last executing test programs:

8m18.989069607s ago: executing program 32 (id=3615):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x8)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
r1 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000200)={0x109, r2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000))
unshare(0x2c020400)
msgget$private(0x0, 0x294)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x2000, 0x0)

1m37.622349524s ago: executing program 33 (id=5953):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000480)={0x1c, 0x3, 0x1, 0x101, 0x0, 0x0, {}, [@CTA_STATUS={0x8}]}, 0x1c}}, 0x0)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f00000001c0)={0x0, 0x0, 0x27f})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r5, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'streebog512-generic\x00'}})
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x490420, 0x2}}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r8, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x400000000000045c], 0x0, 0xffffffffff600000, 0x1, 0x1}}, 0x40)
prctl$PR_SET_MM(0x41555856, 0xf7354000, &(0x7f0000ffa000/0x3000)=nil)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r9, 0xd7)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_DF={0x5, 0xd, 0x65}]}}}]}, 0x3c}, 0x1, 0x2}, 0x0)
syz_fuse_handle_req(r3, &(0x7f0000006380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x0, {0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r3, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff1559607f8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e743611aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x1000800, 0x0, 0x9, 0x1ff, 0x200000, 0x0, 0x0, 0x8000, 0x0, 0x0, r7, 0x0, 0x2}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r11 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
accept4$ax25(r2, 0x0, &(0x7f0000000140), 0x100800)
io_setup(0x2, &(0x7f0000000200)=<r12=>0x0)
io_submit(r12, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r11, &(0x7f0000000180)='\x00', 0x1, 0x2000000000}])
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r13)
sendmsg$TIPC_NL_NET_SET(r13, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000003c0)={0x24, r14, 0x1, 0x70bd28, 0x25dfdffb, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffff1e4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x10000}, 0x4000000)
dup3(r2, r3, 0x6700000000000000)

1m28.18701851s ago: executing program 4 (id=6010):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000025c0)=@delchain={0x608, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0x2}, {0x0, 0xe}, {0x6, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x5d8, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x8065738cbab9bcb1}, @TCA_FLOW_EMATCHES={0x16c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x11c, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0x5c, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x7}, "645809825d93df900fa8fae387fbed6313a639f20b0238ccdd4da9fde2f0be34e659ba729925eff5ebd76dec200e0c6b209649b549944fb335b53ad7e5b0f72af98dbb05ee1778a3e952122289a8"}}, @TCF_EM_NBYTE={0x14, 0x3, 0x0, 0x0, {{0x7, 0x2, 0x4}, {0x4, 0x1, 0x6, "eb"}}}, @TCF_EM_CONTAINER={0x18, 0x3, 0x0, 0x0, {{0x4, 0x0, 0xb}, "d0fa3d16cd50d147ba"}}, @TCF_EM_META={0x90, 0x2, 0x0, 0x0, {{0xbe0, 0x4, 0x7}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0x9, 0x2}, {0x1000, 0x3, 0x1}}}, @TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0x7, 0x1}, {0x7, 0x97, 0x2}}}, @TCA_EM_META_RVALUE={0x31, 0x3, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="230fb355f7156343", @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="c3f4be5ef3de514e", @TCF_META_TYPE_VAR="b78850fcae", @TCF_META_TYPE_INT=0x3]}, @TCA_EM_META_RVALUE={0x19, 0x3, [@TCF_META_TYPE_VAR="cffe", @TCF_META_TYPE_VAR='Y', @TCF_META_TYPE_VAR="bd5577acf3e3", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0xa]}, @TCA_EM_META_RVALUE={0x15, 0x3, [@TCF_META_TYPE_VAR="7e181233dc49", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="80e1d0"]}]}}]}, @TCA_EMATCH_TREE_LIST={0x44, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0xffd3, 0x8, 0x8}, {0x3, 0x6}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0xf0a, 0x3, 0x6c0}, {0x5, 0x0, 0x3, 0x7ff}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0xf, 0x7, 0x7f}, {{0x4, 0x1, 0x0, 0x1}, {0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}]}, @TCA_FLOW_XOR={0x8, 0x7, 0xffffff7b}, @TCA_FLOW_PERTURB={0x8}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x7fff}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_ACT={0x440, 0x9, 0x0, 0x1, [@m_gact={0x140, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x1, 0x9d, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x2ca8b8d7ec1784b0, 0x2680, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x1abe}}]}, {0xed, 0x6, "f2984ea5ae0b0909ca5198b5e56548da1af4efe458d68e8346a5ad6fa8d75b3efbcec03667694b23e57efb5dea177c9fec912eda500f92ad241d4a3e1eb9b05c2461a1e89e99a22f43eb3b64257b78512c9df802c3ea23ede5e978e8db3be47630f9b48cdfcee2130369da2ce7473e6324d4fc0342cb38a9e544eb6f4e0148acb294b877f68eb4b6b13e38196c311c9ebb06d7a5ee9ead5689128fa35472611715963d35fb43d3014ff74e144932866ca97f5c001aab6053dd7ce7d38a407074614c2a21063cc49a687085d3ab9d042fcc913d8377863381be46ad8fade1f71945e9d5053fd5d1123d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x94, 0x1b, 0x0, 0x0, {{0x7}, {0x4}, {0x69, 0x6, "effbbfbb9975b98b391b34602a99202c04f8aff0f475c3649e7f9024793790e685860edfb7d78570905ca6acc9165a1fb42c399f209c0f00a8f4866f081cd17e904ddc3210cc30ec49b70f2b1fb3ead1fe143d5356ac58b602d03fa75b270e66d3b14a3b76"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_skbmod={0x108, 0x1f, 0x0, 0x0, {{0xb}, {0x4}, {0xd9, 0x6, "364a95306a0125f7c7762d651b8604a6d91ec4567f627089ed8d3453859a3d2c79d3d70f085dca8af621c4a5da976ca910f38151f1a68c0e0730e7273e6af4eab8e2ea5df8cb0f6ab249f7561ea8c0dd3e562e5e6a1db3a546a7f7c5f1d0ae94557d9f43b53f0c2e3edaf804191d2d3a1cbdae068d8e342ed2d4e751b25b639e2536238fb6a4824a50b9c6bb62944110874faeed2eb2a6db4dfa6ff7d67302260dd8c80e3c4c3a3a11f1d204106eec615119eaaa73bd0bb3e2d774039d9c7e0d445019a712cc0c16707a7b8505b7c94133ceccee82"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_tunnel_key={0xa4, 0x3, 0x0, 0x0, {{0xf}, {0x5c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e23}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @private=0xa010101}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0x54, 0xffffffffffffffff, 0x10, 0xfffff001}, 0x2}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x80000000}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0xffffffff, 0x10000000, 0x3, 0x3ff}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0x19, 0x6, "6c73dc20ec0f1f62d72faf3465d04d6e1f1e4cf9b5"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_xt={0xbc, 0xe, 0x0, 0x0, {{0x7}, {0x4}, {0x91, 0x6, "2a0caebad864038ff40a5d287f3088600ceb92031a440f806744f2c29cd762b34d1c3e200652a37a380abee23790e6050e067b4335afeb4ae4a0dfe9fa72cc1df85464324a30272ee56c17d0913025ba5b385f50249552b3d0baa66c6ffc89df47949c8e52874be2547d84a88eaf65c1a57f44be2ac8409dc80a1286dc54b446bceacb288bceeb018feed674cd"}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}}]}, 0x608}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1m28.163041953s ago: executing program 4 (id=6012):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x4, 0x31, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x2, 0x0, 0x0, 0x3}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x8200, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x73700a29, 0x0, 0xb, [{}, {}, {0x3, 0x200}, {}, {}, {}, {}, {0x0, 0xfffffffe}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES64=<r1=>0xffffffffffffffff], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)
read$msr(r0, &(0x7f0000019540)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000000000400000000000000008500000030000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0x7, 0x0, &(0x7f0000000100)="e0b9547ed387db", 0x0, 0xe160, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
writev(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
syz_open_dev$usbfs(&(0x7f0000000480), 0xd, 0x141341)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
connect$inet6(r6, 0x0, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
getrlimit(0x8, &(0x7f0000000240))
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r7, &(0x7f0000000640)=ANY=[@ANYRES32=r6, @ANYRESHEX=r7, @ANYBLOB="22590fae56d765ed0fd43c5ab6351986feaf8e8b57118c7619d99ac69eee04930c23282d3194e2434fcbd3238de7f8898d01d6c81256db403932dd955f14b414", @ANYRESOCT=r6, @ANYBLOB="456309a265ad00f107a99f3cf2beadae7fac2db1e5ce181a9b3463f8a8fd9f98e3e74c15b268742e7b8b251fe68da930097fd58d5c6b787672b5e2fad514dbbdfd900dad20d2fa8d8f51d95e0ae7531cecc2eda302031070a094b9a5a4319be335c8a20682a433ab410b0907cff1faddcd5671f5bae6aa8f8be84ef9595b0d1c3eb9412a60409ea5", @ANYRESHEX=0x0, @ANYRES8=r7, @ANYRES8, @ANYRES32=r1], 0xff2e)
ioctl$TCXONC(r7, 0x540a, 0x2)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000100))
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0x9}}}, 0x24}}, 0x0)

1m26.094603652s ago: executing program 34 (id=6024):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000280))
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x20, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0xffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000540)={0x3, &(0x7f0000000140)=[{0x25, 0x0, 0x1, 0x5}, {0x7, 0x0, 0x0, 0x4d60d799}, {0x6, 0xfe}]})
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
write(r4, &(0x7f0000000040)="cb", 0xfffffdef)
r5 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000004340)='/proc/keys\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000000)={0x2020}, 0xff83)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0})
r7 = openat$rfkill(0xffffff9c, &(0x7f0000002040), 0x1a3880, 0x0)
read$rfkill(r7, 0x0, 0x0)

1m24.856260623s ago: executing program 35 (id=6032):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r2 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x400000}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0, 0x52, 0x0, 0x300}, {0x0}, {0x0, 0xfffffffffffffec2}, {0x0}]}, 0x4}, 0x1)
r5 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r5, 0x0, 0x0, 0x56, 0x200440c0, 0x1})
io_uring_enter(r2, 0x27e2, 0x0, 0x0, 0x0, 0x0)
r6 = dup(r1)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0xf94a, 0x10000, 0x42, 0x3f, 0x0, r6}, &(0x7f0000000180), &(0x7f00000000c0))
setsockopt(r0, 0x7, 0x0, &(0x7f0000000140)="8f068838077676680bf55a5713caf7f185c6f8", 0x13)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000000)={<r7=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r6, 0xc01864cd, &(0x7f0000000100)={&(0x7f0000000080)=[r7], &(0x7f00000000c0)=[0x249], 0x1, 0x1})
ioctl(r0, 0x8b1b, &(0x7f0000000040))

1m23.546860497s ago: executing program 4 (id=6019):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040051}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r3 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f00000001c0)='./file1\x00', 0x60)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
mknodat$null(r3, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x103)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x800, 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r4=>0x0}, 0x8)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x170, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x15c, 0x1, [@m_connmark={0x50, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xd, 0x5, 0x0, 0x3}, 0x8}}]}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0xc4, 0x3, 0x0, 0x0, {{0x9}, {0x4c, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0xea3, 0x6}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1d28}}, @TCA_GACT_PARMS={0x18, 0x2, {0xb66, 0xb3, 0x10000000, 0x34e, 0xffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0xd8, 0x0, 0x9, 0x100000e0}}]}, {0x50, 0x6, "a06b1d1931f3579c6d7c5159238a286074602c3726c701f3c0d5382de62a6e8c4fb714fcd674c66cd306a4f78d3d05530609c9b04b7483bd084d70df8e77e6fbd503917aa0a6c737cef0ed02"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x170}}, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x8c, r5, 0x0, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1, 0x13}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PMKID={0x14, 0x55, "7eee871905486da26b5431fd1c6be8dd"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x3}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x6}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x1d}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x3}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x9}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000}, 0x800)
getpeername(r0, &(0x7f0000000440)=@nfc, &(0x7f0000000380)=0x80)
r7 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000240)=r4, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r7, 0x0, 0x0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40050}, 0x0)
r8 = syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x18}, &(0x7f0000000100), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r8, 0x22, &(0x7f0000000200)={&(0x7f0000001000)={[{0x0, 0x0, 0x1}]}, 0x1}, 0x1)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff00000000000000000d0001007564703a73060000000000"], 0x54}}, 0x0)

1m23.379355323s ago: executing program 4 (id=6038):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

1m23.273605756s ago: executing program 4 (id=6039):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x50)
close(0x3)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$kcm(0x22, 0x2, 0x21)
recvmsg(r2, 0x0, 0x40)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x5150, 0x7, 0x0, 0xffffffffffffff6d)
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\x1a\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r5 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x18)
symlinkat(&(0x7f00000001c0)='./file0\x00', r6, &(0x7f0000000140)='./file0\x00')
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x79c2}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "c4ba"}]}, 0x44}, 0x1, 0x0, 0x0, 0x40041}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xffffffff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m21.558712369s ago: executing program 4 (id=6044):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040051}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r3 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f00000001c0)='./file1\x00', 0x60)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
mknodat$null(r3, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x103)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x800, 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r4=>0x0}, 0x8)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x170, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x15c, 0x1, [@m_connmark={0x50, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xd, 0x5, 0x0, 0x3}, 0x8}}]}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0xc4, 0x3, 0x0, 0x0, {{0x9}, {0x4c, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0xea3, 0x6}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1d28}}, @TCA_GACT_PARMS={0x18, 0x2, {0xb66, 0xb3, 0x10000000, 0x34e, 0xffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0xd8, 0x0, 0x9, 0x100000e0}}]}, {0x50, 0x6, "a06b1d1931f3579c6d7c5159238a286074602c3726c701f3c0d5382de62a6e8c4fb714fcd674c66cd306a4f78d3d05530609c9b04b7483bd084d70df8e77e6fbd503917aa0a6c737cef0ed02"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x170}}, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x8c, r5, 0x0, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1, 0x13}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PMKID={0x14, 0x55, "7eee871905486da26b5431fd1c6be8dd"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x3}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x6}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x1d}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x3}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x9}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000}, 0x800)
getpeername(r0, &(0x7f0000000440)=@nfc, &(0x7f0000000380)=0x80)
r7 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000240)=r4, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r7, 0x0, 0x0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40050}, 0x0)
r8 = syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x18}, &(0x7f0000000100), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r8, 0x22, &(0x7f0000000200)={&(0x7f0000001000)={[{0x0, 0x0, 0x1}]}, 0x1}, 0x1)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff00000000000000000d0001007564703a73060000000000"], 0x54}}, 0x0)

1m21.519367368s ago: executing program 36 (id=6044):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040051}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r3 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f00000001c0)='./file1\x00', 0x60)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
mknodat$null(r3, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x103)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x800, 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r4=>0x0}, 0x8)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x170, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x15c, 0x1, [@m_connmark={0x50, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xd, 0x5, 0x0, 0x3}, 0x8}}]}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0xc4, 0x3, 0x0, 0x0, {{0x9}, {0x4c, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0xea3, 0x6}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1d28}}, @TCA_GACT_PARMS={0x18, 0x2, {0xb66, 0xb3, 0x10000000, 0x34e, 0xffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0xd8, 0x0, 0x9, 0x100000e0}}]}, {0x50, 0x6, "a06b1d1931f3579c6d7c5159238a286074602c3726c701f3c0d5382de62a6e8c4fb714fcd674c66cd306a4f78d3d05530609c9b04b7483bd084d70df8e77e6fbd503917aa0a6c737cef0ed02"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x170}}, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x8c, r5, 0x0, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1, 0x13}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PMKID={0x14, 0x55, "7eee871905486da26b5431fd1c6be8dd"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x3}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x6}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x1d}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x3}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x9}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000}, 0x800)
getpeername(r0, &(0x7f0000000440)=@nfc, &(0x7f0000000380)=0x80)
r7 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000240)=r4, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r7, 0x0, 0x0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40050}, 0x0)
r8 = syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x18}, &(0x7f0000000100), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r8, 0x22, &(0x7f0000000200)={&(0x7f0000001000)={[{0x0, 0x0, 0x1}]}, 0x1}, 0x1)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff00000000000000000d0001007564703a73060000000000"], 0x54}}, 0x0)

1m12.49901364s ago: executing program 6 (id=6097):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r0, &(0x7f0000000040)={0x1f00}, &(0x7f000009de80), 0x0)

1m12.318958554s ago: executing program 6 (id=6098):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x50)
close(0x3)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$kcm(0x22, 0x2, 0x21)
recvmsg(r2, 0x0, 0x40)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x5150, 0x7, 0x0, 0xffffffffffffff6d)
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\x1a\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r5=>0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r6 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x18)
symlinkat(&(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000140)='./file0\x00')
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x79c2}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "c4ba"}]}, 0x44}, 0x1, 0x0, 0x0, 0x40041}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xffffffff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m11.214192782s ago: executing program 6 (id=6103):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r1)
sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x14, r2, 0x1, 0x70bd28, 0x25dfdbfd}, 0x14}}, 0x8040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='xprt_reserve\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000540)={0x24, 0x0, 0x303, 0x0, 0xffff0000, {0x13}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}]}, 0x24}}, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{0x0, 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x68, &(0x7f00000004c0)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000000086dd60c5819c00323a04730400fe800000000000000000000000000040ff0200000000000000000000000000010300907800000013ac5ad10a00002b00fe88b29293ca0000000000000000000100000000ec0000000000000000000001aaa1"], 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020662a, &(0x7f0000000400)={0x3, 0x4, 0x5, 0xffffefed})
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb00000800030003", @ANYRES32], 0x68}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000200)={0x0, <r7=>0x0})
sched_setattr(r7, &(0x7f0000000180)={0x38, 0x0, 0x4, 0x6, 0x7, 0x40, 0x401, 0x100, 0x7, 0x4}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x84}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000080)={0x2d008400, 0x0, 0x0, 0x0, {0x1100}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[0x0], 0x1}, 0x58)

1m11.138562703s ago: executing program 6 (id=6104):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

1m11.048477328s ago: executing program 6 (id=6105):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000340)={r0, r0, 0x8, 0x0, 0x0, 0x9, 0x1, 0xc45, 0x1012, 0xc7, 0x2, 0x7, 'syz0\x00'})

1m10.75826525s ago: executing program 6 (id=6106):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000025c0)=@delchain={0x60c, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0x2}, {0x0, 0xe}, {0x6, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x5dc, 0x2, [@TCA_FLOW_EMATCHES={0x178, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x128, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0x68, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x7}, "645809825d93df900fa8fae387fbed6313a639f20b0238ccdd4da9fde2f0be34e659ba729925eff5ebd76dec200e0c6b209649b549944fb335b53ad7e5b0f72af98dbb05ee1778a3e952122289a807cd7b48f87fa52a56b8fa"}}, @TCF_EM_NBYTE={0x14, 0x3, 0x0, 0x0, {{0x7, 0x2, 0x4}, {0x4, 0x1, 0x6, "eb"}}}, @TCF_EM_CONTAINER={0x18, 0x3, 0x0, 0x0, {{0x4, 0x0, 0xb}, "d0fa3d16cd50d147ba"}}, @TCF_EM_META={0x90, 0x2, 0x0, 0x0, {{0xbe0, 0x4, 0x7}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0x9, 0x2}, {0x1000, 0x3, 0x1}}}, @TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0x7, 0x1}, {0x7, 0x97, 0x2}}}, @TCA_EM_META_RVALUE={0x31, 0x3, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="230fb355f7156343", @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="c3f4be5ef3de514e", @TCF_META_TYPE_VAR="b78850fcae", @TCF_META_TYPE_INT=0x3]}, @TCA_EM_META_RVALUE={0x19, 0x3, [@TCF_META_TYPE_VAR="cffe", @TCF_META_TYPE_VAR='Y', @TCF_META_TYPE_VAR="bd5577acf3e3", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0xa]}, @TCA_EM_META_RVALUE={0x15, 0x3, [@TCF_META_TYPE_VAR="7e181233dc49", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="80e1d0"]}]}}]}, @TCA_EMATCH_TREE_LIST={0x44, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0xffd3, 0x8, 0x8}, {0x3, 0x6}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0xf0a, 0x3, 0x6c0}, {0x5, 0x0, 0x3, 0x7ff}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0xf, 0x7, 0x7f}, {{0x4, 0x1, 0x0, 0x1}, {0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}]}, @TCA_FLOW_XOR={0x8, 0x7, 0xffffff7b}, @TCA_FLOW_PERTURB={0x8}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x7fff}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_ACT={0x440, 0x9, 0x0, 0x1, [@m_gact={0x140, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x1, 0x9d, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x2ca8b8d7ec1784b0, 0x2680, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x1abe}}]}, {0xed, 0x6, "f2984ea5ae0b0909ca5198b5e56548da1af4efe458d68e8346a5ad6fa8d75b3efbcec03667694b23e57efb5dea177c9fec912eda500f92ad241d4a3e1eb9b05c2461a1e89e99a22f43eb3b64257b78512c9df802c3ea23ede5e978e8db3be47630f9b48cdfcee2130369da2ce7473e6324d4fc0342cb38a9e544eb6f4e0148acb294b877f68eb4b6b13e38196c311c9ebb06d7a5ee9ead5689128fa35472611715963d35fb43d3014ff74e144932866ca97f5c001aab6053dd7ce7d38a407074614c2a21063cc49a687085d3ab9d042fcc913d8377863381be46ad8fade1f71945e9d5053fd5d1123d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x94, 0x1b, 0x0, 0x0, {{0x7}, {0x4}, {0x69, 0x6, "effbbfbb9975b98b391b34602a99202c04f8aff0f475c3649e7f9024793790e685860edfb7d78570905ca6acc9165a1fb42c399f209c0f00a8f4866f081cd17e904ddc3210cc30ec49b70f2b1fb3ead1fe143d5356ac58b602d03fa75b270e66d3b14a3b76"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_skbmod={0x108, 0x1f, 0x0, 0x0, {{0xb}, {0x4}, {0xd9, 0x6, "364a95306a0125f7c7762d651b8604a6d91ec4567f627089ed8d3453859a3d2c79d3d70f085dca8af621c4a5da976ca910f38151f1a68c0e0730e7273e6af4eab8e2ea5df8cb0f6ab249f7561ea8c0dd3e562e5e6a1db3a546a7f7c5f1d0ae94557d9f43b53f0c2e3edaf804191d2d3a1cbdae068d8e342ed2d4e751b25b639e2536238fb6a4824a50b9c6bb62944110874faeed2eb2a6db4dfa6ff7d67302260dd8c80e3c4c3a3a11f1d204106eec615119eaaa73bd0bb3e2d774039d9c7e0d445019a712cc0c16707a7b8505b7c94133ceccee82"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_tunnel_key={0xa4, 0x3, 0x0, 0x0, {{0xf}, {0x5c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e23}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @private=0xa010101}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0x54, 0xffffffffffffffff, 0x10, 0xfffff001}, 0x2}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x80000000}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0xffffffff, 0x10000000, 0x3, 0x3ff}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0x19, 0x6, "6c73dc20ec0f1f62d72faf3465d04d6e1f1e4cf9b5"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_xt={0xbc, 0xe, 0x0, 0x0, {{0x7}, {0x4}, {0x91, 0x6, "2a0caebad864038ff40a5d287f3088600ceb92031a440f806744f2c29cd762b34d1c3e200652a37a380abee23790e6050e067b4335afeb4ae4a0dfe9fa72cc1df85464324a30272ee56c17d0913025ba5b385f50249552b3d0baa66c6ffc89df47949c8e52874be2547d84a88eaf65c1a57f44be2ac8409dc80a1286dc54b446bceacb288bceeb018feed674cd"}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}}]}, 0x60c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1m10.708183773s ago: executing program 37 (id=6106):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000025c0)=@delchain={0x60c, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0x2}, {0x0, 0xe}, {0x6, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x5dc, 0x2, [@TCA_FLOW_EMATCHES={0x178, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x128, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0x68, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x7}, "645809825d93df900fa8fae387fbed6313a639f20b0238ccdd4da9fde2f0be34e659ba729925eff5ebd76dec200e0c6b209649b549944fb335b53ad7e5b0f72af98dbb05ee1778a3e952122289a807cd7b48f87fa52a56b8fa"}}, @TCF_EM_NBYTE={0x14, 0x3, 0x0, 0x0, {{0x7, 0x2, 0x4}, {0x4, 0x1, 0x6, "eb"}}}, @TCF_EM_CONTAINER={0x18, 0x3, 0x0, 0x0, {{0x4, 0x0, 0xb}, "d0fa3d16cd50d147ba"}}, @TCF_EM_META={0x90, 0x2, 0x0, 0x0, {{0xbe0, 0x4, 0x7}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0x9, 0x2}, {0x1000, 0x3, 0x1}}}, @TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0x7, 0x1}, {0x7, 0x97, 0x2}}}, @TCA_EM_META_RVALUE={0x31, 0x3, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="230fb355f7156343", @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="c3f4be5ef3de514e", @TCF_META_TYPE_VAR="b78850fcae", @TCF_META_TYPE_INT=0x3]}, @TCA_EM_META_RVALUE={0x19, 0x3, [@TCF_META_TYPE_VAR="cffe", @TCF_META_TYPE_VAR='Y', @TCF_META_TYPE_VAR="bd5577acf3e3", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0xa]}, @TCA_EM_META_RVALUE={0x15, 0x3, [@TCF_META_TYPE_VAR="7e181233dc49", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="80e1d0"]}]}}]}, @TCA_EMATCH_TREE_LIST={0x44, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0xffd3, 0x8, 0x8}, {0x3, 0x6}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0xf0a, 0x3, 0x6c0}, {0x5, 0x0, 0x3, 0x7ff}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0xf, 0x7, 0x7f}, {{0x4, 0x1, 0x0, 0x1}, {0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}]}, @TCA_FLOW_XOR={0x8, 0x7, 0xffffff7b}, @TCA_FLOW_PERTURB={0x8}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x7fff}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_ACT={0x440, 0x9, 0x0, 0x1, [@m_gact={0x140, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x1, 0x9d, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x2ca8b8d7ec1784b0, 0x2680, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x1abe}}]}, {0xed, 0x6, "f2984ea5ae0b0909ca5198b5e56548da1af4efe458d68e8346a5ad6fa8d75b3efbcec03667694b23e57efb5dea177c9fec912eda500f92ad241d4a3e1eb9b05c2461a1e89e99a22f43eb3b64257b78512c9df802c3ea23ede5e978e8db3be47630f9b48cdfcee2130369da2ce7473e6324d4fc0342cb38a9e544eb6f4e0148acb294b877f68eb4b6b13e38196c311c9ebb06d7a5ee9ead5689128fa35472611715963d35fb43d3014ff74e144932866ca97f5c001aab6053dd7ce7d38a407074614c2a21063cc49a687085d3ab9d042fcc913d8377863381be46ad8fade1f71945e9d5053fd5d1123d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x94, 0x1b, 0x0, 0x0, {{0x7}, {0x4}, {0x69, 0x6, "effbbfbb9975b98b391b34602a99202c04f8aff0f475c3649e7f9024793790e685860edfb7d78570905ca6acc9165a1fb42c399f209c0f00a8f4866f081cd17e904ddc3210cc30ec49b70f2b1fb3ead1fe143d5356ac58b602d03fa75b270e66d3b14a3b76"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_skbmod={0x108, 0x1f, 0x0, 0x0, {{0xb}, {0x4}, {0xd9, 0x6, "364a95306a0125f7c7762d651b8604a6d91ec4567f627089ed8d3453859a3d2c79d3d70f085dca8af621c4a5da976ca910f38151f1a68c0e0730e7273e6af4eab8e2ea5df8cb0f6ab249f7561ea8c0dd3e562e5e6a1db3a546a7f7c5f1d0ae94557d9f43b53f0c2e3edaf804191d2d3a1cbdae068d8e342ed2d4e751b25b639e2536238fb6a4824a50b9c6bb62944110874faeed2eb2a6db4dfa6ff7d67302260dd8c80e3c4c3a3a11f1d204106eec615119eaaa73bd0bb3e2d774039d9c7e0d445019a712cc0c16707a7b8505b7c94133ceccee82"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_tunnel_key={0xa4, 0x3, 0x0, 0x0, {{0xf}, {0x5c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e23}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @private=0xa010101}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0x54, 0xffffffffffffffff, 0x10, 0xfffff001}, 0x2}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x80000000}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0xffffffff, 0x10000000, 0x3, 0x3ff}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0x19, 0x6, "6c73dc20ec0f1f62d72faf3465d04d6e1f1e4cf9b5"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_xt={0xbc, 0xe, 0x0, 0x0, {{0x7}, {0x4}, {0x91, 0x6, "2a0caebad864038ff40a5d287f3088600ceb92031a440f806744f2c29cd762b34d1c3e200652a37a380abee23790e6050e067b4335afeb4ae4a0dfe9fa72cc1df85464324a30272ee56c17d0913025ba5b385f50249552b3d0baa66c6ffc89df47949c8e52874be2547d84a88eaf65c1a57f44be2ac8409dc80a1286dc54b446bceacb288bceeb018feed674cd"}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}}]}, 0x60c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1m10.338954808s ago: executing program 7 (id=6109):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$apparmor_exec(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB='exec  :'], 0x15)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={&(0x7f0000000000)="d5db83aa1d3451ccd13675a34859f629b37e1cc1d1885d9213e4128b7bdde2aa1011891b81c2c5e608e9d48f0f4a61499b8d", 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800044000000000080005400000000008000340000000610800024000000003080006400000000208000740000000080900010073797a30000000000900020073797a32"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r6, 0xab06)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r5)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r7, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

1m9.279393672s ago: executing program 7 (id=6117):
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0xcb81806a06260cef, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002300)={0x18, 0x34, 0x107, 0xffffffff, 0xfffffffe, {0x2, 0x7c}, [@nested={0x4, 0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x910ec27568a00e35, 0x40000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000640)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x9}, 0x94)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = msgget(0x2, 0x600)
msgrcv(r4, 0xfffffffffffffffe, 0x0, 0x0, 0x1000)
msgsnd(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="02"], 0x6, 0x800)
msgrcv(r4, &(0x7f0000000000)={0x0, ""/237}, 0xf5, 0x0, 0x2000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)

1m8.389281386s ago: executing program 7 (id=6121):
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
readv(r0, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/15, 0xf}], 0x1)

1m8.388733613s ago: executing program 7 (id=6122):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

1m8.388056203s ago: executing program 7 (id=6123):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={r5, r5, 0x8, 0x0, 0x0, 0x9, 0x1, 0xc45, 0x1012, 0xc7, 0x2, 0x7, 'syz0\x00'})

1m8.129248397s ago: executing program 7 (id=6125):
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000280)={'ip6_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', <r0=>0x0, 0x29, 0x6, 0x2, 0xd, 0x77, @loopback, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x700, 0x9, 0x3b}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x7, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0xb, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf17}, @alu={0x7, 0x0, 0xa, 0x6, 0x2, 0x50, 0x10}, @ldst={0x3, 0x2, 0x6, 0xb, 0x2, 0x0, 0x4}]}, &(0x7f00000000c0)='GPL\x00', 0x5789304a, 0xea, &(0x7f0000000100)=""/234, 0x41100, 0x20, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x100000, 0x10, 0x1, 0x2}, 0x10, 0x0, 0x0, 0x4, &(0x7f00000003c0)=[0x1, 0xffffffffffffffff], &(0x7f00000002c0)=[{0x2, 0x4, 0xf, 0x9}, {0x0, 0x5, 0x2}, {0x3, 0x3, 0xa, 0x1}, {0x4, 0x5, 0x0, 0xa}], 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0) (async, rerun: 32)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) (async, rerun: 32)
r2 = creat(&(0x7f0000000200)='./file1\x00', 0x12e)
close(r2)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000003000)=@file={0x1}, 0xc)
listen(r3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x200000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) (async)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)

1m8.092577372s ago: executing program 38 (id=6125):
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000280)={'ip6_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', <r0=>0x0, 0x29, 0x6, 0x2, 0xd, 0x77, @loopback, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x700, 0x9, 0x3b}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x7, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0xb, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf17}, @alu={0x7, 0x0, 0xa, 0x6, 0x2, 0x50, 0x10}, @ldst={0x3, 0x2, 0x6, 0xb, 0x2, 0x0, 0x4}]}, &(0x7f00000000c0)='GPL\x00', 0x5789304a, 0xea, &(0x7f0000000100)=""/234, 0x41100, 0x20, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x100000, 0x10, 0x1, 0x2}, 0x10, 0x0, 0x0, 0x4, &(0x7f00000003c0)=[0x1, 0xffffffffffffffff], &(0x7f00000002c0)=[{0x2, 0x4, 0xf, 0x9}, {0x0, 0x5, 0x2}, {0x3, 0x3, 0xa, 0x1}, {0x4, 0x5, 0x0, 0xa}], 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0) (async, rerun: 32)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) (async, rerun: 32)
r2 = creat(&(0x7f0000000200)='./file1\x00', 0x12e)
close(r2)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000003000)=@file={0x1}, 0xc)
listen(r3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x200000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) (async)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)

36.575131501s ago: executing program 8 (id=6285):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$apparmor_exec(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB='exec  :'], 0x15)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={&(0x7f0000000000)="d5db83aa1d3451ccd13675a34859f629b37e1cc1d1885d9213e4128b7bdde2aa1011891b81c2c5e608e9d48f0f4a61499b", 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800044000000000080005400000000008000340000000610800024000000003080006400000000208000740000000080900010073797a30000000000900020073797a32"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r6, 0xab06)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r5)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r7, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

35.674694687s ago: executing program 8 (id=6290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x50)
close(0x3)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$kcm(0x22, 0x2, 0x21)
recvmsg(r2, 0x0, 0x40)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x5150, 0x7, 0x0, 0xffffffffffffff6d)
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\x1a\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r5=>0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r6 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x18)
symlinkat(&(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000140)='./file0\x00')
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x79c2}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "c4ba"}]}, 0x44}, 0x1, 0x0, 0x0, 0x40041}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xffffffff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

34.763386681s ago: executing program 8 (id=6294):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000580)='\x00'/16, 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x80000)
sendmmsg$inet6(r2, &(0x7f0000003200)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000680)="a7804ba0", 0x4}], 0x1, 0x0, 0x0, 0x7000300}}, {{0x0, 0x0, 0x0}, 0xff03}], 0x2, 0x41)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000240)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r5, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r6, @ANYBLOB="b400028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000101000038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004"], 0xd0}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)

33.154878103s ago: executing program 8 (id=6299):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

33.064269579s ago: executing program 8 (id=6300):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, 0x0)

33.047664661s ago: executing program 1 (id=6301):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x50)
close(0x3)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$kcm(0x22, 0x2, 0x21)
recvmsg(r2, 0x0, 0x40)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x5150, 0x7, 0x0, 0xffffffffffffff6d)
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\x1a\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r5=>0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r6 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x18)
symlinkat(&(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000140)='./file0\x00')
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x79c2}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "c4ba"}]}, 0x44}, 0x1, 0x0, 0x0, 0x40041}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xffffffff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

32.769695648s ago: executing program 8 (id=6303):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$apparmor_exec(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB='exec  :'], 0x15)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800044000000000080005400000000008000340000000610800024000000003080006400000000208000740000000080900010073797a30000000000900020073797a32"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r6, 0xab06)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r5)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r7, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

32.692666864s ago: executing program 39 (id=6303):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$apparmor_exec(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB='exec  :'], 0x15)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800044000000000080005400000000008000340000000610800024000000003080006400000000208000740000000080900010073797a30000000000900020073797a32"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r6, 0xab06)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r5)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r7, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

32.480820298s ago: executing program 1 (id=6305):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$apparmor_exec(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB='exec  :'], 0x15)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={&(0x7f0000000000)="d5db83aa1d3451ccd13675a34859f629b37e1cc1d1885d9213e4128b7bdde2aa1011891b81c2c5e608e9d48f0f4a61499b8d", 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800044000000000080005400000000008000340000000610800024000000003080006400000000208000740000000080900010073797a30000000000900020073797a32"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r6, 0xab06)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r5)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r7, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

31.579385373s ago: executing program 1 (id=6307):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010030000000000000000000089fa8af887577bc0090a010400000000000000000a000004090073797a310000000008000540000000020900020073797a320000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274140000001100010000000001000000000100000a0000"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd6010104000140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5470001e202b366e"], 0x0)
r1 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a\x9e@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e*\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mq_timedsend(r1, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(r1, &(0x7f0000019200)=""/102370, 0x18fe2, 0x80000002, 0x0)
openat$ubi_ctrl(0xffffff9c, &(0x7f0000000400), 0x80000, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000440)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
syz_extract_tcp_res$synack(&(0x7f0000000200)={<r3=>0x41424344}, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f00000009c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd600000000014eafffd800000000000000000000000f90600000000000000000000000000000000aa00004e225e8075f840786cca0a4ba35768d684e1a7dc84b27cac491aafe9ec91c4463adb55ea5e1404211a975caa557aef74db5c832a22c8a6512e02a5521d200c27f58a1c3fa3a7ecb5ff430c9d42d5031e47bd58cd5c7f69324dc7a00949fb6d286459abdb14088b253e2f881cbc233d8e829d87504869c748f5644a4f708c637ee06cd0463d674bd7854a53d89b66a78f81eab38d61a59fcd5e2cd2c5e2d804bc756086b694c257b3c5a6f1cd4d68010a0d8585087bbc39624dc4ad65e922ea7d4fcf33accbcff3951d2f5879b65c973d68a30ad9ecbb964e8e77dad479d5f8e24e3300e0c46fc7e16991cc80a619b3c54665c473d3bdd63497f85924953079d461001f401abe6cea0b3018dcc4024321fa96a4970dcdc079cc21920912bda1704093422c3ae1df31e341b83e8d915d658ae609c2b7093553fff76189c0ead5551d184359fba89a2fea1f22b50157226584a46e309052cc66bc46d7d15ba1867a50662d5b02b4374e8083db6aab23b003ba2658ab6ffb4f4085f24bf2ade8cc8daa0dfa869e00896fad4c4c54dcdb3c44364e959a0d6a57b78ee3408533424821bb789022a724964eddd2afa5deaede1d7d4b782190707a688adb07b85b770e565550449350d1279e0b", @ANYRES64=r3, @ANYRES32=0x41424344, @ANYRES64=r2], 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='net\x00')
getdents(r4, &(0x7f0000001fc0)=""/179, 0xb3)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x0, 0xfff3}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_IPV4_DST={0x8, 0xc, @remote}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000002c0)='scalable\x00', 0x9)

31.531474862s ago: executing program 1 (id=6308):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

31.530909683s ago: executing program 1 (id=6309):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000580)='\x00'/16, 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x80000)
sendmmsg$inet6(r2, &(0x7f0000003200)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000680)="a7804ba0", 0x4}], 0x1, 0x0, 0x0, 0x7000300}}, {{0x0, 0x0, 0x0}, 0xff03}], 0x2, 0x41)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000240)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r5, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r6, @ANYBLOB="b400028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000101000038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004"], 0xd0}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)

31.318361381s ago: executing program 1 (id=6310):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xbc, r1, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x414, 0x1}}}}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x84, 0xbe, "d5af20adc51b100c264bcb2a16b0dd97ae4046e27dbb294b2e6981ea1a875daf0be4fd600800721e29f1e10d1983060f7c10a245d904655fc4ea43850433d1003768727b4e9b06ea63754be48b4a70c283775ff434201de3f51eae29bb7f4065e82daa3fd01c345e6b2f9b6974eb9093fe9a6309b6035e7b00368b9c71e68259"}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x40, 0x9}}, @NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x2a}]}]}, 0xbc}}, 0x0)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x5c, r2, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_PW_TYPE={0x6}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @private=0xa010100}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x800}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @loopback}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x1}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x1}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x62}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4008090}, 0x84)
sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x5c, r1, 0x20, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x20044800)
connect$inet(r0, &(0x7f00000004c0)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r3 = accept4$netrom(0xffffffffffffffff, 0x0, &(0x7f0000000500), 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000540)={'wlan1\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_STATION(r4, &(0x7f0000000640)={0xfffffffffffffffe, 0x0, &(0x7f0000000600)={&(0x7f0000000580)={0x68, r1, 0x300, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x3c7}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x20e}, @NL80211_ATTR_STA_FLAGS={0x14, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_SHORT_PREAMBLE={0x4}, @NL80211_STA_FLAG_AUTHORIZED={0x4}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x8}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x2a}]}, 0x68}, 0x1, 0x0, 0x0, 0x810}, 0x8000)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000006c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DISCONNECT(r4, &(0x7f00000007c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x78, r1, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x8, 0x74}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x18}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x41}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x39}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x40}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1d}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x10}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x21}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x81)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000800)=<r6=>0x0)
quotactl_fd$Q_QUOTAON(r3, 0xffffffff80000202, r6, &(0x7f0000000840)='./file0\x00')
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000008c0), r4)
sendmsg$TIPC_NL_MON_GET(r7, &(0x7f0000000a80)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000a40)={&(0x7f0000000900)={0x110, r8, 0x4, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0xfc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'geneve0\x00'}}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'ib', 0x3a, 'veth1_virt_wifi\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x5, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x9, @local, 0x4}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'bond0\x00'}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa}]}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @local}}, {0x14, 0x2, @in={0x2, 0x4e20, @rand_addr=0x64010102}}}}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x46}, 0x60000004)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000b00), r4)
sendmsg$BATADV_CMD_SET_HARDIF(r4, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x68, r9, 0x800, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xb2}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x49}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xf}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}]}, 0x68}, 0x1, 0x0, 0x0, 0x40024}, 0x4000000)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000c40)={0x10001, 0x4, 0xeeee8000, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
r10 = syz_open_procfs(0x0, &(0x7f0000000cc0)='timerslack_ns\x00')
syz_genetlink_get_family_id$devlink(&(0x7f0000000c80), r10)
sendmsg$OSF_MSG_ADD(r10, &(0x7f0000001940)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001900)={&(0x7f0000000d40)={0xbb8, 0x0, 0x5, 0x801, 0x0, 0x0, {0x7, 0x0, 0x8}, [{{0x254, 0x1, {{0x1, 0x6}, 0x2, 0x2, 0xff, 0xac, 0x19, 'syz0\x00', "78f5703a301755fefc4be13b8c185688cd6a12dee28e97f2fabb58184947d7d5", "91ef2cb3983588afc2ae5ffb68d958c55c2df2e855807df7251d3a32115709e8", [{0x3, 0x1, {0x1, 0x412}}, {0x0, 0x4, {0x0, 0x10000}}, {0x2, 0x9, {0x2, 0x9}}, {0xf92e, 0x2, {0x0, 0x3}}, {0x5bec, 0x9, {0x1, 0x401}}, {0x0, 0x2, {0x3, 0x7}}, {0x6, 0x7, {0x3}}, {0x7f, 0x4, {0x2, 0x6}}, {0x81, 0x401, {0x0, 0x487}}, {0x7, 0x8, {0x2, 0x6}}, {0x29, 0x766, {0x0, 0x4}}, {0x2, 0x0, {0x1, 0x2}}, {0x4, 0x8001, {0x1, 0x7}}, {0xbf3, 0x1, {0x2, 0xc}}, {0x7d6, 0x40, {0x3, 0x7}}, {0xd688, 0x7, {0x3, 0x100}}, {0x2c, 0x34, {0x1, 0x2}}, {0x9, 0x9, {0x3, 0xfffffff9}}, {0x3, 0x8, {0x2, 0x3}}, {0xf7dc, 0x1, {0x1, 0xb}}, {0x400, 0xffff, {0x3, 0x6}}, {0x9eb, 0x7, {0x2, 0x7ff}}, {0x8, 0x0, {0x1, 0xffffffff}}, {0x200, 0x6, {0x0, 0x5782}}, {0x86, 0x0, {0x2, 0xf83}}, {0x9f, 0x200, {0x2, 0x6}}, {0x4, 0xfff, {0x2, 0x3}}, {0x65, 0x7, {0x3, 0x9}}, {0x79, 0x7, {0x3, 0x900000}}, {0x4, 0x101, {0x2, 0x200}}, {0x4, 0x1000, {0x1, 0x78f}}, {0x4, 0x7, {0x3, 0xa}}, {0xfe01, 0x2, {0x0, 0x40}}, {0x2, 0xc7f, {0x2, 0x6}}, {0xf3, 0x4, {0x3}}, {0x7fff, 0x200, {0x3, 0x5}}, {0x4, 0x6, {0x2, 0x6}}, {0x5, 0x0, {0x2, 0x1}}, {0x10, 0x265, {0x3, 0x8}}, {0x2, 0xa189, {0x3, 0x4}}]}}}, {{0x254, 0x1, {{0x1, 0x1}, 0x2, 0x5, 0x3, 0x16e, 0x23, 'syz0\x00', "fd042de31c674652413386dac27c10ea9f443af3f562a62d5089b1b6baaeff86", "dad5047a21eef0edff0e88b69ccb97c044c3218de9490eefeed46be6913fdd0b", [{0x5, 0x2, {0x2, 0x2000000}}, {0x3, 0x3, {0x3, 0x6}}, {0x6, 0x200, {0x3, 0x2}}, {0x7fff, 0xb0, {0x0, 0xffffff5d}}, {0x3, 0x0, {0x1, 0x82b2}}, {0xd, 0x9203, {0x2, 0x9}}, {0x0, 0x929f, {0x0, 0x8}}, {0x0, 0x5, {0x1, 0x7}}, {0xa1, 0xf1e8, {0x1, 0x2}}, {0x401, 0x0, {0x1, 0x80000001}}, {0x1, 0x1, {0x0, 0xb}}, {0x101, 0xe, {0x0, 0xc4c}}, {0x0, 0xa4, {0x2, 0xfa2e}}, {0x1, 0x4, {0x0, 0x4}}, {0x2, 0x4, {0x2, 0x100}}, {0xb, 0x9, {0x2, 0x8}}, {0x81, 0x40, {0x0, 0x8}}, {0x742, 0x6, {0x3, 0x3cd}}, {0xdb, 0x81, {0x2, 0x10001}}, {0x0, 0x7ff, {0x3, 0x2}}, {0x1000, 0x2, {0x0, 0x6}}, {0x6, 0x2, {0x1, 0x800}}, {0x0, 0xf}, {0x7957, 0x7, {0x0, 0x7}}, {0xe000, 0x7, {0x0, 0x9}}, {0x0, 0x401, {0x0, 0x6}}, {0x7, 0x2, {0x2, 0x3}}, {0xa36a, 0x40, {0x3, 0x81}}, {0x8001, 0x8, {0x3, 0x9}}, {0xa, 0x3, {0x0, 0x5}}, {0xad04, 0x8, {0x3, 0xf}}, {0x7, 0x0, {0x1, 0x3}}, {0x6, 0x10, {0x2}}, {0xfffd, 0x2, {0x0, 0xff}}, {0x1, 0x4, {0x1, 0x631}}, {0x6, 0xa, {0x1, 0x8}}, {0x6, 0xc23, {0x0, 0x7fffffff}}, {0x1, 0xe, {0x3, 0x2}}, {0x8, 0xbe5, {0x0, 0xfffffffa}}, {0x6, 0x401, {0x2, 0x81}}]}}}, {{0x254, 0x1, {{0x1, 0x2}, 0x3, 0x4, 0x6, 0xfe00, 0xf, 'syz1\x00', "a2fb88ad463d13b95df0e794fcbabe3fa2a6e7093b49424aa497250b0b0d1b1b", "3c728425f7b00ea39cfb970e01edd40e5df8adbf6dd9f654732ed4d97ae64d1e", [{0x3, 0xca, {0x2, 0x2}}, {0xd, 0xf, {0x3, 0x1000}}, {0x8, 0x3a, {0x2, 0x9}}, {0x9, 0x9, {0x1, 0x4}}, {0x961, 0x3, {0x1, 0xfff}}, {0xdcf, 0x0, {0x2, 0x40}}, {0x9e59, 0x5, {0x1, 0x3}}, {0x3, 0x1, {0x1, 0x4}}, {0x139, 0x7fff, {0x3, 0x8000}}, {0xd, 0x356, {0x3, 0x30}}, {0x8, 0x2, {0x0, 0xd}}, {0x6, 0x0, {0x1, 0x2}}, {0x9, 0x5, {0x1, 0x1}}, {0x7, 0x2, {0x3, 0xc2a}}, {0x0, 0x6, {0x0, 0x9}}, {0x33, 0x7, {0x0, 0x9}}, {0x67c4, 0x0, {0x0, 0x1}}, {0xfffc, 0xfff9, {0x3, 0x52}}, {0x3, 0xc9, {0x2, 0xf}}, {0x200, 0x80, {0x1, 0x2}}, {0x9, 0x1, {0x1, 0x1ff}}, {0x2, 0x1, {0x2, 0x2}}, {0xdc6, 0x81, {0x1, 0x9}}, {0x8a, 0x7fff, {0x0, 0x2}}, {0x7f, 0x1, {0x3, 0x7}}, {0x100, 0x0, {0x1, 0xff}}, {0x9, 0x7f, {0x3, 0x120000}}, {0x7, 0x10, {0x1, 0x7}}, {0x5, 0x9, {0x3, 0x280}}, {0x2, 0x3, {0x0, 0xa09d}}, {0x3, 0x7, {0x1, 0xc}}, {0xa, 0xffff, {0x3, 0x8000}}, {0x1, 0x9, {0x3, 0x4}}, {0x1, 0x4608, {0x1, 0x6}}, {0x0, 0xc0, {0x2, 0xb}}, {0xff, 0x3, {0x1, 0xfa8f}}, {0x7fff, 0x6, {0x2, 0x7}}, {0xd, 0xc, {0x2, 0x1}}, {0xc09, 0x6, {0x1, 0x44a}}, {0x6, 0xfff2, {0x1, 0x3}}]}}}, {{0x254, 0x1, {{0x2, 0xffffff3d}, 0x9, 0xf, 0x3, 0x5, 0x6, 'syz1\x00', "0d9060d5e95ff9fafcdb22ad6ba6478a03f5497fc96b879af931b41d5c3d07ad", "ac528ee57fc3719a018d0d1aed201fed5b40984f0cc94f0caaae518e1b467eaa", [{0x1, 0x8, {0x3, 0x3ff}}, {0x2, 0x0, {0x0, 0x1}}, {0x8d7c, 0x200, {0x3, 0xb}}, {0x7f, 0x4, {0x3, 0x5}}, {0x4, 0x9f11}, {0x5, 0x7, {0x0, 0x200}}, {0x1, 0x6, {0x2, 0x40}}, {0x5, 0x1c9, {0x1}}, {0x9, 0x8, {0x1, 0x2}}, {0x8, 0xfffb, {0x2, 0x2}}, {0x6, 0x9, {0x3, 0x10001}}, {0xc9b, 0x5a55, {0x1, 0x1}}, {0x9, 0x1, {0x3, 0x1}}, {0x7, 0x5, {0x2, 0x83}}, {0x7fff, 0x0, {0x1, 0x4}}, {0x7, 0x6, {0x2, 0x5}}, {0x2, 0xa3c, {0x1, 0x4}}, {0xff, 0x101, {0x2, 0x8}}, {0xf, 0xfffd, {0x2, 0xef7}}, {0x3, 0x7, {0x3, 0x4}}, {0x7, 0x2, {0x3, 0x2}}, {0x4, 0x5, {0x2, 0x9}}, {0xb, 0x3, {0x3, 0x3ff}}, {0xfff, 0x2, {0x0, 0x7}}, {0x8, 0x6, {0x2, 0xb4}}, {0x0, 0x9, {0x2, 0xfffffffd}}, {0x5, 0xd, {0x2, 0x8}}, {0xeae, 0x10, {0x1}}, {0x7ff, 0x1, {0x3}}, {0x8, 0x2, {0x1, 0x9}}, {0x9, 0x21, {0x3, 0x3}}, {0x4, 0x8, {0x0, 0x98}}, {0x2, 0xfff, {0x3, 0x10b9}}, {0x5, 0x8, {0x2, 0x3d66}}, {0x4, 0xdbfe, {0x2, 0xfb}}, {0x7, 0x400, {0x2, 0x5}}, {0x4, 0x4, {0x2, 0x8}}, {0x9, 0x5, {0x2, 0x4}}, {0x0, 0x2, {0x2, 0x3}}, {0x3, 0x8c66}]}}}, {{0x254, 0x1, {{0x2, 0x3}, 0xff, 0xa, 0x2dc0, 0x400, 0x1d, 'syz1\x00', "3831f67fbb4a0a118c2e11b1be9b8093e048cc17f3baeca2b67c523c5f87e3d7", "02e464f70b4d119fa0c3f33b9d0b044a82443179cedd8addea95b22686d37963", [{0x1, 0x0, {0x3, 0x60000000}}, {0x0, 0x4, {0x3, 0x1}}, {0x830, 0x8, {0x3}}, {0xffff, 0x400, {0x3, 0x1929}}, {0x3, 0x7, {0x1, 0x2}}, {0x2, 0x5, {0x3, 0x2}}, {0x59, 0x4, {0x1, 0x6}}, {0x4, 0x4, {0x0, 0x3}}, {0x0, 0x10, {0x0, 0x401}}, {0x2, 0xffff, {0x3, 0x8}}, {0x8, 0x9, {0x0, 0x6425}}, {0x6, 0x0, {0x1, 0x8}}, {0x7, 0xcf8, {0x2, 0x6}}, {0xc, 0x4, {0x0, 0x4}}, {0x9, 0x80, {0x3, 0x7844}}, {0x9, 0x1c, {0x0, 0x1}}, {0x5, 0x3, {0x0, 0x869}}, {0x0, 0x4, {0x2, 0x3}}, {0x4, 0x4, {0x3, 0xb4be}}, {0x0, 0x121, {0x3, 0x2}}, {0x77ea, 0x6, {0x1, 0x7ff}}, {0x4fee, 0x4, {0x2, 0xa9}}, {0x0, 0x2, {0x3, 0x3}}, {0xec, 0x12, {0x2, 0x5}}, {0xf64b, 0x8, {0x2, 0x4}}, {0x5, 0x7, {0x2, 0x1000}}, {0x6, 0x0, {0x2, 0x5}}, {0x20, 0x2, {0x1, 0x4}}, {0x1, 0xff81, {0x3, 0x8}}, {0xff, 0x6, {0x0, 0x8}}, {0x4, 0x5, {0x1, 0x355}}, {0x9, 0x7ff, {0x2, 0x80}}, {0xa, 0x49e7, {0x0, 0x1}}, {0x3, 0x8, {0x1, 0x7}}, {0x1ff, 0x1, {0x3, 0x80000000}}, {0x1, 0x9, {0x0, 0x74686740}}, {0x6, 0x1ff, {0x3, 0x6}}, {0x6ca2, 0x9, {0x2, 0x6}}, {0xc, 0x1, {0x3, 0x8b}}, {0x400, 0x1, {0x1, 0x9}}]}}}]}, 0xbb8}, 0x1, 0x0, 0x0, 0x528022d7ca9251e2}, 0x90)
write$6lowpan_enable(r10, &(0x7f0000001980)='0', 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f00000019c0))
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r10, &(0x7f0000001ac0)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001a80)={&(0x7f0000001a40)={0x40, 0x0, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}, @BATADV_ATTR_ISOLATION_MASK={0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
r11 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$PPPIOCGMRU(r11, 0x80047453, &(0x7f0000001b00))

31.316874517s ago: executing program 40 (id=6310):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xbc, r1, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x414, 0x1}}}}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x84, 0xbe, "d5af20adc51b100c264bcb2a16b0dd97ae4046e27dbb294b2e6981ea1a875daf0be4fd600800721e29f1e10d1983060f7c10a245d904655fc4ea43850433d1003768727b4e9b06ea63754be48b4a70c283775ff434201de3f51eae29bb7f4065e82daa3fd01c345e6b2f9b6974eb9093fe9a6309b6035e7b00368b9c71e68259"}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x40, 0x9}}, @NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x2a}]}]}, 0xbc}}, 0x0)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x5c, r2, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_PW_TYPE={0x6}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @private=0xa010100}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x800}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @loopback}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x1}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x1}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x62}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4008090}, 0x84)
sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x5c, r1, 0x20, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x20044800)
connect$inet(r0, &(0x7f00000004c0)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r3 = accept4$netrom(0xffffffffffffffff, 0x0, &(0x7f0000000500), 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000540)={'wlan1\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_STATION(r4, &(0x7f0000000640)={0xfffffffffffffffe, 0x0, &(0x7f0000000600)={&(0x7f0000000580)={0x68, r1, 0x300, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x3c7}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x20e}, @NL80211_ATTR_STA_FLAGS={0x14, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_SHORT_PREAMBLE={0x4}, @NL80211_STA_FLAG_AUTHORIZED={0x4}]}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x8}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x2a}]}, 0x68}, 0x1, 0x0, 0x0, 0x810}, 0x8000)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000006c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DISCONNECT(r4, &(0x7f00000007c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x78, r1, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x8, 0x74}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x18}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x41}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x39}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x40}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1d}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x10}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x21}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x81)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000800)=<r6=>0x0)
quotactl_fd$Q_QUOTAON(r3, 0xffffffff80000202, r6, &(0x7f0000000840)='./file0\x00')
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000008c0), r4)
sendmsg$TIPC_NL_MON_GET(r7, &(0x7f0000000a80)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000a40)={&(0x7f0000000900)={0x110, r8, 0x4, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0xfc, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'geneve0\x00'}}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'ib', 0x3a, 'veth1_virt_wifi\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x5, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x9, @local, 0x4}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'bond0\x00'}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa}]}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @local}}, {0x14, 0x2, @in={0x2, 0x4e20, @rand_addr=0x64010102}}}}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x46}, 0x60000004)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000b00), r4)
sendmsg$BATADV_CMD_SET_HARDIF(r4, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x68, r9, 0x800, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xb2}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x49}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xf}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}]}, 0x68}, 0x1, 0x0, 0x0, 0x40024}, 0x4000000)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000c40)={0x10001, 0x4, 0xeeee8000, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
r10 = syz_open_procfs(0x0, &(0x7f0000000cc0)='timerslack_ns\x00')
syz_genetlink_get_family_id$devlink(&(0x7f0000000c80), r10)
sendmsg$OSF_MSG_ADD(r10, &(0x7f0000001940)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001900)={&(0x7f0000000d40)={0xbb8, 0x0, 0x5, 0x801, 0x0, 0x0, {0x7, 0x0, 0x8}, [{{0x254, 0x1, {{0x1, 0x6}, 0x2, 0x2, 0xff, 0xac, 0x19, 'syz0\x00', "78f5703a301755fefc4be13b8c185688cd6a12dee28e97f2fabb58184947d7d5", "91ef2cb3983588afc2ae5ffb68d958c55c2df2e855807df7251d3a32115709e8", [{0x3, 0x1, {0x1, 0x412}}, {0x0, 0x4, {0x0, 0x10000}}, {0x2, 0x9, {0x2, 0x9}}, {0xf92e, 0x2, {0x0, 0x3}}, {0x5bec, 0x9, {0x1, 0x401}}, {0x0, 0x2, {0x3, 0x7}}, {0x6, 0x7, {0x3}}, {0x7f, 0x4, {0x2, 0x6}}, {0x81, 0x401, {0x0, 0x487}}, {0x7, 0x8, {0x2, 0x6}}, {0x29, 0x766, {0x0, 0x4}}, {0x2, 0x0, {0x1, 0x2}}, {0x4, 0x8001, {0x1, 0x7}}, {0xbf3, 0x1, {0x2, 0xc}}, {0x7d6, 0x40, {0x3, 0x7}}, {0xd688, 0x7, {0x3, 0x100}}, {0x2c, 0x34, {0x1, 0x2}}, {0x9, 0x9, {0x3, 0xfffffff9}}, {0x3, 0x8, {0x2, 0x3}}, {0xf7dc, 0x1, {0x1, 0xb}}, {0x400, 0xffff, {0x3, 0x6}}, {0x9eb, 0x7, {0x2, 0x7ff}}, {0x8, 0x0, {0x1, 0xffffffff}}, {0x200, 0x6, {0x0, 0x5782}}, {0x86, 0x0, {0x2, 0xf83}}, {0x9f, 0x200, {0x2, 0x6}}, {0x4, 0xfff, {0x2, 0x3}}, {0x65, 0x7, {0x3, 0x9}}, {0x79, 0x7, {0x3, 0x900000}}, {0x4, 0x101, {0x2, 0x200}}, {0x4, 0x1000, {0x1, 0x78f}}, {0x4, 0x7, {0x3, 0xa}}, {0xfe01, 0x2, {0x0, 0x40}}, {0x2, 0xc7f, {0x2, 0x6}}, {0xf3, 0x4, {0x3}}, {0x7fff, 0x200, {0x3, 0x5}}, {0x4, 0x6, {0x2, 0x6}}, {0x5, 0x0, {0x2, 0x1}}, {0x10, 0x265, {0x3, 0x8}}, {0x2, 0xa189, {0x3, 0x4}}]}}}, {{0x254, 0x1, {{0x1, 0x1}, 0x2, 0x5, 0x3, 0x16e, 0x23, 'syz0\x00', "fd042de31c674652413386dac27c10ea9f443af3f562a62d5089b1b6baaeff86", "dad5047a21eef0edff0e88b69ccb97c044c3218de9490eefeed46be6913fdd0b", [{0x5, 0x2, {0x2, 0x2000000}}, {0x3, 0x3, {0x3, 0x6}}, {0x6, 0x200, {0x3, 0x2}}, {0x7fff, 0xb0, {0x0, 0xffffff5d}}, {0x3, 0x0, {0x1, 0x82b2}}, {0xd, 0x9203, {0x2, 0x9}}, {0x0, 0x929f, {0x0, 0x8}}, {0x0, 0x5, {0x1, 0x7}}, {0xa1, 0xf1e8, {0x1, 0x2}}, {0x401, 0x0, {0x1, 0x80000001}}, {0x1, 0x1, {0x0, 0xb}}, {0x101, 0xe, {0x0, 0xc4c}}, {0x0, 0xa4, {0x2, 0xfa2e}}, {0x1, 0x4, {0x0, 0x4}}, {0x2, 0x4, {0x2, 0x100}}, {0xb, 0x9, {0x2, 0x8}}, {0x81, 0x40, {0x0, 0x8}}, {0x742, 0x6, {0x3, 0x3cd}}, {0xdb, 0x81, {0x2, 0x10001}}, {0x0, 0x7ff, {0x3, 0x2}}, {0x1000, 0x2, {0x0, 0x6}}, {0x6, 0x2, {0x1, 0x800}}, {0x0, 0xf}, {0x7957, 0x7, {0x0, 0x7}}, {0xe000, 0x7, {0x0, 0x9}}, {0x0, 0x401, {0x0, 0x6}}, {0x7, 0x2, {0x2, 0x3}}, {0xa36a, 0x40, {0x3, 0x81}}, {0x8001, 0x8, {0x3, 0x9}}, {0xa, 0x3, {0x0, 0x5}}, {0xad04, 0x8, {0x3, 0xf}}, {0x7, 0x0, {0x1, 0x3}}, {0x6, 0x10, {0x2}}, {0xfffd, 0x2, {0x0, 0xff}}, {0x1, 0x4, {0x1, 0x631}}, {0x6, 0xa, {0x1, 0x8}}, {0x6, 0xc23, {0x0, 0x7fffffff}}, {0x1, 0xe, {0x3, 0x2}}, {0x8, 0xbe5, {0x0, 0xfffffffa}}, {0x6, 0x401, {0x2, 0x81}}]}}}, {{0x254, 0x1, {{0x1, 0x2}, 0x3, 0x4, 0x6, 0xfe00, 0xf, 'syz1\x00', "a2fb88ad463d13b95df0e794fcbabe3fa2a6e7093b49424aa497250b0b0d1b1b", "3c728425f7b00ea39cfb970e01edd40e5df8adbf6dd9f654732ed4d97ae64d1e", [{0x3, 0xca, {0x2, 0x2}}, {0xd, 0xf, {0x3, 0x1000}}, {0x8, 0x3a, {0x2, 0x9}}, {0x9, 0x9, {0x1, 0x4}}, {0x961, 0x3, {0x1, 0xfff}}, {0xdcf, 0x0, {0x2, 0x40}}, {0x9e59, 0x5, {0x1, 0x3}}, {0x3, 0x1, {0x1, 0x4}}, {0x139, 0x7fff, {0x3, 0x8000}}, {0xd, 0x356, {0x3, 0x30}}, {0x8, 0x2, {0x0, 0xd}}, {0x6, 0x0, {0x1, 0x2}}, {0x9, 0x5, {0x1, 0x1}}, {0x7, 0x2, {0x3, 0xc2a}}, {0x0, 0x6, {0x0, 0x9}}, {0x33, 0x7, {0x0, 0x9}}, {0x67c4, 0x0, {0x0, 0x1}}, {0xfffc, 0xfff9, {0x3, 0x52}}, {0x3, 0xc9, {0x2, 0xf}}, {0x200, 0x80, {0x1, 0x2}}, {0x9, 0x1, {0x1, 0x1ff}}, {0x2, 0x1, {0x2, 0x2}}, {0xdc6, 0x81, {0x1, 0x9}}, {0x8a, 0x7fff, {0x0, 0x2}}, {0x7f, 0x1, {0x3, 0x7}}, {0x100, 0x0, {0x1, 0xff}}, {0x9, 0x7f, {0x3, 0x120000}}, {0x7, 0x10, {0x1, 0x7}}, {0x5, 0x9, {0x3, 0x280}}, {0x2, 0x3, {0x0, 0xa09d}}, {0x3, 0x7, {0x1, 0xc}}, {0xa, 0xffff, {0x3, 0x8000}}, {0x1, 0x9, {0x3, 0x4}}, {0x1, 0x4608, {0x1, 0x6}}, {0x0, 0xc0, {0x2, 0xb}}, {0xff, 0x3, {0x1, 0xfa8f}}, {0x7fff, 0x6, {0x2, 0x7}}, {0xd, 0xc, {0x2, 0x1}}, {0xc09, 0x6, {0x1, 0x44a}}, {0x6, 0xfff2, {0x1, 0x3}}]}}}, {{0x254, 0x1, {{0x2, 0xffffff3d}, 0x9, 0xf, 0x3, 0x5, 0x6, 'syz1\x00', "0d9060d5e95ff9fafcdb22ad6ba6478a03f5497fc96b879af931b41d5c3d07ad", "ac528ee57fc3719a018d0d1aed201fed5b40984f0cc94f0caaae518e1b467eaa", [{0x1, 0x8, {0x3, 0x3ff}}, {0x2, 0x0, {0x0, 0x1}}, {0x8d7c, 0x200, {0x3, 0xb}}, {0x7f, 0x4, {0x3, 0x5}}, {0x4, 0x9f11}, {0x5, 0x7, {0x0, 0x200}}, {0x1, 0x6, {0x2, 0x40}}, {0x5, 0x1c9, {0x1}}, {0x9, 0x8, {0x1, 0x2}}, {0x8, 0xfffb, {0x2, 0x2}}, {0x6, 0x9, {0x3, 0x10001}}, {0xc9b, 0x5a55, {0x1, 0x1}}, {0x9, 0x1, {0x3, 0x1}}, {0x7, 0x5, {0x2, 0x83}}, {0x7fff, 0x0, {0x1, 0x4}}, {0x7, 0x6, {0x2, 0x5}}, {0x2, 0xa3c, {0x1, 0x4}}, {0xff, 0x101, {0x2, 0x8}}, {0xf, 0xfffd, {0x2, 0xef7}}, {0x3, 0x7, {0x3, 0x4}}, {0x7, 0x2, {0x3, 0x2}}, {0x4, 0x5, {0x2, 0x9}}, {0xb, 0x3, {0x3, 0x3ff}}, {0xfff, 0x2, {0x0, 0x7}}, {0x8, 0x6, {0x2, 0xb4}}, {0x0, 0x9, {0x2, 0xfffffffd}}, {0x5, 0xd, {0x2, 0x8}}, {0xeae, 0x10, {0x1}}, {0x7ff, 0x1, {0x3}}, {0x8, 0x2, {0x1, 0x9}}, {0x9, 0x21, {0x3, 0x3}}, {0x4, 0x8, {0x0, 0x98}}, {0x2, 0xfff, {0x3, 0x10b9}}, {0x5, 0x8, {0x2, 0x3d66}}, {0x4, 0xdbfe, {0x2, 0xfb}}, {0x7, 0x400, {0x2, 0x5}}, {0x4, 0x4, {0x2, 0x8}}, {0x9, 0x5, {0x2, 0x4}}, {0x0, 0x2, {0x2, 0x3}}, {0x3, 0x8c66}]}}}, {{0x254, 0x1, {{0x2, 0x3}, 0xff, 0xa, 0x2dc0, 0x400, 0x1d, 'syz1\x00', "3831f67fbb4a0a118c2e11b1be9b8093e048cc17f3baeca2b67c523c5f87e3d7", "02e464f70b4d119fa0c3f33b9d0b044a82443179cedd8addea95b22686d37963", [{0x1, 0x0, {0x3, 0x60000000}}, {0x0, 0x4, {0x3, 0x1}}, {0x830, 0x8, {0x3}}, {0xffff, 0x400, {0x3, 0x1929}}, {0x3, 0x7, {0x1, 0x2}}, {0x2, 0x5, {0x3, 0x2}}, {0x59, 0x4, {0x1, 0x6}}, {0x4, 0x4, {0x0, 0x3}}, {0x0, 0x10, {0x0, 0x401}}, {0x2, 0xffff, {0x3, 0x8}}, {0x8, 0x9, {0x0, 0x6425}}, {0x6, 0x0, {0x1, 0x8}}, {0x7, 0xcf8, {0x2, 0x6}}, {0xc, 0x4, {0x0, 0x4}}, {0x9, 0x80, {0x3, 0x7844}}, {0x9, 0x1c, {0x0, 0x1}}, {0x5, 0x3, {0x0, 0x869}}, {0x0, 0x4, {0x2, 0x3}}, {0x4, 0x4, {0x3, 0xb4be}}, {0x0, 0x121, {0x3, 0x2}}, {0x77ea, 0x6, {0x1, 0x7ff}}, {0x4fee, 0x4, {0x2, 0xa9}}, {0x0, 0x2, {0x3, 0x3}}, {0xec, 0x12, {0x2, 0x5}}, {0xf64b, 0x8, {0x2, 0x4}}, {0x5, 0x7, {0x2, 0x1000}}, {0x6, 0x0, {0x2, 0x5}}, {0x20, 0x2, {0x1, 0x4}}, {0x1, 0xff81, {0x3, 0x8}}, {0xff, 0x6, {0x0, 0x8}}, {0x4, 0x5, {0x1, 0x355}}, {0x9, 0x7ff, {0x2, 0x80}}, {0xa, 0x49e7, {0x0, 0x1}}, {0x3, 0x8, {0x1, 0x7}}, {0x1ff, 0x1, {0x3, 0x80000000}}, {0x1, 0x9, {0x0, 0x74686740}}, {0x6, 0x1ff, {0x3, 0x6}}, {0x6ca2, 0x9, {0x2, 0x6}}, {0xc, 0x1, {0x3, 0x8b}}, {0x400, 0x1, {0x1, 0x9}}]}}}]}, 0xbb8}, 0x1, 0x0, 0x0, 0x528022d7ca9251e2}, 0x90)
write$6lowpan_enable(r10, &(0x7f0000001980)='0', 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f00000019c0))
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r10, &(0x7f0000001ac0)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001a80)={&(0x7f0000001a40)={0x40, 0x0, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}, @BATADV_ATTR_ISOLATION_MASK={0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
r11 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$PPPIOCGMRU(r11, 0x80047453, &(0x7f0000001b00))

23.401498356s ago: executing program 9 (id=6349):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000000)={0x0, 0x33424752, 0x0, @discrete={0xd8, 0x2}})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
close_range(r2, r2, 0x0)
io_setup(0x8, &(0x7f0000000240)=<r3=>0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x24, &(0x7f0000000000)=0x100000001, 0x4)
io_submit(r3, 0x80101, &(0x7f0000000100)=[&(0x7f00000002c0)={0x400000, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000200)="05", 0x1}])
r5 = getpgid(0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000000)=0x100)
ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x8000)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$FS_IOC_GETFSSYSFSPATH(r1, 0x4008af23, &(0x7f00000003c0)={0x80})

23.228043299s ago: executing program 9 (id=6351):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000000084000040"])
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x0, 0x0, 0xfffffffffffffffe}]})

23.15868209s ago: executing program 9 (id=6352):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x50)
close(0x3)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$kcm(0x22, 0x2, 0x21)
recvmsg(r2, 0x0, 0x40)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x5150, 0x7, 0x0, 0xffffffffffffff6d)
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\x1a\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r5=>0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r6 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x18)
symlinkat(&(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000140)='./file0\x00')
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x79c2}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "c4ba"}]}, 0x44}, 0x1, 0x0, 0x0, 0x40041}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xffffffff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

23.139072085s ago: executing program 9 (id=6353):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

23.138781593s ago: executing program 9 (id=6354):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$apparmor_exec(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB='exec  :'], 0x15)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={&(0x7f0000000000)="d5db83aa1d3451ccd13675a34859f629b37e1cc1d1885d9213e4128b7bdde2aa1011891b81c2c5e608e9d48f0f4a61499b8d", 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800044000000000080005400000000008000340000000610800024000000003080006400000000208000740000000080900010073797a30000000000900020073797a32"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r6, 0xab06)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r5)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r7, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

22.900938078s ago: executing program 9 (id=6355):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x9, 0x1, 0xc45, 0x1012, 0xc7, 0x2, 0x7, 'syz0\x00'})

22.891060438s ago: executing program 41 (id=6355):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x9, 0x1, 0xc45, 0x1012, 0xc7, 0x2, 0x7, 'syz0\x00'})

5.031017286s ago: executing program 5 (id=6473):
r0 = socket(0x2b, 0x80801, 0x1)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x5, 0x4, 0x80403, 0x8, 0x7fc})
syz_emit_ethernet(0x26, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbb0000000011000806030e89c606040009aaaaaaaaaa3d91a6569b"], 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000003c0007010000000000400000037c00000400fc8010000180"], 0x30}, 0x1, 0x0, 0x0, 0xc001}, 0x2b0187ad7de13586)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000100)={0x3c, r3, 0x1, 0xffffffff, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r0}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r0}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x9}]}, 0x3c}}, 0x20000000)

4.905859296s ago: executing program 5 (id=6476):
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={&(0x7f0000000000)="d5db83aa1d3451ccd13675a34859f629b37e1cc1d1885d9213e4128b7bdde2aa1011891b81c2c5e608e9d48f0f4a61499b8d", 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r5, 0xab06)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r6, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.905542297s ago: executing program 0 (id=6477):
r0 = io_uring_setup(0x7d9e, &(0x7f00000003c0)={0x0, 0xfdcf, 0x800, 0x1, 0x24})
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r2, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0xd, 0x5, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000100)='./bus\x00', 0x1f2)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x8c, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r3 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
setxattr$trusted_overlay_nlink(&(0x7f0000000280)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380)={'U+', 0x5}, 0x16, 0x2)
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x34, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELCHAIN={0x8c, 0x5, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}, @NFTA_CHAIN_HOOK={0x40, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x9ecc7b6732dce741}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_HOOK_DEV={0x14, 0x3, 'wlan0\x00'}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffd}]}, @NFT_MSG_DELCHAIN={0xa8, 0x5, 0xa, 0x201, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_FLAGS={0x8}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_USERDATA={0x3c, 0xc, "a973ad21954ba6857dfdae91eb1ee7545c114272770e5e18ebeb13f970e2ee8565fc2e09d989622731df6608a79ae79f3e658b7c039dd6df"}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x15c}, 0x1, 0x0, 0x0, 0xc014}, 0x4840)
r5 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
r6 = epoll_create1(0x80000)
syz_usb_disconnect(r3)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040)={0x1})
r7 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
lseek(r7, 0x0, 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

4.009158765s ago: executing program 5 (id=6484):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x20100, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6)
close(r0)
write$cgroup_type(r1, &(0x7f0000000280), 0x9)
socket(0x1e, 0x4, 0x0)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(0xffffffffffffffff, &(0x7f00000003c0)={0x10, 0x30, 0xfa00, {&(0x7f0000000100), 0x2, {0xa, 0x4e23, 0x8, @local, 0xbc}}}, 0x38)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRES8=r1], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
syz_init_net_socket$ax25(0x3, 0x7, 0xcc)
r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r6, &(0x7f0000000180)=[{0x0}], 0x1)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f00000000c0)='./file0\x00')

3.50513548s ago: executing program 0 (id=6489):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x3, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
write(r2, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x2003}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000900)={<r6=>0x0, 0xd, 0x5, 0x1})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000d40)={0x1, 0x0, {0x5, @struct={0x3, 0x8}, 0x0, 0x8, 0x7ff, 0x6, 0x80, 0x9, 0x0, @struct={0x0, 0xffff}, 0x161, 0xffffffff, [0xfffffffffffffffe, 0x4, 0x4, 0x4, 0x8, 0xa8]}, {0xffffffffffffffff, @usage=0xaa, 0x0, 0x5, 0x5, 0xfffffffffffffff0, 0x10000, 0x3, 0x400, @struct={0x1c, 0xfffffff2}, 0xfffffff8, 0x10001, [0x8000000000000000, 0x1000, 0x3, 0x7, 0x2, 0x7fffffff]}, {0x78c0, @struct={0x2, 0x6}, r6, 0x9, 0x9, 0x1, 0x20, 0x51, 0xc, @usage=0x9, 0x2, 0x7, [0x40, 0x3, 0x4d9, 0x8000000000000000, 0x31e6, 0x7]}, {0x501, 0x0, 0x4}})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r4, &(0x7f00000024c0)=[{{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000800)=""/245, 0xf5}], 0x1}, 0x9}], 0x1, 0x10000, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
close(r0)

2.811801174s ago: executing program 2 (id=6491):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000c80)={&(0x7f0000000b40)={0x2, 0xfffc, @loopback}, 0x10, &(0x7f0000001140)=[{&(0x7f0000000100)='_', 0x1}], 0x1}, 0x20040010)
setsockopt$sock_attach_bpf(r0, 0x84, 0x1e, &(0x7f0000000240), 0x4)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="19008b0d77d4a6511cfd467d980d9e82dc9f73dbc07a18f02f97084f2f593e28386e4f273c9dc7e170094b2bac1c4016eef199c370472cef1f6e5b70858e7bb524b31b3aa251c71dba4636b0"])
write$P9_RVERSION(r2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x4, 0x9)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x18, 0x55, 0x1e5}, 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'gre0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x400}}}]}, 0x38}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x121, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0x2, 0xa}, {0x1, 0xfff1}, {0x7, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x4041080)
syz_genetlink_get_family_id$team(&(0x7f0000000880), 0xffffffffffffffff)
sendmsg$TEAM_CMD_NOOP(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000140)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x2405a8c5}, 0x4850)
r11 = socket(0xa, 0x803, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x25}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x38}]}, @NFT_MSG_NEWSETELEM={0x1a8, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x17c, 0x3, 0x0, 0x1, [{0x178, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x8}, @NFTA_SET_ELEM_DATA={0x4}, @NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0xc5b}, @NFTA_SET_ELEM_EXPR={0x48, 0x7, 0x0, 0x1, @objref={{0xb}, @val={0x38, 0x2, 0x0, 0x1, [@NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0x1c}, @NFTA_OBJREF_IMM_TYPE={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz2\x00'}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz1\x00'}, @NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz2\x00'}]}}}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_USERDATA={0xfe, 0x6, 0x1, 0x0, "49c999253587dbff6aabc0987df12577a0b936f3aebd4c9eb1f9764fb77c2c1202092faab65ecf5627c5083c64d0bdb067d79ee9a9c827c1b79309a56d45dbc1513aea224bd889e90857135d3656b27b24e6bf19647ee667b8c5df626b531ef8309623c8fd7c62d98976dd9b61cda049c17cf68dc66ba4fb0774d4d48a69e6e0b68c74426127bf5386597c9b937ba60252854d7db71908f8440f9617acd67abe0e224da2480fdfb50728daf2c8a344d959753ce1fc8ee462e18eb81d7921664d0cf9dde7ccbb6d291f23381d488782e378e616a43ff0c19d1cefe507f46163f39bc162e66d118528bf8a80dcfdcf2da1861b26d07e7136bf2311"}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x23c}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000080)=0xee, 0x4)
openat$kvm(0xffffff9c, &(0x7f0000000180), 0x121000, 0x0)
setsockopt$MRT6_DEL_MIF(r11, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC(r11, 0x29, 0xcc, 0x0, 0x0)
sendmsg$NL80211_CMD_DEL_PMK(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
setsockopt$MRT6_ADD_MFC_PROXY(r11, 0x29, 0xd2, &(0x7f0000000000)={{0xa, 0x0, 0x0, @loopback, 0x8}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x0, 0x1000000, 0x0, 0x0, 0xfffffffc, 0x4000000]}}, 0x5c)

2.706747326s ago: executing program 3 (id=6492):
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={&(0x7f0000000000)="d5db83aa1d3451ccd13675a34859f629b37e1cc1d1885d9213e4128b7bdde2aa1011891b81c2c5e608e9d48f0f4a61499b8d", 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r5, 0xab06)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r6, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.649939261s ago: executing program 2 (id=6493):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x7b}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0)
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./control\x00')
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0xe, 0x0, &(0x7f00000002c0)="428280f46aa1d3f08a90b1e2e0dc", 0x0, 0x1009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2}, 0x4c)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0xff)

2.649598256s ago: executing program 2 (id=6494):
syz_usb_connect(0x1, 0x3d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = dup(r1)
sendmsg$inet_sctp(r2, &(0x7f0000000240)={&(0x7f0000000000)=@in={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x24008804)
semget$private(0x0, 0x3, 0x2)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000280)=@sack_info={r4, 0x2, 0x1}, &(0x7f0000000140)=0xf)
write$char_usb(r0, 0x0, 0x0)

2.259712974s ago: executing program 0 (id=6495):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x50)
close(0x3)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$kcm(0x22, 0x2, 0x21)
recvmsg(r2, 0x0, 0x40)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x5150, 0x7, 0x0, 0xffffffffffffff6d)
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\x1a\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r5=>0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r6 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x18)
symlinkat(&(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000140)='./file0\x00')
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x79c2}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "c4ba"}]}, 0x44}, 0x1, 0x0, 0x0, 0x40041}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xffffffff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.977849666s ago: executing program 0 (id=6496):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x9, 0x1, 0xc45, 0x1012, 0xc7, 0x2, 0x7, 'syz0\x00'})

1.669503959s ago: executing program 3 (id=6497):
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={&(0x7f0000000000)="d5db83aa1d3451ccd13675a34859f629b37e1cc1d1885d9213e4128b7bdde2aa1011891b81c2c5e608e9d48f0f4a61499b8d", 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800044000000000080005400000000008000340000000610800024000000003080006400000000208000740000000080900010073797a30000000000900020073797a32"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r5, 0xab06)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r6, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.43051712s ago: executing program 2 (id=6498):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

1.429924511s ago: executing program 2 (id=6499):
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x10000, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x8}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000020940)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
write(r5, &(0x7f0000000200)="240000001a005f0400f9f407000904018020200000000000000000000800030000000000", 0x24)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000000080)=0x200000000)
r7 = dup2(r6, r6)
read$FUSE(r7, &(0x7f0000002fc0)={0x2020}, 0x2020)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f00000005c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0xbc, 0x1, 0x8, 0x401, 0x0, 0x0, {0xa}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x88f7}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_DATA={0x44, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_ESTABLISHED={0x8, 0x4, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_SCTP_HEARTBEAT_ACKED={0x8, 0x9, 0x1, 0x0, 0xba}, @CTA_TIMEOUT_SCTP_COOKIE_WAIT={0x8}, @CTA_TIMEOUT_SCTP_CLOSED={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8}, @CTA_TIMEOUT_SCTP_COOKIE_WAIT={0x8, 0x2, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_SCTP_SHUTDOWN_RECD={0x8, 0x6, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_SCTP_HEARTBEAT_ACKED={0x8, 0x9, 0x1, 0x0, 0x8}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x88a8}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x34, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_SYN_SENT={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_TCP_SYN_RECV={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_TCP_CLOSE={0x8, 0x8, 0x1, 0x0, 0xffff6599}, @CTA_TIMEOUT_TCP_TIME_WAIT={0x8, 0x7, 0x1, 0x0, 0xfffff2a8}, @CTA_TIMEOUT_TCP_ESTABLISHED={0x8, 0x3, 0x1, 0x0, 0xd}, @CTA_TIMEOUT_TCP_RETRANS={0x8}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x40}, 0x4804)
r10 = fsmount(r9, 0x0, 0x80)
fchdir(r10)
ioctl$sock_inet_SIOCDELRT(r10, 0x890c, &(0x7f0000000440)={0x0, {0x2, 0x4e22, @local}, {0x2, 0x4e23, @private=0xa010101}, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x44}}, 0x10a, 0x0, 0x0, 0x0, 0x1, &(0x7f00000002c0)='vlan1\x00', 0x7, 0x8, 0x7})
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1d, 0x4, 0xb, 0x0, 0x201, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2}, 0x50)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c00)={0x38, 0x3e, 0x1, 0x7fffc, 0x4, {0x1}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x10, 0x0, 0x1, [@nested={0xc, 0xf, 0x0, 0x1, [@generic="12ccbd379ce6cd69"]}]}]}, @typed={0xc, 0x2, 0x0, 0x0, @u64}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)

1.210651029s ago: executing program 2 (id=6500):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
io_setup(0x4, &(0x7f0000000040)=<r0=>0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x4, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x8, 0x11e41e7a, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1b, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
io_pgetevents(r0, 0x1ff, 0x5, &(0x7f0000000400)=[{}, {}, {}, {}, {}], &(0x7f00000001c0)={0x77359400}, &(0x7f00000004c0)={0x0})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
io_setup(0x3, &(0x7f0000000000))
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x22, 0x2, 0x3)
getsockopt$nfc_llcp(r2, 0x6a, 0x0, 0x0, 0x1000000000000)

1.194646803s ago: executing program 42 (id=6500):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
io_setup(0x4, &(0x7f0000000040)=<r0=>0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x4, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x8, 0x11e41e7a, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1b, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
io_pgetevents(r0, 0x1ff, 0x5, &(0x7f0000000400)=[{}, {}, {}, {}, {}], &(0x7f00000001c0)={0x77359400}, &(0x7f00000004c0)={0x0})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
io_setup(0x3, &(0x7f0000000000))
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x22, 0x2, 0x3)
getsockopt$nfc_llcp(r2, 0x6a, 0x0, 0x0, 0x1000000000000)

1.118391661s ago: executing program 0 (id=6502):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x60600, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000c1f000/0x1000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0xfd7f0000)

963.457289ms ago: executing program 5 (id=6503):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) (async)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_lsm={0x1d, 0x21, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x5}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x1}, @ringbuf_query, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x2}, @printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x42}}, @cb_func={0x18, 0x7, 0x4, 0x0, 0xfffffffffffffffe}, @call={0x85, 0x0, 0x0, 0xd2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000000)='syzkaller\x00', 0xfffffffa, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000080)={0x0, 0x8, 0xaca, 0x8}, 0x10, 0xffffffffffffffff, 0x0, 0x5, &(0x7f00000000c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff], &(0x7f0000000140)=[{0x1, 0x1, 0xc, 0x1}, {0x4, 0x5, 0x9, 0x9}, {0x2, 0x1, 0x7, 0x2}, {0x4, 0x2, 0x0, 0xc}, {0x0, 0x2, 0xd, 0x7}], 0x10, 0x4}, 0x94) (async)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$cont(0x1f, r2, 0x6, 0x400f)
poll(&(0x7f0000000400)=[{r0, 0x302f}, {r1, 0x2048}, {r1, 0x8}, {r1, 0x100}, {r0, 0x488}, {r1, 0x28}], 0x6, 0x7)

963.090312ms ago: executing program 0 (id=6504):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x88000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x80)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000001580)=""/102400, 0x19000)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004090)
fcntl$notify(0xffffffffffffffff, 0x402, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {0x36}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[0x0], 0x1}, 0x9c)
socket$inet6(0xa, 0xa, 0x1)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
keyctl$session_to_parent(0x12)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, &(0x7f0000001f00))
sendmmsg(0xffffffffffffffff, &(0x7f0000009140)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000000)="b3", 0x1}], 0x1}}], 0x1, 0x0)
preadv2(r2, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x500)

858.827227ms ago: executing program 5 (id=6505):
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={&(0x7f0000000000)="d5db83aa1d3451ccd13675a34859f629b37e1cc1d1885d9213e4128b7bdde2aa1011891b81c2c5e608e9d48f0f4a61499b8d", 0x0}}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800"], 0x9c}}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r5, 0xab06)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r6, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

625.232754ms ago: executing program 3 (id=6506):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0xfff3}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x10, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) (fail_nth: 4)

383.124813ms ago: executing program 3 (id=6507):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

382.64044ms ago: executing program 3 (id=6508):
r0 = socket(0x1e, 0x4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa000000000000080045000028000000000006907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="1200000000000000"], 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{0x0}], 0x1)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76"])
chdir(&(0x7f00000000c0)='./file0\x00')
openat(0xffffffffffffff9c, 0x0, 0x66801, 0x19d)
recvmmsg$unix(r0, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001480)=ANY=[@ANYBLOB="3000000010000108fdffffff0000000000000000e7fa13e5636156bceade25d4659ac894e7079c0859fba53c585f61c71f98fe5f8a86513fb2e26f3bc36fd1f9e87a5420949c32d2beec5e6d88820003b2b9ffe9b879c76500263607d256ae78da3b701ea9253ac1d69f7ef83dcafb913720a7d64d54e5b7347338067a47372c16ce5246190fdee3f2d180fe62b93ec7d5f9abf2e956563b0ac981b1c115b5d6048199b35d71e714e606ade1c9173e251a6ceb33395a3d0f6736d2b12558c180563495b6005de605daeeb0a38cb82892bd869904570d17f7b091b100"/234, @ANYRES32=0x0, @ANYBLOB="000000000000000008001b000000000008001a8004002d80"], 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

106.352454ms ago: executing program 3 (id=6509):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = open$dir(&(0x7f00000000c0)='./file1\x00', 0x0, 0x1c2)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
recvmmsg(r1, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x9}, 0x94)
sendmmsg(0xffffffffffffffff, &(0x7f0000000e00)=[{{&(0x7f0000000080)=@qipcrtr={0x2a, 0x3, 0x4000}, 0x80, 0x0}}], 0x1, 0x45)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/fscreate\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000500)='fd/3\x00')
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000080))
pselect6(0x40, &(0x7f00000002c0)={0x2, 0x0, 0xc, 0xe9d9, 0x800, 0x2, 0x1, 0x1}, 0x0, &(0x7f0000000340)={0x3ff, 0xd0000000, 0x10007, 0x7e3, 0x3, 0x80000008, 0xfffffffffffffffe, 0xbf7}, 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x2, 0x8000028, r0, &(0x7f0000000140)='./file1\x00')
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=virtio,', {[{@posixacl}]}})

99.274131ms ago: executing program 43 (id=6509):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = open$dir(&(0x7f00000000c0)='./file1\x00', 0x0, 0x1c2)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
recvmmsg(r1, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x9}, 0x94)
sendmmsg(0xffffffffffffffff, &(0x7f0000000e00)=[{{&(0x7f0000000080)=@qipcrtr={0x2a, 0x3, 0x4000}, 0x80, 0x0}}], 0x1, 0x45)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/fscreate\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000500)='fd/3\x00')
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000080))
pselect6(0x40, &(0x7f00000002c0)={0x2, 0x0, 0xc, 0xe9d9, 0x800, 0x2, 0x1, 0x1}, 0x0, &(0x7f0000000340)={0x3ff, 0xd0000000, 0x10007, 0x7e3, 0x3, 0x80000008, 0xfffffffffffffffe, 0xbf7}, 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x2, 0x8000028, r0, &(0x7f0000000140)='./file1\x00')
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=virtio,', {[{@posixacl}]}})

0s ago: executing program 5 (id=6511):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl726\x00', [0x4f27, 0x200005, 0x2, 0x401, 0x2, 0xcc7, 0xfff, 0x5c952399, 0x5, 0x3ff, 0x2, 0x7, 0x1, 0x1, 0x9, 0xe1cb, 0x0, 0x1a449, 0x2, 0x40000003, 0x89, 0xfffffffd, 0x0, 0x20001e56, 0xc, 0xe69, 0x3c, 0x8, 0x9, 0x8000000, 0xdffffff8]})
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040))
renameat2(r1, &(0x7f00000000c0)='./cgroup\x00', r1, &(0x7f0000000100)='./cgroup\x00', 0x1)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000000)={'ip6tnl0\x00', <r2=>0x0, 0x4, 0xf3, 0x3, 0x7ff, 0x45, @remote, @mcast2, 0x1, 0x0, 0x8, 0x101}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f00000001c0)={'syztnl1\x00', r2, 0x4, 0x5, 0x4, 0x9, 0x74, @private2, @empty, 0x10, 0x7800, 0x6, 0x100}})

kernel console output (not intermixed with test programs):

tdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1018.311783][T19172] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1018.315288][T19172] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1018.318494][T19172] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1018.344863][T19207] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1018.347410][T19207] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1018.359967][T19207] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1018.365265][T19207] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1018.784458][T27608] tipc: Started in network mode
[ 1018.786374][T27608] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1018.789360][T27608] tipc: Enabled bearer <eth:team0>, priority 0
[ 1019.507213][   T40] audit: type=1326 audit(1755520553.983:2270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27620 comm="syz.1.6140" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[ 1019.603763][ T5988] Bluetooth: hci2: command tx timeout
[ 1019.692084][T27622] syz.1.6140 (27622): drop_caches: 1
[ 1019.692212][T27623] syz.1.6140 (27623): drop_caches: 1
[ 1019.708382][T27622] syz.1.6140 (27622): drop_caches: 1
[ 1019.826750][T27626] netlink: 64 bytes leftover after parsing attributes in process `syz.9.6141'.
[ 1020.094006][T14012] tipc: Node number set to 11578026
[ 1020.163669][ T5988] Bluetooth: hci3: command tx timeout
[ 1020.182906][T27629] netlink: 'syz.8.6142': attribute type 4 has an invalid length.
[ 1020.473123][T27633] netlink: 872 bytes leftover after parsing attributes in process `syz.1.6143'.
[ 1021.134575][T27643] blk_print_req_error: 75 callbacks suppressed
[ 1021.134618][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.143297][T27643] buffer_io_error: 75 callbacks suppressed
[ 1021.155722][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.158802][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.162036][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.165309][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.168576][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.171563][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.174554][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.177596][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.181036][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.185175][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.200334][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.212759][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.225315][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.232320][T27645] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1021.237259][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.248836][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.260779][T27643] ldm_validate_partition_table(): Disk read failed.
[ 1021.272475][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.286890][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.297882][T27643] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1021.310457][T27643] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1021.336315][T27643] Dev nbd0: unable to read RDB block 0
[ 1021.351530][T27643]  nbd0: unable to read partition table
[ 1021.684605][ T5988] Bluetooth: hci2: command tx timeout
[ 1021.728566][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1021.730932][ T5388] Dev nbd0: unable to read RDB block 0
[ 1021.732885][ T5388]  nbd0: unable to read partition table
[ 1021.736630][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1021.739022][ T5388] Dev nbd0: unable to read RDB block 0
[ 1021.741846][ T5388]  nbd0: unable to read partition table
[ 1021.753399][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1021.755809][T24604] Dev nbd0: unable to read RDB block 0
[ 1021.757852][T24604]  nbd0: unable to read partition table
[ 1021.765470][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1021.767899][T24604] Dev nbd0: unable to read RDB block 0
[ 1021.770292][T24604]  nbd0: unable to read partition table
[ 1022.003227][T27639] delete_channel: no stack
[ 1022.097001][   T40] audit: type=1326 audit(1755520556.573:2271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27649 comm="syz.1.6148" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[ 1022.149503][T27667] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1022.151826][T27667] syzkaller0: entered promiscuous mode
[ 1022.154482][T27667] syzkaller0: entered allmulticast mode
[ 1022.158099][T27667] FAULT_INJECTION: forcing a failure.
[ 1022.158099][T27667] name failslab, interval 1, probability 0, space 0, times 0
[ 1022.162378][T27667] CPU: 2 UID: 0 PID: 27667 Comm: syz.8.6154 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1022.162394][T27667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1022.162402][T27667] Call Trace:
[ 1022.162405][T27667]  <TASK>
[ 1022.162410][T27667]  dump_stack_lvl+0x16c/0x1f0
[ 1022.162428][T27667]  should_fail_ex+0x512/0x640
[ 1022.162445][T27667]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1022.162462][T27667]  should_failslab+0xc2/0x120
[ 1022.162478][T27667]  __kmalloc_noprof+0xd2/0x510
[ 1022.162492][T27667]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1022.162508][T27667]  ? tomoyo_profile+0x47/0x60
[ 1022.162518][T27667]  tomoyo_path_number_perm+0x245/0x580
[ 1022.162531][T27667]  ? tomoyo_path_number_perm+0x237/0x580
[ 1022.162545][T27667]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1022.162560][T27667]  ? preempt_count_add+0x76/0x150
[ 1022.162580][T27667]  ? rcu_is_watching+0x12/0xc0
[ 1022.162592][T27667]  ? __fget_files+0x204/0x3c0
[ 1022.162603][T27667]  ? hook_file_ioctl_common+0x145/0x410
[ 1022.162618][T27667]  ? lock_release+0x201/0x2f0
[ 1022.162633][T27667]  ? __fget_files+0x20e/0x3c0
[ 1022.162646][T27667]  security_file_ioctl_compat+0x9b/0x240
[ 1022.162661][T27667]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1022.162679][T27667]  __do_fast_syscall_32+0x7c/0x3a0
[ 1022.162695][T27667]  do_fast_syscall_32+0x32/0x80
[ 1022.162710][T27667]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1022.162724][T27667] RIP: 0023:0xf711e579
[ 1022.162733][T27667] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1022.162744][T27667] RSP: 002b:00000000f550e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1022.162756][T27667] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000008922
[ 1022.162763][T27667] RDX: 0000000080002280 RSI: 0000000000000000 RDI: 0000000000000000
[ 1022.162770][T27667] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1022.162776][T27667] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1022.162789][T27667] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1022.162798][T27667]  </TASK>
[ 1022.162803][T27667] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1022.233875][T27667] tipc: Resetting bearer <eth:syzkaller0>
[ 1022.237015][T27666] tipc: Resetting bearer <eth:syzkaller0>
[ 1022.241161][T27666] tipc: Disabling bearer <eth:syzkaller0>
[ 1022.253641][ T5988] Bluetooth: hci3: command tx timeout
[ 1022.853393][T27690] FAULT_INJECTION: forcing a failure.
[ 1022.853393][T27690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1022.858971][T27690] CPU: 2 UID: 0 PID: 27690 Comm: syz.9.6159 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1022.859008][T27690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1022.859019][T27690] Call Trace:
[ 1022.859026][T27690]  <TASK>
[ 1022.859032][T27690]  dump_stack_lvl+0x16c/0x1f0
[ 1022.859056][T27690]  should_fail_ex+0x512/0x640
[ 1022.859081][T27690]  _copy_from_user+0x2e/0xd0
[ 1022.859107][T27690]  copy_mount_options+0x76/0x190
[ 1022.859132][T27690]  __ia32_sys_mount+0x1ac/0x310
[ 1022.859153][T27690]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1022.859175][T27690]  ? rcu_is_watching+0x12/0xc0
[ 1022.859193][T27690]  __do_fast_syscall_32+0x7c/0x3a0
[ 1022.859216][T27690]  do_fast_syscall_32+0x32/0x80
[ 1022.859238][T27690]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1022.859259][T27690] RIP: 0023:0xf7f23579
[ 1022.859271][T27690] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1022.859286][T27690] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1022.859302][T27690] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000140
[ 1022.859313][T27690] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 00000000800001c0
[ 1022.859323][T27690] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1022.859402][T27690] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1022.859411][T27690] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1022.859428][T27690]  </TASK>
[ 1022.860881][T27690] overlayfs: conflicting lowerdir path
[ 1023.241728][T27700] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1023.439611][   T40] audit: type=1326 audit(1755520557.913:2272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27697 comm="syz.9.6162" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x0
[ 1023.635755][T27707] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6163'.
[ 1024.039370][T27719] FAULT_INJECTION: forcing a failure.
[ 1024.039370][T27719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1024.049650][T27719] CPU: 0 UID: 0 PID: 27719 Comm: syz.0.6168 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1024.049669][T27719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1024.049676][T27719] Call Trace:
[ 1024.049680][T27719]  <TASK>
[ 1024.049685][T27719]  dump_stack_lvl+0x16c/0x1f0
[ 1024.049703][T27719]  should_fail_ex+0x512/0x640
[ 1024.049725][T27719]  _copy_from_iter+0x463/0x16f0
[ 1024.049743][T27719]  ? __pfx__copy_from_iter+0x10/0x10
[ 1024.049767][T27719]  ? tomoyo_audit_inet_log+0x285/0x3a0
[ 1024.049784][T27719]  ? __pfx_tomoyo_audit_inet_log+0x10/0x10
[ 1024.049800][T27719]  ping_common_sendmsg+0xc4/0x2e0
[ 1024.049820][T27719]  ping_v4_sendmsg+0x19a/0x1a40
[ 1024.049830][T27719]  ? lock_release+0x201/0x2f0
[ 1024.049845][T27719]  ? __pfx_ping_v4_sendmsg+0x10/0x10
[ 1024.049863][T27719]  ? rcu_is_watching+0x12/0xc0
[ 1024.049877][T27719]  ? __pfx_ip4_datagram_release_cb+0x10/0x10
[ 1024.049896][T27719]  ? inet_autobind+0x145/0x1a0
[ 1024.049912][T27719]  ? inet_autobind+0x145/0x1a0
[ 1024.049929][T27719]  ? inet_autobind+0x145/0x1a0
[ 1024.049944][T27719]  ? __local_bh_enable_ip+0xa4/0x120
[ 1024.049958][T27719]  ? inet_autobind+0x14a/0x1a0
[ 1024.049974][T27719]  ? __pfx_ping_v4_sendmsg+0x10/0x10
[ 1024.049992][T27719]  inet_sendmsg+0x11c/0x140
[ 1024.050003][T27719]  ____sys_sendmsg+0x973/0xc70
[ 1024.050021][T27719]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1024.050038][T27719]  ? get_compat_msghdr+0x11a/0x170
[ 1024.050053][T27719]  ? kstrtouint_from_user+0x13c/0x1d0
[ 1024.050067][T27719]  ___sys_sendmsg+0x134/0x1d0
[ 1024.050081][T27719]  ? get_pid_task+0xfc/0x250
[ 1024.050096][T27719]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1024.050112][T27719]  ? rcu_is_watching+0x12/0xc0
[ 1024.050127][T27719]  __sys_sendmsg+0x16d/0x220
[ 1024.050141][T27719]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1024.050157][T27719]  ? rcu_is_watching+0x12/0xc0
[ 1024.050169][T27719]  __do_fast_syscall_32+0x7c/0x3a0
[ 1024.050185][T27719]  do_fast_syscall_32+0x32/0x80
[ 1024.050199][T27719]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1024.050213][T27719] RIP: 0023:0xf703e579
[ 1024.050223][T27719] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1024.050234][T27719] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1024.050245][T27719] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1024.050253][T27719] RDX: 0000000020000004 RSI: 0000000000000000 RDI: 0000000000000000
[ 1024.050259][T27719] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1024.050266][T27719] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1024.050273][T27719] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1024.050282][T27719]  </TASK>
[ 1024.297790][   T40] audit: type=1326 audit(1755520558.773:2273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27712 comm="syz.1.6165" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[ 1024.325082][ T5988] Bluetooth: hci3: command tx timeout
[ 1024.710560][T27716] delete_channel: no stack
[ 1024.807301][T27733] loop6: detected capacity change from 0 to 524287999
[ 1025.552703][T27748] FAULT_INJECTION: forcing a failure.
[ 1025.552703][T27748] name failslab, interval 1, probability 0, space 0, times 0
[ 1025.557282][T27748] CPU: 2 UID: 0 PID: 27748 Comm: syz.0.6176 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1025.557299][T27748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1025.557306][T27748] Call Trace:
[ 1025.557310][T27748]  <TASK>
[ 1025.557314][T27748]  dump_stack_lvl+0x16c/0x1f0
[ 1025.557332][T27748]  should_fail_ex+0x512/0x640
[ 1025.557349][T27748]  should_failslab+0xc2/0x120
[ 1025.557364][T27748]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1025.557378][T27748]  ? __alloc_skb+0x2b2/0x380
[ 1025.557392][T27748]  ? rt_dst_alloc+0x35/0x3a0
[ 1025.557408][T27748]  __alloc_skb+0x2b2/0x380
[ 1025.557421][T27748]  ? __pfx___alloc_skb+0x10/0x10
[ 1025.557434][T27748]  ? rt_set_nexthop.constprop.0+0x673/0x12e0
[ 1025.557445][T27748]  ? rcu_is_watching+0x12/0xc0
[ 1025.557457][T27748]  ? rt_set_nexthop.constprop.0+0x673/0x12e0
[ 1025.557468][T27748]  ? rcu_is_watching+0x12/0xc0
[ 1025.557479][T27748]  __ip_append_data+0x30c5/0x41c0
[ 1025.557496][T27748]  ? __pfx_raw_getfrag+0x10/0x10
[ 1025.557507][T27748]  ? rcu_is_watching+0x12/0xc0
[ 1025.557519][T27748]  ? ip_dst_mtu_maybe_forward.constprop.0+0x314/0x6e0
[ 1025.557538][T27748]  ? __pfx___ip_append_data+0x10/0x10
[ 1025.557555][T27748]  ip_append_data+0x10f/0x1a0
[ 1025.557571][T27748]  ? __pfx_raw_getfrag+0x10/0x10
[ 1025.557581][T27748]  raw_sendmsg+0xeee/0x37e0
[ 1025.557595][T27748]  ? __pfx_raw_sendmsg+0x10/0x10
[ 1025.557605][T27748]  ? lock_release+0x201/0x2f0
[ 1025.557621][T27748]  ? tomoyo_check_inet_address+0xe0/0x6c0
[ 1025.557637][T27748]  ? __pfx_tomoyo_check_inet_address+0x10/0x10
[ 1025.557660][T27748]  ? __pfx_raw_sendmsg+0x10/0x10
[ 1025.557671][T27748]  inet_sendmsg+0x11c/0x140
[ 1025.557682][T27748]  __sys_sendto+0x43c/0x520
[ 1025.557695][T27748]  ? __pfx___sys_sendto+0x10/0x10
[ 1025.557712][T27748]  ? ksys_write+0x1ac/0x250
[ 1025.557725][T27748]  ? __pfx_ksys_write+0x10/0x10
[ 1025.557739][T27748]  __ia32_sys_sendto+0xdd/0x1b0
[ 1025.557751][T27748]  ? trace_irq_enable.constprop.0+0xd4/0x120
[ 1025.557769][T27748]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1025.557784][T27748]  __do_fast_syscall_32+0x7c/0x3a0
[ 1025.557804][T27748]  do_fast_syscall_32+0x32/0x80
[ 1025.557819][T27748]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1025.557833][T27748] RIP: 0023:0xf703e579
[ 1025.557842][T27748] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1025.557853][T27748] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1025.557865][T27748] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[ 1025.557872][T27748] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000080000100
[ 1025.557878][T27748] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[ 1025.557885][T27748] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1025.557892][T27748] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1025.557901][T27748]  </TASK>
[ 1025.889851][T27755] ldm_validate_partition_table(): Disk read failed.
[ 1025.924845][T27755] Dev nbd0: unable to read RDB block 0
[ 1025.927548][T27755]  nbd0: unable to read partition table
[ 1025.956603][T27755] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[ 1025.967420][T27755] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1026.138019][T27758] syz.9.6179 (27758): drop_caches: 2
[ 1026.627675][ T5388] blk_print_req_error: 91 callbacks suppressed
[ 1026.627688][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.638847][ T5388] buffer_io_error: 91 callbacks suppressed
[ 1026.638859][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.644594][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.647449][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.649947][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.652764][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.655288][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.658687][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.661486][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.664597][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.667219][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.670612][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.673447][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.677246][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.679791][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.683050][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.685889][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1026.688730][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.692083][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.694769][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1026.698045][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1026.700952][ T5388] Dev nbd0: unable to read RDB block 0
[ 1026.703170][ T5388]  nbd0: unable to read partition table
[ 1026.714498][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1026.717781][ T5388] Dev nbd0: unable to read RDB block 0
[ 1026.720812][ T5388]  nbd0: unable to read partition table
[ 1026.728148][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1026.730879][T24604] Dev nbd0: unable to read RDB block 0
[ 1026.733297][T24604]  nbd0: unable to read partition table
[ 1026.747489][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1026.750556][T24604] Dev nbd0: unable to read RDB block 0
[ 1026.754066][T24604]  nbd0: unable to read partition table
[ 1026.909636][ T5988] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[ 1026.909655][ T5988] Bluetooth: hci3: Unknown advertising packet type: 0x72
[ 1026.911892][ T5988] Bluetooth: hci3: Malformed LE Event: 0x0d
[ 1026.922996][   T40] audit: type=1326 audit(1755520561.393:2274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27763 comm="syz.0.6181" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x0
[ 1027.922821][T27792] netlink: 64 bytes leftover after parsing attributes in process `syz.9.6187'.
[ 1028.938058][T27810] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6194'.
[ 1028.941286][T27811] ldm_validate_partition_table(): Disk read failed.
[ 1028.944715][T27811] Dev nbd0: unable to read RDB block 0
[ 1028.948578][T27811]  nbd0: unable to read partition table
[ 1028.948656][T27810] netlink: 'syz.1.6194': attribute type 21 has an invalid length.
[ 1028.952921][T27810] netlink: 156 bytes leftover after parsing attributes in process `syz.1.6194'.
[ 1028.958546][T27810] netlink: 'syz.1.6194': attribute type 21 has an invalid length.
[ 1028.960838][T27811] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[ 1028.961104][T27810] netlink: 156 bytes leftover after parsing attributes in process `syz.1.6194'.
[ 1028.977525][T27811] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1029.551631][T27823] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input35
[ 1029.659204][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1029.663333][ T5388] Dev nbd0: unable to read RDB block 0
[ 1029.665568][ T5388]  nbd0: unable to read partition table
[ 1029.668477][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1029.671415][ T5388] Dev nbd0: unable to read RDB block 0
[ 1029.674136][ T5388]  nbd0: unable to read partition table
[ 1029.681699][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1029.686654][T24604] Dev nbd0: unable to read RDB block 0
[ 1029.688722][T24604]  nbd0: unable to read partition table
[ 1029.691843][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1029.694406][T24604] Dev nbd0: unable to read RDB block 0
[ 1029.696486][T24604]  nbd0: unable to read partition table
[ 1029.794583][T27830] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6200'.
[ 1030.021005][T27834] ldm_validate_partition_table(): Disk read failed.
[ 1030.024362][T27834] Dev nbd0: unable to read RDB block 0
[ 1030.027127][T27834]  nbd0: unable to read partition table
[ 1030.034309][T27834] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[ 1030.046737][T27834] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1030.462441][T27839] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6201'.
[ 1030.473258][T27839] netlink: 48 bytes leftover after parsing attributes in process `syz.1.6201'.
[ 1030.536118][T27839] geneve2: entered promiscuous mode
[ 1030.543068][T27839] geneve2: entered allmulticast mode
[ 1030.744732][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1030.747241][ T5388] Dev nbd0: unable to read RDB block 0
[ 1030.764180][ T5388]  nbd0: unable to read partition table
[ 1030.770234][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1030.772545][ T5388] Dev nbd0: unable to read RDB block 0
[ 1030.774874][ T5388]  nbd0: unable to read partition table
[ 1030.781350][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1030.798489][T24604] Dev nbd0: unable to read RDB block 0
[ 1030.804106][T24604]  nbd0: unable to read partition table
[ 1030.808396][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1030.810908][T24604] Dev nbd0: unable to read RDB block 0
[ 1030.812936][T24604]  nbd0: unable to read partition table
[ 1030.998352][T27858] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1031.345063][   T40] audit: type=1326 audit(1755520565.813:2275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27853 comm="syz.0.6207" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x0
[ 1031.973565][T27883] blk_print_req_error: 229 callbacks suppressed
[ 1031.973578][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1031.980491][T27883] buffer_io_error: 229 callbacks suppressed
[ 1031.980778][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1031.989049][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1031.992539][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1032.000051][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1032.008524][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1032.011593][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1032.029046][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1032.085490][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1032.089711][T27884] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1032.098764][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1032.102588][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1032.116268][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1032.119490][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1032.122442][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1032.129064][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1032.132068][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1032.134738][T27887] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6216'.
[ 1032.138269][T27883] ldm_validate_partition_table(): Disk read failed.
[ 1032.140730][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1032.220173][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1032.224130][T27883] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1032.227431][T27883] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1032.231023][T27883] Dev nbd0: unable to read RDB block 0
[ 1032.258772][T27883]  nbd0: unable to read partition table
[ 1032.315576][T27893] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1032.565070][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1032.568647][ T5388] Dev nbd0: unable to read RDB block 0
[ 1032.570759][ T5388]  nbd0: unable to read partition table
[ 1032.586933][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1032.589497][ T5388] Dev nbd0: unable to read RDB block 0
[ 1032.592763][ T5388]  nbd0: unable to read partition table
[ 1032.601781][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1032.604058][T24604] Dev nbd0: unable to read RDB block 0
[ 1032.606278][T24604]  nbd0: unable to read partition table
[ 1032.610871][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1032.613768][T24604] Dev nbd0: unable to read RDB block 0
[ 1032.620137][T24604]  nbd0: unable to read partition table
[ 1033.286445][T27912] overlayfs: missing 'lowerdir'
[ 1033.611708][   T40] audit: type=1326 audit(1755521336.183:2276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27913 comm="syz.9.6223" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[ 1033.618807][   T40] audit: type=1326 audit(1755521336.183:2277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27913 comm="syz.9.6223" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[ 1033.625773][   T40] audit: type=1326 audit(1755521336.183:2278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27913 comm="syz.9.6223" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f23579 code=0x7ffc0000
[ 1033.874287][T27908] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1033.877027][T27908] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1033.880838][T27908] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1033.884126][T27908] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1033.886232][T27908] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1033.889128][T27908] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1033.892038][T27908] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1033.893985][T27908] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1033.897821][T27908] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1033.928334][T27921] FAULT_INJECTION: forcing a failure.
[ 1033.928334][T27921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1033.932745][T27921] CPU: 3 UID: 0 PID: 27921 Comm: syz.1.6225 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1033.932762][T27921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1033.932769][T27921] Call Trace:
[ 1033.932773][T27921]  <TASK>
[ 1033.932778][T27921]  dump_stack_lvl+0x16c/0x1f0
[ 1033.932795][T27921]  should_fail_ex+0x512/0x640
[ 1033.932813][T27921]  _copy_from_user+0x2e/0xd0
[ 1033.932830][T27921]  binder_thread_write+0xa5c/0x4e70
[ 1033.932843][T27921]  ? kasan_save_track+0x14/0x30
[ 1033.932856][T27921]  ? kfree+0x2b4/0x4d0
[ 1033.932866][T27921]  ? tomoyo_path_number_perm+0x470/0x580
[ 1033.932880][T27921]  ? security_file_ioctl_compat+0x9b/0x240
[ 1033.932895][T27921]  ? __ia32_compat_sys_ioctl+0xc3/0x370
[ 1033.932912][T27921]  ? __do_fast_syscall_32+0x7c/0x3a0
[ 1033.932927][T27921]  ? do_fast_syscall_32+0x32/0x80
[ 1033.932941][T27921]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1033.932956][T27921]  ? __pfx_binder_thread_write+0x10/0x10
[ 1033.932967][T27921]  ? binder_debug+0xde/0x1a0
[ 1033.932982][T27921]  ? __pfx_binder_debug+0x10/0x10
[ 1033.932997][T27921]  ? binder_debug+0xde/0x1a0
[ 1033.933012][T27921]  ? __pfx_binder_debug+0x10/0x10
[ 1033.933030][T27921]  ? __pfx_binder_ioctl+0x10/0x10
[ 1033.933039][T27921]  binder_ioctl+0x253d/0x71f0
[ 1033.933050][T27921]  ? tomoyo_path_number_perm+0x295/0x580
[ 1033.933063][T27921]  ? rcu_is_watching+0x12/0xc0
[ 1033.933076][T27921]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1033.933089][T27921]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1033.933103][T27921]  ? __pfx_binder_ioctl+0x10/0x10
[ 1033.933114][T27921]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1033.933132][T27921]  ? do_vfs_ioctl+0x128/0x14f0
[ 1033.933149][T27921]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1033.933167][T27921]  ? __fget_files+0x204/0x3c0
[ 1033.933179][T27921]  ? hook_file_ioctl_common+0x145/0x410
[ 1033.933195][T27921]  ? __fget_files+0x20e/0x3c0
[ 1033.933207][T27921]  ? __pfx_binder_ioctl+0x10/0x10
[ 1033.933217][T27921]  compat_ptr_ioctl+0x6e/0xa0
[ 1033.933233][T27921]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[ 1033.933249][T27921]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1033.933268][T27921]  __do_fast_syscall_32+0x7c/0x3a0
[ 1033.933283][T27921]  do_fast_syscall_32+0x32/0x80
[ 1033.933298][T27921]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1033.933311][T27921] RIP: 0023:0xf70be579
[ 1033.933321][T27921] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1033.933332][T27921] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1033.933343][T27921] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201
[ 1033.933350][T27921] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1033.933357][T27921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1033.933363][T27921] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1033.933370][T27921] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1033.933379][T27921]  </TASK>
[ 1033.933385][T27921] binder: 27920:27921 ioctl c0306201 800001c0 returned -14
[ 1035.353557][ T5988] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1035.523336][T27945] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1035.592414][T27947] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1035.625298][T27956] syz_tun: entered allmulticast mode
[ 1035.628737][T27954] syz_tun: left allmulticast mode
[ 1035.756251][T27962] ip6gre1: entered promiscuous mode
[ 1035.758027][T27962] ip6gre1: entered allmulticast mode
[ 1035.802421][ T5988] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1035.804482][ T5988] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1036.486678][T27972] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1037.309788][   T40] audit: type=1326 audit(1755521340.067:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27981 comm="syz.1.6240" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[ 1037.411280][ T5988] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1037.549393][T28000] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1037.782702][ T5988] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1037.783120][T21786] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1038.070000][T28005] netlink: 64 bytes leftover after parsing attributes in process `syz.1.6246'.
[ 1039.008761][T28013] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1039.382849][T21786] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1039.549949][T28024] FAULT_INJECTION: forcing a failure.
[ 1039.549949][T28024] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1039.554057][T28024] CPU: 2 UID: 0 PID: 28024 Comm: syz.0.6250 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1039.554097][T28024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1039.554109][T28024] Call Trace:
[ 1039.554116][T28024]  <TASK>
[ 1039.554122][T28024]  dump_stack_lvl+0x16c/0x1f0
[ 1039.554145][T28024]  should_fail_ex+0x512/0x640
[ 1039.554171][T28024]  _copy_to_user+0x32/0xd0
[ 1039.554189][T28024]  snd_ctl_ioctl+0xae5/0xf80
[ 1039.554210][T28024]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[ 1039.554232][T28024]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1039.554255][T28024]  ? do_vfs_ioctl+0x128/0x14f0
[ 1039.554272][T28024]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1039.554289][T28024]  snd_ctl_ioctl_compat+0x708/0xc70
[ 1039.554305][T28024]  ? __pfx_snd_ctl_ioctl_compat+0x10/0x10
[ 1039.554320][T28024]  ? __fget_files+0x204/0x3c0
[ 1039.554332][T28024]  ? hook_file_ioctl_common+0x145/0x410
[ 1039.554348][T28024]  ? __fget_files+0x20e/0x3c0
[ 1039.554373][T28024]  ? __pfx_snd_ctl_ioctl_compat+0x10/0x10
[ 1039.554389][T28024]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1039.554408][T28024]  __do_fast_syscall_32+0x7c/0x3a0
[ 1039.554428][T28024]  do_fast_syscall_32+0x32/0x80
[ 1039.554443][T28024]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1039.554457][T28024] RIP: 0023:0xf703e579
[ 1039.554466][T28024] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1039.554477][T28024] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1039.554488][T28024] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000081785501
[ 1039.554495][T28024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1039.554502][T28024] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1039.554508][T28024] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1039.554515][T28024] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1039.554525][T28024]  </TASK>
[ 1039.691483][T28031] block device autoloading is deprecated and will be removed.
[ 1039.694974][T28031] bio_check_eod: 2 callbacks suppressed
[ 1039.694983][T28031] syz.8.6253: attempt to access beyond end of device
[ 1039.694983][T28031] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1039.763943][T21786] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1039.773354][T21786] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1039.975954][T28044] blk_print_req_error: 75 callbacks suppressed
[ 1039.975986][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1039.981554][T28044] buffer_io_error: 75 callbacks suppressed
[ 1039.981611][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1039.986691][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1039.989719][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1039.992657][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1039.995847][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1039.999549][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1040.003162][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1040.006261][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1040.009525][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1040.012928][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1040.015696][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1040.018882][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1040.022211][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1040.025078][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1040.028407][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1040.031734][T28044] ldm_validate_partition_table(): Disk read failed.
[ 1040.034789][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1040.038525][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1040.042674][T28044] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1040.046609][T28044] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1040.069322][T28044] Dev nbd0: unable to read RDB block 0
[ 1040.073652][T28044]  nbd0: unable to read partition table
[ 1040.073717][T28041] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1040.435300][T28056] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1040.547153][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1040.549492][ T5388] Dev nbd0: unable to read RDB block 0
[ 1040.551349][ T5388]  nbd0: unable to read partition table
[ 1040.553925][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1040.556334][ T5388] Dev nbd0: unable to read RDB block 0
[ 1040.558241][ T5388]  nbd0: unable to read partition table
[ 1040.565101][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1040.567356][T24604] Dev nbd0: unable to read RDB block 0
[ 1040.569599][T24604]  nbd0: unable to read partition table
[ 1040.573551][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1040.576690][T24604] Dev nbd0: unable to read RDB block 0
[ 1040.578815][T24604]  nbd0: unable to read partition table
[ 1040.884612][T28060] sp0: Synchronizing with TNC
[ 1041.030973][ T1982] kernel read not supported for file /swradio3 (pid: 1982 comm: kworker/3:3)
[ 1041.177768][T28075] FAULT_INJECTION: forcing a failure.
[ 1041.177768][T28075] name failslab, interval 1, probability 0, space 0, times 0
[ 1041.181808][T28075] CPU: 1 UID: 0 PID: 28075 Comm: syz.0.6263 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1041.181825][T28075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1041.181832][T28075] Call Trace:
[ 1041.181837][T28075]  <TASK>
[ 1041.181841][T28075]  dump_stack_lvl+0x16c/0x1f0
[ 1041.181859][T28075]  should_fail_ex+0x512/0x640
[ 1041.181879][T28075]  ? iter_file_splice_write+0x1cc/0x1270
[ 1041.181897][T28075]  should_failslab+0xc2/0x120
[ 1041.181917][T28075]  __kmalloc_noprof+0xd2/0x510
[ 1041.181935][T28075]  ? rcu_is_watching+0x12/0xc0
[ 1041.181953][T28075]  iter_file_splice_write+0x1cc/0x1270
[ 1041.181973][T28075]  ? aa_file_perm+0x29e/0x12e0
[ 1041.182000][T28075]  ? kstrtouint+0xdd/0x130
[ 1041.182016][T28075]  ? __pfx_aa_file_perm+0x10/0x10
[ 1041.182033][T28075]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1041.182046][T28075]  ? kstrtouint_from_user+0x13c/0x1d0
[ 1041.182059][T28075]  ? rcu_is_watching+0x12/0xc0
[ 1041.182070][T28075]  ? get_pid_task+0xfc/0x250
[ 1041.182086][T28075]  ? rcu_is_watching+0x12/0xc0
[ 1041.182098][T28075]  ? __pfx___might_resched+0x10/0x10
[ 1041.182110][T28075]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1041.182122][T28075]  do_splice+0x1475/0x1fc0
[ 1041.182133][T28075]  ? preempt_count_add+0x76/0x150
[ 1041.182149][T28075]  ? ksys_write+0x190/0x250
[ 1041.182162][T28075]  ? rcu_is_watching+0x12/0xc0
[ 1041.182175][T28075]  ? __pfx_do_splice+0x10/0x10
[ 1041.182185][T28075]  ? __pfx_pipe_clear_nowait+0x10/0x10
[ 1041.182196][T28075]  ? rcu_is_watching+0x12/0xc0
[ 1041.182208][T28075]  __do_splice+0x32a/0x360
[ 1041.182220][T28075]  ? __pfx___do_splice+0x10/0x10
[ 1041.182232][T28075]  __ia32_sys_splice+0x189/0x250
[ 1041.182245][T28075]  __do_fast_syscall_32+0x7c/0x3a0
[ 1041.182261][T28075]  do_fast_syscall_32+0x32/0x80
[ 1041.182276][T28075]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1041.182290][T28075] RIP: 0023:0xf703e579
[ 1041.182300][T28075] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1041.182311][T28075] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000139
[ 1041.182322][T28075] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000000
[ 1041.182329][T28075] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 00000000000408cd
[ 1041.182336][T28075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1041.182343][T28075] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1041.182350][T28075] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1041.182359][T28075]  </TASK>
[ 1041.263980][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1041.459420][ T1982] usb 6-1: new high-speed USB device number 94 using dummy_hcd
[ 1041.502865][T28084] netlink: 64 bytes leftover after parsing attributes in process `syz.9.6265'.
[ 1041.602473][ T1982] usb 6-1: Using ep0 maxpacket: 16
[ 1041.623562][ T1982] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1041.665488][ T1982] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1041.668729][ T1982] usb 6-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[ 1041.674746][ T1982] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1041.691916][ T1982] usb 6-1: config 0 descriptor??
[ 1041.764357][ T5985] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1041.960703][ T1982] usbhid 6-1:0.0: can't add hid device: -71
[ 1042.006606][ T1982] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1042.010392][ T1982] usb 6-1: USB disconnect, device number 94
[ 1043.145483][T28096] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1043.726515][ T5985] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1045.209263][T28142] binder: BINDER_SET_CONTEXT_MGR already set
[ 1045.211282][T28142] binder: 28141:28142 ioctl 4018620d 80000040 returned -16
[ 1045.215282][T28142] binder: 28141:28142 ioctl c0306201 80000300 returned -11
[ 1045.489129][ T6059] usb 14-1: new high-speed USB device number 2 using dummy_hcd
[ 1045.639110][ T6059] usb 14-1: Using ep0 maxpacket: 16
[ 1045.646078][ T6059] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1045.649840][ T6059] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1045.652888][ T6059] usb 14-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[ 1045.655583][ T6059] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1045.658683][ T6059] usb 14-1: config 0 descriptor??
[ 1045.918941][T28153] netlink: 64 bytes leftover after parsing attributes in process `syz.0.6280'.
[ 1046.530183][T28160] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1046.583717][T28162] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1047.614257][T28175] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1047.833974][ T6059] usbhid 14-1:0.0: can't add hid device: -71
[ 1047.835998][ T6059] usbhid 14-1:0.0: probe with driver usbhid failed with error -71
[ 1047.843244][ T6059] usb 14-1: USB disconnect, device number 2
[ 1048.064837][T28183] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1048.272904][T28185] Process accounting resumed
[ 1048.918998][T28199] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1049.176279][T28204] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1049.214067][T28190] delete_channel: no stack
[ 1049.306890][T28210] netlink: 64 bytes leftover after parsing attributes in process `syz.8.6294'.
[ 1050.115782][T28222] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1050.176392][T28224] random: crng reseeded on system resumption
[ 1051.200471][T19198] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1051.254294][T19198] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1051.295931][T19198] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1051.367474][T19198] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1051.454754][T28002] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1051.458442][T28002] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1051.460859][T28002] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1051.463822][T28002] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1051.466368][T28002] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1051.494108][T19198] bridge_slave_1: left allmulticast mode
[ 1051.496589][T19198] bridge_slave_1: left promiscuous mode
[ 1051.499615][T19198] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1051.503376][T19198] bridge_slave_0: left allmulticast mode
[ 1051.505188][T19198] bridge_slave_0: left promiscuous mode
[ 1051.507380][T19198] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1051.511672][T28232] delete_channel: no stack
[ 1051.626256][T19198] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1051.631426][T19198] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1051.635117][T19198] bond0 (unregistering): Released all slaves
[ 1051.638829][T28240] lo speed is unknown, defaulting to 1000
[ 1051.685051][T19198] tipc: Disabling bearer <eth:team0>
[ 1051.687777][T19198] tipc: Left network mode
[ 1051.690782][T28240] chnl_net:caif_netlink_parms(): no params data found
[ 1051.711652][T28248] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1051.733765][T28240] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1051.736209][T28240] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1051.739302][T28240] bridge_slave_0: entered allmulticast mode
[ 1051.741915][T28240] bridge_slave_0: entered promiscuous mode
[ 1051.763974][T28240] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1051.767138][T28240] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1051.769565][T28240] bridge_slave_1: entered allmulticast mode
[ 1051.772410][T28240] bridge_slave_1: entered promiscuous mode
[ 1051.803414][T28240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1051.812206][T28240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1051.840831][T28240] team0: Port device team_slave_0 added
[ 1051.854350][T28240] team0: Port device team_slave_1 added
[ 1051.883788][T19198] hsr_slave_0: left promiscuous mode
[ 1051.886376][T19198] hsr_slave_1: left promiscuous mode
[ 1051.888746][T19198] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1051.891681][T19198] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1051.894718][T19198] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1051.897231][T19198] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1051.902902][T19198] veth1_macvtap: left promiscuous mode
[ 1051.904720][T19198] veth0_macvtap: left promiscuous mode
[ 1051.906495][T19198] veth1_vlan: left promiscuous mode
[ 1051.908563][T19198] veth0_vlan: left promiscuous mode
[ 1051.990814][T19198] team0 (unregistering): Port device team_slave_1 removed
[ 1051.996855][T19198] team0 (unregistering): Port device team_slave_0 removed
[ 1052.045389][T28240] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1052.047727][T28240] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1052.059625][T28240] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1052.066007][T28240] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1052.068873][T28240] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1052.079593][T28240] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1052.105227][T28240] hsr_slave_0: entered promiscuous mode
[ 1052.107691][T28240] hsr_slave_1: entered promiscuous mode
[ 1052.110988][T28240] debugfs: 'hsr0' already exists in 'hsr'
[ 1052.112956][T28240] Cannot create hsr debugfs directory
[ 1052.638805][T19215] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1052.712502][T19215] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1052.778609][T21786] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1052.781919][T21786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1052.784422][T21786] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1052.788584][T21786] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1052.791179][T21786] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1052.802363][T28266] lo speed is unknown, defaulting to 1000
[ 1052.829173][T19215] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1052.834590][T28265] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input36
[ 1052.874578][T28266] chnl_net:caif_netlink_parms(): no params data found
[ 1052.886764][T19215] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1052.923169][T28266] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1052.926015][T28266] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1052.929112][T28266] bridge_slave_0: entered allmulticast mode
[ 1052.932353][T28266] bridge_slave_0: entered promiscuous mode
[ 1052.936522][T28266] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1052.940064][T28266] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1052.942500][T28266] bridge_slave_1: entered allmulticast mode
[ 1052.944905][T28266] bridge_slave_1: entered promiscuous mode
[ 1052.968843][T28266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1052.973409][T28266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1052.996197][T28266] team0: Port device team_slave_0 added
[ 1052.999367][T28266] team0: Port device team_slave_1 added
[ 1053.025419][T28266] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1053.028580][T28266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1053.039187][T28266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1053.054512][T28266] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1053.057430][T28266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1053.068039][T28266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1053.094445][T19215] bridge_slave_1: left allmulticast mode
[ 1053.096408][T19215] bridge_slave_1: left promiscuous mode
[ 1053.098401][T19215] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1053.101931][T19215] bridge_slave_0: left allmulticast mode
[ 1053.103685][T19215] bridge_slave_0: left promiscuous mode
[ 1053.105456][T19215] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1053.237020][T19215] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1053.241151][T19215] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1053.245031][T19215] bond0 (unregistering): Released all slaves
[ 1053.257343][T28266] hsr_slave_0: entered promiscuous mode
[ 1053.259485][T28266] hsr_slave_1: entered promiscuous mode
[ 1053.261394][T28266] debugfs: 'hsr0' already exists in 'hsr'
[ 1053.263424][T28266] Cannot create hsr debugfs directory
[ 1053.324651][T19215] tipc: Disabling bearer <eth:team0>
[ 1053.326920][T19215] tipc: Left network mode
[ 1053.405016][T21786] Bluetooth: hci1: command tx timeout
[ 1053.508123][T19215] hsr_slave_0: left promiscuous mode
[ 1053.510392][T19215] hsr_slave_1: left promiscuous mode
[ 1053.512420][T19215] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1053.514592][T19215] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1053.517180][T19215] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1053.519752][T19215] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1053.524996][T19215] veth1_macvtap: left promiscuous mode
[ 1053.526778][T19215] veth0_macvtap: left promiscuous mode
[ 1053.528599][T19215] veth1_vlan: left promiscuous mode
[ 1053.530393][T19215] veth0_vlan: left promiscuous mode
[ 1053.616336][T19215] team0 (unregistering): Port device team_slave_1 removed
[ 1053.625036][T19215] team0 (unregistering): Port device team_slave_0 removed
[ 1053.756270][T28282] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1054.126800][T28288] fuse: Bad value for 'user_id'
[ 1054.129212][T28288] fuse: Bad value for 'user_id'
[ 1054.228954][T28240] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1054.237564][T28240] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1054.242612][T28291] netlink: 'syz.0.6317': attribute type 1 has an invalid length.
[ 1054.245483][T28240] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1054.249486][T28240] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1054.287462][T28240] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1054.295805][T28240] 8021q: adding VLAN 0 to HW filter on device team0
[ 1054.301455][T19190] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1054.303705][T19190] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1054.308844][T19215] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1054.311221][T19215] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1054.427255][T28240] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1054.469323][T28240] veth0_vlan: entered promiscuous mode
[ 1054.473740][T28240] veth1_vlan: entered promiscuous mode
[ 1054.482513][T28240] veth0_macvtap: entered promiscuous mode
[ 1054.485635][T28240] veth1_macvtap: entered promiscuous mode
[ 1054.492499][T28240] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1054.497148][T28240] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1054.501581][T19190] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.503107][T28308] blk_print_req_error: 75 callbacks suppressed
[ 1054.503118][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.504402][T19190] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.506423][T28308] buffer_io_error: 75 callbacks suppressed
[ 1054.506433][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.517484][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.520718][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.523419][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.526143][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.529367][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.532548][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.535182][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.538000][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.541560][T19190] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.541861][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.544410][T19190] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.547174][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.561252][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.569693][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.572850][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.580022][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.582872][T28308] ldm_validate_partition_table(): Disk read failed.
[ 1054.585126][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.588810][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.591795][T28308] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1054.594686][T28308] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1054.606264][T28308] Dev nbd0: unable to read RDB block 0
[ 1054.609177][T28308]  nbd0: unable to read partition table
[ 1054.614787][T28310] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1054.662337][T28266] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1054.666071][T28266] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1054.676309][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1054.676461][T28266] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1054.678891][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1054.691742][T28266] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1054.700116][T21786] Bluetooth: hci3: command tx timeout
[ 1054.720236][T19215] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1054.723597][T19215] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1054.744985][T28266] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1054.753669][T28266] 8021q: adding VLAN 0 to HW filter on device team0
[ 1054.758327][T19215] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1054.761315][T19215] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1054.767572][T19215] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1054.769795][T19215] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1054.892620][T28266] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1054.990836][T28266] veth0_vlan: entered promiscuous mode
[ 1054.995124][T28266] veth1_vlan: entered promiscuous mode
[ 1055.010234][T28266] veth0_macvtap: entered promiscuous mode
[ 1055.013575][T28266] veth1_macvtap: entered promiscuous mode
[ 1055.020972][T28266] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1055.026814][T28266] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1055.032774][T19190] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1055.037301][T19190] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1055.042156][T19190] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1055.045303][T19190] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1055.065988][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1055.069017][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1055.077318][T19198] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1055.080141][T19198] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1055.101655][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1055.105344][ T5388] Dev nbd0: unable to read RDB block 0
[ 1055.107497][ T5388]  nbd0: unable to read partition table
[ 1055.111481][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1055.113799][ T5388] Dev nbd0: unable to read RDB block 0
[ 1055.115803][ T5388]  nbd0: unable to read partition table
[ 1055.123116][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1055.125366][T24604] Dev nbd0: unable to read RDB block 0
[ 1055.127494][T24604]  nbd0: unable to read partition table
[ 1055.184189][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1055.188841][T24604] Dev nbd0: unable to read RDB block 0
[ 1055.194054][T24604]  nbd0: unable to read partition table
[ 1055.386372][T21786] Bluetooth: hci1: command tx timeout
[ 1055.691544][T28350] netlink: 'syz.2.6324': attribute type 1 has an invalid length.
[ 1055.966274][T28354] tipc: Started in network mode
[ 1055.984942][T28354] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1055.987953][T28354] tipc: Enabled bearer <eth:team0>, priority 0
[ 1056.042939][T28356] delete_channel: no stack
[ 1056.281013][T28362] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[ 1056.283514][T28362] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1056.286523][T28362] vhci_hcd vhci_hcd.0: Device attached
[ 1056.509909][T23504] usb 47-1: new high-speed USB device number 2 using vhci_hcd
[ 1056.513020][T28363] vhci_hcd: connection reset by peer
[ 1056.514940][T19215] vhci_hcd: stop threads
[ 1056.516261][T19215] vhci_hcd: release socket
[ 1056.517672][T19215] vhci_hcd: disconnect device
[ 1056.681508][T21786] Bluetooth: hci3: command tx timeout
[ 1057.075307][   T29] tipc: Node number set to 11578026
[ 1057.348949][T28376] FAULT_INJECTION: forcing a failure.
[ 1057.348949][T28376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1057.352961][T28376] CPU: 2 UID: 0 PID: 28376 Comm: syz.9.6332 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1057.352978][T28376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1057.352985][T28376] Call Trace:
[ 1057.352990][T28376]  <TASK>
[ 1057.352995][T28376]  dump_stack_lvl+0x16c/0x1f0
[ 1057.353014][T28376]  should_fail_ex+0x512/0x640
[ 1057.353031][T28376]  _copy_to_user+0x32/0xd0
[ 1057.353042][T28376]  simple_read_from_buffer+0xcb/0x170
[ 1057.353055][T28376]  proc_fail_nth_read+0x197/0x240
[ 1057.353067][T28376]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1057.353078][T28376]  ? security_file_permission+0x71/0x210
[ 1057.353094][T28376]  ? rw_verify_area+0xcf/0x6c0
[ 1057.353105][T28376]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1057.353117][T28376]  vfs_read+0x1e1/0xcf0
[ 1057.353130][T28376]  ? __pfx_vfs_read+0x10/0x10
[ 1057.353142][T28376]  ? rcu_is_watching+0x12/0xc0
[ 1057.353154][T28376]  ? __fget_files+0x20e/0x3c0
[ 1057.353168][T28376]  ksys_read+0x12a/0x250
[ 1057.353180][T28376]  ? __pfx_ksys_read+0x10/0x10
[ 1057.353193][T28376]  ? fput+0x9b/0xd0
[ 1057.353207][T28376]  ? rcu_is_watching+0x12/0xc0
[ 1057.353218][T28376]  __do_fast_syscall_32+0x7c/0x3a0
[ 1057.353235][T28376]  do_fast_syscall_32+0x32/0x80
[ 1057.353249][T28376]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1057.353264][T28376] RIP: 0023:0xf7f23579
[ 1057.353274][T28376] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1057.353290][T28376] RSP: 002b:00000000f5446590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1057.353301][T28376] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5446620
[ 1057.353308][T28376] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[ 1057.353315][T28376] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1057.353322][T28376] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1057.353328][T28376] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1057.353338][T28376]  </TASK>
[ 1057.367291][T21786] Bluetooth: hci1: command tx timeout
[ 1058.285274][T28396] netlink: 64 bytes leftover after parsing attributes in process `syz.0.6337'.
[ 1058.530794][   T40] audit: type=1326 audit(1755521362.346:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28400 comm="syz.2.6339" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x0
[ 1058.672315][T21786] Bluetooth: hci3: command tx timeout
[ 1059.349095][T21786] Bluetooth: hci1: command tx timeout
[ 1059.514580][T28416] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1059.617562][T28417] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input37
[ 1059.763426][T28424] netlink: 'syz.9.6345': attribute type 2 has an invalid length.
[ 1060.448568][T28435] Invalid source name
[ 1060.449148][T28433] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1060.653985][T21786] Bluetooth: hci3: command tx timeout
[ 1060.772734][   T40] audit: type=1326 audit(1755521364.697:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28443 comm="syz.5.6350" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x0
[ 1060.840617][T28448] delete_channel: no stack
[ 1061.085308][T19190] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1061.130603][T28455] FAULT_INJECTION: forcing a failure.
[ 1061.130603][T28455] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1061.134615][T28455] CPU: 3 UID: 0 PID: 28455 Comm: syz.2.6357 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1061.134632][T28455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1061.134639][T28455] Call Trace:
[ 1061.134644][T28455]  <TASK>
[ 1061.134648][T28455]  dump_stack_lvl+0x16c/0x1f0
[ 1061.134667][T28455]  should_fail_ex+0x512/0x640
[ 1061.134683][T28455]  _copy_from_user+0x2e/0xd0
[ 1061.134701][T28455]  get_compat_msghdr+0xa7/0x170
[ 1061.134716][T28455]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1061.134729][T28455]  ? kstrtouint_from_user+0x13c/0x1d0
[ 1061.134744][T28455]  ___sys_sendmsg+0x1ae/0x1d0
[ 1061.134771][T28455]  ? get_pid_task+0xfc/0x250
[ 1061.134787][T28455]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1061.134803][T28455]  ? rcu_is_watching+0x12/0xc0
[ 1061.134819][T28455]  __sys_sendmsg+0x16d/0x220
[ 1061.134833][T28455]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1061.134849][T28455]  ? rcu_is_watching+0x12/0xc0
[ 1061.134860][T28455]  __do_fast_syscall_32+0x7c/0x3a0
[ 1061.134876][T28455]  do_fast_syscall_32+0x32/0x80
[ 1061.134891][T28455]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1061.134905][T28455] RIP: 0023:0xf7f23579
[ 1061.134914][T28455] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1061.134926][T28455] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1061.134938][T28455] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[ 1061.134945][T28455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1061.134952][T28455] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1061.134959][T28455] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1061.134965][T28455] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1061.134975][T28455]  </TASK>
[ 1061.137007][T19190] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1061.211107][ T5985] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1061.214111][ T5985] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1061.217540][ T5985] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1061.221059][ T5985] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1061.225540][ T5985] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1061.242823][T28464] lo speed is unknown, defaulting to 1000
[ 1061.271627][T19190] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1061.285536][T28473] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6361'.
[ 1061.316295][T28464] chnl_net:caif_netlink_parms(): no params data found
[ 1061.357632][T28476] delete_channel: no stack
[ 1061.364677][T19190] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1061.396908][T23504] vhci_hcd: vhci_device speed not set
[ 1061.402243][T28464] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1061.404694][T28464] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1061.407364][T28464] bridge_slave_0: entered allmulticast mode
[ 1061.410127][T28464] bridge_slave_0: entered promiscuous mode
[ 1061.412823][T28464] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1061.415224][T28464] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1061.419319][T28464] bridge_slave_1: entered allmulticast mode
[ 1061.421624][T28464] bridge_slave_1: entered promiscuous mode
[ 1061.446305][T28464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1061.450277][T28464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1061.478270][T28464] team0: Port device team_slave_0 added
[ 1061.480962][T28464] team0: Port device team_slave_1 added
[ 1061.508711][T19190] bridge_slave_1: left allmulticast mode
[ 1061.511179][T19190] bridge_slave_1: left promiscuous mode
[ 1061.512941][T19190] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1061.515978][T19190] bridge_slave_0: left allmulticast mode
[ 1061.517776][T19190] bridge_slave_0: left promiscuous mode
[ 1061.519638][T19190] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1061.554931][T28487] blk_print_req_error: 75 callbacks suppressed
[ 1061.554986][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.561990][T28487] buffer_io_error: 75 callbacks suppressed
[ 1061.562001][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.568364][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.575748][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.588726][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.592745][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.607401][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.628811][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.629079][T19190] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1061.636197][T19190] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1061.639645][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.639853][T19190] bond0 (unregistering): Released all slaves
[ 1061.643598][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.647651][T28464] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1061.649817][T28464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1061.655680][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.657524][T28464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1061.661767][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.672003][T28464] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1061.673191][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.674352][T28464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1061.679440][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.685302][T28464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1061.699125][T28488] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1061.711283][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.717133][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.717242][T19190] tipc: Disabling bearer <eth:team0>
[ 1061.721654][T19190] tipc: Left network mode
[ 1061.722898][T28487] ldm_validate_partition_table(): Disk read failed.
[ 1061.725289][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.729878][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.734907][T28487] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1061.735177][T28464] hsr_slave_0: entered promiscuous mode
[ 1061.737730][T28487] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1061.740711][T28464] hsr_slave_1: entered promiscuous mode
[ 1061.742331][T28487] Dev nbd0: unable to read RDB block 0
[ 1061.746063][T28487]  nbd0: unable to read partition table
[ 1061.870396][T19190] hsr_slave_0: left promiscuous mode
[ 1061.872436][T19190] hsr_slave_1: left promiscuous mode
[ 1061.875230][T19190] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1061.878253][T19190] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1061.881808][T19190] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1061.884654][T19190] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1061.889646][T19190] veth1_macvtap: left promiscuous mode
[ 1061.891973][T19190] veth0_macvtap: left promiscuous mode
[ 1061.894098][T19190] veth1_vlan: left promiscuous mode
[ 1061.896006][T19190] veth0_vlan: left promiscuous mode
[ 1061.981263][T19190] team0 (unregistering): Port device team_slave_1 removed
[ 1061.986963][T19190] team0 (unregistering): Port device team_slave_0 removed
[ 1062.175900][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1062.178804][ T5388] Dev nbd0: unable to read RDB block 0
[ 1062.181011][ T5388]  nbd0: unable to read partition table
[ 1062.183785][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1062.186548][ T5388] Dev nbd0: unable to read RDB block 0
[ 1062.189724][ T5388]  nbd0: unable to read partition table
[ 1062.198806][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1062.201072][T24604] Dev nbd0: unable to read RDB block 0
[ 1062.203042][T24604]  nbd0: unable to read partition table
[ 1062.207873][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1062.210179][T24604] Dev nbd0: unable to read RDB block 0
[ 1062.212111][T24604]  nbd0: unable to read partition table
[ 1062.246082][T28498] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1062.329734][T28501] (syz.0.6367,28501,3):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[ 1062.350182][T28464] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1062.356881][T28464] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1062.361864][T28464] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1062.365818][T28464] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1062.403339][T28464] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1062.420243][T28464] 8021q: adding VLAN 0 to HW filter on device team0
[ 1062.430830][T19215] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1062.433177][T19215] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1062.454285][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1062.456680][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1062.559303][T28521] netlink: 132 bytes leftover after parsing attributes in process `syz.5.6370'.
[ 1062.572774][T28464] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1062.594223][T28464] veth0_vlan: entered promiscuous mode
[ 1062.602372][T28464] veth1_vlan: entered promiscuous mode
[ 1062.617773][T28464] veth0_macvtap: entered promiscuous mode
[ 1062.621480][T28464] veth1_macvtap: entered promiscuous mode
[ 1062.628507][T28464] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1062.633108][T28464] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1062.640336][T19215] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.643259][T19215] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.647397][T19215] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.650695][T19215] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.684895][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1062.687780][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1062.710794][T19215] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1062.714348][T19215] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1062.760725][   T40] audit: type=1326 audit(1755521366.786:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28522 comm="syz.5.6371" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x0
[ 1063.044763][T28538] ldm_validate_partition_table(): Disk read failed.
[ 1063.052511][T28538] Dev nbd0: unable to read RDB block 0
[ 1063.055730][T28538]  nbd0: unable to read partition table
[ 1063.061733][T28538] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[ 1063.071700][T28538] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1063.159165][ T5985] Bluetooth: hci2: command tx timeout
[ 1063.569871][T28549] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6378'.
[ 1063.575119][T28549] vxlan0: entered promiscuous mode
[ 1063.577479][T19172] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1063.580846][T19172] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1063.583946][T19172] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1063.587388][T19172] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1063.674067][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1063.676254][ T5388] Dev nbd0: unable to read RDB block 0
[ 1063.678074][ T5388]  nbd0: unable to read partition table
[ 1063.680473][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1063.683299][ T5388] Dev nbd0: unable to read RDB block 0
[ 1063.685124][ T5388]  nbd0: unable to read partition table
[ 1063.690792][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1063.693837][T24604] Dev nbd0: unable to read RDB block 0
[ 1063.695777][T24604]  nbd0: unable to read partition table
[ 1063.702868][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1063.705075][T24604] Dev nbd0: unable to read RDB block 0
[ 1063.706979][T24604]  nbd0: unable to read partition table
[ 1063.713951][T28556] lo speed is unknown, defaulting to 1000
[ 1063.964369][T28573] ldm_validate_partition_table(): Disk read failed.
[ 1063.967156][T28573] Dev nbd0: unable to read RDB block 0
[ 1063.970239][T28573]  nbd0: unable to read partition table
[ 1063.978316][T28573] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[ 1063.990024][T28573] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1064.037550][   T40] audit: type=1326 audit(1755521368.120:2283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28571 comm="syz.3.6385" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x0
[ 1064.564349][T28584] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6388'.
[ 1064.585050][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1064.588361][ T5388] Dev nbd0: unable to read RDB block 0
[ 1064.592846][ T5388]  nbd0: unable to read partition table
[ 1064.609639][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1064.614352][ T5388] Dev nbd0: unable to read RDB block 0
[ 1064.618721][ T5388]  nbd0: unable to read partition table
[ 1064.627071][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1064.631063][T24604] Dev nbd0: unable to read RDB block 0
[ 1064.633065][T24604]  nbd0: unable to read partition table
[ 1064.640558][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1064.644137][T24604] Dev nbd0: unable to read RDB block 0
[ 1064.646651][T24604]  nbd0: unable to read partition table
[ 1064.879349][T28591] ldm_validate_partition_table(): Disk read failed.
[ 1064.883333][T28591] Dev nbd0: unable to read RDB block 0
[ 1064.887137][T28591]  nbd0: unable to read partition table
[ 1064.892725][T28591] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[ 1064.902378][T28591] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1064.965373][T28593] syzkaller1: entered promiscuous mode
[ 1064.974988][T28593] syzkaller1: entered allmulticast mode
[ 1065.140484][ T5985] Bluetooth: hci2: command tx timeout
[ 1065.173978][T28596] FAULT_INJECTION: forcing a failure.
[ 1065.173978][T28596] name failslab, interval 1, probability 0, space 0, times 0
[ 1065.177936][T28596] CPU: 2 UID: 0 PID: 28596 Comm: syz.2.6391 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1065.177952][T28596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1065.177960][T28596] Call Trace:
[ 1065.177965][T28596]  <TASK>
[ 1065.177970][T28596]  dump_stack_lvl+0x16c/0x1f0
[ 1065.177988][T28596]  should_fail_ex+0x512/0x640
[ 1065.178005][T28596]  should_failslab+0xc2/0x120
[ 1065.178021][T28596]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1065.178034][T28596]  ? security_file_alloc+0x34/0x2b0
[ 1065.178051][T28596]  security_file_alloc+0x34/0x2b0
[ 1065.178077][T28596]  init_file+0x93/0x4c0
[ 1065.178094][T28596]  alloc_empty_file+0x73/0x1e0
[ 1065.178110][T28596]  path_openat+0xda/0x2cb0
[ 1065.178123][T28596]  ? do_fast_syscall_32+0x32/0x80
[ 1065.178138][T28596]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1065.178154][T28596]  ? __pfx_path_openat+0x10/0x10
[ 1065.178168][T28596]  do_filp_open+0x20b/0x470
[ 1065.178181][T28596]  ? __pfx_do_filp_open+0x10/0x10
[ 1065.178197][T28596]  ? _raw_spin_unlock+0x28/0x50
[ 1065.178209][T28596]  ? alloc_fd+0x471/0x7d0
[ 1065.178222][T28596]  do_sys_openat2+0x11b/0x1d0
[ 1065.178239][T28596]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1065.178257][T28596]  ? __fget_files+0x20e/0x3c0
[ 1065.178269][T28596]  __ia32_compat_sys_openat+0x16d/0x210
[ 1065.178280][T28596]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[ 1065.178290][T28596]  ? ksys_write+0x1ac/0x250
[ 1065.178303][T28596]  ? rcu_is_watching+0x12/0xc0
[ 1065.178316][T28596]  __do_fast_syscall_32+0x7c/0x3a0
[ 1065.178331][T28596]  do_fast_syscall_32+0x32/0x80
[ 1065.178346][T28596]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1065.178359][T28596] RIP: 0023:0xf7f23579
[ 1065.178368][T28596] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1065.178379][T28596] RSP: 002b:00000000f542555c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[ 1065.178391][T28596] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000a80
[ 1065.178403][T28596] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1065.178409][T28596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1065.178416][T28596] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1065.178423][T28596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1065.178432][T28596]  </TASK>
[ 1065.310796][T28605] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6394'.
[ 1065.314745][T28605] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6394'.
[ 1065.488037][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1065.493509][ T5388] Dev nbd0: unable to read RDB block 0
[ 1065.498138][ T5388]  nbd0: unable to read partition table
[ 1065.501962][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1065.504724][ T5388] Dev nbd0: unable to read RDB block 0
[ 1065.506639][ T5388]  nbd0: unable to read partition table
[ 1065.521603][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1065.524013][T24604] Dev nbd0: unable to read RDB block 0
[ 1065.527163][T24604]  nbd0: unable to read partition table
[ 1065.533298][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1065.536473][T24604] Dev nbd0: unable to read RDB block 0
[ 1065.538782][T24604]  nbd0: unable to read partition table
[ 1065.776039][T28614] ldm_validate_partition_table(): Disk read failed.
[ 1065.785783][T28614] Dev nbd0: unable to read RDB block 0
[ 1065.791813][T28614]  nbd0: unable to read partition table
[ 1065.796885][T28614] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[ 1065.805538][T28614] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1066.112167][   T40] audit: type=1326 audit(1755521370.293:2284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28616 comm="syz.2.6398" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x0
[ 1066.403536][ T5388] blk_print_req_error: 346 callbacks suppressed
[ 1066.403548][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.408771][ T5388] buffer_io_error: 346 callbacks suppressed
[ 1066.408779][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.413673][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.416487][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.419612][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.422430][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.424905][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.427908][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.430458][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.433257][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.435771][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.439524][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.442628][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.446457][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.449892][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.452943][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.456221][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1066.458384][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.461635][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.464186][ T5388] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1066.467491][ T5388] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1066.470093][ T5388] Dev nbd0: unable to read RDB block 0
[ 1066.471973][ T5388]  nbd0: unable to read partition table
[ 1066.475360][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1066.477592][ T5388] Dev nbd0: unable to read RDB block 0
[ 1066.479577][ T5388]  nbd0: unable to read partition table
[ 1066.487223][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1066.489537][T24604] Dev nbd0: unable to read RDB block 0
[ 1066.491507][T24604]  nbd0: unable to read partition table
[ 1066.495181][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1066.497381][T24604] Dev nbd0: unable to read RDB block 0
[ 1066.499250][T24604]  nbd0: unable to read partition table
[ 1067.121925][ T5985] Bluetooth: hci2: command tx timeout
[ 1067.304983][T28647] tipc: Started in network mode
[ 1067.307209][T28647] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1067.310726][T28647] tipc: Enabled bearer <eth:team0>, priority 0
[ 1067.527191][T28653] FAULT_INJECTION: forcing a failure.
[ 1067.527191][T28653] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1067.532436][T28653] CPU: 2 UID: 0 PID: 28653 Comm: syz.3.6409 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1067.532453][T28653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1067.532460][T28653] Call Trace:
[ 1067.532465][T28653]  <TASK>
[ 1067.532469][T28653]  dump_stack_lvl+0x16c/0x1f0
[ 1067.532487][T28653]  should_fail_ex+0x512/0x640
[ 1067.532509][T28653]  should_fail_alloc_page+0xe7/0x130
[ 1067.532532][T28653]  prepare_alloc_pages+0x3c2/0x610
[ 1067.532557][T28653]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1067.532576][T28653]  ? arch_stack_walk+0xa6/0x100
[ 1067.532590][T28653]  ? stack_trace_save+0x8e/0xc0
[ 1067.532603][T28653]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1067.532617][T28653]  ? rcu_is_watching+0x12/0xc0
[ 1067.532636][T28653]  ? kasan_save_track+0x14/0x30
[ 1067.532653][T28653]  ? __kasan_slab_alloc+0x89/0x90
[ 1067.532671][T28653]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 1067.532689][T28653]  ? __pmd_alloc+0xbf/0x930
[ 1067.532711][T28653]  ? __handle_mm_fault+0xa06/0x2a50
[ 1067.532724][T28653]  ? handle_mm_fault+0x589/0xd10
[ 1067.532734][T28653]  ? do_user_addr_fault+0x7a6/0x1370
[ 1067.532757][T28653]  ? exc_page_fault+0x5c/0xb0
[ 1067.532775][T28653]  ? asm_exc_page_fault+0x26/0x30
[ 1067.532790][T28653]  ? _copy_from_user+0x93/0xd0
[ 1067.532813][T28653]  ? copy_from_sockptr_offset.constprop.0+0x136/0x170
[ 1067.532835][T28653]  ? rds_setsockopt+0x65a/0xba0
[ 1067.532857][T28653]  ? do_sock_setsockopt+0xf3/0x1d0
[ 1067.532880][T28653]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1067.532904][T28653]  ? policy_nodemask+0xea/0x4e0
[ 1067.532922][T28653]  alloc_pages_mpol+0x1fb/0x550
[ 1067.532942][T28653]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1067.532964][T28653]  alloc_pages_noprof+0x131/0x390
[ 1067.532985][T28653]  pte_alloc_one+0x1c/0x3a0
[ 1067.533001][T28653]  __pte_alloc+0x6d/0x3c0
[ 1067.533020][T28653]  ? __pfx___pte_alloc+0x10/0x10
[ 1067.533038][T28653]  ? rcu_is_watching+0x12/0xc0
[ 1067.533055][T28653]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1067.533079][T28653]  do_pte_missing+0x285a/0x3ba0
[ 1067.533095][T28653]  ? do_raw_spin_unlock+0x172/0x230
[ 1067.533118][T28653]  ? _raw_spin_unlock+0x28/0x50
[ 1067.533140][T28653]  ? __pmd_alloc+0x3fb/0x930
[ 1067.533160][T28653]  __handle_mm_fault+0x152a/0x2a50
[ 1067.533178][T28653]  ? mt_find+0x3ef/0xa30
[ 1067.533199][T28653]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1067.533214][T28653]  ? __pfx_mt_find+0x10/0x10
[ 1067.533236][T28653]  ? find_vma+0xbf/0x140
[ 1067.533255][T28653]  ? __pfx_find_vma+0x10/0x10
[ 1067.533276][T28653]  handle_mm_fault+0x589/0xd10
[ 1067.533292][T28653]  ? __bpf_trace_exceptions+0x1/0x40
[ 1067.533315][T28653]  do_user_addr_fault+0x7a6/0x1370
[ 1067.533336][T28653]  ? rcu_is_watching+0x12/0xc0
[ 1067.533353][T28653]  exc_page_fault+0x5c/0xb0
[ 1067.533371][T28653]  asm_exc_page_fault+0x26/0x30
[ 1067.533386][T28653] RIP: 0010:_copy_from_user+0x93/0xd0
[ 1067.533422][T28653] Code: 7f da fc 89 ee 4c 89 ef 48 b8 00 f0 ff ff ff 7f 00 00 48 39 c3 48 0f 47 d8 e8 49 e5 3f fd 0f 01 cb 4c 89 ef 48 89 de 48 89 e9 <f3> a4 0f 1f 00 49 89 cc 48 89 cb 0f 01 ca 31 ff 48 89 ce e8 e5 7a
[ 1067.533438][T28653] RSP: 0018:ffffc9000425fc68 EFLAGS: 00050297
[ 1067.533453][T28653] RAX: 0000000000000001 RBX: 0000000080000000 RCX: 0000000000000004
[ 1067.533463][T28653] RDX: fffff5200084bfaf RSI: 0000000080000000 RDI: ffffc9000425fd78
[ 1067.533474][T28653] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff5200084bfaf
[ 1067.533484][T28653] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000
[ 1067.533494][T28653] R13: ffffc9000425fd78 R14: ffffc9000425fd78 R15: 0000000080000000
[ 1067.533507][T28653]  ? _copy_from_user+0x87/0xd0
[ 1067.533530][T28653]  copy_from_sockptr_offset.constprop.0+0x136/0x170
[ 1067.533556][T28653]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[ 1067.533580][T28653]  ? __pfx___might_resched+0x10/0x10
[ 1067.533596][T28653]  ? lock_release+0x201/0x2f0
[ 1067.533614][T28653]  rds_setsockopt+0x65a/0xba0
[ 1067.533639][T28653]  ? __pfx_rds_setsockopt+0x10/0x10
[ 1067.533664][T28653]  ? aa_sock_opt_perm+0xfd/0x1c0
[ 1067.533680][T28653]  ? __pfx_rds_setsockopt+0x10/0x10
[ 1067.533704][T28653]  do_sock_setsockopt+0xf3/0x1d0
[ 1067.533727][T28653]  __sys_setsockopt+0x120/0x1a0
[ 1067.533744][T28653]  __ia32_sys_setsockopt+0xbc/0x160
[ 1067.533764][T28653]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1067.533785][T28653]  __do_fast_syscall_32+0x7c/0x3a0
[ 1067.533807][T28653]  do_fast_syscall_32+0x32/0x80
[ 1067.533824][T28653]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1067.533843][T28653] RIP: 0023:0xf7f76579
[ 1067.533856][T28653] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1067.533870][T28653] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[ 1067.533885][T28653] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000114
[ 1067.533895][T28653] RDX: 000000000000000a RSI: 0000000080000000 RDI: 0000000000000004
[ 1067.533905][T28653] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1067.533911][T28653] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1067.533919][T28653] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1067.533934][T28653]  </TASK>
[ 1067.562537][T28650] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input38
[ 1067.685013][T28657] FAULT_INJECTION: forcing a failure.
[ 1067.685013][T28657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1067.726639][T28657] CPU: 2 UID: 0 PID: 28657 Comm: syz.3.6410 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1067.726656][T28657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1067.726664][T28657] Call Trace:
[ 1067.726669][T28657]  <TASK>
[ 1067.726673][T28657]  dump_stack_lvl+0x16c/0x1f0
[ 1067.726691][T28657]  should_fail_ex+0x512/0x640
[ 1067.726708][T28657]  strncpy_from_user+0x3b/0x2e0
[ 1067.726723][T28657]  getname_flags.part.0+0x8f/0x550
[ 1067.726741][T28657]  getname_flags+0x93/0xf0
[ 1067.726754][T28657]  __ia32_sys_rename+0x64/0xa0
[ 1067.726769][T28657]  __do_fast_syscall_32+0x7c/0x3a0
[ 1067.726785][T28657]  do_fast_syscall_32+0x32/0x80
[ 1067.726800][T28657]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1067.726814][T28657] RIP: 0023:0xf7f76579
[ 1067.726823][T28657] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1067.726834][T28657] RSP: 002b:00000000f545455c EFLAGS: 00000296 ORIG_RAX: 0000000000000026
[ 1067.726845][T28657] RAX: ffffffffffffffda RBX: 0000000080000100 RCX: 00000000800000c0
[ 1067.726852][T28657] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1067.726858][T28657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1067.726865][T28657] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1067.726872][T28657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1067.726881][T28657]  </TASK>
[ 1068.054286][   T40] audit: type=1326 audit(1755521372.329:2285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28666 comm="syz.2.6414" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x0
[ 1068.255251][   T29] tipc: Node number set to 11578026
[ 1068.910085][T28694] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1068.949701][T28696] FAULT_INJECTION: forcing a failure.
[ 1068.949701][T28696] name failslab, interval 1, probability 0, space 0, times 0
[ 1068.955251][T28696] CPU: 3 UID: 0 PID: 28696 Comm: syz.2.6420 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1068.955270][T28696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1068.955278][T28696] Call Trace:
[ 1068.955282][T28696]  <TASK>
[ 1068.955287][T28696]  dump_stack_lvl+0x16c/0x1f0
[ 1068.955307][T28696]  should_fail_ex+0x512/0x640
[ 1068.955326][T28696]  ? io_cache_alloc_new+0x45/0xf0
[ 1068.955349][T28696]  should_failslab+0xc2/0x120
[ 1068.955366][T28696]  __kmalloc_noprof+0xd2/0x510
[ 1068.955381][T28696]  io_cache_alloc_new+0x45/0xf0
[ 1068.955398][T28696]  io_alloc_imu+0x1b2/0x200
[ 1068.955415][T28696]  io_sqe_buffer_register+0x1c5/0x2010
[ 1068.955435][T28696]  ? __pfx_folios_put_refs+0x10/0x10
[ 1068.955451][T28696]  ? _parse_integer_limit+0x17f/0x1d0
[ 1068.955466][T28696]  ? __pfx_io_sqe_buffer_register+0x10/0x10
[ 1068.955484][T28696]  ? _kstrtoull+0x145/0x200
[ 1068.955501][T28696]  ? iovec_from_user+0xbb/0x140
[ 1068.955517][T28696]  __io_register_rsrc_update+0x449/0x1110
[ 1068.955542][T28696]  ? __pfx___io_register_rsrc_update+0x10/0x10
[ 1068.955561][T28696]  ? __might_fault+0xe3/0x190
[ 1068.955574][T28696]  ? __might_fault+0x13b/0x190
[ 1068.955587][T28696]  ? __might_fault+0xe3/0x190
[ 1068.955600][T28696]  ? lock_release+0x201/0x2f0
[ 1068.955617][T28696]  io_register_rsrc_update+0x11b/0x180
[ 1068.955636][T28696]  ? __pfx_io_register_rsrc_update+0x10/0x10
[ 1068.955655][T28696]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1068.955673][T28696]  __io_uring_register+0x1ca/0x23c0
[ 1068.955690][T28696]  ? __pfx___io_uring_register+0x10/0x10
[ 1068.955706][T28696]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1068.955722][T28696]  ? rcu_is_watching+0x12/0xc0
[ 1068.955735][T28696]  ? __pfx___mutex_lock+0x10/0x10
[ 1068.955749][T28696]  ? __fget_files+0x204/0x3c0
[ 1068.955762][T28696]  ? rcu_is_watching+0x12/0xc0
[ 1068.955773][T28696]  ? lock_release+0x201/0x2f0
[ 1068.955788][T28696]  ? __fget_files+0x20e/0x3c0
[ 1068.955802][T28696]  __ia32_sys_io_uring_register+0x169/0x280
[ 1068.955820][T28696]  __do_fast_syscall_32+0x7c/0x3a0
[ 1068.955837][T28696]  do_fast_syscall_32+0x32/0x80
[ 1068.955852][T28696]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1068.955867][T28696] RIP: 0023:0xf7f23579
[ 1068.955877][T28696] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1068.955888][T28696] RSP: 002b:00000000f540455c EFLAGS: 00000296 ORIG_RAX: 00000000000001ab
[ 1068.955900][T28696] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000010
[ 1068.955908][T28696] RDX: 00000000800003c0 RSI: 0000000000000020 RDI: 0000000000000000
[ 1068.955915][T28696] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1068.955922][T28696] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1068.955929][T28696] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1068.955939][T28696]  </TASK>
[ 1069.112558][ T5985] Bluetooth: hci2: command tx timeout
[ 1069.884073][    T9] usb 7-1: new high-speed USB device number 120 using dummy_hcd
[ 1069.942559][T19190] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1069.997353][T28710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6425'.
[ 1070.003595][T28710] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6425'.
[ 1070.007980][    T9] usb 7-1: device descriptor read/64, error -71
[ 1070.255539][    T9] usb 7-1: new high-speed USB device number 121 using dummy_hcd
[ 1070.379401][    T9] usb 7-1: device descriptor read/64, error -71
[ 1070.485274][    T9] usb usb7-port1: attempt power cycle
[ 1070.817319][    T9] usb 7-1: new high-speed USB device number 122 using dummy_hcd
[ 1070.837101][    T9] usb 7-1: device descriptor read/8, error -71
[ 1071.074611][    T9] usb 7-1: new high-speed USB device number 123 using dummy_hcd
[ 1071.094291][    T9] usb 7-1: device descriptor read/8, error -71
[ 1071.198438][    T9] usb usb7-port1: unable to enumerate USB device
[ 1071.496630][   T40] audit: type=1326 audit(1755521375.951:2286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28715 comm="syz.5.6427" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x0
[ 1071.769278][T28723] FAULT_INJECTION: forcing a failure.
[ 1071.769278][T28723] name failslab, interval 1, probability 0, space 0, times 0
[ 1071.774928][T28723] CPU: 1 UID: 0 PID: 28723 Comm: syz.3.6428 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1071.774955][T28723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1071.774963][T28723] Call Trace:
[ 1071.774968][T28723]  <TASK>
[ 1071.774973][T28723]  dump_stack_lvl+0x16c/0x1f0
[ 1071.774990][T28723]  should_fail_ex+0x512/0x640
[ 1071.775008][T28723]  should_failslab+0xc2/0x120
[ 1071.775023][T28723]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1071.775038][T28723]  ? skb_clone+0x190/0x3f0
[ 1071.775053][T28723]  skb_clone+0x190/0x3f0
[ 1071.775075][T28723]  netlink_deliver_tap+0xabd/0xd30
[ 1071.775091][T28723]  netlink_dump+0xa5f/0xd30
[ 1071.775105][T28723]  ? __pfx_netlink_dump+0x10/0x10
[ 1071.775118][T28723]  ? rcu_is_watching+0x12/0xc0
[ 1071.775130][T28723]  ? trace_irq_enable.constprop.0+0xd4/0x120
[ 1071.775150][T28723]  ? kfree_skbmem+0x1a4/0x1f0
[ 1071.775160][T28723]  netlink_recvmsg+0x7dc/0xa90
[ 1071.775174][T28723]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1071.775188][T28723]  ? lock_release+0x201/0x2f0
[ 1071.775202][T28723]  ? bpf_ksym_find+0x124/0x1c0
[ 1071.775212][T28723]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1071.775225][T28723]  sock_recvmsg+0x1f6/0x250
[ 1071.775243][T28723]  ____sys_recvmsg+0x218/0x6b0
[ 1071.775260][T28723]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1071.775277][T28723]  ? import_iovec+0x86/0xb0
[ 1071.775289][T28723]  ? rcu_is_watching+0x12/0xc0
[ 1071.775301][T28723]  ___sys_recvmsg+0x114/0x1a0
[ 1071.775316][T28723]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1071.775338][T28723]  do_recvmmsg+0x55d/0x750
[ 1071.775353][T28723]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1071.775366][T28723]  ? preempt_count_add+0x76/0x150
[ 1071.775382][T28723]  ? ksys_write+0x190/0x250
[ 1071.775395][T28723]  ? rcu_is_watching+0x12/0xc0
[ 1071.775406][T28723]  ? lock_release+0x201/0x2f0
[ 1071.775422][T28723]  ? __fget_files+0x20e/0x3c0
[ 1071.775435][T28723]  __sys_recvmmsg+0x21c/0x280
[ 1071.775450][T28723]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1071.775464][T28723]  ? __pfx_ksys_write+0x10/0x10
[ 1071.775478][T28723]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[ 1071.775494][T28723]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1071.775510][T28723]  __do_fast_syscall_32+0x7c/0x3a0
[ 1071.775526][T28723]  do_fast_syscall_32+0x32/0x80
[ 1071.775543][T28723]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1071.775557][T28723] RIP: 0023:0xf7f76579
[ 1071.775565][T28723] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1071.775576][T28723] RSP: 002b:00000000f545455c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[ 1071.775588][T28723] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000780
[ 1071.775595][T28723] RDX: 0000000000000054 RSI: 0000000040012100 RDI: 0000000000000000
[ 1071.775602][T28723] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1071.775608][T28723] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1071.775615][T28723] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1071.775624][T28723]  </TASK>
[ 1071.871789][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1071.922724][ T5985] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1072.508598][T28733] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6431'.
[ 1072.695094][T28744] block device autoloading is deprecated and will be removed.
[ 1073.001873][   T40] audit: type=1326 audit(1755521377.536:2287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28748 comm="syz.0.6438" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x0
[ 1073.334311][T28765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1073.337587][T28765] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1073.522976][    T9] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1073.684660][    T9] usb 10-1: Using ep0 maxpacket: 8
[ 1073.690599][    T9] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1073.699406][    T9] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1073.702389][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1073.706859][    T9] usb 10-1: config 0 descriptor??
[ 1073.989359][ T6059] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[ 1074.097417][    T9] mcp2221 0003:04D8:00DD.001E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[ 1074.143422][ T6059] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1074.146778][ T6059] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1074.149864][ T6059] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1074.152863][ T6059] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1074.157181][T28770] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[ 1074.161166][ T6059] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1074.361734][ T2301] usb 10-1: USB disconnect, device number 2
[ 1075.891318][T28780] FAULT_INJECTION: forcing a failure.
[ 1075.891318][T28780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1075.895604][T28780] CPU: 0 UID: 0 PID: 28780 Comm: syz.5.6447 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1075.895619][T28780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1075.895627][T28780] Call Trace:
[ 1075.895631][T28780]  <TASK>
[ 1075.895636][T28780]  dump_stack_lvl+0x16c/0x1f0
[ 1075.895654][T28780]  should_fail_ex+0x512/0x640
[ 1075.895671][T28780]  strncpy_from_user+0x3b/0x2e0
[ 1075.895686][T28780]  getname_flags.part.0+0x8f/0x550
[ 1075.895704][T28780]  ? bpf_lsm_capable+0x9/0x10
[ 1075.895715][T28780]  getname_flags+0x93/0xf0
[ 1075.895727][T28780]  __do_sys_move_mount+0x3e2/0x7d0
[ 1075.895742][T28780]  ? __pfx___do_sys_move_mount+0x10/0x10
[ 1075.895755][T28780]  ? ksys_write+0x1ac/0x250
[ 1075.895768][T28780]  ? __pfx_ksys_write+0x10/0x10
[ 1075.895781][T28780]  ? rcu_is_watching+0x12/0xc0
[ 1075.895794][T28780]  __do_fast_syscall_32+0x7c/0x3a0
[ 1075.895810][T28780]  do_fast_syscall_32+0x32/0x80
[ 1075.895825][T28780]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1075.895839][T28780] RIP: 0023:0xf7fe7579
[ 1075.895848][T28780] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1075.895859][T28780] RSP: 002b:00000000f550655c EFLAGS: 00000296 ORIG_RAX: 00000000000001ad
[ 1075.895871][T28780] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[ 1075.895878][T28780] RDX: 00000000ffffff9c RSI: 0000000080000180 RDI: 0000000000000000
[ 1075.895885][T28780] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1075.895891][T28780] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1075.895898][T28780] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1075.895907][T28780]  </TASK>
[ 1075.986964][T28783] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1076.354403][T28792] netlink: 7 bytes leftover after parsing attributes in process `syz.3.6450'.
[ 1076.357340][T28792] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6450'.
[ 1076.388799][T28791] rtc_cmos 00:05: Alarms can be up to one day in the future
[ 1076.458710][   T54] rtc_cmos 00:05: Alarms can be up to one day in the future
[ 1076.462082][   T54] rtc_cmos 00:05: Alarms can be up to one day in the future
[ 1076.464978][   T54] rtc_cmos 00:05: Alarms can be up to one day in the future
[ 1076.468154][   T54] rtc_cmos 00:05: Alarms can be up to one day in the future
[ 1076.470763][   T54] rtc rtc0: __rtc_set_alarm: err=-22
[ 1076.685554][   T29] usb 5-1: USB disconnect, device number 103
[ 1077.048277][T28816] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input39
[ 1077.631844][T28831] blk_print_req_error: 59 callbacks suppressed
[ 1077.631885][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.636753][T28831] buffer_io_error: 59 callbacks suppressed
[ 1077.636790][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.641508][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.644415][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.647068][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.650029][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.652800][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.655688][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.658610][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.661407][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.664152][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.667137][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.669914][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.672711][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.675361][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.678329][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.681396][T28831] ldm_validate_partition_table(): Disk read failed.
[ 1077.695450][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.709010][T28832] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1077.712282][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.728025][T28831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1077.731943][T28831] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1077.868449][T28831] Dev nbd0: unable to read RDB block 0
[ 1077.881684][T28831]  nbd0: unable to read partition table
[ 1077.979955][T28837] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1078.264376][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1078.267180][ T5388] Dev nbd0: unable to read RDB block 0
[ 1078.269388][ T5388]  nbd0: unable to read partition table
[ 1078.272414][ T5388] ldm_validate_partition_table(): Disk read failed.
[ 1078.274937][ T5388] Dev nbd0: unable to read RDB block 0
[ 1078.277057][ T5388]  nbd0: unable to read partition table
[ 1078.284086][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1078.286820][T24604] Dev nbd0: unable to read RDB block 0
[ 1078.289075][T24604]  nbd0: unable to read partition table
[ 1078.292279][T24604] ldm_validate_partition_table(): Disk read failed.
[ 1078.294768][T24604] Dev nbd0: unable to read RDB block 0
[ 1078.297185][T24604]  nbd0: unable to read partition table
[ 1078.948249][T28863] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6473'.
[ 1079.048837][T28863] block nbd1: server does not support multiple connections per device.
[ 1079.052066][T28863] block nbd1: shutting down sockets
[ 1079.076508][T28869] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6476'.
[ 1079.124306][T28871] overlayfs: missing 'lowerdir'
[ 1079.265642][T28873] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1079.356123][   T54] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[ 1079.515746][   T54] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1079.520035][   T54] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1079.524197][   T54] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1079.527696][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1079.533002][T28871] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1079.538377][   T54] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1079.605864][T28882] autofs4:pid:28882:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.32), cmd(0xc018937e)
[ 1079.612233][T28882] autofs4:pid:28882:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e)
[ 1079.731073][ T7158] usb 5-1: USB disconnect, device number 104
[ 1080.124264][T28893] block nbd1: server does not support multiple connections per device.
[ 1080.127109][T28893] block nbd1: shutting down sockets
[ 1080.582263][T28907] FAULT_INJECTION: forcing a failure.
[ 1080.582263][T28907] name failslab, interval 1, probability 0, space 0, times 0
[ 1080.586036][T28907] CPU: 1 UID: 0 PID: 28907 Comm: syz.3.6488 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1080.586052][T28907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1080.586059][T28907] Call Trace:
[ 1080.586064][T28907]  <TASK>
[ 1080.586074][T28907]  dump_stack_lvl+0x16c/0x1f0
[ 1080.586093][T28907]  should_fail_ex+0x512/0x640
[ 1080.586111][T28907]  should_failslab+0xc2/0x120
[ 1080.586127][T28907]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1080.586139][T28907]  ? loopback_open+0x145/0x13a0
[ 1080.586155][T28907]  loopback_open+0x145/0x13a0
[ 1080.586170][T28907]  snd_pcm_open_substream+0xa5d/0x17f0
[ 1080.586184][T28907]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1080.586198][T28907]  snd_pcm_oss_open+0x735/0x1400
[ 1080.586218][T28907]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1080.586235][T28907]  ? tomoyo_check_open_permission+0x20e/0x3c0
[ 1080.586250][T28907]  ? __pfx_default_wake_function+0x10/0x10
[ 1080.586262][T28907]  ? do_fast_syscall_32+0x32/0x80
[ 1080.586277][T28907]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1080.586293][T28907]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1080.586310][T28907]  ? rcu_is_watching+0x12/0xc0
[ 1080.586321][T28907]  ? lock_release+0x201/0x2f0
[ 1080.586336][T28907]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1080.586354][T28907]  soundcore_open+0x409/0x580
[ 1080.586369][T28907]  ? __pfx_soundcore_open+0x10/0x10
[ 1080.586384][T28907]  chrdev_open+0x234/0x6a0
[ 1080.586398][T28907]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1080.586410][T28907]  ? __pfx_chrdev_open+0x10/0x10
[ 1080.586425][T28907]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1080.586439][T28907]  do_dentry_open+0x982/0x1530
[ 1080.586453][T28907]  ? __pfx_chrdev_open+0x10/0x10
[ 1080.586468][T28907]  vfs_open+0x82/0x3f0
[ 1080.586484][T28907]  path_openat+0x1de4/0x2cb0
[ 1080.586499][T28907]  ? __pfx_path_openat+0x10/0x10
[ 1080.586513][T28907]  do_filp_open+0x20b/0x470
[ 1080.586528][T28907]  ? __pfx_do_filp_open+0x10/0x10
[ 1080.586544][T28907]  ? _raw_spin_unlock+0x28/0x50
[ 1080.586556][T28907]  ? alloc_fd+0x471/0x7d0
[ 1080.586569][T28907]  do_sys_openat2+0x11b/0x1d0
[ 1080.586585][T28907]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1080.586603][T28907]  ? __fget_files+0x20e/0x3c0
[ 1080.586615][T28907]  __ia32_compat_sys_openat+0x16d/0x210
[ 1080.586626][T28907]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[ 1080.586636][T28907]  ? ksys_write+0x1ac/0x250
[ 1080.586649][T28907]  ? rcu_is_watching+0x12/0xc0
[ 1080.586661][T28907]  __do_fast_syscall_32+0x7c/0x3a0
[ 1080.586676][T28907]  do_fast_syscall_32+0x32/0x80
[ 1080.586691][T28907]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1080.586705][T28907] RIP: 0023:0xf7f76579
[ 1080.586713][T28907] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1080.586724][T28907] RSP: 002b:00000000f545455c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[ 1080.586735][T28907] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000000
[ 1080.586743][T28907] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[ 1080.586749][T28907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1080.586756][T28907] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1080.586763][T28907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1080.586772][T28907]  </TASK>
[ 1080.777103][T28904] : entered promiscuous mode
[ 1081.198123][T28917] 9pnet_fd: Insufficient options for proto=fd
[ 1081.354836][T28923] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6492'.
[ 1081.527617][T28925] tipc: Started in network mode
[ 1081.529534][T28925] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1081.531984][T28925] tipc: Enabled bearer <eth:team0>, priority 0
[ 1081.572249][   T54] usb 7-1: new low-speed USB device number 124 using dummy_hcd
[ 1081.761898][   T54] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1081.766035][   T54] usb 7-1: config 0 has no interface number 0
[ 1081.777292][   T54] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1081.786763][   T54] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1081.801108][   T54] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1081.804933][   T54] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1081.808356][   T54] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1081.811890][   T54] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1081.815843][   T54] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1081.818644][   T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1081.822427][   T54] usb 7-1: config 0 descriptor??
[ 1081.824466][T28921] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1081.826741][T28921] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1081.834914][   T54] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1082.000754][T28927] delete_channel: no stack
[ 1082.027081][ T6059] usb 7-1: USB disconnect, device number 124
[ 1082.030516][ T6059] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1082.489073][T28937] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1082.600531][   T29] tipc: Node number set to 11578026
[ 1082.758699][T19190] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.823213][T19190] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.901656][T19190] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.938611][T21786] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1082.940906][T21786] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1082.943273][T21786] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1082.946330][T21786] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1082.948867][T21786] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1082.957134][T19190] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.967392][T28945] lo speed is unknown, defaulting to 1000
[ 1083.069497][T28945] chnl_net:caif_netlink_parms(): no params data found
[ 1083.131763][T28959] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6505'.
[ 1083.168553][T19190] bridge_slave_1: left allmulticast mode
[ 1083.170407][T19190] bridge_slave_1: left promiscuous mode
[ 1083.172445][T19190] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1083.175561][T19190] bridge_slave_0: left allmulticast mode
[ 1083.177365][T19190] bridge_slave_0: left promiscuous mode
[ 1083.179270][T19190] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1083.274123][T19190] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1083.280143][T19190] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1083.284655][T19190] bond0 (unregistering): Released all slaves
[ 1083.301542][T28945] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1083.304464][T28945] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1083.307391][T28945] bridge_slave_0: entered allmulticast mode
[ 1083.310408][T28945] bridge_slave_0: entered promiscuous mode
[ 1083.314248][T28945] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1083.317403][T28945] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1083.319702][T28945] bridge_slave_1: entered allmulticast mode
[ 1083.321913][T28945] bridge_slave_1: entered promiscuous mode
[ 1083.333390][T28966] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1083.352826][T28945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1083.363128][T19190] tipc: Disabling bearer <eth:team0>
[ 1083.374573][T19190] tipc: Left network mode
[ 1083.379247][T28945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1083.438416][T28945] team0: Port device team_slave_0 added
[ 1083.439751][T28969] FAULT_INJECTION: forcing a failure.
[ 1083.439751][T28969] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1083.441329][T28945] team0: Port device team_slave_1 added
[ 1083.448307][T28969] CPU: 2 UID: 0 PID: 28969 Comm: syz.3.6506 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1083.448324][T28969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1083.448332][T28969] Call Trace:
[ 1083.448336][T28969]  <TASK>
[ 1083.448341][T28969]  dump_stack_lvl+0x16c/0x1f0
[ 1083.448359][T28969]  should_fail_ex+0x512/0x640
[ 1083.448377][T28969]  _copy_from_iter+0x29f/0x16f0
[ 1083.448395][T28969]  ? __alloc_skb+0x200/0x380
[ 1083.448410][T28969]  ? __pfx__copy_from_iter+0x10/0x10
[ 1083.448427][T28969]  ? __pfx___might_resched+0x10/0x10
[ 1083.448444][T28969]  netlink_sendmsg+0x829/0xdd0
[ 1083.448460][T28969]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1083.448475][T28969]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1083.448488][T28969]  ____sys_sendmsg+0xa95/0xc70
[ 1083.448506][T28969]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1083.448523][T28969]  ? get_compat_msghdr+0x11a/0x170
[ 1083.448538][T28969]  ? kstrtouint_from_user+0x13c/0x1d0
[ 1083.448553][T28969]  ___sys_sendmsg+0x134/0x1d0
[ 1083.448566][T28969]  ? get_pid_task+0xfc/0x250
[ 1083.448581][T28969]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1083.448597][T28969]  ? rcu_is_watching+0x12/0xc0
[ 1083.448613][T28969]  __sys_sendmsg+0x16d/0x220
[ 1083.448627][T28969]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1083.448643][T28969]  ? rcu_is_watching+0x12/0xc0
[ 1083.448668][T28969]  __do_fast_syscall_32+0x7c/0x3a0
[ 1083.448684][T28969]  do_fast_syscall_32+0x32/0x80
[ 1083.448699][T28969]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1083.448714][T28969] RIP: 0023:0xf7f76579
[ 1083.448722][T28969] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1083.448733][T28969] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1083.448745][T28969] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800003c0
[ 1083.448752][T28969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1083.448759][T28969] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1083.448765][T28969] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1083.448772][T28969] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1083.448781][T28969]  </TASK>
[ 1083.535572][T28945] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1083.538134][T28945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1083.546158][T28945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1083.553266][T28945] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1083.555455][T28945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1083.564550][T28945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1083.597812][T28945] hsr_slave_0: entered promiscuous mode
[ 1083.601633][T28945] hsr_slave_1: entered promiscuous mode
[ 1083.604224][T28945] debugfs: 'hsr0' already exists in 'hsr'
[ 1083.606081][T28945] Cannot create hsr debugfs directory
[ 1083.647355][T19190] hsr_slave_0: left promiscuous mode
[ 1083.650571][T19190] hsr_slave_1: left promiscuous mode
[ 1083.652857][T19190] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1083.655301][T19190] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1083.658149][T19190] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1083.660538][T19190] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1083.667850][T19190] veth1_macvtap: left promiscuous mode
[ 1083.669885][T19190] veth0_macvtap: left promiscuous mode
[ 1083.671968][T19190] veth1_vlan: left promiscuous mode
[ 1083.673792][T19190] veth0_vlan: left promiscuous mode
[ 1083.762307][T19190] team0 (unregistering): Port device team_slave_1 removed
[ 1083.768575][T19190] team0 (unregistering): Port device team_slave_0 removed
[ 1084.027081][T21786] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1084.029213][T28976] ------------[ cut here ]------------
[ 1084.029692][T21786] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1084.031240][T28976] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/pcl726.c:331:46
[ 1084.034013][T21786] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1084.035878][T28976] shift exponent 2097157 is too large for 32-bit type 'int'
[ 1084.043091][T28976] CPU: 2 UID: 0 PID: 28976 Comm: syz.5.6511 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1084.043110][T28976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1084.043118][T28976] Call Trace:
[ 1084.043123][T28976]  <TASK>
[ 1084.043128][T28976]  dump_stack_lvl+0x16c/0x1f0
[ 1084.043146][T28976]  __ubsan_handle_shift_out_of_bounds+0x27f/0x420
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1084.043163][T28976]  pcl726_attach.cold+0x19/0x1e
[ 1084.043178][T28976]  ? rcu_is_watching+0x12/0xc0
[ 1084.043190][T28976]  ? __might_fault+0xe3/0x190
[ 1084.043204][T28976]  comedi_device_attach+0x3b0/0x900
[ 1084.043221][T28976]  do_devconfig_ioctl+0x1b1/0x710
[ 1084.043231][T28976]  ? __mutex_lock+0x1c5/0x1060
[ 1084.043246][T28976]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[ 1084.043258][T28976]  ? kasan_save_stack+0x42/0x60
[ 1084.043271][T28976]  ? kasan_save_stack+0x33/0x60
[ 1084.043283][T28976]  ? kasan_save_track+0x14/0x30
[ 1084.043297][T28976]  ? kasan_save_free_info+0x3b/0x60
[ 1084.043313][T28976]  ? __kasan_slab_free+0x60/0x70
[ 1084.043326][T28976]  ? kfree+0x2b4/0x4d0
[ 1084.043336][T28976]  ? tomoyo_path_number_perm+0x470/0x580
[ 1084.043350][T28976]  comedi_unlocked_ioctl+0x165d/0x2f00
[ 1084.043364][T28976]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 1084.043380][T28976]  ? rcu_is_watching+0x12/0xc0
[ 1084.043391][T28976]  ? trace_irq_enable.constprop.0+0xd4/0x120
[ 1084.043410][T28976]  ? tomoyo_path_number_perm+0x295/0x580
[ 1084.043423][T28976]  ? rcu_is_watching+0x12/0xc0
[ 1084.043431][T21786] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1084.043433][T28976]  ? lock_release+0x201/0x2f0
[ 1084.043448][T28976]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1084.043461][T28976]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1084.043476][T28976]  comedi_compat_ioctl+0x1d0/0x990
[ 1084.043488][T28976]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1084.043500][T28976]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1084.043517][T28976]  ? do_vfs_ioctl+0x128/0x14f0
[ 1084.043534][T28976]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1084.043551][T28976]  ? rcu_is_watching+0x12/0xc0
[ 1084.043562][T28976]  ? __fget_files+0x204/0x3c0
[ 1084.043573][T28976]  ? hook_file_ioctl_common+0x145/0x410
[ 1084.043588][T28976]  ? __fget_files+0x20e/0x3c0
[ 1084.043599][T28976]  ? __ia32_compat_sys_openat+0x150/0x210
[ 1084.043611][T28976]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1084.043623][T28976]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1084.043641][T28976]  __do_fast_syscall_32+0x7c/0x3a0
[ 1084.043657][T28976]  do_fast_syscall_32+0x32/0x80
[ 1084.043672][T28976]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1084.043686][T28976] RIP: 0023:0xf7fe7579
[ 1084.043696][T28976] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1084.043706][T28976] RSP: 002b:00000000f550655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1084.043717][T28976] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[ 1084.043728][T28976] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1084.043737][T28976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1084.043746][T28976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1084.043756][T28976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1084.043769][T28976]  </TASK>
[ 1084.043774][T28976] ---[ end trace ]---
[ 1084.047154][T21786] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1084.051357][T28976] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 1084.051369][T28976] CPU: 2 UID: 0 PID: 28976 Comm: syz.5.6511 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(full) 
[ 1084.051384][T28976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1084.051392][T28976] Call Trace:
[ 1084.051397][T28976]  <TASK>
[ 1084.051402][T28976]  dump_stack_lvl+0x3d/0x1f0
[ 1084.051420][T28976]  vpanic+0x6e8/0x7a0
[ 1084.051437][T28976]  ? __pfx_vpanic+0x10/0x10
[ 1084.051453][T28976]  ? __pfx_vprintk_emit+0x10/0x10
[ 1084.051467][T28976]  panic+0xca/0xd0
[ 1084.051482][T28976]  ? __pfx_panic+0x10/0x10
[ 1084.051501][T28976]  check_panic_on_warn+0xab/0xb0
[ 1084.051518][T28976]  __ubsan_handle_shift_out_of_bounds+0x2a6/0x420
[ 1084.051533][T28976]  pcl726_attach.cold+0x19/0x1e
[ 1084.051547][T28976]  ? rcu_is_watching+0x12/0xc0
[ 1084.051559][T28976]  ? __might_fault+0xe3/0x190
[ 1084.051573][T28976]  comedi_device_attach+0x3b0/0x900
[ 1084.051597][T28976]  do_devconfig_ioctl+0x1b1/0x710
[ 1084.051611][T28976]  ? __mutex_lock+0x1c5/0x1060
[ 1084.051629][T28976]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[ 1084.051642][T28976]  ? kasan_save_stack+0x42/0x60
[ 1084.051655][T28976]  ? kasan_save_stack+0x33/0x60
[ 1084.051667][T28976]  ? kasan_save_track+0x14/0x30
[ 1084.051679][T28976]  ? kasan_save_free_info+0x3b/0x60
[ 1084.051698][T28976]  ? __kasan_slab_free+0x60/0x70
[ 1084.051718][T28976]  ? kfree+0x2b4/0x4d0
[ 1084.051733][T28976]  ? tomoyo_path_number_perm+0x470/0x580
[ 1084.051749][T28976]  comedi_unlocked_ioctl+0x165d/0x2f00
[ 1084.051763][T28976]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 1084.051779][T28976]  ? rcu_is_watching+0x12/0xc0
[ 1084.209658][T28976]  ? trace_irq_enable.constprop.0+0xd4/0x120
[ 1084.211534][T28976]  ? tomoyo_path_number_perm+0x295/0x580
[ 1084.213255][T28976]  ? rcu_is_watching+0x12/0xc0
[ 1084.214761][T28976]  ? lock_release+0x201/0x2f0
[ 1084.216243][T28976]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1084.217979][T28976]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1084.219960][T28976]  comedi_compat_ioctl+0x1d0/0x990
[ 1084.221559][T28976]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1084.223354][T28976]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1084.225196][T28976]  ? do_vfs_ioctl+0x128/0x14f0
[ 1084.226711][T28976]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1084.228356][T28976]  ? rcu_is_watching+0x12/0xc0
[ 1084.229947][T28976]  ? __fget_files+0x204/0x3c0
[ 1084.231643][T28976]  ? hook_file_ioctl_common+0x145/0x410
[ 1084.233717][T28976]  ? __fget_files+0x20e/0x3c0
[ 1084.235449][T28976]  ? __ia32_compat_sys_openat+0x150/0x210
[ 1084.237295][T28976]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1084.239082][T28976]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1084.240807][T28976]  __do_fast_syscall_32+0x7c/0x3a0
[ 1084.242658][T28976]  do_fast_syscall_32+0x32/0x80
[ 1084.244552][T28976]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1084.246883][T28976] RIP: 0023:0xf7fe7579
[ 1084.248311][T28976] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1084.254663][T28976] RSP: 002b:00000000f550655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1084.257240][T28976] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[ 1084.259707][T28976] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1084.262271][T28976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1084.264917][T28976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1084.267345][T28976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1084.269776][T28976]  </TASK>
[ 1084.271464][T28976] Kernel Offset: disabled
[ 1084.272796][T28976] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:36:58  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85614a45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc90002f3f4e8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=746f6f7465756c42
R12=0000000000000000 R13=0000000000000039 R14=ffffffff9b0f8640 R15=ffffffff856149e0
RIP=ffffffff85614a6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f72732f0 CR3=0000000056679000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000001000008fd RBX=ffffffff8e2977c0 RCX=0000000000000830 RDX=0000000000000001
RSI=00000000000000fd RDI=0000000000000001 RBP=0000000000000008 RSP=ffffc90003f77688
R8 =0000000000000000 R9 =fffffbfff2156e52 R10=ffffffff90ab7297 R11=0000000000000000
R12=1ffff920007eeed2 R13=0000000000000003 R14=0000000000000000 R15=ffffc90003f776b0
RIP=ffffffff81695748 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880975c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080015000 CR3=0000000022f95000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7474ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85614a45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc9000453f250
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=7865207466696873
R12=0000000000000000 R13=000000000000002e R14=ffffffff9b0f8640 R15=ffffffff856149e0
RIP=ffffffff85614a6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880976c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3c6982 CR3=0000000062106000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffff888027326c00 RCX=ffffffff866a53b4 RDX=ffff888027eac880
RSI=ffffffff866a548b RDI=0000000000000004 RBP=0000000000000001 RSP=ffffc900005e8ea0
R8 =0000000000000004 R9 =0000000000000006 R10=0000000000000006 R11=ffffffff9affe320
R12=ffffc90000415008 R13=0000000000000001 R14=0000000000000001 R15=0000000000000000
RIP=ffffffff866a5609 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f409aa7c300 ffffffff 00c00000
GS =0000 ffff8880977c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000557945843f40 CR3=000000004b939000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000060000001 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=00000000fffffdff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffecfba5b4b 00007ffecfba5b4b
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffecfba6050 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffecfba6050 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 720000305f657661 6c735f7664617461 62203a6563616672 65746e6920676e00
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7200003055657661 6673557664617461 6220306563616672 6574646320676400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7369203735313739 303220746e656e6f 7078652074666968 73205d3637393832
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7320646c756f7720 30363531206f7420 55544d2065687420 676e697474655320
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e6d656c626f7270 206568742065766c 6f7320646c756f77 2030363531206f74
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2055544d20656874 20676e6974746553 202e65636e616d72 6f66726570206568
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7420746361706d69 20646c756f632068 6369687720327265 79616c206e6f2064
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000