last executing test programs: 6.744815904s ago: executing program 1 (id=2): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) userfaultfd(0x80001) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x165342, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8) r1 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback, 0x7}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000000780)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x2, @loopback, 0x3}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000380)="06", 0x1}], 0x1}}], 0x1, 0x3404c8d4) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x20000000005, 0x21}, 0xd8) bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x2400c729, &(0x7f0000000100)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000003c0)=ANY=[@ANYRES16, @ANYBLOB="51d40f88b4e84666542663ebe50fafba1529088d66c961622a86e4218306f3006bf1cfe03416f9eb8277b464cc96d61af320a350b75647922c10318a21c1558f852a3dbf0b6da14b05a1769d4c08f5831f2ee4a71990a69a4cdb880bb2515c4963498af66d9de8209a9065f130743534d2eac137abc1b4d9ca3d9ef9bb13a36b6209e71a79d4a195c4ba", @ANYRES16=r1], 0x1000f) mq_open(&(0x7f0000000040)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!Tnux\x00', 0x6e93ebbbcc0884f2, 0x0, 0x0) r3 = creat(&(0x7f0000001380)='./file0\x00', 0x12c) r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) fanotify_mark(r4, 0x1, 0x1038, r3, &(0x7f0000000080)='./file0\x00') mount(&(0x7f0000001400)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='omfs\x00', 0x8002, 0x0) 6.549507046s ago: executing program 1 (id=6): ioctl$HDIO_GETGEO(0xffffffffffffffff, 0x301, &(0x7f0000000000)) r0 = accept4$x25(0xffffffffffffffff, &(0x7f0000000040)={0x9, @remote}, &(0x7f0000000080)=0x12, 0x80800) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)=0x100000) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000100), 0x10000, 0x0) ioctl$FBIOBLANK(r1, 0x4611, 0x3) r2 = syz_open_dev$sg(&(0x7f0000000140), 0x7fffffffffffffff, 0x800) ioctl$SG_GET_PACK_ID(r2, 0x227c, &(0x7f0000000180)) ioctl$EXT4_IOC_CHECKPOINT(r1, 0x4004662b, &(0x7f00000001c0)=0x4) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCDELRT(r3, 0x890c, &(0x7f0000000200)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xe5, @null, @bpq0, 0x7, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}) openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x10100, 0x0) getsockopt$rose(r3, 0x104, 0x1, &(0x7f00000002c0), &(0x7f0000000300)=0x4) syz_emit_vhci(&(0x7f0000000340)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x0, 0x4}, {0x3fd, 0x1}}}}, 0x11) poll(&(0x7f0000000380)=[{r2, 0x428}], 0x1, 0x8) r4 = socket(0x5, 0x1, 0x800) sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, 0x2, 0x3, 0x3, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFQA_CFG_CMD={0x8, 0x1, {0x6, 0x0, 0x1a}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x82ed}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x1e9}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x19}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040100}, 0x20040081) syz_emit_vhci(&(0x7f00000004c0)=@HCI_EVENT_PKT={0x4, @hci_ev_role_change={{0x12, 0x8}, {0x4b, @any, 0xff}}}, 0xb) syz_emit_vhci(&(0x7f0000000500)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x2, 0xc9, "18482ed886e3964b"}}}, 0xe) r5 = accept4$rose(r3, &(0x7f0000000540)=@full={0xb, @dev, @remote, 0x0, [@netrom, @netrom, @rose, @rose, @null, @rose]}, &(0x7f0000000580)=0x40, 0xc00) r6 = accept4$rose(r5, &(0x7f00000005c0)=@full={0xb, @remote, @netrom, 0x0, [@default, @rose, @netrom, @netrom, @null, @netrom]}, &(0x7f0000000600)=0x40, 0x80800) r7 = syz_io_uring_setup(0x7ad5, &(0x7f0000000640)={0x0, 0xe9c8, 0x400, 0x0, 0x135}, &(0x7f00000006c0), &(0x7f0000000700)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000008, 0x485cfbe62d2eb8f1, r7, 0x10000000) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000780), r4) sendmsg$TIPC_NL_PUBL_GET(r4, &(0x7f00000008c0)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000880)={&(0x7f00000007c0)={0xc0, r8, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x4}]}, @TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x16, 0x1, @l2={'ib', 0x3a, 'bridge_slave_1\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x30}}}, {0x14, 0x2, @in={0x2, 0x4e24, @multicast2}}}}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x101}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x72}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4fc}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x864}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4004000}, 0x40004044) sendfile(r6, r1, 0x0, 0x6) r9 = syz_open_dev$ndb(&(0x7f0000000900), 0x0, 0x1) ioctl$BLKROTATIONAL(r9, 0x127e, &(0x7f0000000940)) r10 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) ioctl$PTP_PIN_SETFUNC2(r10, 0x40603d10, &(0x7f00000009c0)={'\x00', 0x3, 0x2, 0xfffffc00}) fchmod(r3, 0x24) 6.40567541s ago: executing program 1 (id=9): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000004, 0x20011, r0, 0xf648d000) mount_setattr(0xffffffffffffff9c, 0x0, 0x100, &(0x7f0000000580)={0x100070, 0xe, 0x100000}, 0x20) madvise(&(0x7f00002a7000/0x1000)=nil, 0x1000, 0x2) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 5.993445528s ago: executing program 1 (id=12): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x60a00, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r2 = syz_open_dev$evdev(&(0x7f0000001f80), 0x34, 0x181002) r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0) r4 = openat$cgroup_int(r3, &(0x7f0000000040)='cpu.weight.nice\x00', 0x2, 0x0) r5 = dup(r4) sendfile(r5, r5, 0x0, 0x400) syz_usb_connect(0x2, 0x527, &(0x7f0000000640)={{0x12, 0x1, 0x200, 0xd5, 0x69, 0x2b, 0x0, 0xdf6, 0x3e, 0x2a91, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x515, 0x3, 0x12, 0x2, 0x20, 0x6, [{{0x9, 0x4, 0xde, 0x7, 0x2, 0xd1, 0xf9, 0xe2, 0x2, [@uac_as={[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x2, 0x3, 0xc, 0x9, "16", "67d86c"}, @format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x6, 0x1, 0xd, 0xf}, @as_header={0x7, 0x24, 0x1, 0x85, 0x6}]}, @uac_control={{0xa, 0x24, 0x1, 0x66f1, 0xfd}, [@input_terminal={0xc, 0x24, 0x2, 0x1, 0x100, 0x2, 0x4c, 0x101, 0x8, 0xfb}, @output_terminal={0x9, 0x24, 0x3, 0x3, 0x306, 0x1, 0x6, 0x8}, @processing_unit={0xa, 0x24, 0x7, 0x1, 0x3, 0x1, "caa239"}, @extension_unit={0x9, 0x24, 0x8, 0x2, 0x1, 0x2, 'T1'}, @input_terminal={0xc, 0x24, 0x2, 0x6, 0x200, 0x4, 0x4, 0x0, 0x4}, @output_terminal={0x9, 0x24, 0x3, 0x3, 0x303, 0x5, 0x5, 0xf}]}], [{{0x9, 0x5, 0xb, 0x2, 0x10, 0x8, 0x7, 0x72}}, {{0x9, 0x5, 0x5, 0x1, 0x200, 0x5, 0x7, 0xbc, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x9, 0xf9de}]}}]}}, {{0x9, 0x4, 0x83, 0x5, 0x6, 0x78, 0xb4, 0x1d, 0x5, [@cdc_ecm={{0x9, 0x24, 0x6, 0x0, 0x0, "e4a56a38"}, {0x5, 0x24, 0x0, 0x5}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x6, 0xe, 0x8}, [@call_mgmt={0x5, 0x24, 0x1, 0x1, 0x2}, @call_mgmt={0x5, 0x24, 0x1, 0x3, 0xfd}, @ncm={0x6, 0x24, 0x1a, 0x0, 0x10}, @acm={0x4}, @mdlm_detail={0x7b, 0x24, 0x13, 0x80, "cac51821dfef8346b2017060f1bbc4dcf02a800f5eac3bd1785a728a5bb336d7d712a3bf1e72059aac141c7eb6b34facd02d31a4df5f99603cb46e5ff2db70873d45d10a469c4589686df7292782957a2a2205fce6bc9c18919c0e76e2d6a7e6277300d6c69a3c5b9fd2dd47ad208f64ccb33a18ef6fcc"}, @network_terminal={0x7, 0x24, 0xa, 0x40, 0x8b, 0x89, 0x2d}]}, @uac_control={{0xa, 0x24, 0x1, 0x101, 0x8c}, [@mixer_unit={0xa, 0x24, 0x4, 0x3, 0x5, "f372ca8dde"}]}], [{{0x9, 0x5, 0x3, 0x2, 0x400, 0x1f, 0x38, 0x85}}, {{0x9, 0x5, 0xb, 0x4, 0x400, 0x8, 0x0, 0x3, [@generic={0x4a, 0x7, "d4c43cbbaa4f2c9770c0965395e259951ccfab528da599b226cf06c1ac02dbe8bbcdba0aa6e088e474298219a1a2b48847f2502b4c70e82fdc1082d3e7584ae72fe7207d3b2df21d"}]}}, {{0x9, 0x5, 0x8, 0x8, 0x200, 0x6, 0x8, 0x4, [@generic={0x34, 0x23, "c085fa0504b10fc9cc699502abc49fc21f65e6daef0960c2d164617d27f3628acc71afcdf7dcae5ab5998466852be47079bb"}, @generic={0x2f, 0x7, "53f1059eb58b4a2e2c88b6e3f37f9c1dd815e5e3738461a21a3203e4b5d0a9b0486dbb8b4eb03a1842277d7a4f"}]}}, {{0x9, 0x5, 0xa, 0x3, 0x3ff, 0x1, 0x9, 0x4}}, {{0x9, 0x5, 0x9, 0x0, 0x200, 0x4, 0x2, 0x0, [@generic={0x9f, 0x24, "e5469cd22a9d25e91407ec9f7b463d0d60c12c6c954fe2b49af258aec1d4ff51de8bef6248b2a57258aa5ce6a88a67fc1f5b9288d48b9cd80e0e87a78490e9f49165505823eeb0830bb8b3da66dc60624146fbd2145b59d125d17b8eabfffa4299b81855ff396556a9d41c3931dcdbc4b288ebdc9b9c58d9bb41d5183687bf379166b1c3fbdd64a7d1eabf4d1f5534228065fc36caf0ed99db9aa03eb4"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0x9, 0x3}]}}, {{0x9, 0x5, 0xc, 0x0, 0x40, 0x1, 0x7, 0x8}}]}}, {{0x9, 0x4, 0xe4, 0x9, 0xd, 0x91, 0xfc, 0xeb, 0x5, [], [{{0x9, 0x5, 0x3, 0xc, 0x40, 0xc0, 0x6, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x1, 0x5}]}}, {{0x9, 0x5, 0x9, 0x1, 0x20, 0x81, 0xd, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x8, 0x8}]}}, {{0x9, 0x5, 0x6, 0x0, 0x8, 0x7, 0x40}}, {{0x9, 0x5, 0x5, 0x2, 0x0, 0x10, 0x2, 0xff}}, {{0x9, 0x5, 0x7, 0x0, 0x400, 0x6, 0x0, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x6, 0xa5f7}]}}, {{0x9, 0x5, 0xf, 0x10, 0x400, 0xdf, 0x7, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x8}]}}, {{0x9, 0x5, 0x1, 0x10, 0x10, 0xf7, 0x5, 0x28, [@generic={0x77, 0x5, "36ac27eb598e3bf11421319de5b848d136701d00ae180b87145e73ebcbc3308b7e225da24239efd01c52056eb60821b914aa519b01c8a7c3c824555363a60455a14b98cd399a283041878ffacdd23d5e5a2ed85a63a772f9db54fd90d7c542feb60b70dbfa7684dc12954843e2857e498b87c3e85c"}]}}, {{0x9, 0x5, 0x0, 0x2, 0x20, 0x5, 0x4, 0xbe}}, {{0x9, 0x5, 0xf, 0x4, 0x400, 0x3, 0x7, 0x54, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x2}]}}, {{0x9, 0x5, 0x6, 0x0, 0x200, 0x3, 0x3, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x7, 0x8}, @generic={0x1d, 0x30, "650e2a1fc9408a60ccd008e92dc1a237a0658ca90916089f2d5820"}]}}, {{0x9, 0x5, 0xe, 0x0, 0x0, 0x2, 0xf7, 0x3, [@generic={0xd, 0xd, "6bf526359ee3b7a2efbbd8"}]}}, {{0x9, 0x5, 0x2, 0xc, 0x8, 0x3, 0x1, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x7, 0xe}]}}, {{0x9, 0x5, 0xc, 0x0, 0x200, 0x2, 0x5, 0x4, [@generic={0xe3, 0x31, "1ddac3037e6b957fc016a1d65e1375060232e246860accf19e0b9e673f69e1600a3bdd090833ed414713e52863257358b9fb4b50f6b5d9eeba62914a094c2a5df5b56107e430d2b55dbd0262397888f10a6f5668dab24d8fe0252d2e30a376f7797e6adf8892383f3e3b32cd8bfa508fa870fa4db60576a33fa307af686fcfca95f5106848e01c9ab9d829bda952a41f912b71ae2b46ee37ac18a98df82313a12547aa88c7e6e93e16c7d2195eff5ac757d7142547a9c966b671031f03204cd5b359b8684c7e61ff814bf71ad1056222490d75665411223658f67a68074256affe"}]}}]}}]}}]}}, &(0x7f00000000c0)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x300, 0x5, 0x5, 0x7f, 0xff, 0x5}, 0x10e, &(0x7f00000001c0)={0x5, 0xf, 0x10e, 0x4, [@ssp_cap={0x1c, 0x10, 0xa, 0xa, 0x4, 0x9, 0xf, 0xb25, [0xffffcf, 0xff0000, 0xff3fcf, 0x3fc0]}, @wireless={0xb, 0x10, 0x1, 0xc, 0x19, 0x7, 0x3, 0x40, 0x3}, @generic={0xce, 0x10, 0x2, "4190a0e9091bc8f339b58a95a249ea73515fb3f197980c5d323ec1ee8834e894b6f22744897450fe65e67160ed1cc57402e9a2fe641d766fc2ef90936374d4e2350d0aa188b9a1dbf5cfd02e766635dd887f9afd59284172377de59d818d0c1b8dd18e2ae409a9870a559297a32f32dbfb10eae9b76d483f66059cf5dd851b827ee005e464ecb122780c657f1400ae72c38b691a9efdd7c57fdbbb4226f46124a535bfa3557d4dc2b40cb12ce4f73c466e599be9245a84476696e133b6df0e38e22e9ce5206f6fb545788b"}, @ss_container_id={0x14, 0x10, 0x4, 0x80, "9e44e723c4ea025f30e736880525b8f1"}]}, 0x1, [{0xc6, &(0x7f0000000300)=@string={0xc6, 0x3, "ce9e9ee3c0758af682941ec135e22fe52f3980cc5c34578b45106ed415da2e47a9657f85cdd29e4da34b439450e54325e1fe7cfc37033184e11fc83c8355abbc2bcd10c721d4f52e5911146fa08e0e566baea4223b18418ca9adcc8d453a57e4a1fbac55f07cefe6345e320b46fa87fa41dda2ac24153498438b514c55145cc48f254973f559a49960434208034e622ca7bdead8fb42b282ee09ba8d9515195e545e2a047c81ff2bfdfe35f21345c219dae56911d1a81c82e482a6402d757e7a91ab52c6"}}]}) ioctl$EVIOCGKEYCODE(r2, 0x80084504, &(0x7f00000005c0)=""/89) r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r7 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$sock_inet_SIOCGARP(r7, 0x8954, &(0x7f0000000300)={{0x2, 0x4e23, @private=0xa010102}, {0x1, @remote}, 0x6, {0x2, 0x4e24, @rand_addr=0x64010100}, 'wlan0\x00'}) r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf411119edabebbb1, 0x20011, r0, 0xd56d9000) ioctl$KVM_SET_DEBUGREGS(r8, 0x4080aea2, &(0x7f0000000000)={[0xe6f48000, 0x4000, 0xeeee0000, 0x4000], 0x7, 0x0, 0x6}) 2.921549095s ago: executing program 1 (id=24): ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x800) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f00000000c0)={0x0}) ioctl$DRM_IOCTL_GEM_CLOSE(r3, 0x40086409, &(0x7f0000000100)={r4}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000040)={0x8003, 0x6576, 0x4}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r5, 0x100000000) r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x88980, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x22052, r6, 0x5708e000) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x800) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (async) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000}) (async) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f00000000c0)) (async) ioctl$DRM_IOCTL_GEM_CLOSE(r3, 0x40086409, &(0x7f0000000100)={r4}) (async) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000040)={0x8003, 0x6576, 0x4}) (async) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r5, 0x100000000) (async) openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x88980, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x22052, r6, 0x5708e000) (async) 2.173426782s ago: executing program 3 (id=27): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) write$uinput_user_dev(r0, &(0x7f0000000b00)={'syz0\x00', {0x5, 0x7, 0x3, 0x7}, 0x3e, [0x2, 0x9, 0x0, 0x1, 0xc, 0xea45, 0xd, 0x3, 0x0, 0x0, 0x800008, 0xc, 0x3, 0x0, 0x1, 0xb, 0x93f, 0x7fffffff, 0x51, 0x5, 0x803, 0x0, 0x403, 0x2, 0x7, 0xffffffff, 0x3, 0x1, 0x4f, 0x6, 0x9, 0x7, 0x9, 0x4, 0x2, 0x1, 0x5, 0x4, 0x800, 0x4, 0x800000a, 0x8, 0xc03a, 0x8, 0x0, 0x2, 0xffff, 0x6, 0x939, 0x5, 0x9, 0x2, 0x4f, 0x40004, 0xfffffff7, 0x7fff, 0x4, 0x5, 0x2, 0x56f00ca9, 0x4137, 0x2a, 0x1, 0x21], [0x1, 0x9, 0x9, 0x1, 0x5, 0x6, 0x800, 0xc, 0xfffffffa, 0x2329, 0xfd8, 0x1001, 0x5, 0x5, 0x0, 0x24e, 0x1, 0xfffffff7, 0x2, 0x3, 0x5, 0x9, 0x85, 0xb6fe, 0x1, 0x40, 0xa3, 0x8, 0xffffffff, 0x5, 0x10000, 0x1, 0xffffff00, 0x7ff, 0x6, 0x7, 0x0, 0xa9, 0x101, 0x10, 0x2, 0x7, 0x7, 0x8, 0x1, 0x8000, 0x800, 0x5, 0xc5, 0x6, 0x1, 0x9, 0x8, 0x3, 0xfffffff7, 0x3, 0x24b, 0x1fd, 0x2a0, 0x5, 0x6, 0x0, 0x7, 0x80000007], [0x2, 0x9, 0x1a9e1bfa, 0xfffffff9, 0x8, 0xed, 0x5, 0x8001, 0x10, 0x1, 0x2, 0x7fffffff, 0x8000, 0x4, 0x1, 0x5, 0x204, 0x2, 0x2b0, 0x5, 0x97f82544, 0x5, 0x0, 0x1a2e, 0x5, 0x5, 0x4, 0x2, 0xc93, 0xffffff3c, 0x8b2, 0x7, 0x0, 0xff, 0x0, 0x2, 0x4, 0xb, 0x9, 0x6, 0x7, 0x7c13, 0x1, 0x1, 0x7, 0xff, 0xe, 0xd3, 0x4, 0x8, 0x0, 0xffffff00, 0x100, 0x7, 0x2, 0x0, 0x9, 0xdd, 0xfe83, 0x9, 0xc3, 0x7751c64, 0x800007a3], [0xb, 0x3d3, 0xffff1a7f, 0x200, 0x3, 0x2, 0x2000003, 0x1, 0x5, 0x4, 0x3, 0x1f, 0x3, 0x6, 0x6, 0x2, 0x9, 0x7, 0x2, 0x66608000, 0x9, 0x7ff, 0x6, 0x5, 0xa476, 0x9, 0x9, 0xffff, 0xd, 0x0, 0xfff6ff81, 0x5, 0x10001, 0x61, 0x10001, 0x1000, 0x4, 0x100, 0x1, 0x20000000, 0x8, 0x1d, 0x4000b329, 0xec000000, 0x6, 0x1904, 0x4, 0x9, 0x8, 0x7ff, 0x80, 0x5, 0xfffffffb, 0x7, 0x6e79, 0x8, 0x10000, 0x9371, 0x4f89, 0x7, 0x582, 0x10001, 0x80, 0x8]}, 0x45c) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68) mount(&(0x7f0000000000)=@rnullb, &(0x7f00000000c0)='./cgroup/file0\x00', &(0x7f0000000080)='xfs\x00', 0x12400d9, 0x0) 2.171559233s ago: executing program 2 (id=28): mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000040)='securityfs\x00', 0x402, 0x0) 2.139492432s ago: executing program 3 (id=29): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x60a00, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4, 0x20011, r0, 0xd6baf000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x3) (async) mincore(&(0x7f00006ec000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/212) 2.124615835s ago: executing program 2 (id=30): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="99742dbd7000fbdbdf2515000000400001802c00c57a509b9a132a734e20ac14141d00000000000000001400020002004e237f00000100000000000000000d0001007564703a73797a32"], 0x54}, 0x1, 0x0, 0x0, 0x4000080}, 0x2400c000) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000021c0)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x10}}, @in6={0xa, 0x4e24, 0x1, @mcast1, 0x4}], 0x2c) creat(&(0x7f0000001380)='./file0\x00', 0x4) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000080)=0x9, 0x4) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}]}) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000280)={0x73622a85, 0x110b, 0x8000000000002}) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0xffffffffffffff61, 0x0, 0x0}) r7 = dup3(r6, r5, 0x0) r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x10000000000) ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0}) r9 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) read$FUSE(r9, &(0x7f0000000180)={0x2020}, 0x2020) timer_create(0x3, 0x0, &(0x7f00000001c0)=0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, 0x0) timer_delete(r10) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0x0, 0x7, @empty, 0x3aa7}, @ib={0x1b, 0xffff, 0x0, {}, 0x0, 0xfffffffffffffffc, 0x6}}}, 0x118) mkdirat(r9, &(0x7f0000002040)='./file1\x00', 0x40) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) 2.017513785s ago: executing program 3 (id=31): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f00000000c0)=0x2, 0x0) ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="280000001900150000000000fcffffff0a00000000000027"], 0x28}], 0x1}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20140, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000600)=[@text16={0x10, 0x0}], 0x1, 0x74, 0x0, 0xfffffcda) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0400000000000000850400000000000005"]) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_VFIO_IOAS$CLEAR(r5, 0x3b88, 0x0) ioctl$IOMMU_VFIO_SET_IOMMU(r5, 0x3b66, 0x3) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r7, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r7, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x1c) r8 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r8, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r8, &(0x7f0000000140)={0xa, 0x4e20, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}, 0x3}, 0x1c) connect$inet6(r8, &(0x7f0000000300)={0xa, 0x4e22, 0x2, @private1, 0x5}, 0x1c) r9 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r9, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r9, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) connect$inet6(r9, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010001000000000000000000000a50000000060a09040000000000000000020000002400048020000180070001006374000014000280080001400000000908400240000000240900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x78}}, 0x0) openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) 1.36928338s ago: executing program 0 (id=35): mkdir(&(0x7f0000000540)='./file0\x00', 0x108) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88) (async) mkdir(&(0x7f0000000300)='./bus\x00', 0x1b4) (async) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@verity_require}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]}) (async, rerun: 32) r0 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x718bb647156ec3b7) (rerun: 32) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x200, 0x0) (async) chdir(&(0x7f0000000140)='./bus\x00') (async) linkat(r0, &(0x7f0000000040)='./file1\x00', r0, &(0x7f0000000100)='./file7\x00', 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_DEL(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000580)=ANY=[@ANYBLOB="50000000020901010000000000000000070000083c0002000c00028005000100880000002c00018014000300000000000000000000000000000000011400040020012000000000000000000000000002"], 0x50}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000) link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00') renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x0) (async) r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x2c39000) 1.313153317s ago: executing program 0 (id=36): r0 = socket$inet(0x2, 0x2, 0x1) setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000440)=0x1, 0x4) syz_usbip_server_init(0x1) sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000140)='\b\x00', 0x2}, {&(0x7f0000000040)="96b414bbbcc9", 0x6}], 0x2}, 0x24048004) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x1) mount(&(0x7f0000000180)=@rnullb, &(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='jfs\x00', 0x1000010, 0x0) ioctl$DRM_IOCTL_MODE_RMFB(r1, 0xc00464af, &(0x7f0000000040)) sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000001c0)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x1}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000280)="8cdfeea5cf798bc0bce1c7b35bd6662f856aab5a0dcd554389d2a9970b3c1171f3", 0x21}, {&(0x7f00000002c0)="a0e1bcf3b2a347151feeab0b7a99fab852625a1e59564939fc7dcf4f7658009addcbfb53b5e1e4159567b846a6384dab4c2f67a4d977765aef14661911dd10ccd6c5938486a31cc320bff22ddbb7bcbadd208c35c3c225e9e925211ed2f3269d3fb8a284489b81e97b18349caccacbb66cf40ae752ed04d0b36753f40c8bb28262a057387659a48f0e9a77cbb57632d2d5d8b727a9eabf90d283f050d6e6c6d53ede108c0fcc05dad79027c86fe34aafff7d44636bc6eaf978f23bdbdbacc47d204e83e20cd03e5a61bac1f00b1027769e739fb5a7e868ca73bd446ba1528fe78fda9465a46e", 0xe6}], 0x2, &(0x7f0000000480)=[{0x48, 0x84, 0x2, "a8ee4f14693f948166ca29a6fd58bb1df426817f0b53f086c9304b31993ecfc213b9121ed03f36e268ddbeddee34d7a988e4e79d"}, {0x98, 0x10a, 0x6, "cf21487b9374f1adc2e3731515d4094eefe1bd008b8d0c67991e527398c5bc33dedd5e7f42939282977b485b4fe7032320402eefab5757ed3243e9640ed2d30256986aa13e472f45e6005627d4d194d3b1fe80e4ec7467c7029dc044973b1f185f1fc7ddaa18ac963a9cb99c3aebdf1619471c6aef0921c19165ebf2aabcccb7582f"}, {0x78, 0x111, 0xf, "7b41dc5e04bed756c28f3426b460cc05913c88fa3115ecf59bc5a530b5c5011b269a83eb0925663cb00c053205421ba8f137e1cd4e36e4dd701b8bde1bc321ed60973b1fd97c6677579a4874e59ef2ac1ae9494ed1c74944d9fba316ea473b209d42"}, {0x90, 0x10c, 0xfff, "f32e1757e45010967145267ed1ea0a8af1a150db0d8fdd294246cfc714f269ddc070e2d7a4326a8fa9239948790b1276557f669ef0d18f02c658b3812ea3f5e2560739667e3e9a8539e553d5bd81b94164a9b09efeaa4e4b8553dc96fe2da68f747f1dc43a56d8f85a47647b2e1baf9d546312e5abe4a66afa6d386b88687871"}, {0xf0, 0x118, 0x9, "f346e2af38df1848fc8559dd788d3c9018c8a797d0e769bfcf704bc3b1f1c2a8092ae329323f134f683294c0708ab97c03363c70e52cf7d4f0fe51ab95f4e5f60e33fc5608eb09f1e6d0486edd1b3cbfb40042534eff0dd0ecdddc9f8b9f675fef4ad5234f92636fcc686d2c5aa105a4a594bd9322fa6fb2be11e25ae8cf41e9ce32997790e710dbbef2ec49f57f6a66614970d75521cd025f780fb67e2c3dac8664487abc9384bec89df59858ec0fb57689ce423b5da7eebd3561048ba1209797e9639681b4bf453b110f06238123cd971c546784b5c2c62c"}, {0x58, 0x10c, 0x200, "bc647ece0ca5f756648566aefd9a818e48631197f0c20a63e9fe8df0d0e7d1c4c7585c18e940d23fb635e8c62589cc1347b2ec4a531dc37eb7d46cd6ffc9fdbea4b8"}, {0x80, 0x10b, 0x7, "0cc8a46eca7b3367c7525b9e1ba366123dd2f60c2017d6ea0a456d1584fd07b79f99e748b2a7d6a83f003b2984b8ec32b0245ff157628911c83ce05d62f62aef237089841c97f4ac55639f424797a16a4bc573582416964c42fceb804e0bf2f5d4659eb9ac900212a0c03a80da5cda"}, {0x100, 0x29, 0x3, "33e4a39546ced82e18ae3f9ea712ecc75fa230e9b119a0b98a767e4531637648ddaafc96eca3d7f81774e3d69c20621f9c95c7494c68075ef1755613a13a0f9e706828903e1592e44f032c4656723f108700871faf2808acf7e4c7c9af88c2510c2a41b10e1e73dcb31acf92c29628da57789b89bd84a7430e78f0628b48fd6c0f040bb103d42c708d3324d5c3cdd747c402e4caa59e277742c22e8d1812abf8c69988dcd29ba54a676515e0d68e5a504ca65ef04e9a4ed2c661faa45b011d78c86615d0b5d947f4465b1731f95d8cedd2200a0054d24da3c8986cff264016d42afcc49ad7a6bbaa9f"}], 0x4b0}, 0x40400c5) 1.189648312s ago: executing program 2 (id=37): r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000001c0)={0x0, 0x0, 0x37}) r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x88980, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x22052, r1, 0x5708e000) 1.111436596s ago: executing program 2 (id=38): r0 = syz_open_dev$sndpcmp(&(0x7f00000000c0), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, &(0x7f0000003ac0)={0x0, [[0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x7b7f, 0x0, 0x0, 0x0, 0x0, 0x1], [0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]], '\x00', [{0x0, 0x3, 0x0, 0x1}, {0x0, 0x1ff}, {0x0, 0x1000}, {}, {}, {0x0, 0x1}, {}, {0x3}], '\x00', 0x3b}) r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r4, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2c, r3, 0x10, 0x10000000, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_MAC_HINT={0xa, 0xc8, @random="ddac3939b741"}]}, 0x2c}}, 0x8000) r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x145342, 0x0) r6 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_mtu(r6, 0x29, 0x17, &(0x7f0000000380)=0x3, 0x3) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00012ddf2507000000080001001900000008000300", @ANYRES32=r4, @ANYBLOB="0c0099000104000035000000140004006261746164765f736c6176655f310000080005000c0000000800050002000000"], 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x4010) syz_open_dev$ndb(&(0x7f0000000480), 0x0, 0x2100) r7 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000500), 0x2041, 0x0) ioctl$sock_FIOGETOWN(r6, 0x8903, &(0x7f00000003c0)) setsockopt$inet6_udp_int(r6, 0x11, 0x67, &(0x7f0000000000)=0x28, 0x4) sendmmsg$inet6(r6, &(0x7f0000001340)=[{{&(0x7f0000000140)={0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0xa}}, 0x1c, 0x0}}], 0x1, 0xc040) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x141841, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r9 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000580)={'syzkaller1\x00'}) write$tun(r8, &(0x7f0000000040)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x47, 0x0, 0x0, 0x0, 0x84, 0x0, @rand_addr=0x8, @local}, {{0x0, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x0, 0x4, 0x0, 0x1c}, {"7302ae64596acd1b0c85f79e959ba407dfe2680a9f3a5624b94b05eb30a8db"}}}}}, 0x55) sendmmsg$inet6(r6, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)="fcc45c02cf71c800a276ca484b5184ff4e80a25f99ddfea651172d55d07025dfbbb827488b809e85e8", 0x29}], 0x1}}], 0x1, 0x40) ioctl$sock_inet_tcp_SIOCINQ(r9, 0x541b, &(0x7f0000000440)) sendfile(r5, r1, 0x0, 0x2fe4) connect$packet(r7, &(0x7f0000000600)={0x11, 0x18, 0x0, 0x1, 0x3, 0x6, @remote}, 0x14) syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r2) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000540), 0x1, 0x0) setsockopt$inet6_udp_int(r6, 0x11, 0x92, &(0x7f0000000340)=0xffff, 0x4) 1.078519146s ago: executing program 3 (id=39): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000140)={0x0, 0x1, 0x18, 0x4, 0x200, &(0x7f00000004c0)="a2609885a1c37cfcb4bc65ff233f282359751f4c51b0fb96c310a3959c62bb506708dfcc387b1a01de888aa5210daeeb3203be283e8b6dca663f2a0d1e5a94be2d381791ad16b43c7318a1ac761c1d9f70f4107e292512bc8aee125a7c93e8d551e4af0b1522f4ef59c78dcb6c1c2ce4441abb065ca27c8db3672d09d03516b97036deaaa2e32d13fb14455dec2a8e5c23f9661fffffffff9d334a6a545a31099a408a69c9c3d76ca176c1d0f70b69a6e693c78822e400965b533f60ef7138d6cec1c4877202eafd47b93143ed8aeda26e75e8709015633c1df835ccec5b85ebaedd4e8e26b073bbe5d06cc26f492e62cdd0bec60741040845bd353a5e05d2cca3b38e08a234289d7045dd973ec8b4bf64c9f532abf169684ca25bdda82a0d495919cc5d5e840113806660467ee9c4e9530f7ec49bd5035717812c9e98909ec3901df33add1b9bb5ac589252f5da6b9d78b500285dfe94eeb01ed66681b62eb0da2b6349306fa93597a48c5e999b2e3a439c5969373babbfdcffda3dee57df9cb7dc0e0198ba4802f0f737ad587445e4863d14c2b6b043510e986f87080674173123be937f8ad5eec03af6cdee7de98337605377812e6ddda13667e47b05c4614cc2cf37f67f6cab461ad2b2d5276f2ab995bb6abcfa763c41bca8cca84ada9fe10596ba1908a57ec6f3350b6d46d13f0c167934d9f97a431d242adc17af318e144c86a39e6b96926c537631515ec462173e7e1128871a32b2857f1615a2696e1c61f36eda76d1d7f0fdac04d22a003f0b2c8c951b52f8d8da5c5ec9a0cdc28c7d978716856decc7d27cee809e048ba42d9bcd193f1a9a5ce6398df194f1570efe113ba1ebdafa48aa151ef9a5aad98825fa78b5f92c066d453b3a28c154ec9642236892e4513c8a4766a4fc4a9c4212a076044c8c0684af421b055507ec32731d9dcfc1d96aecb669af44e5a425a5e40b42a2e7b9914760ddd2947360d7000068e76c6999751ec6a52f01d401a7e9087b08c92bd9720d1f137424a2e8ebe1e06198405e4de90e7250861994f73790fd984724161c72d442b1115d89659e4f6c7f978043f7b0661cb9def422e880551822dcd5a9889e01f1e6acb466a289349323dbcdf114138461ebe3c96ca00345d8e404d183833eb3eecf26ca995f5715ae1c59bab3458e0ddda9461ecd12cf2f905d3c5d8f588a75328407b74c8571d02f57bba3704d67b70ba2c3d1cbba48b1bcd7f443e793554247eb05f3c624b2f333a1f257d639fb4086d4a682b911863e3fa6c0e70468e7a9540c73053d8ce960d22f93b1e26827bc3007d46dfb30738aabc01dc52cc06d589dd54016c69bd3d6800f6f8bd35662c6de0569312e0e8f1197d7c150a3a44534fbc5806cf02be043a1e5890962e62275fd174a217d172dd0671e755bf60e913b1d0abf0e229b6b4fd7"}) gettid() timer_create(0x7, &(0x7f0000000200)={0x0, 0x21, 0x800000000004, @thr={&(0x7f00000003c0)="63eaa6ed66e6d8083d0accdb6220f946af15eb48ad8720acb4afa3dc93e0e2418ee0530f67bf618259fef143f5a0adea994c47119bc569ea8d191e116e0451719fccac2d569970a7b7650a594623f2c38f717cdcaeeeacf6a5c6578f1549557dcd897f9f60525dd02cc0c7c5636ac7ced9b11d69c6bbc740780ba6626b1a318b1d33ff9034ce7e7569f96265a9a0f3e63e756f01727a14e27cdad87d3bbd82fcb76cdd8e1d6ebe6cb3a40f58a89926c3f9932a2ed555c85ee1dbf900abf36ce54e0104d5c2beac134311611afe21406618ecb2e5f28e86d8dd28f5cd588f5b83a4af53d6c259229f99aa76dfd2bd67b050687ff6c4", &(0x7f00000001c0)="54d437506205310c69d18000a342cf94f90aff2b647e4baa5034d0bf6ed9a753054d4f2321ee95fb7a8027b72c8d9025fa48a5cfc5a791"}}, &(0x7f0000bbdffc)) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000080), 0x4) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {r2, r3+60000000}}, 0x0) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r5, &(0x7f0000002d00)=[{{0x0, 0x0, 0x0}, 0x8183}, {{0x0, 0x0, 0x0}, 0x10000}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000001300)=""/180, 0xb4}, {&(0x7f0000000440)=""/245, 0xf5}, {&(0x7f0000004f40)=""/4108, 0x100c}, {&(0x7f0000000540)=""/215, 0xd7}], 0x4}, 0x100}, {{0x0, 0x0, 0x0}, 0x400008}], 0x5, 0x40002140, 0x0) ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSACTIVE(r4, 0x40047459, &(0x7f0000000080)={0x0, 0x0}) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0) unlink(&(0x7f0000000040)='./file0\x00') mknod$loop(&(0x7f0000000200)='./file0\x00', 0x6000, 0x0) readv(r0, &(0x7f0000009500)=[{&(0x7f00000092c0)=""/56, 0x38}], 0x1) r6 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r6, &(0x7f000001a240)=""/102400, 0x19000, 0x0) mount(&(0x7f0000000000)=@rnullb, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000040)='hpfs\x00', 0x208002, 0x0) 865.432331ms ago: executing program 2 (id=40): r0 = creat(&(0x7f0000001380)='./file0\x00', 0x4) r1 = getuid() (async) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) mount$9p_rdma(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x1088008, &(0x7f00000001c0)={'trans=rdma,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@common=@cache_mmap}, {@common=@directio}, {@sq={'sq', 0x3d, 0x10001}}, {@common=@mmap}, {@rq={'rq', 0x3d, 0x7}}, {@common=@posixacl}, {@timeout={'timeout', 0x3d, 0x2}}, {@common=@noxattr}, {@timeout={'timeout', 0x3d, 0x9}}, {@timeout={'timeout', 0x3d, 0xd11}}], [{@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@euid_gt={'euid>', r1}}, {@uid_lt={'uid<', r2}}, {@pcr={'pcr', 0x3d, 0x25}}, {@subj_type={'subj_type', 0x3d, '(&:\\#[\''}}, {@appraise}, {@obj_user={'obj_user', 0x3d, '@,'}}]}}) (async) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) (async) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) (async) chdir(&(0x7f00000000c0)='./file0\x00') (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) (async) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000580)={0x1, 0x0, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil}) (async) ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) (async) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"}) (async) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) mount$tmpfs(0x0, &(0x7f0000000500)='./file1\x00', &(0x7f0000000540), 0x2001400, &(0x7f00000005c0)={[{@grpquota}, {@size={'size', 0x3d, [0x65, 0x78, 0xe856f0e0ff454a8a, 0x25, 0x35, 0x35, 0x67]}}, {@huge_advise}, {@gid={'gid', 0x3d, r3}}, {@size={'size', 0x3d, [0x35, 0x30, 0xa771012b84dfa5c4, 0x6b, 0x78, 0x36, 0x39, 0x37]}}], [{@context={'context', 0x3d, 'sysadm_u'}}]}) (async) chdir(&(0x7f0000000140)='./bus\x00') (async) socket$inet6_sctp(0xa, 0x1, 0x84) (async) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0) (async) mount(&(0x7f0000000000)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000040)='ext4\x00', 0x8000, 0x0) 798.41351ms ago: executing program 2 (id=41): ptrace$pokeuser(0x6, 0xffffffffffffffff, 0x100, 0x3) r0 = getpid() setpriority(0x2, r0, 0xff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb0, r2, 0x2, 0x70bd28, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, 0xffffffffffffffff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x40884}, 0x80d0) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000200), r1) r4 = socket$l2tp6(0xa, 0x2, 0x73) sendmsg$L2TP_CMD_SESSION_CREATE(r1, &(0x7f00000002c0)={&(0x7f00000001c0), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r3, 0x100, 0x70bd28, 0xf6a, {}, [@L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e24}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp6=r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20008000) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r5, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x8c, 0x0, 0x9, 0x3, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x93}}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x12}, @NFCTH_TUPLE={0x14, 0x2, [@CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @NFCTH_TUPLE={0x40, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x7}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20040094}, 0x4040) syz_genetlink_get_family_id$gtp(&(0x7f0000000480), r1) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000500), r1) sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x9c, r6, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x72}]}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x30d7e64f78de246e}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}]}, 0x9c}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) prlimit64(r0, 0xc, &(0x7f0000000680)={0x8, 0x5}, 0x0) sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000007c0)={&(0x7f0000000700)={0xa8, 0x0, 0x400, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0x6a}}}}, [@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x4}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_SEQ={0x4}, @NL80211_KEY_SEQ={0xe, 0x4, "a1ddf850920018bd3d81"}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "16f2e363ac"}, @NL80211_KEY_DEFAULT_MGMT={0x4}]}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY={0x48, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_IDX={0x5, 0x2, 0x5}, @NL80211_KEY_SEQ={0x14, 0x4, "21c305ac058fdd2af4dcd49edb6de181"}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "f3f2320a48aad53893fdeca5f3"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x81}, 0x40) r7 = syz_open_dev$vcsa(&(0x7f0000000840), 0x9, 0x0) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r7, 0x80045301, &(0x7f0000000880)) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000900), r1) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000ac0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000940)={0x114, r8, 0x1eae63810ee68501, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x8, 0x7}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_DISABLE_VHT={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xe23}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2fc}], @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x10000000, {0x5, 0x0, 0x5, 0x100}}}, @NL80211_ATTR_PREV_BSSID={0xa}, @NL80211_ATTR_IE={0xb7, 0x2a, [@rann={0x7e, 0x15, {{0x1, 0x42}, 0x5, 0x0, @device_b, 0x4, 0xffff0001, 0x1}}, @cf={0x4, 0x6, {0x22, 0x8, 0x6, 0x4}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x4, 0x30, 0x8}}, @dsss={0x3, 0x1, 0xc}, @peer_mgmt={0x75, 0x16, {0x0, 0x7, @val=0x7, @void, @val="69fc32083d4058c8189527e84b792e11"}}, @fast_bss_trans={0x37, 0x71, {0x7, 0x2, "59c452988fda1fe57f327406c01173d7", "4f1913836cdfc023060123cab0ed9f0bb8f4ef44ecc3ed07ecc267cb8edfdef9", "e71e2038fb545d358674c19a08377fcaa6898ce7e8e7ee9f15dc106c7e5ebad6", [{0x3, 0x9, "8ea358a73802527bbd"}, {0x3, 0x12, "2efcea30a201612352b7b9751540cb5ea07f"}]}}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x40004}, 0x20000002) munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000) ioprio_set$pid(0x2, r0, 0x6000) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r4, 0x8982, &(0x7f0000000b00)={0x3, 'wlan1\x00', {0x5}, 0x8fcf}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000b40), 0x400000, 0x0) socket$kcm(0x29, 0x5, 0x0) ioctl$USBDEVFS_GET_CAPABILITIES(r7, 0x8004551a, &(0x7f0000000b80)) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), 0xffffffffffffffff) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000c00)={0x6}, 0x4) r9 = syz_usb_connect$sierra_net(0x0, 0x3f, &(0x7f0000000c40)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x1199, 0x68a3, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x0, 0x80, 0xfa, {{0x9, 0x4, 0x7, 0x0, 0x3, 0xff, 0x0, 0x0, 0x0, "", {{0x9, 0x5, 0xd, 0x2, 0x8, 0x0, 0x18, 0x33}, {0x9, 0x5, 0xc, 0x2, 0x30, 0x0, 0x66, 0xa}, {0x9, 0x5, 0xc, 0x3, 0x10, 0x1, 0x1, 0x3}}}}}}]}}, 0x0) syz_usb_disconnect(r9) 612.628849ms ago: executing program 0 (id=42): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x60a00, 0x0) r1 = socket$netlink(0x10, 0x3, 0xc) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x2}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETSNDBUF(r2, 0x400454d4, &(0x7f0000000380)=0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) pselect6(0x40, &(0x7f0000000800)={0x2, 0x9, 0xa, 0x7fff, 0x0, 0xbea, 0x1, 0x8000000000000000}, &(0x7f0000000840)={0x9, 0xec15, 0x0, 0x4, 0xe, 0x200, 0x9, 0xffc7}, 0x0, 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a0b0400000000000000000000000020617368000000000c00128008000140000000100900010073797a30000000000900020073797a320000000000001100010000000000000000fb0000002a00"/114], 0x74}, 0x1, 0x0, 0x0, 0x20000}, 0x0) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0xfffffffb, 0x20000}, 0xc) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r7, 0x80247008, 0xffffffffffffffff) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001a80)={0x54, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x7}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}}, 0x0) r8 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) r9 = dup2(r8, r8) shutdown(r8, 0x1) write$tun(r9, 0x0, 0x46) r10 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2) ioctl$VIDIOC_G_STD(r10, 0x80085617, &(0x7f0000000000)) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f3000000000080001400000000114000000020a090100000000000000000000000014000000110001"], 0xd4}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf411119ed8bebbb9, 0x20011, r0, 0x52fbf000) syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x6c033, 0xffffffffffffffff, 0x0) 361.405002ms ago: executing program 0 (id=43): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7ff, 0x8001}}, './file0\x00'}) (async, rerun: 64) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000040)={0x0, 0xdf, "34d13160d0ece03edd1e8d97bebb6d0a7ac0951a35ffed7a6989c347fc06a278e755bbe1925130ec42c36567611a7cb11e06dc091e30cbd99ae014120a5154ff76b22169b1589b08a5ead89fd2fe3c3a66b9de4920edd0803ed08ffa0bd700004c652921e3765f20b5cb22e217f60477976729be16398d04ebad7c027b602c30086d6d806954404ebe77cfbbf26bebaa13e1fcce823046ac50bdf4a399e6955f0cd2b757360e6f8823c3c02bb99d13e114ddca32775794f57f75abbe2fab1507239432a16d9f59d07040729b9ae60e87000daaf0e981442a3b93f6fa691a05"}, &(0x7f0000000140)=0xe7) (rerun: 64) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000180)={r2, 0x6}, 0x8) r3 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000440)={0x6, 0x8, 0x2, {0x9, @pix_mp={0x4, 0x3, 0x30364d54, 0x0, 0xf, [{0x38, 0x2}, {0x80a, 0xfffffffe}, {0x62c, 0x9}, {0x70, 0x4}, {0x6, 0x3}, {0x7fff, 0x9}, {0x7, 0xd}, {0x1, 0x5}], 0x1, 0x0, 0x4, 0x0, 0x2}}, 0x1ff}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000004, 0x20011, r0, 0xf648d000) (async) madvise(&(0x7f00002a7000/0x1000)=nil, 0x1000, 0x2) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 183.931699ms ago: executing program 0 (id=44): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x60a00, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4, 0x20011, r0, 0xd6baf000) r1 = socket(0x18, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000200)={&(0x7f0000000180)={0x2, 0x4e23, @remote}, 0x10, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000000000034"], 0x18}, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x3) 140.755355ms ago: executing program 3 (id=45): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x66002, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000900)={'sit0\x00', 0x0}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000) ioctl$BLKRRPART(r0, 0x125f, 0x0) 874.763µs ago: executing program 0 (id=46): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x60a00, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf411119ed8bebbbd, 0x20011, r0, 0xebe3b000) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf411119ed8bebbbd, 0x20011, r0, 0xebe3b000) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000000)={&(0x7f0000001fc0)=[0x6, 0x2, 0xa, 0xfffffffc, 0x7, 0x8001, 0x4, 0x7, 0x9, 0xb1, 0x7, 0x80000001, 0x5, 0x1, 0x200, 0xff, 0x6, 0x6, 0x5, 0xfff, 0x1, 0xad, 0x1000, 0xf8, 0x6, 0x8, 0x0, 0x3, 0x16a7a0cb, 0x7, 0x5, 0x8, 0xd, 0x7, 0x83, 0xeb2, 0x80000000, 0x5, 0x8, 0xff800000, 0xfffffff5, 0xffff, 0x100, 0xfffffffd, 0x3, 0x1f, 0x10, 0x1, 0x4, 0xffff0001, 0x6, 0x40, 0x10000, 0x6, 0x7, 0x7, 0x4, 0xffffd1b0, 0x8000, 0x1, 0x493, 0x10000, 0x0, 0x10001, 0x6e2d, 0x7, 0x0, 0xffff, 0x7, 0x1000, 0x9, 0x6d0, 0x9, 0xd, 0xe39, 0x5, 0x2, 0xfffffff8, 0x8, 0x9a62, 0x8, 0x8, 0xc89, 0x80000001, 0xfffffb4c, 0xfffffffa, 0x5, 0xfffffffe, 0x80, 0x2, 0x8, 0x10, 0x1, 0x6d95, 0x8, 0x6, 0x2, 0x1, 0x6, 0x6, 0x0, 0x6, 0x5420, 0x2, 0x6, 0x3, 0x7, 0xffffffff, 0x3, 0x2, 0xfffffff9, 0x81, 0x7, 0x4, 0x7, 0x2, 0xbb76, 0xf202, 0x5, 0x3, 0xeb, 0xd45d, 0x8516, 0x100, 0x4, 0x0, 0x1ff, 0x80000001, 0x10c, 0x6, 0xb, 0x200, 0x3, 0x10000, 0xfe, 0xff, 0xffffffff, 0x400, 0x8001, 0xa1, 0x5, 0x2, 0x7, 0x9, 0x0, 0x5, 0x2, 0x0, 0x7f, 0x1, 0xff, 0x10, 0x100, 0x0, 0xd4, 0x8001, 0x0, 0x5, 0x12, 0x8, 0x4494c5f5, 0x6a35360, 0x7, 0x2, 0x1, 0x2, 0x10001, 0x5, 0x2, 0x9, 0x2, 0x100, 0x4, 0x7fffffff, 0x24, 0xb5cd, 0x3, 0x1, 0x1, 0x5, 0x0, 0xfffffff8, 0xff, 0xffff6d54, 0xf, 0x40, 0x2ae400, 0x53c, 0x6, 0x9, 0x9, 0x7, 0x200, 0x2, 0x6, 0x3, 0x91, 0x800, 0x5, 0x8000, 0x7, 0x10001, 0x4, 0x9, 0x80000001, 0x8000, 0x7, 0xdc, 0xfff, 0x80, 0x6, 0xd60000, 0x2, 0x1000, 0x7, 0x4, 0x8, 0x9, 0xc5cd, 0xa, 0x9, 0x80000000, 0x0, 0x8, 0x0, 0xf77a, 0x1, 0x1, 0x200, 0x7, 0x80000001, 0x0, 0x2011, 0x2, 0x0, 0x9, 0x70cc, 0x7, 0x2, 0x4, 0x3, 0x4, 0xffffff2c, 0x8000, 0x7, 0x7, 0x60, 0x6, 0xfffffffc, 0x6, 0x2, 0x3, 0xfff, 0x1, 0xce9, 0x5, 0xffffffff, 0x7, 0xfff, 0x3, 0x2, 0x3, 0x3, 0x5, 0x6, 0x2fc76031, 0x9, 0x5, 0xffffff16, 0xf2ba, 0x80000001, 0x0, 0x4, 0x5, 0x8000, 0x81, 0x100, 0x2, 0x80000001, 0x1, 0x9, 0x0, 0x8, 0x3a, 0x3, 0x354f, 0x2, 0x7, 0x0, 0x8, 0x1, 0x6, 0x0, 0x0, 0x59d, 0xfb8, 0x7, 0x323, 0x5, 0x2646, 0x4d, 0x2, 0x2f, 0x2, 0x3ff, 0x0, 0x8, 0x1ff, 0x20, 0x4, 0xb8, 0x9, 0x7, 0x6, 0xffffffff, 0x80, 0x4, 0xd1cd, 0x88, 0x1, 0x4, 0x2, 0xb051, 0x5, 0x7ff, 0x400000, 0x10000, 0x0, 0x0, 0x10000, 0x8, 0xffffffff, 0x4, 0x4, 0x9, 0x80, 0x7, 0xe55, 0x9, 0x400, 0x9, 0x3, 0x81, 0x6, 0xffffffc8, 0xcc4, 0x912b, 0x1, 0x3, 0x59, 0xd185, 0x3, 0x9, 0x8db, 0xf, 0x1, 0x0, 0xdd0c, 0x0, 0x80000000, 0x1, 0xffffffff, 0x9, 0x0, 0x2, 0xd82, 0x3, 0x0, 0x1, 0x3, 0x400, 0x263, 0xa5de, 0x7, 0x2, 0xfffffffc, 0xfffffffc, 0x8, 0x7, 0xe721, 0xfbcc, 0x60000, 0x7, 0x5, 0x0, 0xa, 0x7fff, 0x0, 0xb, 0xb, 0x4, 0x2a83, 0x4, 0x7, 0x0, 0x9, 0x6cf, 0x9, 0x2, 0x6, 0x3, 0x9, 0x8, 0x29e, 0x0, 0x40, 0x1c00, 0x9, 0x2, 0x9, 0xfffffff0, 0x6, 0x2, 0x43e, 0x5, 0x3, 0x4, 0x4, 0x757dd3f, 0xffff, 0x498, 0x80000001, 0x38d4b7c8, 0x7, 0x0, 0x5b, 0x782, 0x2, 0x9, 0x7, 0x2, 0xff, 0x5, 0x3, 0x2, 0x6, 0x8, 0x7f, 0x3, 0x9, 0x8, 0x4, 0xcc69, 0x7, 0x4, 0x6, 0x0, 0xffffffff, 0x0, 0x7, 0x4, 0x1, 0x9, 0x26a, 0x6, 0xffffffff, 0x7, 0x3, 0x7f, 0x8, 0x3, 0x8, 0x2a996227, 0x7, 0x45, 0xfffffffa, 0x0, 0x7, 0x2, 0x2, 0xfffffff7, 0x375, 0xc, 0x2, 0xffffffef, 0x3, 0x5, 0x6, 0x6, 0x2, 0xffff37cb, 0x7, 0x40000, 0x60d, 0x3, 0x8, 0xa96, 0x4000004, 0x0, 0xffffffff, 0xb, 0x0, 0x7620, 0x765, 0x5, 0xffff, 0xfffff800, 0x6, 0x5, 0x7f, 0x1, 0x5, 0x8000, 0xfffffff5, 0x1, 0x2, 0xf2fb, 0x8, 0x2, 0x8, 0x4, 0x3, 0x6, 0x9, 0x80000000, 0x7ff, 0x40, 0x8, 0x1, 0xffff, 0x5, 0xd, 0x5, 0x3, 0x1ff, 0x100, 0x4, 0x10001, 0x9, 0xa51, 0x81, 0x0, 0x8, 0x5, 0x6, 0x8, 0x6, 0x4, 0xc7f, 0x6, 0x8001, 0x4, 0x1, 0x9, 0x85, 0x80000000, 0x3, 0xc, 0x5, 0xc96, 0x37ab, 0x3, 0xffffffff, 0x400, 0x4, 0x2, 0x6, 0x800, 0x9, 0xe8, 0x4, 0x2, 0x7, 0x1, 0x318, 0xfffffff9, 0x4, 0x1, 0x3, 0x84, 0x1, 0x4, 0x4, 0x6, 0xc2b, 0x101, 0xd, 0x401, 0x653, 0x401, 0xffff, 0x80000000, 0xfe2b, 0x3, 0x800, 0x2, 0x9, 0x533b, 0x0, 0x1, 0x6, 0x1, 0x81, 0x8b6, 0x7, 0xc, 0x6, 0x3e, 0x8, 0x1, 0x800, 0x6, 0x4, 0x0, 0x677, 0x1, 0x101, 0x3, 0x80, 0x10001, 0x97cf, 0xfffff799, 0x3, 0x698, 0x9, 0x8, 0x800, 0x2b9, 0x3, 0x4, 0x3, 0x10000, 0x2, 0x4, 0xfffffffc, 0x2, 0x5, 0x9, 0x0, 0x3aa71159, 0x2, 0xfffff000, 0x1, 0xcad, 0x4, 0x3, 0x5, 0xfffffffd, 0x7f, 0x8, 0x8, 0x5, 0x0, 0x1, 0x0, 0x10, 0x0, 0x8, 0x1, 0x7, 0x3ff, 0xff, 0x3, 0xffff, 0x3, 0x7, 0xc, 0x80000001, 0x6, 0x3, 0x5b5cbc02, 0x0, 0x1200, 0x5, 0xb2, 0x3, 0x8, 0x3, 0x9, 0x8, 0x80000001, 0xdb3, 0xfffffff7, 0x9, 0x2, 0x3, 0x8000, 0xffffffff, 0xffffffff, 0xf5, 0x3, 0xd3, 0x1, 0xfffffffa, 0x8, 0xfff, 0x9, 0x9, 0xfffffff9, 0x80000000, 0x9, 0xba, 0x1, 0x2, 0xa, 0xf3f6, 0x5f4f47af, 0x8, 0x3, 0x84, 0x54, 0x200, 0x6, 0x3, 0x8, 0xfffffffe, 0x10, 0x5244, 0xfffffff2, 0xc9a9, 0x1, 0x7, 0x81, 0x55, 0x40, 0x9, 0x10001, 0x6, 0x0, 0x5, 0xffffffff, 0x10001, 0x400, 0x80000001, 0x1, 0x96ba, 0xfffffffa, 0x9, 0xa044, 0x2, 0x2, 0xfffffffc, 0x7fff, 0x1, 0x80, 0x200000, 0x0, 0x7f, 0x200, 0x7fffffff, 0x2, 0x4, 0x7d, 0x9, 0x5, 0x7, 0x4, 0x6, 0x1, 0x4, 0x76, 0x0, 0xfffffffb, 0x1, 0xa5, 0xa, 0x7f, 0xfffffff8, 0x7, 0x8, 0x9, 0x0, 0x8001, 0x4, 0x6, 0xa, 0x0, 0x10001, 0x5, 0x9db1, 0x3, 0x10000, 0x2, 0x1, 0x6, 0x1, 0x7, 0x9, 0x0, 0x7, 0xa, 0xb, 0x380000, 0xff8, 0x400000, 0x8001, 0x3, 0x1, 0xe, 0x7, 0x2, 0x0, 0x3, 0xffff, 0x28, 0x6, 0x80000000, 0x3, 0x8000, 0x4, 0x4, 0x6, 0x8, 0xd, 0x100, 0x8, 0x7, 0xfff, 0xffffffff, 0x25, 0x400000, 0x9, 0x81, 0x4, 0xe, 0x9, 0x9, 0xfffffffd, 0x3, 0x81, 0x9, 0xd97, 0x9, 0x6, 0x1000, 0x24c5, 0x8, 0xffff, 0x9, 0x8, 0x10001, 0xe757, 0xb, 0xdbede42, 0x4, 0x9, 0x1ff, 0xd, 0x8, 0x5, 0xfb, 0x8, 0x81, 0xfffffff7, 0x8, 0xffffffff, 0x4, 0x5, 0x3, 0x8, 0x40, 0x973, 0x0, 0x8, 0x6, 0x3, 0xe0, 0x0, 0x6, 0xf, 0x7, 0x3, 0x8, 0x14, 0x7, 0x101, 0xc1c, 0x7, 0xc, 0x5, 0x8, 0x8, 0x40, 0x6, 0x5c, 0x485, 0x4, 0x6, 0x4, 0x3, 0x840a, 0x9, 0x6, 0xcb, 0x3e, 0x7, 0x1, 0x6, 0x7, 0x3, 0x8, 0x0, 0x6, 0x2, 0x4, 0x6c6, 0x5, 0x7, 0x401, 0x10, 0xfff, 0x3, 0xefc, 0xc, 0xa, 0x4a, 0xffffff01, 0x5, 0x800, 0xa, 0x6, 0x1ff, 0x3274a532, 0xfffffffa, 0xffffffd4, 0x5, 0x7, 0x8, 0x2e98, 0x9, 0x8, 0x6, 0x1, 0x7, 0x80000000, 0xc317, 0x5, 0x7, 0x101, 0x4, 0xe, 0x1, 0xe5da, 0xfffffffe, 0x80000001, 0x7fff, 0x9, 0x80, 0xfd, 0x400, 0x6, 0x9, 0xfffff000, 0x21, 0x7, 0x80000001, 0xfffffff8, 0x8, 0x8, 0x536b, 0x9, 0x2, 0x4, 0x10000, 0x0, 0x9, 0x9, 0x0, 0x8, 0x5, 0x0, 0x4ef000, 0x2, 0xb, 0xb75a, 0x0, 0x10, 0x9, 0xffb, 0x3, 0x9, 0x7fff, 0x401, 0x92ce, 0x81, 0x62, 0x5, 0x7fff, 0x7, 0x0, 0xf1, 0xb, 0x9, 0x5, 0x8000, 0x6, 0x9, 0x200, 0x5, 0x3, 0x8, 0x0, 0xfd30, 0x7, 0xb, 0x1ff, 0x7, 0x3, 0x3, 0x1, 0x6, 0x2, 0x3, 0xff, 0x2, 0x80000001, 0x1, 0x2, 0x86cec, 0x1795dbb9, 0x573, 0xfff, 0x0, 0x5, 0x5, 0x1, 0x7, 0x0, 0x8, 0x5, 0x5, 0x93, 0xf56, 0x3], 0x1, 0x400, 0x7fffffff}) (async) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000000)={&(0x7f0000001fc0)=[0x6, 0x2, 0xa, 0xfffffffc, 0x7, 0x8001, 0x4, 0x7, 0x9, 0xb1, 0x7, 0x80000001, 0x5, 0x1, 0x200, 0xff, 0x6, 0x6, 0x5, 0xfff, 0x1, 0xad, 0x1000, 0xf8, 0x6, 0x8, 0x0, 0x3, 0x16a7a0cb, 0x7, 0x5, 0x8, 0xd, 0x7, 0x83, 0xeb2, 0x80000000, 0x5, 0x8, 0xff800000, 0xfffffff5, 0xffff, 0x100, 0xfffffffd, 0x3, 0x1f, 0x10, 0x1, 0x4, 0xffff0001, 0x6, 0x40, 0x10000, 0x6, 0x7, 0x7, 0x4, 0xffffd1b0, 0x8000, 0x1, 0x493, 0x10000, 0x0, 0x10001, 0x6e2d, 0x7, 0x0, 0xffff, 0x7, 0x1000, 0x9, 0x6d0, 0x9, 0xd, 0xe39, 0x5, 0x2, 0xfffffff8, 0x8, 0x9a62, 0x8, 0x8, 0xc89, 0x80000001, 0xfffffb4c, 0xfffffffa, 0x5, 0xfffffffe, 0x80, 0x2, 0x8, 0x10, 0x1, 0x6d95, 0x8, 0x6, 0x2, 0x1, 0x6, 0x6, 0x0, 0x6, 0x5420, 0x2, 0x6, 0x3, 0x7, 0xffffffff, 0x3, 0x2, 0xfffffff9, 0x81, 0x7, 0x4, 0x7, 0x2, 0xbb76, 0xf202, 0x5, 0x3, 0xeb, 0xd45d, 0x8516, 0x100, 0x4, 0x0, 0x1ff, 0x80000001, 0x10c, 0x6, 0xb, 0x200, 0x3, 0x10000, 0xfe, 0xff, 0xffffffff, 0x400, 0x8001, 0xa1, 0x5, 0x2, 0x7, 0x9, 0x0, 0x5, 0x2, 0x0, 0x7f, 0x1, 0xff, 0x10, 0x100, 0x0, 0xd4, 0x8001, 0x0, 0x5, 0x12, 0x8, 0x4494c5f5, 0x6a35360, 0x7, 0x2, 0x1, 0x2, 0x10001, 0x5, 0x2, 0x9, 0x2, 0x100, 0x4, 0x7fffffff, 0x24, 0xb5cd, 0x3, 0x1, 0x1, 0x5, 0x0, 0xfffffff8, 0xff, 0xffff6d54, 0xf, 0x40, 0x2ae400, 0x53c, 0x6, 0x9, 0x9, 0x7, 0x200, 0x2, 0x6, 0x3, 0x91, 0x800, 0x5, 0x8000, 0x7, 0x10001, 0x4, 0x9, 0x80000001, 0x8000, 0x7, 0xdc, 0xfff, 0x80, 0x6, 0xd60000, 0x2, 0x1000, 0x7, 0x4, 0x8, 0x9, 0xc5cd, 0xa, 0x9, 0x80000000, 0x0, 0x8, 0x0, 0xf77a, 0x1, 0x1, 0x200, 0x7, 0x80000001, 0x0, 0x2011, 0x2, 0x0, 0x9, 0x70cc, 0x7, 0x2, 0x4, 0x3, 0x4, 0xffffff2c, 0x8000, 0x7, 0x7, 0x60, 0x6, 0xfffffffc, 0x6, 0x2, 0x3, 0xfff, 0x1, 0xce9, 0x5, 0xffffffff, 0x7, 0xfff, 0x3, 0x2, 0x3, 0x3, 0x5, 0x6, 0x2fc76031, 0x9, 0x5, 0xffffff16, 0xf2ba, 0x80000001, 0x0, 0x4, 0x5, 0x8000, 0x81, 0x100, 0x2, 0x80000001, 0x1, 0x9, 0x0, 0x8, 0x3a, 0x3, 0x354f, 0x2, 0x7, 0x0, 0x8, 0x1, 0x6, 0x0, 0x0, 0x59d, 0xfb8, 0x7, 0x323, 0x5, 0x2646, 0x4d, 0x2, 0x2f, 0x2, 0x3ff, 0x0, 0x8, 0x1ff, 0x20, 0x4, 0xb8, 0x9, 0x7, 0x6, 0xffffffff, 0x80, 0x4, 0xd1cd, 0x88, 0x1, 0x4, 0x2, 0xb051, 0x5, 0x7ff, 0x400000, 0x10000, 0x0, 0x0, 0x10000, 0x8, 0xffffffff, 0x4, 0x4, 0x9, 0x80, 0x7, 0xe55, 0x9, 0x400, 0x9, 0x3, 0x81, 0x6, 0xffffffc8, 0xcc4, 0x912b, 0x1, 0x3, 0x59, 0xd185, 0x3, 0x9, 0x8db, 0xf, 0x1, 0x0, 0xdd0c, 0x0, 0x80000000, 0x1, 0xffffffff, 0x9, 0x0, 0x2, 0xd82, 0x3, 0x0, 0x1, 0x3, 0x400, 0x263, 0xa5de, 0x7, 0x2, 0xfffffffc, 0xfffffffc, 0x8, 0x7, 0xe721, 0xfbcc, 0x60000, 0x7, 0x5, 0x0, 0xa, 0x7fff, 0x0, 0xb, 0xb, 0x4, 0x2a83, 0x4, 0x7, 0x0, 0x9, 0x6cf, 0x9, 0x2, 0x6, 0x3, 0x9, 0x8, 0x29e, 0x0, 0x40, 0x1c00, 0x9, 0x2, 0x9, 0xfffffff0, 0x6, 0x2, 0x43e, 0x5, 0x3, 0x4, 0x4, 0x757dd3f, 0xffff, 0x498, 0x80000001, 0x38d4b7c8, 0x7, 0x0, 0x5b, 0x782, 0x2, 0x9, 0x7, 0x2, 0xff, 0x5, 0x3, 0x2, 0x6, 0x8, 0x7f, 0x3, 0x9, 0x8, 0x4, 0xcc69, 0x7, 0x4, 0x6, 0x0, 0xffffffff, 0x0, 0x7, 0x4, 0x1, 0x9, 0x26a, 0x6, 0xffffffff, 0x7, 0x3, 0x7f, 0x8, 0x3, 0x8, 0x2a996227, 0x7, 0x45, 0xfffffffa, 0x0, 0x7, 0x2, 0x2, 0xfffffff7, 0x375, 0xc, 0x2, 0xffffffef, 0x3, 0x5, 0x6, 0x6, 0x2, 0xffff37cb, 0x7, 0x40000, 0x60d, 0x3, 0x8, 0xa96, 0x4000004, 0x0, 0xffffffff, 0xb, 0x0, 0x7620, 0x765, 0x5, 0xffff, 0xfffff800, 0x6, 0x5, 0x7f, 0x1, 0x5, 0x8000, 0xfffffff5, 0x1, 0x2, 0xf2fb, 0x8, 0x2, 0x8, 0x4, 0x3, 0x6, 0x9, 0x80000000, 0x7ff, 0x40, 0x8, 0x1, 0xffff, 0x5, 0xd, 0x5, 0x3, 0x1ff, 0x100, 0x4, 0x10001, 0x9, 0xa51, 0x81, 0x0, 0x8, 0x5, 0x6, 0x8, 0x6, 0x4, 0xc7f, 0x6, 0x8001, 0x4, 0x1, 0x9, 0x85, 0x80000000, 0x3, 0xc, 0x5, 0xc96, 0x37ab, 0x3, 0xffffffff, 0x400, 0x4, 0x2, 0x6, 0x800, 0x9, 0xe8, 0x4, 0x2, 0x7, 0x1, 0x318, 0xfffffff9, 0x4, 0x1, 0x3, 0x84, 0x1, 0x4, 0x4, 0x6, 0xc2b, 0x101, 0xd, 0x401, 0x653, 0x401, 0xffff, 0x80000000, 0xfe2b, 0x3, 0x800, 0x2, 0x9, 0x533b, 0x0, 0x1, 0x6, 0x1, 0x81, 0x8b6, 0x7, 0xc, 0x6, 0x3e, 0x8, 0x1, 0x800, 0x6, 0x4, 0x0, 0x677, 0x1, 0x101, 0x3, 0x80, 0x10001, 0x97cf, 0xfffff799, 0x3, 0x698, 0x9, 0x8, 0x800, 0x2b9, 0x3, 0x4, 0x3, 0x10000, 0x2, 0x4, 0xfffffffc, 0x2, 0x5, 0x9, 0x0, 0x3aa71159, 0x2, 0xfffff000, 0x1, 0xcad, 0x4, 0x3, 0x5, 0xfffffffd, 0x7f, 0x8, 0x8, 0x5, 0x0, 0x1, 0x0, 0x10, 0x0, 0x8, 0x1, 0x7, 0x3ff, 0xff, 0x3, 0xffff, 0x3, 0x7, 0xc, 0x80000001, 0x6, 0x3, 0x5b5cbc02, 0x0, 0x1200, 0x5, 0xb2, 0x3, 0x8, 0x3, 0x9, 0x8, 0x80000001, 0xdb3, 0xfffffff7, 0x9, 0x2, 0x3, 0x8000, 0xffffffff, 0xffffffff, 0xf5, 0x3, 0xd3, 0x1, 0xfffffffa, 0x8, 0xfff, 0x9, 0x9, 0xfffffff9, 0x80000000, 0x9, 0xba, 0x1, 0x2, 0xa, 0xf3f6, 0x5f4f47af, 0x8, 0x3, 0x84, 0x54, 0x200, 0x6, 0x3, 0x8, 0xfffffffe, 0x10, 0x5244, 0xfffffff2, 0xc9a9, 0x1, 0x7, 0x81, 0x55, 0x40, 0x9, 0x10001, 0x6, 0x0, 0x5, 0xffffffff, 0x10001, 0x400, 0x80000001, 0x1, 0x96ba, 0xfffffffa, 0x9, 0xa044, 0x2, 0x2, 0xfffffffc, 0x7fff, 0x1, 0x80, 0x200000, 0x0, 0x7f, 0x200, 0x7fffffff, 0x2, 0x4, 0x7d, 0x9, 0x5, 0x7, 0x4, 0x6, 0x1, 0x4, 0x76, 0x0, 0xfffffffb, 0x1, 0xa5, 0xa, 0x7f, 0xfffffff8, 0x7, 0x8, 0x9, 0x0, 0x8001, 0x4, 0x6, 0xa, 0x0, 0x10001, 0x5, 0x9db1, 0x3, 0x10000, 0x2, 0x1, 0x6, 0x1, 0x7, 0x9, 0x0, 0x7, 0xa, 0xb, 0x380000, 0xff8, 0x400000, 0x8001, 0x3, 0x1, 0xe, 0x7, 0x2, 0x0, 0x3, 0xffff, 0x28, 0x6, 0x80000000, 0x3, 0x8000, 0x4, 0x4, 0x6, 0x8, 0xd, 0x100, 0x8, 0x7, 0xfff, 0xffffffff, 0x25, 0x400000, 0x9, 0x81, 0x4, 0xe, 0x9, 0x9, 0xfffffffd, 0x3, 0x81, 0x9, 0xd97, 0x9, 0x6, 0x1000, 0x24c5, 0x8, 0xffff, 0x9, 0x8, 0x10001, 0xe757, 0xb, 0xdbede42, 0x4, 0x9, 0x1ff, 0xd, 0x8, 0x5, 0xfb, 0x8, 0x81, 0xfffffff7, 0x8, 0xffffffff, 0x4, 0x5, 0x3, 0x8, 0x40, 0x973, 0x0, 0x8, 0x6, 0x3, 0xe0, 0x0, 0x6, 0xf, 0x7, 0x3, 0x8, 0x14, 0x7, 0x101, 0xc1c, 0x7, 0xc, 0x5, 0x8, 0x8, 0x40, 0x6, 0x5c, 0x485, 0x4, 0x6, 0x4, 0x3, 0x840a, 0x9, 0x6, 0xcb, 0x3e, 0x7, 0x1, 0x6, 0x7, 0x3, 0x8, 0x0, 0x6, 0x2, 0x4, 0x6c6, 0x5, 0x7, 0x401, 0x10, 0xfff, 0x3, 0xefc, 0xc, 0xa, 0x4a, 0xffffff01, 0x5, 0x800, 0xa, 0x6, 0x1ff, 0x3274a532, 0xfffffffa, 0xffffffd4, 0x5, 0x7, 0x8, 0x2e98, 0x9, 0x8, 0x6, 0x1, 0x7, 0x80000000, 0xc317, 0x5, 0x7, 0x101, 0x4, 0xe, 0x1, 0xe5da, 0xfffffffe, 0x80000001, 0x7fff, 0x9, 0x80, 0xfd, 0x400, 0x6, 0x9, 0xfffff000, 0x21, 0x7, 0x80000001, 0xfffffff8, 0x8, 0x8, 0x536b, 0x9, 0x2, 0x4, 0x10000, 0x0, 0x9, 0x9, 0x0, 0x8, 0x5, 0x0, 0x4ef000, 0x2, 0xb, 0xb75a, 0x0, 0x10, 0x9, 0xffb, 0x3, 0x9, 0x7fff, 0x401, 0x92ce, 0x81, 0x62, 0x5, 0x7fff, 0x7, 0x0, 0xf1, 0xb, 0x9, 0x5, 0x8000, 0x6, 0x9, 0x200, 0x5, 0x3, 0x8, 0x0, 0xfd30, 0x7, 0xb, 0x1ff, 0x7, 0x3, 0x3, 0x1, 0x6, 0x2, 0x3, 0xff, 0x2, 0x80000001, 0x1, 0x2, 0x86cec, 0x1795dbb9, 0x573, 0xfff, 0x0, 0x5, 0x5, 0x1, 0x7, 0x0, 0x8, 0x5, 0x5, 0x93, 0xf56, 0x3], 0x1, 0x400, 0x7fffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), r1) sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000010000000000000001410f0000000017"], 0x34}}, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000080)={0x9, 0x2, 0x9, 0x8}, 0x10) (async) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000080)={0x9, 0x2, 0x9, 0x8}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x8004}, 0x0) r3 = socket(0x10, 0x803, 0x0) r4 = fsopen(&(0x7f0000000140)='erofs\x00', 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async) r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000ec0)={0x118, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x107, 0xf2, 0x0, 0x1, [@typed={0xc, 0x19, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0xa9, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast1}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482566956555ee923c65973c0b0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ca475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x8, 0x20e9, 0x0, 0x0, @uid}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = eventfd2(0x0, 0x80801) ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000040)={0x3, 0xf000, 0x0, r8, 0x8}) ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000900)={0x0, 0x0, 0x4, r8, 0x9}) close_range(r4, 0xffffffffffffffff, 0x0) (async) close_range(r4, 0xffffffffffffffff, 0x0) sendto(r3, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x20040800, 0x0, 0x0) recvmmsg(r3, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400}) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 0s ago: executing program 3 (id=47): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x8900, 0x0) (async) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40140, 0x1) (async) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) (async) r2 = memfd_create(&(0x7f0000000440)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81^\x02\xa0\xa7t\xfbHb\xa5=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0;\xd9\xa8\f\x03R\xbd%\x9fF\xee\x05\x11', 0x2) (async) close(0x3) ftruncate(r2, 0xffff) fcntl$addseals(r2, 0x409, 0x3) (async) ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000000)={r2, 0x0, 0x0, 0x8000}) (async) r3 = getpgrp(0xffffffffffffffff) r4 = syz_open_procfs(r3, &(0x7f0000000080)='timerslack_ns\x00') read$FUSE(r4, &(0x7f0000002080)={0x2020}, 0x54) (async) fadvise64(r0, 0x92, 0x5, 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x22052, r0, 0x93771000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.157' (ED25519) to the list of known hosts. [ 55.618531][ T5850] cgroup: Unknown subsys name 'net' [ 55.747013][ T5850] cgroup: Unknown subsys name 'cpuset' [ 55.754682][ T5850] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 56.833389][ T5850] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 58.743838][ T5870] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.751160][ T5870] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 58.754060][ T5871] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 58.758808][ T5870] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.773191][ T5870] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 58.780305][ T5872] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 58.780461][ T5870] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.789257][ T5872] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 58.794964][ T5873] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 58.802532][ T5872] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 58.810207][ T5870] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 58.817231][ T5872] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 58.824069][ T5873] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.830852][ T5872] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 58.837873][ T5870] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 58.853972][ T5870] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.861510][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 58.868823][ T5870] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 58.876238][ T5188] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 58.885360][ T5870] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 59.092721][ T5859] chnl_net:caif_netlink_parms(): no params data found [ 59.186523][ T5861] chnl_net:caif_netlink_parms(): no params data found [ 59.227429][ T5860] chnl_net:caif_netlink_parms(): no params data found [ 59.256785][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.264079][ T5859] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.272326][ T5859] bridge_slave_0: entered allmulticast mode [ 59.279120][ T5859] bridge_slave_0: entered promiscuous mode [ 59.290550][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.298055][ T5859] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.305247][ T5859] bridge_slave_1: entered allmulticast mode [ 59.312018][ T5859] bridge_slave_1: entered promiscuous mode [ 59.354937][ T5863] chnl_net:caif_netlink_parms(): no params data found [ 59.373473][ T5859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.386598][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.393747][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.401204][ T5861] bridge_slave_0: entered allmulticast mode [ 59.407933][ T5861] bridge_slave_0: entered promiscuous mode [ 59.419517][ T5859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.447539][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.454651][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.461891][ T5861] bridge_slave_1: entered allmulticast mode [ 59.468514][ T5861] bridge_slave_1: entered promiscuous mode [ 59.496109][ T5859] team0: Port device team_slave_0 added [ 59.517785][ T5859] team0: Port device team_slave_1 added [ 59.528150][ T5861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.537443][ T5860] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.544572][ T5860] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.551906][ T5860] bridge_slave_0: entered allmulticast mode [ 59.559542][ T5860] bridge_slave_0: entered promiscuous mode [ 59.576023][ T5861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.590509][ T5860] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.597843][ T5860] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.605138][ T5860] bridge_slave_1: entered allmulticast mode [ 59.611653][ T5860] bridge_slave_1: entered promiscuous mode [ 59.642959][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.650629][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.676897][ T5859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.694914][ T5861] team0: Port device team_slave_0 added [ 59.703278][ T5861] team0: Port device team_slave_1 added [ 59.715887][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.722862][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.750108][ T5859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.761365][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.768778][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.776099][ T5863] bridge_slave_0: entered allmulticast mode [ 59.783004][ T5863] bridge_slave_0: entered promiscuous mode [ 59.797937][ T5860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.811065][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.818624][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.826010][ T5863] bridge_slave_1: entered allmulticast mode [ 59.832639][ T5863] bridge_slave_1: entered promiscuous mode [ 59.846182][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.853368][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.879826][ T5861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.892449][ T5860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.914299][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.921366][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.947994][ T5861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.975123][ T5860] team0: Port device team_slave_0 added [ 59.991688][ T5860] team0: Port device team_slave_1 added [ 60.004495][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.027415][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.056869][ T5859] hsr_slave_0: entered promiscuous mode [ 60.062989][ T5859] hsr_slave_1: entered promiscuous mode [ 60.076431][ T5863] team0: Port device team_slave_0 added [ 60.089192][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.096756][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.123135][ T5860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.135146][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.142096][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.168305][ T5860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.183305][ T5863] team0: Port device team_slave_1 added [ 60.198370][ T5861] hsr_slave_0: entered promiscuous mode [ 60.204832][ T5861] hsr_slave_1: entered promiscuous mode [ 60.211145][ T5861] debugfs: 'hsr0' already exists in 'hsr' [ 60.216920][ T5861] Cannot create hsr debugfs directory [ 60.262248][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.269330][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.295763][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.307435][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.314399][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.340759][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.389081][ T5860] hsr_slave_0: entered promiscuous mode [ 60.395376][ T5860] hsr_slave_1: entered promiscuous mode [ 60.401288][ T5860] debugfs: 'hsr0' already exists in 'hsr' [ 60.407132][ T5860] Cannot create hsr debugfs directory [ 60.457931][ T5863] hsr_slave_0: entered promiscuous mode [ 60.464066][ T5863] hsr_slave_1: entered promiscuous mode [ 60.470102][ T5863] debugfs: 'hsr0' already exists in 'hsr' [ 60.476394][ T5863] Cannot create hsr debugfs directory [ 60.604120][ T5859] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 60.623164][ T5859] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 60.640814][ T5859] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 60.656461][ T5859] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 60.693253][ T5861] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 60.704235][ T5861] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 60.714191][ T5861] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 60.723547][ T5861] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 60.775992][ T5860] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 60.787529][ T5860] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 60.797861][ T5860] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 60.815837][ T5860] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 60.866259][ T5863] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 60.877622][ T5859] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.886074][ T5864] Bluetooth: hci0: command tx timeout [ 60.886081][ T5870] Bluetooth: hci1: command tx timeout [ 60.902547][ T5863] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 60.921852][ T5863] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 60.931771][ T5863] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 60.943508][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.961281][ T5859] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.965715][ T5864] Bluetooth: hci3: command tx timeout [ 60.969461][ T5870] Bluetooth: hci2: command tx timeout [ 60.997256][ T2963] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.004470][ T2963] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.022077][ T2963] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.029397][ T2963] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.039331][ T5861] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.055859][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.063066][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.079230][ T5860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.088596][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.095775][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.162754][ T5860] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.199213][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.206356][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.241677][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.259045][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.266280][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.311448][ T5863] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.353897][ T2978] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.361166][ T2978] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.390667][ T5859] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.404936][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.412106][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.462589][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.554007][ T5859] veth0_vlan: entered promiscuous mode [ 61.572870][ T5861] veth0_vlan: entered promiscuous mode [ 61.581620][ T5859] veth1_vlan: entered promiscuous mode [ 61.606204][ T5861] veth1_vlan: entered promiscuous mode [ 61.642387][ T5860] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.666138][ T5859] veth0_macvtap: entered promiscuous mode [ 61.675610][ T5859] veth1_macvtap: entered promiscuous mode [ 61.689893][ T5861] veth0_macvtap: entered promiscuous mode [ 61.699221][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.709645][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.719712][ T5861] veth1_macvtap: entered promiscuous mode [ 61.731396][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.751933][ T1038] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.761782][ T1038] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.779683][ T1038] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.789015][ T1038] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.804686][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.824010][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.837547][ T5860] veth0_vlan: entered promiscuous mode [ 61.857965][ T49] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.876177][ T5860] veth1_vlan: entered promiscuous mode [ 61.885409][ T49] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.907790][ T5863] veth0_vlan: entered promiscuous mode [ 61.914402][ T49] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.923909][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.941454][ T5863] veth1_vlan: entered promiscuous mode [ 61.942935][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.957483][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.996987][ T5860] veth0_macvtap: entered promiscuous mode [ 62.007163][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.014562][ T5863] veth0_macvtap: entered promiscuous mode [ 62.015046][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.023322][ T5860] veth1_macvtap: entered promiscuous mode [ 62.044367][ T5863] veth1_macvtap: entered promiscuous mode [ 62.073133][ T5859] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 62.098477][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.107214][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.121817][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.143653][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.164027][ T5947] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 62.165596][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.197050][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.198663][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.217303][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.230298][ T2963] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.256056][ T2963] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.275738][ T2963] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.301095][ T2963] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.318650][ T2963] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.351780][ T2963] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.363458][ T2963] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.384824][ T2963] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.453160][ T2978] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.473034][ T2963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.481992][ T2978] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.490729][ T2963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.520246][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.538290][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.560632][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.577479][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.733586][ T5956] NILFS (rnullb0): couldn't find nilfs on the device [ 62.761043][ T5958] /dev/rnullb0: Can't open blockdev [ 62.965388][ T5870] Bluetooth: hci0: command tx timeout [ 62.967723][ T5864] Bluetooth: hci1: command tx timeout [ 63.045565][ T5864] Bluetooth: hci2: command tx timeout [ 63.046254][ T5870] Bluetooth: hci3: command tx timeout [ 63.174263][ T5975] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 63.222077][ T5975] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 63.645802][ T5944] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 63.702846][ T5987] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14'. [ 63.742025][ T5990] tipc: Started in network mode [ 63.751377][ T5990] tipc: Node identity ff120000000000000000000000000001, cluster identity 4711 [ 63.761742][ T5990] tipc: Enabling of bearer rejected, failed to enable media [ 63.770331][ T5987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14'. [ 63.786228][ T5987] netlink: 33 bytes leftover after parsing attributes in process `syz.2.14'. [ 63.795985][ T5987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14'. [ 63.804766][ T5987] netlink: 33 bytes leftover after parsing attributes in process `syz.2.14'. [ 63.813643][ T5944] usb 2-1: device descriptor read/64, error -71 [ 64.085523][ T5944] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 64.235118][ T5944] usb 2-1: device descriptor read/64, error -71 [ 64.356044][ T5944] usb usb2-port1: attempt power cycle [ 64.435090][ T2155] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 64.595104][ T2155] usb 3-1: Using ep0 maxpacket: 8 [ 64.705114][ T5944] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 64.735754][ T5944] usb 2-1: device descriptor read/8, error -71 [ 64.939126][ T2155] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 64.955083][ T2155] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 64.976846][ T2155] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 64.986138][ T2155] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.994163][ T2155] usb 3-1: Product: syz [ 65.005199][ T5944] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 65.015423][ T2155] usb 3-1: Manufacturer: syz [ 65.025063][ T2155] usb 3-1: SerialNumber: syz [ 65.037560][ T2155] usb 3-1: config 0 descriptor?? [ 65.047201][ T5870] Bluetooth: hci0: command tx timeout [ 65.047214][ T5864] Bluetooth: hci1: command tx timeout [ 65.063306][ T5944] usb 2-1: device descriptor read/8, error -71 [ 65.125590][ T5870] Bluetooth: hci3: command tx timeout [ 65.126729][ T5864] Bluetooth: hci2: command tx timeout [ 65.176816][ T5944] usb usb2-port1: unable to enumerate USB device [ 65.427824][ T6015] netlink: 12 bytes leftover after parsing attributes in process `syz.0.20'. [ 65.472236][ T2155] usb 3-1: USB disconnect, device number 2 [ 65.615043][ T5864] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 65.624584][ T5864] CPU: 1 UID: 0 PID: 5864 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT(full) [ 65.624609][ T5864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 65.624621][ T5864] Workqueue: hci1 hci_rx_work [ 65.624645][ T5864] Call Trace: [ 65.624654][ T5864] [ 65.624662][ T5864] dump_stack_lvl+0x189/0x250 [ 65.624691][ T5864] ? __pfx_dump_stack_lvl+0x10/0x10 [ 65.624715][ T5864] ? __pfx__printk+0x10/0x10 [ 65.624737][ T5864] ? kernfs_root+0x1c/0x230 [ 65.624760][ T5864] ? kernfs_path_from_node+0x250/0x290 [ 65.624781][ T5864] ? kernfs_path_from_node+0x2f/0x290 [ 65.624804][ T5864] sysfs_create_dir_ns+0x259/0x280 [ 65.624826][ T5864] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 65.624854][ T5864] ? do_raw_spin_unlock+0x122/0x240 [ 65.624878][ T5864] kobject_add_internal+0x59f/0xb40 [ 65.624905][ T5864] kobject_add+0x155/0x220 [ 65.624929][ T5864] ? __pfx_kobject_add+0x10/0x10 [ 65.624951][ T5864] ? _raw_spin_unlock+0x28/0x50 [ 65.624972][ T5864] ? get_device_parent+0x366/0x3a0 [ 65.624993][ T5864] device_add+0x408/0xb50 [ 65.625014][ T5864] hci_conn_add_sysfs+0xd5/0x1e0 [ 65.625036][ T5864] le_conn_complete_evt+0xc3a/0x1220 [ 65.625059][ T5864] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 65.625076][ T5864] ? __mutex_unlock_slowpath+0x1a1/0x740 [ 65.625095][ T5864] ? __asan_memcpy+0x40/0x70 [ 65.625115][ T5864] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 65.625134][ T5864] ? skb_pull_data+0xfb/0x200 [ 65.625152][ T5864] hci_le_conn_complete_evt+0x187/0x450 [ 65.625174][ T5864] hci_event_packet+0x78c/0x1200 [ 65.625190][ T5864] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 65.625210][ T5864] ? __pfx_hci_event_packet+0x10/0x10 [ 65.625226][ T5864] ? rcu_is_watching+0x15/0xb0 [ 65.625246][ T5864] ? hci_send_to_monitor+0xe2/0x570 [ 65.625267][ T5864] hci_rx_work+0x46a/0xe80 [ 65.625286][ T5864] ? process_scheduled_works+0x9ef/0x17b0 [ 65.625305][ T5864] process_scheduled_works+0xae1/0x17b0 [ 65.625330][ T5864] ? __pfx_process_scheduled_works+0x10/0x10 [ 65.625350][ T5864] worker_thread+0x8a0/0xda0 [ 65.625374][ T5864] kthread+0x711/0x8a0 [ 65.625395][ T5864] ? __pfx_worker_thread+0x10/0x10 [ 65.625413][ T5864] ? __pfx_kthread+0x10/0x10 [ 65.625431][ T5864] ? rcu_is_watching+0x15/0xb0 [ 65.625446][ T5864] ? __pfx_kthread+0x10/0x10 [ 65.625466][ T5864] ret_from_fork+0x47c/0x820 [ 65.625486][ T5864] ? __pfx_ret_from_fork+0x10/0x10 [ 65.625506][ T5864] ? __switch_to_asm+0x39/0x70 [ 65.625523][ T5864] ? __switch_to_asm+0x33/0x70 [ 65.625538][ T5864] ? __pfx_kthread+0x10/0x10 [ 65.625559][ T5864] ret_from_fork_asm+0x1a/0x30 [ 65.625582][ T5864] [ 65.880985][ T5864] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 65.898694][ T5864] Bluetooth: hci1: failed to register connection device [ 66.224395][ T6023] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 66.425167][ T5944] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 66.577966][ T5944] usb 1-1: Using ep0 maxpacket: 8 [ 66.596585][ T5944] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 66.608478][ T5944] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 66.696268][ T5944] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40 [ 66.705492][ T5944] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 66.713598][ T5944] usb 1-1: Product: syz [ 66.745081][ T5944] usb 1-1: Manufacturer: syz [ 66.749818][ T5944] usb 1-1: SerialNumber: syz [ 66.988974][ T5944] cdc_ncm 1-1:1.0: bind() failure [ 67.003982][ T5944] usbtest 1-1:1.0: couldn't get endpoints, -22 [ 67.014414][ T5944] usbtest 1-1:1.0: probe with driver usbtest failed with error -22 [ 67.026367][ T5944] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 67.033247][ T5944] cdc_ncm 1-1:1.1: bind() failure [ 67.040500][ T5944] usbtest 1-1:1.1: couldn't get endpoints, -22 [ 67.058380][ T5944] usbtest 1-1:1.1: probe with driver usbtest failed with error -22 [ 67.081284][ T5944] usb 1-1: USB disconnect, device number 2 [ 67.128891][ T5864] Bluetooth: hci1: command tx timeout [ 67.134375][ T5870] Bluetooth: hci0: command tx timeout [ 67.207642][ T5870] Bluetooth: hci2: command tx timeout [ 67.213074][ T5870] Bluetooth: hci3: command tx timeout [ 67.272418][ T6042] overlay: ./file0 is not a directory [ 67.290088][ T6042] binder: 6041:6042 ioctl c0306201 200000000080 returned -14 [ 67.381210][ T30] audit: type=1326 audit(1756732263.082:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.2.30" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f89fcf8ebe9 code=0x0 [ 67.482697][ T6050] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31'. [ 67.781217][ T6058] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found [ 67.807355][ T6058] UDF-fs: Scanning with blocksize 4096 failed [ 67.882050][ T6059] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found [ 67.890016][ T6059] UDF-fs: Scanning with blocksize 4096 failed [ 68.122694][ T6071] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 68.129261][ T6071] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 68.163805][ T6071] vhci_hcd vhci_hcd.0: Device attached [ 68.194995][ T6076] program syz.2.37 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 68.197939][ T6071] Mount JFS Failure: -22 [ 68.234948][ T6071] jfs_mount failed w/return code = -22 [ 68.247577][ T6072] vhci_hcd: connection closed [ 68.247850][ T1110] vhci_hcd: stop threads [ 68.291300][ T1110] vhci_hcd: release socket [ 68.305200][ T1110] vhci_hcd: disconnect device [ 68.335461][ T2155] vhci_hcd: vhci_device speed not set [ 68.360312][ T6080] syz.2.38 uses obsolete (PF_INET,SOCK_PACKET) [ 68.375540][ T6079] process 'syz.3.39' launched './file2' with NULL argv: empty string added [ 68.440804][ T6081] /dev/rnullb0: Can't open blockdev [ 68.504397][ T6083] overlay: ./file0 is not a directory [ 68.811045][ T6090] pim6reg1: entered promiscuous mode [ 68.817786][ T6090] pim6reg1: entered allmulticast mode [ 68.827993][ T6090] netlink: 56 bytes leftover after parsing attributes in process `syz.0.42'. [ 68.845147][ T5945] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 69.016719][ T5945] usb 3-1: config 1 has an invalid interface number: 7 but max is 0 [ 69.036897][ T5945] usb 3-1: config 1 has no interface number 0 [ 69.043791][ T5945] usb 3-1: config 1 interface 7 altsetting 0 bulk endpoint 0xD has invalid maxpacket 8 [ 69.150232][ T5945] usb 3-1: config 1 interface 7 altsetting 0 bulk endpoint 0xC has invalid maxpacket 48 [ 69.168744][ T5945] usb 3-1: config 1 interface 7 altsetting 0 has a duplicate endpoint with address 0xC, skipping [ 69.194974][ T5945] usb 3-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 69.204398][ T5945] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.213062][ T5870] Bluetooth: hci0: command tx timeout [ 69.225519][ T5945] usb 3-1: Product: syz [ 69.229726][ T5945] usb 3-1: Manufacturer: syz [ 69.234409][ T5945] usb 3-1: SerialNumber: syz [ 69.253715][ T6088] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 69.263497][ T6088] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 69.272113][ T5945] usb 3-1: Expected 3 endpoints, found: 2 [ 69.404250][ T6107] ------------[ cut here ]------------ [ 69.410078][ T6107] WARNING: fs/exec.c:119 at path_noexec+0x1af/0x200, CPU#1: syz.3.47/6107 [ 69.418890][ T6107] Modules linked in: [ 69.422960][ T6107] CPU: 1 UID: 0 PID: 6107 Comm: syz.3.47 Not tainted syzkaller #0 PREEMPT(full) [ 69.432183][ T6107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 69.442506][ T6107] RIP: 0010:path_noexec+0x1af/0x200 [ 69.447844][ T6107] Code: 02 31 ff 48 89 de e8 00 c0 88 ff d1 eb eb 07 e8 17 bb 88 ff b3 01 89 d8 5b 41 5e 41 5f 5d e9 d8 f1 50 09 cc e8 02 bb 88 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 69.467649][ T6107] RSP: 0018:ffffc90004cf7bd8 EFLAGS: 00010293 [ 69.471788][ T6103] Zero length message leads to an empty skb [ 69.473811][ T6107] RAX: ffffffff823813ce RBX: ffff888055722780 RCX: ffff88802a278000 [ 69.473827][ T6107] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 69.473837][ T6107] RBP: 0000000000080000 R08: ffff88802a278000 R09: 0000000000000003 [ 69.473847][ T6107] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000002 [ 69.473857][ T6107] R13: 1ffff9200099ef90 R14: 0000000000000000 R15: dffffc0000000000 [ 69.520789][ T6107] FS: 00007f080a3f86c0(0000) GS:ffff8881258c4000(0000) knlGS:0000000000000000 [ 69.529951][ T6107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.536806][ T6107] CR2: 0000200000002b5c CR3: 0000000030402000 CR4: 00000000003526f0 [ 69.545105][ T6107] Call Trace: [ 69.548410][ T6107] [ 69.551350][ T6107] do_mmap+0xa43/0x10d0 [ 69.555690][ T6107] ? __pfx_futex_wait+0x10/0x10 [ 69.560565][ T6107] ? __pfx_do_mmap+0x10/0x10 [ 69.565382][ T6107] ? down_write_killable+0x178/0x230 [ 69.570685][ T6107] ? __pfx_down_write_killable+0x10/0x10 [ 69.576381][ T6107] ? common_file_perm+0x1b5/0x230 [ 69.581429][ T6107] vm_mmap_pgoff+0x2a6/0x4d0 [ 69.586072][ T6107] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 69.591200][ T6107] ? lock_release+0x4b/0x3e0 [ 69.595886][ T6107] ? __se_sys_futex+0x36f/0x400 [ 69.600756][ T6107] ? __fget_files+0x2a/0x420 [ 69.601117][ T5890] usb 3-1: USB disconnect, device number 3 [ 69.605621][ T6107] ? __fget_files+0x2a/0x420 [ 69.605651][ T6107] ksys_mmap_pgoff+0x51f/0x760 [ 69.621158][ T6107] do_syscall_64+0xfa/0xfa0 [ 69.625767][ T6107] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.631848][ T6107] ? clear_bhb_loop+0x60/0xb0 [ 69.636585][ T6107] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.642600][ T6107] RIP: 0033:0x7f080958ebe9 [ 69.647183][ T6107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.667211][ T6107] RSP: 002b:00007f080a3f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 69.675713][ T6107] RAX: ffffffffffffffda RBX: 00007f08097c6090 RCX: 00007f080958ebe9 [ 69.683703][ T6107] RDX: 000000000100000a RSI: 0000000000b36000 RDI: 0000200000000000 [ 69.691852][ T6107] RBP: 00007f0809611e19 R08: 0000000000000003 R09: 0000000093771000 [ 69.699898][ T6107] R10: 0000000000022052 R11: 0000000000000246 R12: 0000000000000000 [ 69.707954][ T6107] R13: 00007f08097c6128 R14: 00007f08097c6090 R15: 00007ffcc406c3b8 [ 69.715998][ T6107] [ 69.719036][ T6107] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 69.726325][ T6107] CPU: 1 UID: 0 PID: 6107 Comm: syz.3.47 Not tainted syzkaller #0 PREEMPT(full) [ 69.735744][ T6107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 69.745900][ T6107] Call Trace: [ 69.749274][ T6107] [ 69.752215][ T6107] dump_stack_lvl+0x99/0x250 [ 69.756831][ T6107] ? __asan_memcpy+0x40/0x70 [ 69.761432][ T6107] ? __pfx_dump_stack_lvl+0x10/0x10 [ 69.766670][ T6107] ? __pfx__printk+0x10/0x10 [ 69.771439][ T6107] vpanic+0x281/0x750 [ 69.775449][ T6107] ? __pfx__printk+0x10/0x10 [ 69.780060][ T6107] ? __pfx_vpanic+0x10/0x10 [ 69.784565][ T6107] ? is_bpf_text_address+0x292/0x2b0 [ 69.789933][ T6107] ? is_bpf_text_address+0x26/0x2b0 [ 69.795212][ T6107] panic+0xb9/0xc0 [ 69.798944][ T6107] ? __pfx_panic+0x10/0x10 [ 69.803365][ T6107] __warn+0x334/0x4c0 [ 69.807336][ T6107] ? path_noexec+0x1af/0x200 [ 69.811933][ T6107] ? path_noexec+0x1af/0x200 [ 69.816536][ T6107] report_bug+0x2be/0x4f0 [ 69.821046][ T6107] ? path_noexec+0x1af/0x200 [ 69.825662][ T6107] ? path_noexec+0x1af/0x200 [ 69.830290][ T6107] ? path_noexec+0x1b1/0x200 [ 69.834922][ T6107] handle_bug+0x84/0x160 [ 69.839160][ T6107] exc_invalid_op+0x1a/0x50 [ 69.843782][ T6107] asm_exc_invalid_op+0x1a/0x20 [ 69.848736][ T6107] RIP: 0010:path_noexec+0x1af/0x200 [ 69.854031][ T6107] Code: 02 31 ff 48 89 de e8 00 c0 88 ff d1 eb eb 07 e8 17 bb 88 ff b3 01 89 d8 5b 41 5e 41 5f 5d e9 d8 f1 50 09 cc e8 02 bb 88 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 69.874072][ T6107] RSP: 0018:ffffc90004cf7bd8 EFLAGS: 00010293 [ 69.880137][ T6107] RAX: ffffffff823813ce RBX: ffff888055722780 RCX: ffff88802a278000 [ 69.888589][ T6107] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 69.896574][ T6107] RBP: 0000000000080000 R08: ffff88802a278000 R09: 0000000000000003 [ 69.904571][ T6107] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000002 [ 69.912529][ T6107] R13: 1ffff9200099ef90 R14: 0000000000000000 R15: dffffc0000000000 [ 69.920492][ T6107] ? path_noexec+0x1ae/0x200 [ 69.925087][ T6107] ? path_noexec+0x1ae/0x200 [ 69.929675][ T6107] do_mmap+0xa43/0x10d0 [ 69.933822][ T6107] ? __pfx_futex_wait+0x10/0x10 [ 69.938659][ T6107] ? __pfx_do_mmap+0x10/0x10 [ 69.943233][ T6107] ? down_write_killable+0x178/0x230 [ 69.948504][ T6107] ? __pfx_down_write_killable+0x10/0x10 [ 69.954118][ T6107] ? common_file_perm+0x1b5/0x230 [ 69.959130][ T6107] vm_mmap_pgoff+0x2a6/0x4d0 [ 69.963709][ T6107] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 69.968841][ T6107] ? lock_release+0x4b/0x3e0 [ 69.973422][ T6107] ? __se_sys_futex+0x36f/0x400 [ 69.978280][ T6107] ? __fget_files+0x2a/0x420 [ 69.982860][ T6107] ? __fget_files+0x2a/0x420 [ 69.987447][ T6107] ksys_mmap_pgoff+0x51f/0x760 [ 69.992220][ T6107] do_syscall_64+0xfa/0xfa0 [ 69.996728][ T6107] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.002957][ T6107] ? clear_bhb_loop+0x60/0xb0 [ 70.007626][ T6107] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.013589][ T6107] RIP: 0033:0x7f080958ebe9 [ 70.018004][ T6107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.037779][ T6107] RSP: 002b:00007f080a3f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 70.046277][ T6107] RAX: ffffffffffffffda RBX: 00007f08097c6090 RCX: 00007f080958ebe9 [ 70.054679][ T6107] RDX: 000000000100000a RSI: 0000000000b36000 RDI: 0000200000000000 [ 70.062635][ T6107] RBP: 00007f0809611e19 R08: 0000000000000003 R09: 0000000093771000 [ 70.070599][ T6107] R10: 0000000000022052 R11: 0000000000000246 R12: 0000000000000000 [ 70.078561][ T6107] R13: 00007f08097c6128 R14: 00007f08097c6090 R15: 00007ffcc406c3b8 [ 70.086620][ T6107] [ 70.089958][ T6107] Kernel Offset: disabled [ 70.094287][ T6107] Rebooting in 86400 seconds..