.766213][T16419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  543.766222][T16419] Call Trace:
[  543.766227][T16419]  <TASK>
[  543.766232][T16419]  dump_stack_lvl+0x16c/0x1f0
[  543.766251][T16419]  should_fail_ex+0x512/0x640
[  543.766271][T16419]  should_failslab+0xc2/0x120
[  543.766285][T16419]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  543.766298][T16419]  ? skb_clone+0x190/0x3f0
[  543.766314][T16419]  skb_clone+0x190/0x3f0
[  543.766327][T16419]  netlink_deliver_tap+0xabd/0xd30
[  543.766344][T16419]  netlink_unicast+0x5df/0x7f0
[  543.766359][T16419]  ? __pfx_netlink_unicast+0x10/0x10
[  543.766378][T16419]  netlink_sendmsg+0x8d1/0xdd0
[  543.766394][T16419]  ? __pfx_netlink_sendmsg+0x10/0x10
[  543.766410][T16419]  ? ____sys_sendmsg+0x871/0xc70
[  543.766428][T16419]  ____sys_sendmsg+0xa95/0xc70
[  543.766445][T16419]  ? __pfx_____sys_sendmsg+0x10/0x10
[  543.766461][T16419]  ? get_compat_msghdr+0x11a/0x170
[  543.766479][T16419]  ___sys_sendmsg+0x134/0x1d0
[  543.766493][T16419]  ? __pfx____sys_sendmsg+0x10/0x10
[  543.766524][T16419]  __sys_sendmsg+0x16d/0x220
[  543.766536][T16419]  ? __pfx___sys_sendmsg+0x10/0x10
[  543.766555][T16419]  ? rcu_is_watching+0x12/0xc0
[  543.766568][T16419]  __do_fast_syscall_32+0x73/0x120
[  543.766585][T16419]  do_fast_syscall_32+0x32/0x80
[  543.766602][T16419]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  543.766615][T16419] RIP: 0023:0xf7f66579
[  543.766624][T16419] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  543.766635][T16419] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  543.766646][T16419] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  543.766652][T16419] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  543.766658][T16419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  543.766664][T16419] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  543.766670][T16419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  543.766684][T16419]  </TASK>
[  544.233621][T16430] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2852'.
[  544.236603][T16429] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2851'.
[  544.244065][T16429] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2851'.
[  544.354227][T16437] lo speed is unknown, defaulting to 1000
[  544.433462][T16437] lo speed is unknown, defaulting to 1000
[  544.436753][T16437] lo speed is unknown, defaulting to 1000
[  545.153228][T16454] netlink: 64 bytes leftover after parsing attributes in process `syz.6.2859'.
[  546.440732][T16478] lo speed is unknown, defaulting to 1000
[  546.517920][T16478] lo speed is unknown, defaulting to 1000
[  546.533107][T16478] lo speed is unknown, defaulting to 1000
[  547.770642][T16522] FAULT_INJECTION: forcing a failure.
[  547.770642][T16522] name failslab, interval 1, probability 0, space 0, times 0
[  547.774644][T16522] CPU: 0 UID: 0 PID: 16522 Comm: syz.0.2876 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  547.774658][T16522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  547.774665][T16522] Call Trace:
[  547.774669][T16522]  <TASK>
[  547.774674][T16522]  dump_stack_lvl+0x16c/0x1f0
[  547.774694][T16522]  should_fail_ex+0x512/0x640
[  547.774710][T16522]  ? fs_reclaim_acquire+0xae/0x150
[  547.774728][T16522]  ? tomoyo_encode2+0x100/0x3e0
[  547.774743][T16522]  should_failslab+0xc2/0x120
[  547.774757][T16522]  __kmalloc_noprof+0xd2/0x510
[  547.774769][T16522]  ? d_absolute_path+0x136/0x1a0
[  547.774784][T16522]  tomoyo_encode2+0x100/0x3e0
[  547.774805][T16522]  tomoyo_encode+0x29/0x50
[  547.774820][T16522]  tomoyo_realpath_from_path+0x18f/0x6e0
[  547.774839][T16522]  tomoyo_check_open_permission+0x2ab/0x3c0
[  547.774853][T16522]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  547.774881][T16522]  ? do_raw_spin_lock+0x12c/0x2b0
[  547.774902][T16522]  tomoyo_file_open+0x6b/0x90
[  547.774913][T16522]  security_file_open+0x84/0x1e0
[  547.774928][T16522]  do_dentry_open+0x596/0x1c10
[  547.774944][T16522]  vfs_open+0x82/0x3f0
[  547.774960][T16522]  path_openat+0x1e5e/0x2d40
[  547.774976][T16522]  ? __pfx_path_openat+0x10/0x10
[  547.774990][T16522]  do_filp_open+0x20b/0x470
[  547.775001][T16522]  ? __pfx_do_filp_open+0x10/0x10
[  547.775021][T16522]  ? alloc_fd+0x471/0x7d0
[  547.775041][T16522]  do_sys_openat2+0x11b/0x1d0
[  547.775055][T16522]  ? __pfx_do_sys_openat2+0x10/0x10
[  547.775071][T16522]  ? __fget_files+0x20e/0x3c0
[  547.775083][T16522]  __ia32_compat_sys_openat+0x16d/0x210
[  547.775099][T16522]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  547.775114][T16522]  ? ksys_write+0x1b9/0x240
[  547.775124][T16522]  ? rcu_is_watching+0x12/0xc0
[  547.775136][T16522]  ? rcu_is_watching+0x12/0xc0
[  547.775148][T16522]  __do_fast_syscall_32+0x73/0x120
[  547.775165][T16522]  do_fast_syscall_32+0x32/0x80
[  547.775181][T16522]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  547.775194][T16522] RIP: 0023:0xf7fb8579
[  547.775203][T16522] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  547.775214][T16522] RSP: 002b:00000000f50d6100 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  547.775225][T16522] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f50d6150
[  547.775231][T16522] RDX: 0000000000101000 RSI: 0000000000000000 RDI: 00000000f7442ff4
[  547.775238][T16522] RBP: 0000000000101000 R08: 0000000000000000 R09: 0000000000000000
[  547.775244][T16522] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  547.775250][T16522] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  547.775263][T16522]  </TASK>
[  547.775274][T16522] ERROR: Out of memory at tomoyo_realpath_from_path.
[  547.946002][T16529] lo speed is unknown, defaulting to 1000
[  548.061830][T16529] lo speed is unknown, defaulting to 1000
[  548.065599][T16529] lo speed is unknown, defaulting to 1000
[  550.133535][T12730] Bluetooth: hci3: command 0x0c1a tx timeout
[  550.136416][T16535] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  550.923297][T16535] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  550.926629][T16535] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  550.928780][T16535] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  551.290846][T16587] lo speed is unknown, defaulting to 1000
[  551.382963][T16587] lo speed is unknown, defaulting to 1000
[  551.390477][T16587] lo speed is unknown, defaulting to 1000
[  551.672250][    T9] lo speed is unknown, defaulting to 1000
[  552.151796][T16614] ata1.00: non-matching transfer count (1530558389/0)
[  552.209867][T12730] Bluetooth: hci2: command 0x0c1a tx timeout
[  552.524152][T16615] ALSA: mixer_oss: invalid index 40000
[  552.747027][   T40] audit: type=1326 audit(1747643853.820:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16625 comm="syz.5.2909" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  552.761530][   T40] audit: type=1326 audit(1747643853.840:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16625 comm="syz.5.2909" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f32579 code=0x7ffc0000
[  552.793250][T16632] FAULT_INJECTION: forcing a failure.
[  552.793250][T16632] name failslab, interval 1, probability 0, space 0, times 0
[  552.797704][T16632] CPU: 0 UID: 0 PID: 16632 Comm: syz.0.2910 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  552.797719][T16632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  552.797726][T16632] Call Trace:
[  552.797730][T16632]  <TASK>
[  552.797735][T16632]  dump_stack_lvl+0x16c/0x1f0
[  552.797760][T16632]  should_fail_ex+0x512/0x640
[  552.797777][T16632]  ? fs_reclaim_acquire+0xae/0x150
[  552.797794][T16632]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  552.797810][T16632]  should_failslab+0xc2/0x120
[  552.797824][T16632]  __kmalloc_noprof+0xd2/0x510
[  552.797839][T16632]  tomoyo_realpath_from_path+0xc2/0x6e0
[  552.797858][T16632]  tomoyo_check_open_permission+0x2ab/0x3c0
[  552.797873][T16632]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  552.797916][T16632]  ? do_raw_spin_lock+0x12c/0x2b0
[  552.797941][T16632]  tomoyo_file_open+0x6b/0x90
[  552.797953][T16632]  security_file_open+0x84/0x1e0
[  552.797970][T16632]  do_dentry_open+0x596/0x1c10
[  552.797987][T16632]  vfs_open+0x82/0x3f0
[  552.798004][T16632]  path_openat+0x1e5e/0x2d40
[  552.798020][T16632]  ? __pfx_path_openat+0x10/0x10
[  552.798035][T16632]  do_filp_open+0x20b/0x470
[  552.798046][T16632]  ? __pfx_do_filp_open+0x10/0x10
[  552.798067][T16632]  ? alloc_fd+0x471/0x7d0
[  552.798087][T16632]  do_sys_openat2+0x11b/0x1d0
[  552.798101][T16632]  ? __pfx_do_sys_openat2+0x10/0x10
[  552.798117][T16632]  ? __fget_files+0x20e/0x3c0
[  552.798129][T16632]  __ia32_compat_sys_openat+0x16d/0x210
[  552.798145][T16632]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  552.798160][T16632]  ? ksys_write+0x1b9/0x240
[  552.798172][T16632]  ? rcu_is_watching+0x12/0xc0
[  552.798184][T16632]  __do_fast_syscall_32+0x73/0x120
[  552.798202][T16632]  do_fast_syscall_32+0x32/0x80
[  552.798218][T16632]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  552.798233][T16632] RIP: 0023:0xf7fb8579
[  552.798243][T16632] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  552.798254][T16632] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  552.798264][T16632] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800000c0
[  552.798271][T16632] RDX: 00000000000c0542 RSI: 0000000000000000 RDI: 0000000000000000
[  552.798277][T16632] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  552.798283][T16632] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  552.798289][T16632] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  552.798303][T16632]  </TASK>
[  552.798512][T16632] ERROR: Out of memory at tomoyo_realpath_from_path.
[  552.911182][T16634] lo speed is unknown, defaulting to 1000
[  552.939897][T12730] Bluetooth: hci0: command 0x0c1a tx timeout
[  552.939931][ T5950] Bluetooth: hci4: command 0x040f tx timeout
[  552.991733][T16634] lo speed is unknown, defaulting to 1000
[  552.995010][T16634] lo speed is unknown, defaulting to 1000
[  554.535290][   T40] audit: type=1804 audit(1747643855.610:212): pid=16663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2919" name="/newroot/536/file0/file0" dev="9p" ino=35913951 res=1 errno=0
[  554.589128][T16676] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 16676 comm: syz.6.2923)
[  554.595850][   T40] audit: type=1800 audit(1747643855.670:213): pid=16676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2923" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=66984 res=0 errno=0
[  554.644990][T16681] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  555.477913][T16699] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2929'.
[  555.863666][T16689] ALSA: mixer_oss: invalid index 40000
[  556.226662][T16707] FAULT_INJECTION: forcing a failure.
[  556.226662][T16707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  556.231523][T16707] CPU: 2 UID: 0 PID: 16707 Comm: syz.0.2931 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  556.231538][T16707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  556.231545][T16707] Call Trace:
[  556.231550][T16707]  <TASK>
[  556.231554][T16707]  dump_stack_lvl+0x16c/0x1f0
[  556.231574][T16707]  should_fail_ex+0x512/0x640
[  556.231592][T16707]  __fpu_restore_sig+0xf2/0x13a0
[  556.231610][T16707]  ? __lock_acquire+0xaa4/0x1ba0
[  556.231625][T16707]  ? __pfx___fpu_restore_sig+0x10/0x10
[  556.231648][T16707]  ? __might_fault+0xe3/0x190
[  556.231660][T16707]  ? __might_fault+0x13b/0x190
[  556.231675][T16707]  fpu__restore_sig+0x115/0x190
[  556.231691][T16707]  ia32_restore_sigcontext+0x44a/0x630
[  556.231703][T16707]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  556.231716][T16707]  ? rcu_is_watching+0x12/0xc0
[  556.231728][T16707]  ? _raw_spin_unlock_irq+0x23/0x50
[  556.231743][T16707]  ? lockdep_hardirqs_on+0x7c/0x110
[  556.231760][T16707]  __do_compat_sys_rt_sigreturn+0x120/0x1f0
[  556.231771][T16707]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  556.231797][T16707]  ? rcu_is_watching+0x12/0xc0
[  556.231809][T16707]  do_int80_emulation+0x104/0x200
[  556.231826][T16707]  asm_int80_emulation+0x1a/0x20
[  556.231841][T16707] RIP: 0023:0xf7fb8577
[  556.231853][T16707] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  556.231868][T16707] RSP: 002b:00000000f509455c EFLAGS: 00000296
[  556.231883][T16707] RAX: 0000000000000151 RBX: 0000000000000006 RCX: 00000000800034c0
[  556.231895][T16707] RDX: 0000000000000001 RSI: 0000000000000700 RDI: 0000000000000000
[  556.231904][T16707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  556.231910][T16707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  556.231916][T16707] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  556.231930][T16707]  </TASK>
[  557.068719][T16712] netlink: 'syz.0.2933': attribute type 2 has an invalid length.
[  557.076690][T16712] syz.0.2933: attempt to access beyond end of device
[  557.076690][T16712] nbd0: rw=0, sector=16, nr_sectors = 1 limit=0
[  557.083048][T16712] qnx6: unable to read the first superblock
[  557.085179][T16712] syz.0.2933: attempt to access beyond end of device
[  557.085179][T16712] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  557.089166][T16712] qnx6: unable to read the first superblock
[  557.092414][T16712] qnx6: unable to read the first superblock
[  557.356047][T16719] bridge0: port 1(vlan2) entered blocking state
[  557.358356][T16719] bridge0: port 1(vlan2) entered disabled state
[  557.360805][T16719] vlan2: entered allmulticast mode
[  557.362510][T16719] bridge0: entered allmulticast mode
[  557.369238][T16719] vlan2: left allmulticast mode
[  557.371058][T16719] bridge0: left allmulticast mode
[  558.124465][T16737] FAULT_INJECTION: forcing a failure.
[  558.124465][T16737] name failslab, interval 1, probability 0, space 0, times 0
[  558.128489][T16737] CPU: 2 UID: 0 PID: 16737 Comm: syz.6.2942 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  558.128503][T16737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  558.128509][T16737] Call Trace:
[  558.128514][T16737]  <TASK>
[  558.128518][T16737]  dump_stack_lvl+0x16c/0x1f0
[  558.128537][T16737]  should_fail_ex+0x512/0x640
[  558.128554][T16737]  ? __kmalloc_noprof+0xbf/0x510
[  558.128567][T16737]  ? constrain_params_by_rules+0x175/0xca0
[  558.128584][T16737]  should_failslab+0xc2/0x120
[  558.128598][T16737]  __kmalloc_noprof+0xd2/0x510
[  558.128609][T16737]  ? unwind_get_return_address+0x59/0xa0
[  558.128625][T16737]  constrain_params_by_rules+0x175/0xca0
[  558.128644][T16737]  ? stack_trace_save+0x8e/0xc0
[  558.128657][T16737]  ? stack_depot_save_flags+0x28/0xa50
[  558.128673][T16737]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  558.128692][T16737]  ? __kasan_kmalloc+0xaa/0xb0
[  558.128703][T16737]  ? snd_pcm_oss_change_params_locked+0x6f4/0x3b40
[  558.128719][T16737]  ? snd_pcm_oss_get_active_substream+0x168/0x1d0
[  558.128740][T16737]  ? snd_pcm_oss_ioctl+0x31aa/0x37a0
[  558.128761][T16737]  ? snd_interval_refine+0x2fa/0x580
[  558.128775][T16737]  snd_pcm_hw_refine+0x7de/0xad0
[  558.128807][T16737]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  558.128830][T16737]  ? snd_interval_refine+0x2fa/0x580
[  558.128844][T16737]  snd_pcm_oss_change_params_locked+0x2185/0x3b40
[  558.128862][T16737]  ? rcu_watching_snap_stopped_since+0x67/0x110
[  558.128878][T16737]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  558.128896][T16737]  ? __pfx___mutex_lock+0x10/0x10
[  558.128922][T16737]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[  558.128941][T16737]  snd_pcm_oss_ioctl+0x31aa/0x37a0
[  558.128958][T16737]  ? hook_file_ioctl_common+0x145/0x410
[  558.128971][T16737]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  558.128989][T16737]  ? __fget_files+0x20e/0x3c0
[  558.128998][T16737]  ? __fput_deferred+0x370/0x370
[  558.129014][T16737]  ? __pfx_snd_pcm_oss_ioctl_compat+0x10/0x10
[  558.129031][T16737]  __ia32_compat_sys_ioctl+0x24f/0x360
[  558.129048][T16737]  __do_fast_syscall_32+0x73/0x120
[  558.129065][T16737]  do_fast_syscall_32+0x32/0x80
[  558.129082][T16737]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  558.129095][T16737] RIP: 0023:0xf7fc8579
[  558.129105][T16737] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  558.129115][T16737] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  558.129126][T16737] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0045005
[  558.129133][T16737] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  558.129139][T16737] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  558.129145][T16737] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  558.129151][T16737] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  558.129164][T16737]  </TASK>
[  558.328815][T16742] veth1_to_team: entered promiscuous mode
[  558.331421][T16742] veth0: entered promiscuous mode
[  559.109383][T16738] veth0: left promiscuous mode
[  559.111755][T16738] veth1_to_team: left promiscuous mode
[  559.162558][T16755] siw: device registration error -23
[  561.580678][T16770] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  561.729855][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  562.370087][T16770] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  562.371506][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  562.373290][T16770] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  562.381646][T16770] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  563.106249][T16798] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2960'.
[  563.298862][T16800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2961'.
[  563.302657][T16800] netlink: 312 bytes leftover after parsing attributes in process `syz.0.2961'.
[  563.361671][T16802] syz.0.2962: attempt to access beyond end of device
[  563.361671][T16802] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  563.366025][T16802] vxfs: unable to read disk superblock at 1
[  563.368249][T16802] syz.0.2962: attempt to access beyond end of device
[  563.368249][T16802] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[  563.374402][T16802] vxfs: unable to read disk superblock at 8
[  563.376288][T16802] vxfs: can't find superblock.
[  563.422552][T16804] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2963'.
[  563.438821][T16804] team0: Port device geneve0 removed
[  563.451161][T16806] lo speed is unknown, defaulting to 1000
[  563.474113][T16807] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2963'.
[  563.541271][T16806] lo speed is unknown, defaulting to 1000
[  563.544472][T16806] lo speed is unknown, defaulting to 1000
[  563.651788][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  564.449887][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  564.449908][T12730] Bluetooth: hci4: command 0x040f tx timeout
[  565.969879][T12730] Bluetooth: hci3: command 0x0c1a tx timeout
[  565.972041][T16819] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  566.197399][T16832] kAFS: unparsable volume name
[  566.776160][T16819] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  566.779004][T16819] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  566.803497][ T5950] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  566.807887][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  566.813923][ T5950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  566.818079][ T5950] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  566.821400][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  566.876967][T16825] lo speed is unknown, defaulting to 1000
[  567.026740][T16825] lo speed is unknown, defaulting to 1000
[  567.032182][T16825] lo speed is unknown, defaulting to 1000
[  567.273248][T14546] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  567.286969][T16825] chnl_net:caif_netlink_parms(): no params data found
[  567.421570][T14546] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  567.641169][T14546] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  567.653948][T16825] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.657148][T16825] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.661849][T16825] bridge_slave_0: entered allmulticast mode
[  567.667233][T16825] bridge_slave_0: entered promiscuous mode
[  567.680950][T16825] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.686102][T16825] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.689481][T16825] bridge_slave_1: entered allmulticast mode
[  567.703068][T16825] bridge_slave_1: entered promiscuous mode
[  567.725817][T16868] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2980'.
[  567.771441][T14546] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  567.781493][T16825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  567.786141][T16825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  567.822169][T16870] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[  567.827129][T16870] batman_adv: batadv0: Adding interface: ip6gretap2
[  567.829300][T16870] batman_adv: batadv0: The MTU of interface ip6gretap2 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  567.839885][T16870] batman_adv: batadv0: Interface activated: ip6gretap2
[  567.852296][T16825] team0: Port device team_slave_0 added
[  567.858670][T16825] team0: Port device team_slave_1 added
[  567.912235][T16825] batman_adv: batadv0: Adding interface: batadv_slave_0
[  567.914573][T16825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  567.926226][T16825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  567.931347][T16825] batman_adv: batadv0: Adding interface: batadv_slave_1
[  567.933658][T16825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  567.942182][T16825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  567.995216][T16825] hsr_slave_0: entered promiscuous mode
[  567.998065][T16825] hsr_slave_1: entered promiscuous mode
[  568.000607][T16825] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  568.003044][T16825] Cannot create hsr debugfs directory
[  568.045796][T16874] lo speed is unknown, defaulting to 1000
[  568.049919][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  568.560455][T14546] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  568.564837][T14546] bond0 (unregistering): Released all slaves
[  568.746161][T14546] bond1 (unregistering): (slave veth3): Releasing active interface
[  568.749543][T14546] dummy0: entered promiscuous mode
[  568.755575][T14546] bond1 (unregistering): (slave dummy0): Releasing active interface
[  568.782114][T14546] bond1 (unregistering): Released all slaves
[  568.803140][T16874] lo speed is unknown, defaulting to 1000
[  568.850858][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  568.859903][ T5950] Bluetooth: hci1: command tx timeout
[  568.906453][T16889] bridge0: port 2(bridge_slave_1) entered disabled state
[  568.923391][T14546] tipc: Left network mode
[  568.928622][T16874] lo speed is unknown, defaulting to 1000
[  569.000728][T16893] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2989'.
[  569.050821][T16895] overlayfs: failed to resolve './file2': -2
[  569.096607][T16825] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  569.105474][T16825] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  569.110945][T16825] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  569.116086][T16825] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  569.157544][T16825] 8021q: adding VLAN 0 to HW filter on device bond0
[  569.168133][T16825] 8021q: adding VLAN 0 to HW filter on device team0
[  569.175252][ T1195] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.177689][ T1195] bridge0: port 1(bridge_slave_0) entered forwarding state
[  569.444715][ T1218] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.447093][ T1218] bridge0: port 2(bridge_slave_1) entered forwarding state
[  569.517811][T14546] hsr_slave_0: left promiscuous mode
[  569.521635][T14546] hsr_slave_1: left promiscuous mode
[  569.524020][T14546] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  569.526485][T14546] batman_adv: batadv0: Removing interface: batadv_slave_0
[  569.529298][T14546] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  569.534263][T14546] batman_adv: batadv0: Removing interface: batadv_slave_1
[  569.556225][T14546] veth1_macvtap: left promiscuous mode
[  569.558120][T14546] veth0_macvtap: left promiscuous mode
[  569.563218][T14546] veth0_vlan: left promiscuous mode
[  569.632814][T14546] pim6reg (unregistering): left allmulticast mode
[  570.703200][T14546] team0 (unregistering): Port device team_slave_1 removed
[  570.820777][T14546] team0 (unregistering): Port device team_slave_0 removed
[  570.929845][ T5950] Bluetooth: hci1: command tx timeout
[  571.438337][T16929] raw_sendmsg: syz.0.2999 forgot to set AF_INET. Fix it!
[  571.532718][T16825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  571.688609][T16825] veth0_vlan: entered promiscuous mode
[  571.697602][T16825] veth1_vlan: entered promiscuous mode
[  571.726793][T16825] veth0_macvtap: entered promiscuous mode
[  571.731309][T16825] veth1_macvtap: entered promiscuous mode
[  571.749021][T16825] batman_adv: batadv0: Interface activated: batadv_slave_0
[  571.756101][T16825] batman_adv: batadv0: Interface activated: batadv_slave_1
[  571.761370][T16825] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  571.764335][T16825] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  571.767693][T16825] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  571.771370][T16825] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  571.813578][T14546] IPVS: stop unused estimator thread 0...
[  571.856767][   T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  571.859435][   T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  571.863639][  T223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  571.866711][  T223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  572.937316][T16969] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3007'.
[  572.962536][T16969] veth3: entered promiscuous mode
[  573.009968][ T5950] Bluetooth: hci1: command tx timeout
[  573.032001][T16969] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3007'.
[  574.540094][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  574.542279][T16965] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  575.291846][ T5950] Bluetooth: hci1: command tx timeout
[  575.300111][T16965] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  575.309552][T16965] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  575.311895][T16965] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  575.314250][T16965] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  575.320319][T16965] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  575.545736][T17012] lo speed is unknown, defaulting to 1000
[  575.629317][T17012] lo speed is unknown, defaulting to 1000
[  575.633339][T17012] lo speed is unknown, defaulting to 1000
[  575.875570][T17025] syz_tun: entered allmulticast mode
[  575.918140][T17025] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3024'.
[  575.932383][T17025] syz_tun (unregistering): left allmulticast mode
[  576.484810][T17036] bridge_slave_0: left allmulticast mode
[  576.487708][T17036] bridge_slave_0: left promiscuous mode
[  576.492186][T17036] bridge0: port 1(bridge_slave_0) entered disabled state
[  576.497737][T17036] bridge_slave_1: left allmulticast mode
[  576.504518][T17036] bridge_slave_1: left promiscuous mode
[  576.506503][T17036] bridge0: port 2(bridge_slave_1) entered disabled state
[  576.514039][T17036] bond0: (slave bond_slave_0): Releasing backup interface
[  576.533656][T17036] bond0: (slave bond_slave_1): Releasing backup interface
[  576.579068][T17036] team0: Port device team_slave_0 removed
[  576.588919][T17036] team0: Port device team_slave_1 removed
[  576.592491][T17036] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  576.595788][T17036] batman_adv: batadv0: Removing interface: batadv_slave_0
[  576.605516][T17036] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  576.608368][T17036] batman_adv: batadv0: Removing interface: batadv_slave_1
[  576.609865][T12730] Bluetooth: hci2: command 0x0c1a tx timeout
[  576.638323][T17040] team0: Mode changed to "broadcast"
[  576.723465][   T40] audit: type=1326 audit(1747643877.800:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  576.731265][   T40] audit: type=1326 audit(1747643877.800:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  576.738336][   T40] audit: type=1326 audit(1747643877.800:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  576.745581][   T40] audit: type=1326 audit(1747643877.800:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  576.752617][   T40] audit: type=1326 audit(1747643877.800:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  576.759855][   T40] audit: type=1326 audit(1747643877.800:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  576.766943][   T40] audit: type=1326 audit(1747643877.800:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  576.775329][   T40] audit: type=1326 audit(1747643877.800:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  576.782790][   T40] audit: type=1326 audit(1747643877.800:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  576.792081][   T40] audit: type=1326 audit(1747643877.800:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17037 comm="syz.0.3027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  577.339962][T12730] Bluetooth: hci1: command 0x0c1a tx timeout
[  577.339981][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  577.522510][T17063] lo speed is unknown, defaulting to 1000
[  577.604919][T17063] lo speed is unknown, defaulting to 1000
[  577.608398][T17063] lo speed is unknown, defaulting to 1000
[  577.708340][T17072] netlink: 'syz.0.3034': attribute type 1 has an invalid length.
[  577.712811][T17072] netlink: 228 bytes leftover after parsing attributes in process `syz.0.3034'.
[  578.849795][T17050] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  578.860341][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  579.409793][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout
[  579.540804][T17050] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  579.542960][T17050] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  579.545164][T17050] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  579.654287][T17112] lo speed is unknown, defaulting to 1000
[  579.663211][T17114] hfsplus: Unknown parameter 'barrier˙'
[  579.745369][T17112] lo speed is unknown, defaulting to 1000
[  579.749488][T17112] lo speed is unknown, defaulting to 1000
[  580.478458][T17116] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3048'.
[  580.593960][T17151] loop6: detected capacity change from 0 to 524287999
[  580.939773][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  581.365930][T17166] lo speed is unknown, defaulting to 1000
[  581.497296][T17166] lo speed is unknown, defaulting to 1000
[  581.500747][T17166] lo speed is unknown, defaulting to 1000
[  581.570181][T12730] Bluetooth: hci0: command 0x0c1a tx timeout
[  581.572994][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout
[  582.027171][   T40] kauditd_printk_skb: 17 callbacks suppressed
[  582.027208][   T40] audit: type=1326 audit(1747643883.100:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.6.3065" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x0
[  582.068717][   T12] bond0: (slave bond_slave_0): interface is now down
[  582.082862][   T12] bond0: (slave bond_slave_1): interface is now down
[  582.090473][   T12] bond0: (slave bridge0): interface is now down
[  582.139211][   T12] bond0: now running without any active interface!
[  582.643220][T17193] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3067'.
[  582.650496][T17193] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3067'.
[  582.654058][T17193] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3067'.
[  583.039095][ T9097] cgroup: fork rejected by pids controller in /syz5
[  583.353223][T17214] ==================================================================
[  583.355818][T17214] BUG: KASAN: global-out-of-bounds in fib6_ifup+0x257/0x2a0
[  583.358146][T17214] Read of size 8 at addr ffffffff9af85cd0 by task syz.8.3072/17214
[  583.361391][T17214] 
[  583.362889][T17214] CPU: 1 UID: 0 PID: 17214 Comm: syz.8.3072 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  583.362905][T17214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  583.362913][T17214] Call Trace:
[  583.362919][T17214]  <TASK>
[  583.362924][T17214]  dump_stack_lvl+0x116/0x1f0
[  583.362943][T17214]  print_report+0xc3/0x670
[  583.362956][T17214]  ? __virt_addr_valid+0x5e/0x590
[  583.362971][T17214]  ? __phys_addr+0xc6/0x150
[  583.362985][T17214]  ? fib6_ifup+0x257/0x2a0
[  583.362996][T17214]  kasan_report+0xe0/0x110
[  583.363009][T17214]  ? fib6_ifup+0x257/0x2a0
[  583.363021][T17214]  fib6_ifup+0x257/0x2a0
[  583.363033][T17214]  ? __pfx_fib6_ifup+0x10/0x10
[  583.363044][T17214]  fib6_clean_node+0x2a4/0x5b0
[  583.363056][T17214]  ? __pfx_fib6_clean_node+0x10/0x10
[  583.363069][T17214]  ? fib6_walk_continue+0x127/0x8d0
[  583.363079][T17214]  fib6_walk_continue+0x44f/0x8d0
[  583.363091][T17214]  fib6_walk+0x182/0x370
[  583.363101][T17214]  ? __pfx_fib6_ifup+0x10/0x10
[  583.363112][T17214]  fib6_clean_tree+0xd4/0x110
[  583.363122][T17214]  ? __pfx_fib6_clean_tree+0x10/0x10
[  583.363133][T17214]  ? __pfx_fib6_clean_node+0x10/0x10
[  583.363145][T17214]  ? __pfx_fib6_ifup+0x10/0x10
[  583.363156][T17214]  ? preempt_schedule_thunk+0x16/0x30
[  583.363174][T17214]  ? __pfx_fib6_ifup+0x10/0x10
[  583.363185][T17214]  __fib6_clean_all+0x107/0x2d0
[  583.363196][T17214]  rt6_sync_up+0xc9/0x170
[  583.363211][T17214]  ? __pfx_rt6_sync_up+0x10/0x10
[  583.363248][T17214]  addrconf_notify+0x1709/0x19e0
[  583.363265][T17214]  ? ip6mr_device_event+0x1bc/0x230
[  583.363282][T17214]  notifier_call_chain+0xbc/0x410
[  583.363296][T17214]  ? __pfx_addrconf_notify+0x10/0x10
[  583.363311][T17214]  call_netdevice_notifiers_info+0xbe/0x140
[  583.363328][T17214]  netif_state_change+0x165/0x3b0
[  583.363342][T17214]  ? __pfx_netif_state_change+0x10/0x10
[  583.363357][T17214]  ? netdev_master_upper_dev_get+0xd6/0x150
[  583.363370][T17214]  ? do_set_master+0x1fa/0x730
[  583.363381][T17214]  ? netif_change_flags+0x10d/0x160
[  583.363393][T17214]  do_setlink.constprop.0+0x3632/0x44b0
[  583.363408][T17214]  ? __lock_acquire+0xaa4/0x1ba0
[  583.363421][T17214]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  583.363434][T17214]  ? kasan_save_stack+0x42/0x60
[  583.363444][T17214]  ? kasan_save_stack+0x33/0x60
[  583.363464][T17214]  ? __kasan_kmalloc+0xaa/0xb0
[  583.363476][T17214]  ? __mutex_trylock_common+0xe9/0x250
[  583.363491][T17214]  ? __pfx___mutex_trylock_common+0x10/0x10
[  583.363507][T17214]  ? __pfx___might_resched+0x10/0x10
[  583.363519][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.363530][T17214]  ? trace_contention_end+0xdd/0x130
[  583.363545][T17214]  ? __mutex_lock+0x1ca/0xb90
[  583.363563][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.363573][T17214]  ? rtnl_newlink+0x600/0x2000
[  583.363585][T17214]  ? trace_cap_capable+0x18d/0x200
[  583.363597][T17214]  ? __pfx___mutex_lock+0x10/0x10
[  583.363611][T17214]  ? apparmor_capable+0x114/0x1d0
[  583.363625][T17214]  ? netlink_ns_capable+0xfa/0x130
[  583.363638][T17214]  rtnl_newlink+0x18e0/0x2000
[  583.363652][T17214]  ? __pfx_rtnl_newlink+0x10/0x10
[  583.363665][T17214]  ? __pfx___schedule+0x10/0x10
[  583.363681][T17214]  ? __lock_acquire+0x5ca/0x1ba0
[  583.363694][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.363704][T17214]  ? trace_cap_capable+0x18d/0x200
[  583.363716][T17214]  ? find_held_lock+0x2b/0x80
[  583.363725][T17214]  ? __pfx_rtnl_newlink+0x10/0x10
[  583.363737][T17214]  ? __pfx_rtnl_newlink+0x10/0x10
[  583.363749][T17214]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  583.363762][T17214]  ? __pfx_rtnl_newlink+0x10/0x10
[  583.363776][T17214]  rtnetlink_rcv_msg+0x95b/0xe90
[  583.363789][T17214]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  583.363803][T17214]  ? __lock_acquire+0xaa4/0x1ba0
[  583.363817][T17214]  netlink_rcv_skb+0x16d/0x440
[  583.363830][T17214]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  583.363844][T17214]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  583.363856][T17214]  ? find_held_lock+0x2b/0x80
[  583.363871][T17214]  netlink_unicast+0x53a/0x7f0
[  583.363885][T17214]  ? __pfx_netlink_unicast+0x10/0x10
[  583.363899][T17214]  netlink_sendmsg+0x8d1/0xdd0
[  583.363913][T17214]  ? __pfx_netlink_sendmsg+0x10/0x10
[  583.363927][T17214]  ? __import_iovec+0x1c8/0x660
[  583.363938][T17214]  ____sys_sendmsg+0xa95/0xc70
[  583.363955][T17214]  ? __pfx_____sys_sendmsg+0x10/0x10
[  583.363969][T17214]  ? get_compat_msghdr+0x11a/0x170
[  583.363984][T17214]  ___sys_sendmsg+0x134/0x1d0
[  583.363997][T17214]  ? __pfx____sys_sendmsg+0x10/0x10
[  583.364016][T17214]  __sys_sendmsg+0x16d/0x220
[  583.364028][T17214]  ? __pfx___sys_sendmsg+0x10/0x10
[  583.364039][T17214]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  583.364054][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.364064][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.364074][T17214]  __do_fast_syscall_32+0x73/0x120
[  583.364090][T17214]  do_fast_syscall_32+0x32/0x80
[  583.364106][T17214]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  583.364118][T17214] RIP: 0023:0xf703e579
[  583.364128][T17214] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  583.364138][T17214] RSP: 002b:00000000f4fec55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  583.364149][T17214] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000280
[  583.364155][T17214] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  583.364162][T17214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  583.364168][T17214] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  583.364174][T17214] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  583.364183][T17214]  </TASK>
[  583.364187][T17214] 
[  583.553415][T17214] The buggy address belongs to the variable:
[  583.555374][T17214]  __key.0+0x30/0x40
[  583.556703][T17214] 
[  583.557503][T17214] The buggy address belongs to the physical page:
[  583.559574][T17214] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1af85
[  583.562374][T17214] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[  583.565006][T17214] raw: 00fff00000002000 ffffea00006be148 ffffea00006be148 0000000000000000
[  583.567800][T17214] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  583.570587][T17214] page dumped because: kasan: bad access detected
[  583.572731][T17214] page_owner info is not present (never set?)
[  583.574691][T17214] 
[  583.575516][T17214] Memory state around the buggy address:
[  583.577317][T17214]  ffffffff9af85b80: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
[  583.579867][T17214]  ffffffff9af85c00: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
[  583.582431][T17214] >ffffffff9af85c80: f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
[  583.585002][T17214]                                                  ^
[  583.587180][T17214]  ffffffff9af85d00: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
[  583.589767][T17214]  ffffffff9af85d80: 00 00 00 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9
[  583.592342][T17214] ==================================================================
[  583.595058][T17214] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  583.597449][T17214] CPU: 1 UID: 0 PID: 17214 Comm: syz.8.3072 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  583.600763][T17214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  583.604352][T17214] Call Trace:
[  583.605713][T17214]  <TASK>
[  583.606716][T17214]  dump_stack_lvl+0x3d/0x1f0
[  583.608258][T17214]  panic+0x71c/0x800
SYZFAIL: failed to recv rpc
[  583.609563][T17214]  ? __pfx_panic+0x10/0x10
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  583.611236][T17214]  ? irqentry_exit+0x3b/0x90
[  583.612792][T17214]  ? lockdep_hardirqs_on+0x7c/0x110
[  583.614501][T17214]  ? fib6_ifup+0x257/0x2a0
[  583.616142][T17214]  ? fib6_ifup+0x257/0x2a0
[  583.617665][T17214]  check_panic_on_warn+0xab/0xb0
[  583.619307][T17214]  end_report+0x107/0x170
[  583.620740][T17214]  kasan_report+0xee/0x110
[  583.622241][T17214]  ? fib6_ifup+0x257/0x2a0
[  583.623724][T17214]  fib6_ifup+0x257/0x2a0
[  583.625113][T17214]  ? __pfx_fib6_ifup+0x10/0x10
[  583.626710][T17214]  fib6_clean_node+0x2a4/0x5b0
[  583.628274][T17214]  ? __pfx_fib6_clean_node+0x10/0x10
[  583.630463][T17214]  ? fib6_walk_continue+0x127/0x8d0
[  583.632628][T17214]  fib6_walk_continue+0x44f/0x8d0
[  583.634280][T17214]  fib6_walk+0x182/0x370
[  583.635697][T17214]  ? __pfx_fib6_ifup+0x10/0x10
[  583.637287][T17214]  fib6_clean_tree+0xd4/0x110
[  583.638833][T17214]  ? __pfx_fib6_clean_tree+0x10/0x10
[  583.640579][T17214]  ? __pfx_fib6_clean_node+0x10/0x10
[  583.642302][T17214]  ? __pfx_fib6_ifup+0x10/0x10
[  583.643872][T17214]  ? preempt_schedule_thunk+0x16/0x30
[  583.645627][T17214]  ? __pfx_fib6_ifup+0x10/0x10
[  583.647202][T17214]  __fib6_clean_all+0x107/0x2d0
[  583.648814][T17214]  rt6_sync_up+0xc9/0x170
[  583.650234][T17214]  ? __pfx_rt6_sync_up+0x10/0x10
[  583.651871][T17214]  addrconf_notify+0x1709/0x19e0
[  583.653491][T17214]  ? ip6mr_device_event+0x1bc/0x230
[  583.655156][T17214]  notifier_call_chain+0xbc/0x410
[  583.657051][T17214]  ? __pfx_addrconf_notify+0x10/0x10
[  583.658840][T17214]  call_netdevice_notifiers_info+0xbe/0x140
[  583.660792][T17214]  netif_state_change+0x165/0x3b0
[  583.662386][T17214]  ? __pfx_netif_state_change+0x10/0x10
[  583.664189][T17214]  ? netdev_master_upper_dev_get+0xd6/0x150
[  583.666126][T17214]  ? do_set_master+0x1fa/0x730
[  583.667711][T17214]  ? netif_change_flags+0x10d/0x160
[  583.669346][T17214]  do_setlink.constprop.0+0x3632/0x44b0
[  583.671144][T17214]  ? __lock_acquire+0xaa4/0x1ba0
[  583.672800][T17214]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  583.674823][T17214]  ? kasan_save_stack+0x42/0x60
[  583.676668][T17214]  ? kasan_save_stack+0x33/0x60
[  583.678279][T17214]  ? __kasan_kmalloc+0xaa/0xb0
[  583.679983][T17214]  ? __mutex_trylock_common+0xe9/0x250
[  583.681820][T17214]  ? __pfx___mutex_trylock_common+0x10/0x10
[  583.683857][T17214]  ? __pfx___might_resched+0x10/0x10
[  583.685568][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.687152][T17214]  ? trace_contention_end+0xdd/0x130
[  583.688863][T17214]  ? __mutex_lock+0x1ca/0xb90
[  583.690520][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.692067][T17214]  ? rtnl_newlink+0x600/0x2000
[  583.693613][T17214]  ? trace_cap_capable+0x18d/0x200
[  583.695254][T17214]  ? __pfx___mutex_lock+0x10/0x10
[  583.696895][T17214]  ? apparmor_capable+0x114/0x1d0
[  583.698518][T17214]  ? netlink_ns_capable+0xfa/0x130
[  583.700172][T17214]  rtnl_newlink+0x18e0/0x2000
[  583.701744][T17214]  ? __pfx_rtnl_newlink+0x10/0x10
[  583.703568][T17214]  ? __pfx___schedule+0x10/0x10
[  583.705036][T17214]  ? __lock_acquire+0x5ca/0x1ba0
[  583.706466][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.707905][T17214]  ? trace_cap_capable+0x18d/0x200
[  583.709543][T17214]  ? find_held_lock+0x2b/0x80
[  583.711054][T17214]  ? __pfx_rtnl_newlink+0x10/0x10
[  583.712682][T17214]  ? __pfx_rtnl_newlink+0x10/0x10
[  583.714290][T17214]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  583.715970][T17214]  ? __pfx_rtnl_newlink+0x10/0x10
[  583.717604][T17214]  rtnetlink_rcv_msg+0x95b/0xe90
[  583.719179][T17214]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  583.720953][T17214]  ? __lock_acquire+0xaa4/0x1ba0
[  583.722600][T17214]  netlink_rcv_skb+0x16d/0x440
[  583.724149][T17214]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  583.725894][T17214]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  583.727598][T17214]  ? find_held_lock+0x2b/0x80
[  583.729106][T17214]  netlink_unicast+0x53a/0x7f0
[  583.730651][T17214]  ? __pfx_netlink_unicast+0x10/0x10
[  583.732357][T17214]  netlink_sendmsg+0x8d1/0xdd0
[  583.733915][T17214]  ? __pfx_netlink_sendmsg+0x10/0x10
[  583.735630][T17214]  ? __import_iovec+0x1c8/0x660
[  583.737197][T17214]  ____sys_sendmsg+0xa95/0xc70
[  583.738752][T17214]  ? __pfx_____sys_sendmsg+0x10/0x10
[  583.740456][T17214]  ? get_compat_msghdr+0x11a/0x170
[  583.742091][T17214]  ___sys_sendmsg+0x134/0x1d0
[  583.743603][T17214]  ? __pfx____sys_sendmsg+0x10/0x10
[  583.745273][T17214]  __sys_sendmsg+0x16d/0x220
[  583.746944][T17214]  ? __pfx___sys_sendmsg+0x10/0x10
[  583.748586][T17214]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  583.750358][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.751888][T17214]  ? rcu_is_watching+0x12/0xc0
[  583.753414][T17214]  __do_fast_syscall_32+0x73/0x120
[  583.755045][T17214]  do_fast_syscall_32+0x32/0x80
[  583.756666][T17214]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  583.758661][T17214] RIP: 0023:0xf703e579
[  583.759980][T17214] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  583.766018][T17214] RSP: 002b:00000000f4fec55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  583.768663][T17214] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000280
[  583.771138][T17214] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  583.773630][T17214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  583.776572][T17214] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  583.779136][T17214] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  583.781669][T17214]  </TASK>
[  583.783216][T17214] Kernel Offset: disabled
[  583.784646][T17214] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:38:04  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000002 RBX=ffff88806fc9a940 RCX=ffffffff8941e47f RDX=ffff88801e0fc880
RSI=0000000000000000 RDI=0000000000000005 RBP=ffff88806fc9aadc RSP=ffffc90007077700
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=ffff88806fc9aeb0 R14=ffff88806fc9aa28 R15=ffffc90007077898
RIP=ffffffff8b6c88e0 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977e7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73c3230 CR3=0000000067f5a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff854c5cb0 RDI=ffffffff9ade4c80 RBP=ffffffff9ade4c40 RSP=ffffc90003f1e620
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3966666666666666
R12=0000000000000000 R13=ffffffff9ade4c90 R14=ffffffff9ade4c40 R15=ffffffff9ade4f00
RIP=ffffffff854c5cd7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880978e7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f60cffc CR3=0000000067f5a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88802b341460 RCX=ffffffff81aea149 RDX=ffff8880262ec880
RSI=ffffffff81aea123 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90002e076b8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed100566828d R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b43b180
RIP=ffffffff81aea125 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880979e7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f08b5ff0 CR3=000000004fcee000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7482ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000080000 RBX=0000000000000000 RCX=ffffc9002f69c000 RDX=0000000000000000
RSI=0000000000000b8d RDI=ffffffff8cbf8c80 RBP=0000000080000002 RSP=ffffc9002063fc90
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=000000000000ef02 R13=0000000000000000 R14=00000000800000c0 R15=0000000000010106
RIP=ffffffff893b8185 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097ae7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f255dd CR3=0000000063247000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000