last executing test programs:

1m44.972261508s ago: executing program 1 (id=43):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x3c}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee7, 0x8031, r2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r6 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000680001000004000400"/28], 0x1c}, 0x1, 0x0, 0x0, 0x20004880}, 0x0)
r8 = openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
close(r8)
r9 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r9, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r9, 0x29, 0x30, &(0x7f0000000d40)=ANY=[@ANYBLOB="030000000a004e230000000cff010000000000000000000000000001f8ffffff0000000000000000000000000000000000000000000000000000000000000000a42970d0a2ee3d8700"/103], 0x210)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000002c0)='adfs\x00', 0x8000, 0x0)
execveat$binfmt(0xffffffffffffff9c, r6, 0x0, 0x0, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000001480), 0x0, 0x101000)

1m42.667293564s ago: executing program 1 (id=46):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x3}, 0x50)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000780), r0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/reserved_size', 0x149a82, 0x1a1)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000c80)={0x2c, r1, 0x1, 0x400a00, 0xa000000, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x2c}}, 0x0)

1m42.529278832s ago: executing program 1 (id=47):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @mcast1}, 0x1c)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@dstopts={{0x18, 0x29, 0x37, {0x3c}}}], 0x18}, 0xc044)
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x5000002}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040804}, 0x404c840)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m41.673051794s ago: executing program 2 (id=50):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x7, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x24c4436d5a174b6d, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001300)=@deltfilter={0x24, 0x2d, 0x1, 0x78bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0x7}, {0xfff2, 0xffff}}}, 0x24}}, 0x20044800)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xa}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x15)
r2 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_INFO(r2, 0x0, 0x80, &(0x7f00000003c0)={'broute\x00', 0x0, 0x0, 0x0, [0x61, 0x10000, 0x9c9, 0xf, 0x4, 0x3]}, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r1)
sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000640)={&(0x7f00000004c0)={0x94, r3, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1a}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x180000}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffd}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000080}, 0x880)
r4 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f00000008c0)={'filter\x00', 0x7, 0x4, 0x404, 0x0, 0x218, 0x10c, 0x324, 0x324, 0x324, 0x4, &(0x7f0000000280), {[{{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, 0xff000330, 0xffffffff, 0x4, 0x0, {@mac, {[0xff, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@local, {[0xff, 0x0, 0xff, 0xff, 0xff, 0xff]}}, 0xfff2, 0x101, 0x79, 0x1, 0x7ff, 0x8, '\x00', 'vcan0\x00', {0xff}, {0xff}, 0x0, 0x4}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @mac=@local, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x8, 0x1}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="07aebe92cc85", @empty, @loopback, @broadcast, 0x8}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x1, 0x1}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x450)
r5 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000081000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m41.507190288s ago: executing program 1 (id=53):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000070020214200000040"], 0x50)
r0 = socket(0x2c, 0x3, 0x1000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x100000001, 0xfffffe0000000001, 0xfa11, 0x65aa}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x3af2, &(0x7f00000000c0)={0x0, 0xa5f5, 0x80, 0x2, 0x131}, &(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_MEM_REGION(r3, 0x22, &(0x7f0000000240)={&(0x7f0000000200)={&(0x7f00000001c0), 0x0, 0x0, 0xc45, 0x1}}, 0x1)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0xd, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa, 0x0, 0x6}}}}]}, 0x44}}, 0x44080)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r7 = getpgid(0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
syz_pidfd_open(r7, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)

1m40.797652634s ago: executing program 2 (id=54):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x59)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
preadv(r3, &(0x7f0000001200), 0x0, 0x40, 0x5)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)={0x2})
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r7 = dup(r6)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_buf(r9, 0x0, 0x8008000000010, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r9, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r9, &(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10)
getsockopt$inet_int(r8, 0x0, 0x13, 0x0, &(0x7f0000000c00)=0xfffffffffffffe87)
openat$tun(0xffffffffffffff9c, 0x0, 0x101, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)

1m40.496345762s ago: executing program 1 (id=56):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x4, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r0}, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0xfffff7f8}, 0x94)
recvfrom$l2tp6(r0, 0x0, 0x0, 0x40000002, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x194f, 0x4)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
read(r0, 0x0, 0x0)

1m39.9791037s ago: executing program 1 (id=57):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0xffffffffffffffd8}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x6c}}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x200})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x115100, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000080)={[0xeeee0000, 0xa000, 0xdddd0000, 0xb000], 0x2000000db, 0xc})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0x4000, 0x4, 0x5, 0x8, 0x8, 0xb, 0xa, 0x7e, 0x4, 0x15, 0x5, 0x80204}, {0x804, 0x9, 0x1, 0x45, 0x7, 0x15, 0x4, 0x3, 0x0, 0xfe, 0x6, 0x7f, 0x20c}, {0x1, 0x43, 0x28, 0x4, 0x6, 0x7, 0x2, 0x50, 0xfd, 0x70, 0x0, 0x2}], 0xffbffffc})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
close(r4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r8)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r10)

1m39.93048745s ago: executing program 32 (id=57):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0xffffffffffffffd8}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x6c}}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x200})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x115100, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000080)={[0xeeee0000, 0xa000, 0xdddd0000, 0xb000], 0x2000000db, 0xc})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0x4000, 0x4, 0x5, 0x8, 0x8, 0xb, 0xa, 0x7e, 0x4, 0x15, 0x5, 0x80204}, {0x804, 0x9, 0x1, 0x45, 0x7, 0x15, 0x4, 0x3, 0x0, 0xfe, 0x6, 0x7f, 0x20c}, {0x1, 0x43, 0x28, 0x4, 0x6, 0x7, 0x2, 0x50, 0xfd, 0x70, 0x0, 0x2}], 0xffbffffc})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
close(r4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r8)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r10)

1m39.551421559s ago: executing program 2 (id=60):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
fdatasync(r2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x10}, 0xc)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r6=>0x0]}, &(0x7f0000000240)=0x8)
r7 = openat$comedi(0xffffff9c, &(0x7f0000000100)='/dev/comedi0\x00', 0x101001, 0x0)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002480)=ANY=[@ANYBLOB="3c0000001000030400000000fedbdf2500007400", @ANYRES32=r9, @ANYBLOB="00080000075005001c0012800b00010062726964676500000c00028006002700010400009bca6a49404e8ae61d771c58efd8a78f162031007db0091cc59675174067202240a321334a080b6bfcf0442da99926f88de4b4060f3344e7fa4a874ff61c76d35a03eff544165265c64c0cdcfd825ec9cacc7805105e101db90e1b1d6b744a83bb058368e9c4eaf8cf26d7a04e511a64cd1f66eed2b11600ac6f0acd811376ec6dcdc132bdf323034e9925a669"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, &(0x7f0000000140)={'comedi_bond\x00', [0x9, 0x2, 0x7fffffff, 0x84e1, 0x6f8c, 0x2006, 0x9, 0x8, 0x80ffa, 0x0, 0x0, 0x84fe, 0x1003, 0x1000004, 0xf, 0x10000, 0xffffffa8, 0x7ffffffd, 0x1ff, 0x9ea, 0x10, 0x200, 0x7, 0x5, 0x5, 0x8, 0x400, 0x8, 0x10000, 0x4, 0x7ffd]})
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000080)={0x8efd, 0x0, 0x4, 0x800, 0xbc, 0x1, 0x67, 0x401, r6}, 0x20)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000600000004000000fc"], 0x48)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e37bcdba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007f13a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff1ae0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5c9da255f8d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6a783ab647a4c257a4fcd6ba38ef32bc48a0064341697e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a202a991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0x2000, 0x0)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x3ff, r11, 0x0, 0x100000000000000}, 0x38)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x9, &(0x7f00000000c0)=0x1, 0x4)
r12 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r12)
ptrace$pokeuser(0x6, r12, 0x118, 0x137db)
socket$nl_generic(0x10, 0x3, 0x10)

1m38.617150307s ago: executing program 2 (id=61):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0xa, 0x3, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff30, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[], 0x24, 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x141091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xcd, &(0x7f00000000c0)={{0xa, 0x2, 0x0, @local}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
mkdir(&(0x7f0000000080)='./file1\x00', 0x8)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f00000000c0)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)

1m36.792350201s ago: executing program 2 (id=65):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @mcast1}, 0x1c)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@dstopts={{0x18, 0x29, 0x37, {0x3c}}}], 0x18}, 0xc044)
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x5000002}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040804}, 0x404c840)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m36.359173251s ago: executing program 2 (id=66):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
getrandom(&(0x7f0000000380)=""/300, 0xcebaa945, 0x0)
r1 = syz_create_resource$binfmt(&(0x7f0000000100)='./file1\x00')
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000300)=<r2=>0x0)
syz_open_procfs(0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffd, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
epoll_create1(0x80000)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x900, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000300)=""/252)
r3 = socket(0x1d, 0x2, 0x6)
bind$inet(r3, &(0x7f00000000c0)={0x1d, 0x4e20, @loopback}, 0x10)
shmdt(0x0)
r4 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r1, 0x0, &(0x7f0000004780)={[], 0xf000}, 0x1000)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, 0x0)

1m36.316225214s ago: executing program 33 (id=66):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
getrandom(&(0x7f0000000380)=""/300, 0xcebaa945, 0x0)
r1 = syz_create_resource$binfmt(&(0x7f0000000100)='./file1\x00')
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000300)=<r2=>0x0)
syz_open_procfs(0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffd, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
epoll_create1(0x80000)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x900, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000300)=""/252)
r3 = socket(0x1d, 0x2, 0x6)
bind$inet(r3, &(0x7f00000000c0)={0x1d, 0x4e20, @loopback}, 0x10)
shmdt(0x0)
r4 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r1, 0x0, &(0x7f0000004780)={[], 0xf000}, 0x1000)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, 0x0)

47.413639626s ago: executing program 5 (id=335):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000002060101"], 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x40)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f00000000c0)={0x1, 'team_slave_0\x00', {}, 0x5})
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0xd6102, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000040)={0x0, 'syz_tun\x00', {0x3}, 0x4})
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, r3)
setpgid(0x0, r3)
sendfile(r1, r2, 0x0, 0x2000fb)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000300)=0x11)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000001a14"], 0x20}, 0x1, 0x0, 0x0, 0x4000015}, 0x0)

47.196756557s ago: executing program 5 (id=337):
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_int(r0, 0x29, 0x1a, 0x0, &(0x7f00000000c0))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000200)={0x0, 0x0, 0x300f, 0x2, 0x0, 0x0, 0x0, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f00000001c0)=0x9, 0x4)
r6 = socket$netlink(0x10, 0x3, 0x4)
write(r6, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

46.857165063s ago: executing program 5 (id=339):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x59)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
preadv(r3, &(0x7f0000001200)=[{0x0}], 0x1, 0x40, 0x5)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)={0x2})
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r7 = dup(r6)
socket$inet_mptcp(0x2, 0x1, 0x106)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_buf(r8, 0x0, 0x8008000000010, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r8, &(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x101, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)

45.95848388s ago: executing program 5 (id=347):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000070020214200000040"], 0x50)
r0 = socket(0x2c, 0x3, 0x1000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x100000001, 0xfffffe0000000001, 0xfa11, 0x65aa}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x3af2, &(0x7f00000000c0)={0x0, 0xa5f5, 0x80, 0x2, 0x131}, &(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_MEM_REGION(r3, 0x22, &(0x7f0000000240)={&(0x7f0000000200)={&(0x7f00000001c0), 0x0, 0x0, 0xc45, 0x1}}, 0x1)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0xd, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa, 0x0, 0x6}}}}]}, 0x44}}, 0x44080)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r7 = getpgid(0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
syz_pidfd_open(r7, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)

45.032516564s ago: executing program 5 (id=350):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x59)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
preadv(r3, &(0x7f0000001200)=[{0x0}], 0x1, 0x40, 0x5)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r7 = dup(r6)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_buf(r9, 0x0, 0x8008000000010, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r9, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r9, &(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10)
getsockopt$inet_int(r8, 0x0, 0x13, 0x0, &(0x7f0000000c00)=0xfffffffffffffe87)
openat$tun(0xffffffffffffff9c, 0x0, 0x101, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)

44.868465958s ago: executing program 5 (id=351):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0xffffffffffffff01, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x55, 0x2e5, 0x70bd26, 0xfffffffe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x0, {@ip4=@empty}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x20000100)

44.784444579s ago: executing program 34 (id=351):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0xffffffffffffff01, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x55, 0x2e5, 0x70bd26, 0xfffffffe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x0, {@ip4=@empty}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x20000100)

22.077817543s ago: executing program 0 (id=464):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8800}, 0x4090)

21.98739368s ago: executing program 0 (id=465):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x208802, 0x0)
close(r7)
socket(0x400000000010, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
sendmsg$nl_route_sched(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r6, {}, {0xe, 0xb}, {0xfff1, 0xb}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x8, 0x7, 0x53}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

21.702557751s ago: executing program 0 (id=466):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)

21.13466872s ago: executing program 0 (id=470):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r1 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'wlan0\x00', &(0x7f0000000000)=@ethtool_sset_info={0x4a}})
r3 = fsmount(r1, 0x0, 0x0)
close(r3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x2b5b093, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0xd}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x54}}, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000040)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e22, @empty}, {0x2, 0x4e20, @rand_addr=0x64010102}, 0x382, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000180)='bond_slave_1\x00', 0x8, 0x7, 0x3})
write$rfkill(r0, &(0x7f0000000080)={0x5, 0x1, 0x3, 0x3, 0xfd}, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x18, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfe, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x3, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00800020009000c00040006c00364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@gettaction={0xf0, 0x32, 0xe72c5f922f23cad9, 0x70bd2a, 0x25dfdbf7}, 0xf0}, 0x1, 0x0, 0x0, 0x8080}, 0x10000084)
write$rfkill(r0, &(0x7f0000000000)={0x0, 0x8, 0x2, 0x1}, 0x8)
r8 = syz_open_dev$I2C(&(0x7f00000000c0), 0x100, 0x111000)
ioctl$I2C_SMBUS(r8, 0x720, &(0x7f0000000140)={0x0, 0x1, 0x8, &(0x7f0000000100)={0xe, "1d97c01f1010f78f11784f1019b25a72c54018292358455ad159a457f4629ff1cb"}})

20.945809943s ago: executing program 0 (id=471):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000540), 0x8000, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0xfffff34, 0x0, [{0xf88e470f, 0xed}]})
r1 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x50}}, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/mem_sleep', 0x80802, 0xcd)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000080)={r3, 0x0, {0x0, 0x0, 0x0, 0x2, 0x6010000000000ffd, 0x0, 0x0, 0x19, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "42d8cc26f7061a74df2cfc1fc89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd0c7f3f800b2f7b6aa54cc50c1fcaed1e831fa79a00", "141802c4daf4162e43ac61b7ad3300", [0xbffffffffffffce8, 0x100]}})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000240)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
preadv(r5, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/140, 0x8c}], 0x1, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = openat$mice(0xffffff9c, &(0x7f0000000100), 0x101000)
mmap$IORING_OFF_SQES(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x100000d, 0x13, r7, 0x10000000)
syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
ioctl$XFS_IOC_GETBMAPA(r0, 0xc020582c, &(0x7f00000000c0)={0x881, 0x8, 0x0, 0x0, 0x800})
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
socket$kcm(0x29, 0x5, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x10000000000002, 0x9, 0xffbffffffffffffd, 0x77, 0x2, 0x2, 0x4002004c4, 0x1003, 0x8000000000000000, 0xc595, 0x0, 0x1, 0x9, 0x2000000000000000, 0x5, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

18.985814014s ago: executing program 0 (id=477):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount$9p_virtio(&(0x7f00000001c0), 0x0, 0x0, 0x8c, 0x0)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000080)=0x40000)
r4 = openat$rdma_cm(0xffffff9c, &(0x7f0000000d00), 0x2, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f0000000d40)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0x7ff}}, 0x10)
bind$alg(0xffffffffffffffff, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETDUPLEX(r3, 0x5016, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000500)={'#! ', './file0', [{0x20, '\x00\x00\x02'}, {0x20, '\xb0!'}, {0x20, 'GP\xd4\x82h\xb2\xc0\x00\xfce\"\xefL\x00'}]}, 0x21)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0x18, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0x4}]}, 0x18}}, 0x20000000)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000004001000ffff00000b00000001000000", @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)

18.766120033s ago: executing program 35 (id=477):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount$9p_virtio(&(0x7f00000001c0), 0x0, 0x0, 0x8c, 0x0)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000080)=0x40000)
r4 = openat$rdma_cm(0xffffff9c, &(0x7f0000000d00), 0x2, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f0000000d40)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0x7ff}}, 0x10)
bind$alg(0xffffffffffffffff, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETDUPLEX(r3, 0x5016, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000500)={'#! ', './file0', [{0x20, '\x00\x00\x02'}, {0x20, '\xb0!'}, {0x20, 'GP\xd4\x82h\xb2\xc0\x00\xfce\"\xefL\x00'}]}, 0x21)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0x18, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0x4}]}, 0x18}}, 0x20000000)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000004001000ffff00000b00000001000000", @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)

8.311370775s ago: executing program 4 (id=527):
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x100000001)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x21, 0x2, 0xa)
preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000880)=""/175, 0xaf}], 0x1, 0x5, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e20, @local}}, 0x80, 0x0, 0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="dc00ee00"/16], 0x10}, 0x40)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
openat$binfmt(0xffffff9c, 0x0, 0x41, 0x1ff)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x6, 0x6, 0xc})
r5 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="340000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="80400100000001000c002b8008000100", @ANYRES32=r5, @ANYBLOB="081b00000000007c272499058076c668800cae7c6522d9522b33e26c96e648eade77fed886870c9a4fe95cae00"/55], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
r8 = signalfd4(0xffffffffffffffff, &(0x7f0000000400)={[0xfffffffffffffff5]}, 0x8, 0x80000)
ppoll(&(0x7f00000000c0)=[{r8, 0x200}, {r8, 0x10}], 0x2, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

7.276806491s ago: executing program 4 (id=530):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r0=>0x0})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r1, 0x8b23, &(0x7f0000000040))
openat(0xffffffffffffff9c, &(0x7f0000002280)='./file1\x00', 0x143042, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000000200)={0x2020, 0x0, <r3=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
write$FUSE_INIT(r2, &(0x7f0000002300)={0x50, 0x0, r3, {0x7, 0x9, 0x0, 0x31008003, 0xfffe}}, 0x50)
read$FUSE(r2, &(0x7f0000004580)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r2, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r4}, 0x10)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000100))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup3(r5, r2, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x6, 0x11, r6, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000440)={'b', ' *:* ', 'r\x00'}, 0x8)
r7 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402505a8a4410001020b0109021b00010100c00009040000020701010009050102"], 0x0)
syz_usb_control_io$printer(r7, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r8 = openat$ocfs2_control(0xffffff9c, &(0x7f0000000080), 0x400400, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r8, &(0x7f0000000400)={0xfffffffffffffffe, 0x0, &(0x7f00000003c0)={&(0x7f0000000100)={0x290, r9, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r0}, @void}}, [@NL80211_ATTR_TX_RATES={0xe0, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0xd0, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x100, 0x6, 0x80, 0x1, 0x4, 0x3a, 0x8, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0xfffd, 0x1, 0x5, 0x5, 0x20b3, 0x1ff, 0x8]}}, @NL80211_TXRATE_HT={0x30, 0x2, [{0x1, 0x2}, {0x2, 0xa}, {0x3, 0x6}, {0x5, 0x9}, {0x0, 0x6}, {0x5, 0x9}, {0x1, 0x2}, {0x7, 0xa}, {0x2, 0x8}, {0x1, 0x7}, {0x2, 0x2}, {}, {0x4, 0x8}, {0x7, 0x6}, {0x7, 0x1}, {0x5, 0x8}, {0x4, 0xa}, {0x7, 0x3}, {0x1, 0x4}, {0x5, 0x4}, {0x1, 0x9}, {0x1}, {0x1, 0x4}, {0x1, 0x1}, {0x1, 0x7}, {0x6, 0x3}, {0x2, 0x8}, {0x0, 0x5}, {0x6, 0x6}, {0x5}, {0x5}, {0x5, 0x2}, {0x7, 0x8}, {0x0, 0x3}, {0x1, 0x8}, {0x3, 0x9}, {0x5, 0x2}, {0x4}, {}, {0x6, 0x9}, {0x4, 0x6}, {0x3}, {0x3, 0x3}, {0x4, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x0, 0x5, 0xffdd, 0x8, 0x8, 0x7, 0x4]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x33, 0x2, [{0x7, 0x2}, {0x0, 0xa}, {0x4, 0x2}, {0x1, 0x8}, {0x2, 0x2}, {0x3, 0x8}, {0x3, 0x9}, {0x2, 0x7}, {0x2, 0xa}, {0x2, 0x6}, {0x6, 0x9}, {0x7, 0x6}, {0x2, 0x3}, {0x3, 0x7}, {0x5, 0x1}, {0x4, 0x3}, {0x1, 0x2}, {0x1, 0x7}, {0x6, 0x1}, {0x7}, {0x4}, {0x5}, {0x7, 0x8}, {0x7, 0x2}, {0x3, 0x9}, {0x3, 0x7}, {0x5, 0x7}, {0x5, 0x7}, {0x1, 0x8}, {0x4, 0x2}, {0x1, 0xa}, {0x4, 0x3}, {0x2, 0x9}, {0x3, 0xa}, {0x5, 0x6}, {0x5, 0x5}, {}, {0x1, 0x1}, {0x1, 0x1}, {0x7, 0x4}, {0x2, 0x7}, {0x0, 0xa}, {0x4, 0x6}, {0x3}, {0x6, 0x6}, {0x5, 0x5}, {0x3, 0x6}]}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x12, 0x2f, 0xb, 0xc, 0x9, 0x18, 0x5, 0x2]}]}]}, @NL80211_ATTR_TX_RATES={0x194, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0x14, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x65, 0x0, 0x9, 0xc8, 0x7fff, 0xe2, 0x9, 0x5f16]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x80, 0x5, 0x7, 0x9, 0xf, 0x5, 0x4]}}]}, @NL80211_BAND_5GHZ={0x78, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0x18, 0x76, 0x60, 0x36, 0x36, 0x24, 0x12, 0xb, 0x1b, 0x6c, 0x2, 0x11]}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x1, 0xa}, {0x4, 0x7}, {0x6, 0x9}, {0x7, 0x8}, {0x1, 0xa}, {0x0, 0x1}, {0x1, 0x6}, {0x6}, {0x4, 0x5}, {0x1}, {0x7, 0x1}, {0x0, 0x1}, {0x4, 0x5}, {0x6, 0x5}, {0x5, 0x5}, {0x2, 0xa}, {0x0, 0x2}, {0x1}, {}, {0x2, 0x3}, {0x2, 0x9}, {0x1, 0x4}, {0x4, 0x2}, {0x6, 0x4}, {0x1, 0x2}, {0x6, 0x6}, {0x4, 0x2}, {0x0, 0x4}, {0x1, 0x6}, {0x3, 0x4}, {0x3, 0x3}, {0x7, 0x6}, {0x4, 0x3}, {0x6, 0x1}, {0x3, 0x2}, {0x1, 0x8}, {0x6}, {0x1, 0x5}, {0x6, 0x8}, {0x5, 0x1}, {0x2, 0x6}, {0x0, 0x5}, {0x3, 0x8}, {0x2, 0x9}, {0x1, 0xa}, {0x1, 0xa}, {0x6, 0x4}, {0x0, 0x8}, {0x2, 0x4}, {0x1, 0x9}, {0x4, 0x9}, {0x1, 0x3}, {0x3, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x7, 0xc, 0xa, 0x6, 0xbade, 0x5, 0x5]}}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x12, 0x48, 0x48, 0xc, 0xc, 0x12, 0x36, 0x1, 0x2, 0x36, 0x12, 0x1b, 0x1, 0x5]}]}, @NL80211_BAND_5GHZ={0x58, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x2, 0x1000, 0x1, 0xffff, 0x81, 0xf000, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x1, 0x9, 0x2, 0x7, 0xffff, 0x2ed, 0x5]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x4, 0x5, 0x18, 0x18, 0x36, 0xc, 0x2c, 0x24, 0x16, 0x4, 0x2, 0x1b, 0x48, 0x36, 0x2, 0x16, 0x1, 0x12, 0x4, 0x2, 0x3, 0x30, 0x24, 0xe09c4f2557d99439, 0x30, 0x4, 0x14, 0x1b, 0x18]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x60, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x33, 0x2, [{0x2, 0x3}, {0x1, 0x7}, {0x1, 0xa}, {0x6, 0x7}, {0x6, 0x8}, {0x3, 0xa}, {0x6, 0xa}, {0x2, 0x9}, {0x4, 0x8}, {0x4, 0x4}, {0x0, 0x2}, {0x5, 0x1a}, {0x5, 0x7}, {0x7, 0x4}, {0x7, 0x7}, {0x4, 0x9}, {0x5, 0x4}, {0x7, 0x4}, {0x6, 0x1}, {0x1, 0x2}, {0x0, 0x2}, {0x5, 0xa}, {0x5, 0xa}, {0x3, 0x4}, {0x6, 0x9}, {0x4, 0x3}, {0x5, 0x9}, {0x4}, {0x4, 0x2}, {0x2, 0xa}, {0x2, 0x6}, {0x3, 0x4}, {0x1, 0x6}, {0x2, 0x5}, {0x1, 0x3}, {0x2, 0x7}, {0x0, 0x2}, {0x2, 0x7}, {0x1, 0x7}, {0x6, 0x8}, {0x1}, {0x5, 0x9}, {0x2, 0x8}, {0x1, 0x2}, {0x2}, {0x2, 0x9}, {0x3, 0x1}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x16, 0x2, [{0x0, 0x3}, {0x5, 0x3}, {0x3, 0x4}, {0x6}, {0x5, 0x6}, {0x0, 0x9}, {0x6, 0x6}, {0x7, 0x9}, {0x2, 0x7}, {0x1, 0x4}, {0x0, 0x1}, {0x2, 0x3}, {0x6, 0x2}, {0x3, 0x19}, {0x6, 0x1}, {0x5}, {0x6, 0x7}, {0x6, 0x3}]}]}]}]}, 0x290}}, 0x2004a005)
r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r10, 0x604, 0x0)
r11 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')
open_by_handle_at(r11, &(0x7f0000000040)=ANY=[@ANYBLOB="10000000f10000000bfc00000002000000000010"], 0x0)

6.712830507s ago: executing program 6 (id=532):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000002d40)=0x1, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r1, &(0x7f00000003c0)={0x2c, 0x18, r2}, 0x10) (fail_nth: 1)

6.712242128s ago: executing program 4 (id=533):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000002200000000000000160000008500000061000000850000005000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x14, 0x0, &(0x7f0000000040)="f4b84de4115d64244a0e839e88a8", 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000002d40)=0x1, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r3=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x80000)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x1}], 0x1, 0x40800)
recvmsg$kcm(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000200)=""/3, 0x3}, {&(0x7f0000000380)=""/239, 0xef}], 0x2}, 0x2040)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000085100000c579e42bd7"], 0x0, 0x4, 0x0, 0x0, 0x41000}, 0x94)
r8 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r8, &(0x7f0000000000)={0x27}, 0x62)
listen(r8, 0xd)
accept4(r8, 0x0, 0x0, 0x80800)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r7)
sendmsg$NLBL_MGMT_C_ADDDEF(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x30, r9, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x2400cc04}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=@gettaction={0xec, 0x32, 0x2, 0x70bd2b, 0x25dfdbfb, {}, [@action_gd=@TCA_ACT_TAB={0x60, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80}}, {0x10, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0xe}, @action_gd=@TCA_ACT_TAB={0x58, 0x1, [{0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffc}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xe}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fff}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x0, 0x1}}]}, 0xec}, 0x1, 0x0, 0x0, 0x4040040}, 0x10)
r10 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$DCCPDIAG_GETSOCK(r10, &(0x7f0000001740)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001700)={&(0x7f0000001780)={0x1300, 0x13, 0x300, 0x70bd25, 0x25dfdbff, {0x15, 0x5, 0x4e, 0x10, {0x4e21, 0x4e24, [0x980c, 0x892, 0xc, 0x1ff], [0x8, 0x0, 0x3, 0x5], r3, [0x401, 0x7]}, 0xffff174d, 0x70b}, [@INET_DIAG_REQ_BYTECODE={0xb9, 0x1, "27ccae0ff6b7e861619ecbd04b88e4d877850de7e5f3f054ae6ba59df23a025e77b105bf2445e6f94de4622a84cdb3bf4c4c1824c7dab6c00b52ca81a48cd4e8ece08ca71b7e28dd9d47ab4f62c2120c49b99fc882febf3992561e8cdb8e1d8cfbf1c9bfd96905584a38d1afad9fee156ec7720b065f05f6347dc2a3deb3c3ef4c81e3d21b5d9029e0765ceb6a8c3f0bca5b7f9d25f2c348c5889d0fcfeb9b2b6d117fe8b4b481a5601e720da26a71ab0eecef1a53"}, @INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "0dfd8b4dd05aba8f5dd6afd876e8e8b34b7fb7bcc12e42ac9ef072b963ba53c4a0cefacbee21c0b2ef6137c580142d21a7cadfc4d46eea85e5dbd34ae70a90e7b449d7a04106e9177f17b9bc3515ee4f6dc35c7852b9a4a1e073802f819328fa444e86e5cf6c6fef499ae0dee36d8b6491530c1c1e4fd4e52c4da2b55b72bf59a000c055edede64e89ef6756c5ff39fe9c0880a9ee586a7521c37dfb57fa77d5b085761b26c376ee206b57e227a508aad64bc910b9ca99b4594ff2c6a49995c8056dc4cea64c12d60e4caa5fe09ef8f83f948194605120d4f7efe38f674b2a239e9e1b8530654bd9d426e12a40bdedabaaf2fefe421aab98a11bb143126fbee3d9bed76e57d87c706505a812ced2cb67b7516553dd5d8a834d72ee534800a9541852690363b5382d8917b011623bbdacc35e1217ea9886329b277d24d0ba21c5e24ccd30b5c8887610f5ad2c828dc91668d46798b791366ce6380659c13f6d2f23680cdf93938545b51a92d87eb35941c5ede28e80804c9e78a572175946c49437a49ccc82cdb28a3c6fe28a7e19b4e8c40d6200c1cc5c605bebd9fd7598ac0388329936d1ba067a6cd8abdf5df6c5482139694e92abd05dd3135bab91934ba59d114e27886ad059d89f36eb1488fcc04cd320831bf364379ee8026a6b3369799ccb68698140ddc7ef7517c02daff7798560b028cfe904135cd3e61abc97db7986380f8afa34e36b720b20098d4b416e9179adecdc1f4b8877c40a9e474b946e456b1454a05f415c9fab031733be5c94bfa49275cdbf35d5527cdaf9d6ebd8cd7caffa3e84fc186fe64fa82285ef2d2f674cbe783fa1b7a2ca2643227a054ad713f42137f37221944296107d42a9f2b9aedb25cd0ed640243527d4f693d277f90fc0b9d0af40333c00b06af22c86686b5e1668703b6c5297660fb9ca950f0068319bada307aae3db7815a70f1264e819c7e5aaecef755ce7eeec082d7386f10a96a71e39ba029b1af8b4f13f191df7dcf8a92e6c765d50fda77b54925ed3e19dc10d290d700141ed27063fc86aa43105821d7456c1ebb6fe8a6d716fbaa584a7fffb7bd7eb45d7247fb3b60dc0c441b2c45049c85594e83dba64d2c4a3231347db55475339eff659d42124eb3d3f43d302c7ff74a6c033384b823b6b635ee1fa33db2ac2da189809fc33a61bb6c39682bf7aad3c583095ba8a9893bb9243d207ed3fba1650bb121da7723912f4456d02287947ff957df66f0630e9597decfe0a0c17de88834703ca3be6383731517f3a5822d7a3693673ce637dd43bad4d4b4ab82b471e39c3e2638d143c3c575f26693c983464353e16c9147e6e694e80930b81d3c53e7f75bb110280c586e0ccc7b7f879359fb907a014bf6acc4a86ddb12e819476b03929e88c6c8905d3ab12bba6aa230eeadacd629cd80004b46016a8ba371b534611c86522d7364dce6580eda5e068490e83bca3ab37db5f47a10b6adec41377d13326edc0ddf150e64da0e4601bfbd963469d269541d78c8f1ea6b8e09e6b3080b5838823ae6343681a5bd8675be303f9acde2cf5dde24e63b2923d1dbbcf05a7713c9b07c5aba22107d4b163809a2c97359b4489e1b211805d89b3b36d3dcde75ed6d9951a0a481d17da81bdae9e8cab47b81c564716df0e22091efbea52605ca082a55a1d0ca0592adb7db39676a486c0f066ad8ad136b641a236395d5ed027d756d2595f24fbb112413a42e6a7a1d414c099f038d676585957c6d777b149e5e0ed43a1c42a5df8d1ee481045e905b11d8cc14e9c26539ae3ac7bed4157c71695bda9dab18010171848306f9fe20743bc6eb0530edf64c055578a844cffa104111ed69b60291b786499e86388f27fee2f8423943c3283afba2f3da56e44094964888b4e9b809ff63450ab3afd13c2f26b6b8213901fd2fd0e9e02d762d7bbef3e8403aca993f00f28f444026d05975b3b5a79566c987046441a1b8cb9c8ee65862cf519ab059e4ec0a15cb67a6cb274a8910f25185675ab7bf9d4b498d96167c4e0c2198aed3195d2b88cde76988fb88c353c30f2b0c8329dfde26af3518cf442d20d0d1fc3e32bfcafa45fb2a55d65a4cdc5d98a497d799d114b465ac42f241b188ad4d6700da8aad8921ff94e55b21b53bba71e99650a461d38003c8d083e7400f04f63d963abf90916b88676bcfc55ac86bd5920e95f97ac54b242652087b8777fb2d4d465458d1c0e82fd829e5b0cb23295052c74a15616c869f8fea3b91817108f1e41052fc275d5e7c97c2fe316c725644f9f35000ddc0ae356505ad4bbd18d5a49ddee387dfb44e33face53eace1303b8709da911b92d30815e5d7cb81291b5747bd7ebde6297b3688922b3403adc136f03795bcf47881fb22aaec67f730b4bd895bbf8f0653612f979cd20d45f1d59ffcd951e42710d648ad7b4001f4283c02db94d1cf074f6063041fe8c290875cefc0304341b4b062119c808cbb3b7e62e0e3d26695531ecffae5e77077dd386ed1eab57f2fb1c8d47d7159aaf534c1add9b3bef390e6c3d0ce76e014c82fdaad7a20998fa44e30437416569d93532805e6e155d2fca0d2ee3a59e43934475167b7884b2dbf9d54f3853347677e484f53f7c06224458f9e260d53fdafc046d966adb672dce9db3d63173e9093c5a1bfa1d7e55fb74e483d4baac55d9416426b259c39ae9e448f087f90e3e1b0f75d827d9065a2823f2b03f65cfb95d4064fa4bd5789cb6c38ed24cee97b92dc90bd8ffb5db7902ec90ca0b37f0fe59d58d27a4345dd5c59cd2e092bc306538c1192499d7f32ece879d86c13434d45d67c5b6e7ea99a4cda16ea22dc1a2cf2856eee85a007f55f7e04e21166dc7e4ef4354c4ba47b36597ee18f28d268d3474e34589f51f9bf1c4b52e83ea74a150112372a71f2a08a7bf1908dc92dc31f03d5569b3de8cc3d04c58b53f28ff51973bb42601801902f5fce6f0eeb1949ff8808544cd2263d2796f3d7983073ecd489f983d204f77290266d6b62c89f629b5b3c24c03629c986191dd6f2f2f6e98efb8de871287dfbf7cebe4ffb9cef8e0fe6e54c8dc21efa719ff32c609e8b7d13813dbda98f1882bcda44d856f36dee5b9e4fec1d5f34db998ffa2faec30b9866ab76f357e2f34afdec903ba517840ad069b9582960d58d23cc95d7c972ed6a6fec9138f2c28524880d7e040bac742829241057a576c5c6661809c140655964ac5727881cb0bc913f8a1b737c640d89876ab6ec6501092dd6f6e98535f0576a05a65494252e3f4dd210007262bf8655c65502075f6673ce345c4af8dfee2c32e308c565def72da9fd8145793cb6042c76a62ff7c1c3f9e56295f4218edde6fe306f00e68cbba411f3a7c6a5a06cade5467f7e2e447fddaa3183b6532e33971643af236bff6db1496316be6c0635660c3f2b8ee010770e5e50cacb5f21ead74872481a2d9ef479a6459e5e91805423bfc47a00850cfc87d8e5e120d3767d01c0ec0b5f95c6840cea4d7578d66d11da4a28f97017b3f9b9d8aab43bd978f1c14a676480fcc34ffd0e3bc11125df4903d04c20e3eebb6f52ebc70a4da908020870befe2a5ffc62cd4f91d351f7e50f4ed4f789e8e418170d73216d54281330e31d6e24c28967a846e78930c3188f60b45ebe92b7e7ddc2ad723abb8ad9df7503d39a9dd15e75dd100e1a0f72351bbc0859256876b4eb7eff22087c85288ba292827a6bdb7c42663e303fe17784496146ba457ea45885deb4642e3ef9aee347b6c2e758b6a8a0362067252213431c5cf7b7191805bea9e73aee4e28a2125f962b7f80fb6eeef912073ebd1e3ada4b3a33d6d17b9c67ffc532a13d3875f6c1f341f748befdd289046f17fe524c839c16e09c1c292f1fccef4d93036b4c6ac863fb6845b6e2e23f30f4b1a7690336766880d0304db10dbee1496ead2fed71c36ac6165289dd8d7ed3f20fc50be2a49c75f0630e0dea48bf303e66de8b0200baf1a7b57f6d7c3fc60b620a60b2a8fa3f973ab387287cecea3c3569b31e078d8a7ccb234b4fcbaaa963e7357fb8bf9585539e2cf8abf576d43ba3762724d0b39a7420b5b04df19364a70f3fad24ef028c982c19ed3058407d4b9315262867ad74a1cc4b609a12c986c52b86752eb15c6d6a9d7d18e95f150f140555c3701bf332498fdbbfdf7ee3b6d691377093a2dec863c2a225b0f330b1f2f86ad4b23fc8b831396346d2612922a4d6264803de16636ed98777c6ed425267aea09ab5a57bb7332c234b3f942e8d7e39b1a9c1d753a02e703b94d497f2594e8f447b73c824204db0f2184b7a4f0238888f0d0cc06ec6e6298b91520fea8a05acd7f1e5df59219d35dd6e6da3b1cdcc1b8cdc56626f12953cd0aef085303880e40dbe9b8b21eb00e1a21707243f3ce74a712bc443e6d68e4d17442f3e861afc4eae3fcd62c7988ec45c2a220bf1d9a28b3549781bb6c2e949183e993109ab711b31ac014c033370b59a3db0b9bfe9c4331d45ea40f60d28008ade1781f08c33376542ff0890d1703e371ae947d5f31f221f6436a537af3aa2b54336936962b6f899b3f6bc2d815ae63d0d012c3696f022374c4b36892afeeb7ee2ea2ae707d608046442b2c15e1931c0e02d6e8d7972ced4c3aef9c2d8aeea463c51fe3d16c76d87da4bd436e9cbadf13603c29005618c4c62b54d135e5324826eb5b2791435dac5c88303826207de71498f2499eef91dab293e697b6f013a51069e8d70a01b5f1ef728c12ad20dfd818690d2c5602c318b77c1d202896bd112efc914e3218656f8a1193607519ca59fa122bcbd590c0c14ba2171fe3c89f2d26a156bca22180969c04c79d5a7699ec986bbd8f8150d7b7be455fb8c9a6e243cc2b99da3fc1e2ee63c4c77cb73d84c4bdaa9c12b547469b71e01958ee4709d36e30f601c119796494335e940abd0f0530235c9f81172f5a6bda2f948c5ad73d46e6541aa8229054960b3f8ab2af64a4c19f4b3b1ad325d7e33169e1f2cfb9749aa3f437ea27ec79144dea22b0c6789aa25ba35b513a7fedd1b7c299c9aac6ed3a129337483fecc60ffa27e054598b76a54d0ded41eeb5b23c9a69966f03b8f553836d276009c9ab760cfb920ae9b2585919bcc1aeedacc09e0cf7b6159434892551d832c13ef70adff40e6f34f3a5ee95d6918171ba91564046287fded7b2836f1b10c47c306e4fdfa997a939c726660400ec638973da4e5c023bb8b6ae33a4dba0beb1079f91b3a177077e78d7c103c43e7f9d98b47905aab80334d59c0f0907b192fdb28a222a88480c92d1ca8cdc859ee013abe9ccce0c25eebab29f5e92fec343e746a2ca4a2a70aa52cb97b47b18427252b6fb5474b33a1a906d42a8128639be540e5e4989f7e3ba770906a33b132f215379dc49e2bc7ea165266ae1ccde0b924986b0c40b1d4d7aaaaf681e97bd4ce60ca64a53518ac362ba804311699547eb8e6ab27f0c0657b68f88021fb6f83a7c44be9ce705d665a9291ce99e261d790d9e2e25b61a754b406652d07347f9618ae898da03cd3634c53454673bccd9f0fe32d4cf56fdee708e4ea04cced71c5164afb40e0b10d3c6314ea94d6c46dffce7e6753f75b9b0e824d8e986865c1de8cd14b3daa8592fcea7201535e8e000558ca1a5fe23f3173e28785eafe5f92b338d689e834b7dccaf67f06b60e7b37ddc4b92352c8068d2c3b339315c8bf6feac52c5382e5a888f8a397409addb80a6b21cb214a9e9c8397aa6c1cdf20765cd225c639b44e9bb6a113ca8be02ea016"}, @INET_DIAG_REQ_BYTECODE={0x39, 0x1, "0de161b02ac12357021e02a9b2350a56e1167994e2f46aefd6cba5e156ff4f7d308e0830651809a523d60400"/53}, @INET_DIAG_REQ_BYTECODE={0x4}, @INET_DIAG_REQ_BYTECODE={0xb4, 0x1, "5fb53c09859ef95843081c0c45ed8ae0397d237e51a1119cdad6a9ca8d31875a003c75e15299ddfede109e7ee40219a8183884816ed425942125a8978d4b98da9812ddf583c386ba5c5608cbe96d4120003c6b8ae3a6d1e0fbbbde61b8e43bae5884d2e2ddc23cb148eb6a1e6fe6c475464493fbdf750012355143bf7f998fcc32b17645891c781d6fbc46a4fd5060f6aec6b0e8c69e764f16797bd6d6a54d9d20c0f96f8a24bdab19fbf164fb5769da"}, @INET_DIAG_REQ_BYTECODE={0xca, 0x1, "dccfb1f2750100eedcd7f61f376a41e734aef6f904c3cdcdc39b14d0404c5b54b70c86ee52411e1c62af035a09faf9d9eb9f1cdb7f0741e8973bb5223774abb5812177e1cb74491649b1a8235f7d742bff26c99e97c4fec32b68dc279f525bec4d152523c140a4b1f9cb920d54ce294823fb18afa40994f2d7bd72ad72a18a57caf497338f56648f2909687eb3ed79eef62103a5cc6de376190938ff6c7087525d681b33e6e2aecbc8a3c755f171ef11ad065f91d48deb46847881bbd126272436f87fe8fb4e"}, @INET_DIAG_REQ_BYTECODE={0x32, 0x1, "4c77e5e441ed84fb678dbbc07a41d96e148b2f1ef23d8b6e8ac40c5148bc92bd48fe765e06dc10f4054c221350d2"}]}, 0x1300}, 0x1, 0x0, 0x0, 0x4080000}, 0x20000801)
bind$xdp(r2, &(0x7f00000003c0)={0x2c, 0x18, r3}, 0x10)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x10, &(0x7f0000000040)=0x9, 0x4)

6.634935955s ago: executing program 6 (id=535):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1}) (fail_nth: 1)

6.504556556s ago: executing program 6 (id=536):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x4004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xa}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x15)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f00000008c0)={'filter\x00', 0x7, 0x4, 0x404, 0x0, 0x218, 0x10c, 0x324, 0x324, 0x324, 0x4, &(0x7f0000000280), {[{{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, 0xff000330, 0xffffffff, 0x4, 0x0, {@mac, {[0xff, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@local, {[0xff, 0x0, 0xff, 0xff, 0xff, 0xff]}}, 0xfff2, 0x101, 0x79, 0x1, 0x7ff, 0x8, '\x00', 'vcan0\x00', {0xff}, {0xff}, 0x0, 0x4}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @mac=@local, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x8, 0x1}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="07aebe92cc85", @empty, @loopback, @broadcast, 0x8}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x1, 0x1}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x450)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x402, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000081000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.84921822s ago: executing program 4 (id=540):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2c, 0x6, &(0x7f0000006680))
r0 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
sendfile(r0, r0, &(0x7f0000000340)=0xcc7d, 0xfffffffb)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000013c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r8, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0xbf}]}}}]}, 0x40}}, 0x0)
sendto$packet(r5, &(0x7f0000000240)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141", 0x2b, 0x40, &(0x7f0000000540)={0xc9, 0x0, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
fsetxattr$security_capability(r1, &(0x7f0000000000), 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
unshare(0x62040200)
syz_usb_connect(0x4, 0x3b, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0xb211, 0x13580, 0x0, 0x1d7}, &(0x7f0000000100), &(0x7f0000000280), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

4.803612059s ago: executing program 6 (id=542):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpgid(0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
mmap$binder(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x11, r3, 0x800000000000)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x2000, 0x6, &(0x7f0000bdd000/0x2000)=nil)
sched_setattr(r2, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0x0, 0x806, 0x5, 0xffffffff}, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0x106, &(0x7f0000000140)={0x0, 0xecd9, 0x1000}, &(0x7f0000000340), 0x0, &(0x7f0000000000))
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r5, 0x4020aed2, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_DEL_VIF(r6, 0x0, 0xcb, &(0x7f0000000080)={0x1, 0x4, 0x40, 0xffffffff, @vifc_lcl_addr=@dev={0xac, 0x14, 0x14, 0x33}, @local}, 0x10)
socket$inet6(0xa, 0x80003, 0xff)
unshare(0x6a040000)

3.857082567s ago: executing program 6 (id=543):
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="480000001400190d09004beafc0d8c560a8447608004000000000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1)
r1 = fsopen(&(0x7f0000000280)='pvfs2\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
ioctl$sock_ifreq(r4, 0x8922, &(0x7f0000000080)={'dummy0\x00', @ifru_ivalue})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x1, 0x1}, 0x21)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x101e01, 0x0)
r5 = epoll_create1(0x0)
ustat(0x5, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000002})
setrlimit(0xb, &(0x7f0000000200)={0x4, 0x101})
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000002c0)=@ethtool_sfeatures={0x33}})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x36)

3.843113303s ago: executing program 3 (id=544):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0x4}, {0xffff}, {0x2, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x9, 0x0, 0xf, 0x10, 0x2, 0x6, 0x2, 0x8, 0x2, 0x0, 0x1, 0x8, 0x1, 0x10, 0x4], 0x3, [0xf, 0x101, 0x7fff, 0x2002, 0x1, 0x4, 0x6, 0xd03, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x2, 0x8, 0x7, 0x2a, 0x401, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x4]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x810}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
r10 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r10, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r9, 0x1, 0xd8, 0x6, @multicast}, 0x14) (fail_nth: 1)

3.592689643s ago: executing program 3 (id=545):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x20040084)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r5, {0x4}, {0xffff}, {0x2, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x9, 0x0, 0xf, 0x10, 0x2, 0x6, 0xd, 0x8, 0x2, 0x0, 0x1, 0x8, 0x1, 0x10, 0x4], 0x3, [0xf, 0x101, 0x7fff, 0x2002, 0x1, 0x4, 0x6, 0xd03, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x2, 0x8, 0x7, 0x2a, 0x401, 0x2, 0xc, 0x8, 0xfffc, 0x3, 0x4]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x810}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, &(0x7f0000000000)=0xffb)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r7, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x80, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})
read(r7, &(0x7f0000000200)=""/193, 0xc1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
r10 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r10, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r9, 0x1, 0xd8, 0x6, @multicast}, 0x14)

3.576816973s ago: executing program 7 (id=546):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16, @ANYBLOB="010829bd7000000000000b00000008000300", @ANYRES32, @ANYBLOB="60005080110001004abee339084eeef16f162471f40000000800030009ac0f000500020007"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010829bd7000000000000b00000008000300", @ANYRES32=r2, @ANYBLOB="60005080110001004abee339084eeef16f162471f4000000080003000cac"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0) (fail_nth: 1)

3.412280006s ago: executing program 7 (id=547):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000540)={&(0x7f0000000480)={0x40, 0x6, 0x6, 0x101, 0x0, 0x0, {0xa, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x40010}, 0x90)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, 0x0, 0x48040)
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x5)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
cachestat(r1, &(0x7f0000000040)={0x5, 0xffffffffffffffff}, &(0x7f0000000080), 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x10}]}, @NFT_MSG_NEWSETELEM={0x38, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0xc, 0x3, 0x0, 0x1, [{0x8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}]}]}]}], {0x14, 0x10}}, 0xbc}}, 0x20000080)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x1, @random="ef6dc2ff5185", 'veth1_to_team\x00'}}, 0x1e)

3.362661475s ago: executing program 3 (id=548):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000020303000000000000000000000000000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={0x14, 0x1, 0x3, 0x101}, 0x14}, 0x1, 0x0, 0x0, 0x20048001}, 0x5800)

3.362294917s ago: executing program 3 (id=549):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x7, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x24c4436d5a174b6d, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x15)
r1 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f00000003c0)={'broute\x00', 0x0, 0x0, 0x0, [0x61, 0x10000, 0x9c9, 0xf, 0x4, 0x3]}, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r0)
sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000640)={&(0x7f00000004c0)={0x94, r2, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1a}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x180000}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffd}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000080}, 0x880)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f00000008c0)={'filter\x00', 0x7, 0x4, 0x404, 0x0, 0x218, 0x10c, 0x324, 0x324, 0x324, 0x4, &(0x7f0000000280), {[{{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, 0xff000330, 0xffffffff, 0x4, 0x0, {@mac, {[0xff, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@local, {[0xff, 0x0, 0xff, 0xff, 0xff, 0xff]}}, 0xfff2, 0x101, 0x79, 0x1, 0x7ff, 0x8, '\x00', 'vcan0\x00', {0xff}, {0xff}, 0x0, 0x4}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @mac=@local, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x8, 0x1}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="07aebe92cc85", @empty, @loopback, @broadcast, 0x8}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x1, 0x1}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x450)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x402, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x38011, r4, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000081000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x3d, 0x8, &(0x7f00000002c0)="0000000003000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
read(r5, &(0x7f0000000580)=""/190, 0xbe)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

3.27252135s ago: executing program 7 (id=550):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x4004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xa}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x15)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f00000008c0)={'filter\x00', 0x7, 0x4, 0x404, 0x0, 0x218, 0x10c, 0x324, 0x324, 0x324, 0x4, &(0x7f0000000280), {[{{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, 0xff000330, 0xffffffff, 0x4, 0x0, {@mac, {[0xff, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@local, {[0xff, 0x0, 0xff, 0xff, 0xff, 0xff]}}, 0xfff2, 0x101, 0x79, 0x1, 0x7ff, 0x8, '\x00', 'vcan0\x00', {0xff}, {0xff}, 0x0, 0x4}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @mac=@local, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x8, 0x1}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="07aebe92cc85", @empty, @loopback, @broadcast, 0x8}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x1, 0x1}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x450)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x402, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000081000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.406878012s ago: executing program 6 (id=551):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000440)=""/111)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000280)={0x9})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000100)={[{0xf, 0x2, 0x4, 0xff, 0x9, 0x8, 0x3, 0xa, 0xb9, 0x1, 0x2, 0x5, 0x400000c9}, {0x2, 0x2, 0x1, 0x40, 0x7, 0x0, 0x2, 0xff, 0x0, 0x4, 0x6, 0x7f, 0x20a}, {0x40000001, 0x3, 0x38, 0x3, 0x84, 0x7, 0xd6, 0x0, 0x8, 0x5, 0x4, 0x9, 0x1}], 0xffffffef})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0xd4, 0x5, 0x61, 0x200002000001, 0x0, 0x2004c8, 0x80000000000, 0x0, 0x36ae, 0x5, 0x7fff, 0x3, 0x400000000, 0x0, 0x81], 0x80a0000})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001800010027bd7000fddbdf251d01000015001a000600000015000200020000a4080000002502000000"], 0x44}}, 0x2404c0c8)
syz_usbip_server_init(0x6)

2.278852306s ago: executing program 3 (id=552):
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e046f040404"], 0x7)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GFACILITIES(r1, 0x89e2, &(0x7f0000000000))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000005000000000000000900000018110000", @ANYRES32=r0, @ANYBLOB="0000b4b800000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000002000000850000002d000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0xb, 0x0, 0x0, 0x41100, 0x24}, 0x94)

2.221927246s ago: executing program 4 (id=553):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r1, &(0x7f0000000040)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3}, 0x3}, 0x1c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000000280)={0x30, r4, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="7bf24827ed91"}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20000884)
epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x80000000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000040)={'gre0\x00', r6, 0x7, 0x700, 0x5, 0xe, {{0x41, 0x4, 0x1, 0x5, 0x104, 0x67, 0x0, 0x7b, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0x1f}, @multicast2, {[@timestamp_addr={0x44, 0x44, 0x17, 0x1, 0x4, [{@broadcast, 0xfffffff7}, {@local, 0x2bd}, {@broadcast, 0x4}, {@remote, 0xa0}, {@rand_addr=0x64010101, 0x3}, {@broadcast, 0x46e}, {@dev={0xac, 0x14, 0x14, 0x1c}, 0x1e14}, {@broadcast, 0x8}]}, @lsrr={0x83, 0x7, 0xd2, [@broadcast]}, @timestamp_prespec={0x44, 0x54, 0x7c, 0x3, 0x8, [{@multicast2, 0x1}, {@dev={0xac, 0x14, 0x14, 0x20}, 0x80}, {@dev={0xac, 0x14, 0x14, 0x2b}, 0x1e}, {@broadcast, 0x7}, {@rand_addr=0x64010101, 0x7}, {@empty, 0x1}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, {@broadcast, 0xfff}, {@empty, 0x6}, {@private=0xa010102, 0x6}]}, @end, @lsrr={0x83, 0xf, 0xec, [@multicast2, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0x2c, 0x3b, 0x1, 0x1, [{@empty, 0xfffffffd}, {@local, 0x8}, {@rand_addr=0x64010100, 0xf5}, {@dev={0xac, 0x14, 0x14, 0x14}, 0x2}, {@local, 0x8000}]}, @lsrr={0x83, 0x13, 0x79, [@multicast1, @remote, @empty, @broadcast]}]}}}}})
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={[{@mpol={'mpol', 0x3d, {'bind', '=static', @void}}}]})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r8 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r8, &(0x7f0000001b40)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x4000401, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x800000, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x2], [0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x9, 0x0, 0xe, 0x3, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xffff8800, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1000000, 0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0xfffffffa, 0xfffff986], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x800, 0x2, 0x7fff, 0xfffffffc, 0x0, 0x0, 0x3, 0x0, 0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3], [0x2, 0x0, 0x6, 0x0, 0xfffffffe, 0x0, 0xfffffffe, 0x4, 0xfffffffc, 0x2, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2794, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r8, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r8, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r8, 0x5501)
bind$bt_l2cap(r7, &(0x7f0000002080)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r9}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r9, &(0x7f000000c3c0)={0x2020, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_INIT(r9, &(0x7f0000000080)={0x50, 0x0, r10, {0x7, 0x29, 0x9, 0xffffffff948ae5d4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x82}}, 0x50)
r11 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x2c)
syz_fuse_handle_req(r9, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getdents64(r11, 0x0, 0x20000)
setsockopt$bt_BT_DEFER_SETUP(r7, 0x112, 0xf, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000380)={'erspan0\x00', &(0x7f0000000200)={'gretap0\x00', r5, 0x10, 0x10, 0xff, 0x0, {{0xe, 0x4, 0x2, 0x37, 0x38, 0x68, 0x0, 0x7, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, {[@generic={0xc7, 0x8, "e6018ea7703b"}, @end, @timestamp_prespec={0x44, 0x4, 0x59, 0x3, 0x9}, @end, @timestamp_prespec={0x44, 0x14, 0x12, 0x3, 0x2, [{@local}, {@private=0xa010102, 0x100}]}]}}}}})
setsockopt$bt_BT_RCVMTU(r7, 0x112, 0xd, &(0x7f0000000000)=0x3, 0x2)

2.13899082s ago: executing program 3 (id=554):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2c, 0x6, &(0x7f0000006680))
r0 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
sendfile(r0, r0, &(0x7f0000000340)=0xcc7d, 0xfffffffb)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000013c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r8, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0xbf}]}}}]}, 0x40}}, 0x0)
sendto$packet(r5, &(0x7f0000000240)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141", 0x2b, 0x40, &(0x7f0000000540)={0xc9, 0x0, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
fsetxattr$security_capability(r1, &(0x7f0000000000), 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
unshare(0x62040200)
syz_usb_connect(0x4, 0x3b, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0xb211, 0x13580, 0x0, 0x1d7}, &(0x7f0000000100), &(0x7f0000000280), &(0x7f0000000000))
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

1.386163352s ago: executing program 4 (id=555):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x80202, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x1000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
r4 = openat$sndseq(0xffffff9c, &(0x7f0000000140), 0x400)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r4, 0xc08c5336, &(0x7f0000000400)={0x4, 0x4, 0x1, 'queue0\x00', 0x2})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x58, &(0x7f0000000180)=ANY=[@ANYRES64=r4], 0x0, 0x2, 0xc4, &(0x7f00000004c0)=""/196, 0x0, 0x7b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x38, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
unlink(&(0x7f0000000000)='./bus/\x00')
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000e7000000000000000900000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000065090100000000006600000020207025180100002020702500000000002020207b9a00fe000000005e9100000000000037010000f8ffffffb702000008000000b7030000ffffffff56000000060000002c93000000000000b5030000000000008500000076000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r10, 0x8933, &(0x7f0000000040))
sendmsg$nl_route(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x6c, 0x10, 0x401, 0x2020000, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x34, 0x2, 0x0, 0x1, [@IFLA_GRE_TTL={0x5, 0x8, 0x8}, @IFLA_GRE_ENCAP_TYPE={0x6}, @IFLA_GRE_OKEY={0x8, 0x5, 0x2}, @IFLA_GRE_IGNORE_DF={0x5, 0x13, 0x1}, @IFLA_GRE_TTL={0x5, 0x8, 0xb5}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0x3fc1f}]}}}, @IFLA_NET_NS_FD={0x8}]}, 0x6c}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4054)
fsopen(&(0x7f0000000040)='ocfs2_dlmfs\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000680)={{0x1, 0x1, 0x18, r1, {r0}}, './bus/\x00'})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b80)={r9, 0xe0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x9, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x80, &(0x7f0000000940)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000980), &(0x7f0000000a00), 0x8, 0x6a, 0x8, 0x8, &(0x7f0000000a40)}}, 0x10)

679.519698ms ago: executing program 7 (id=556):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='b'], 0x47)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = openat$cgroup_devices(r2, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0)
splice(r0, 0x0, r3, 0x0, 0x5, 0xd) (fail_nth: 1)

225.845233ms ago: executing program 7 (id=557):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='pagemap\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='b'], 0x47)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003f40)=@newtfilter={0xe8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0xe58, 0x2, [@TCA_MATCHALL_ACT={0xe54, 0x2, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x5, 0x2, 0x20000000, 0x2, 0x4}, 0x4, 0x10}, [{0x4, 0x9, 0x40, 0x52, 0xa1, 0x8}, {0x2, 0xffffff01, 0xffff, 0xfffffffc, 0x62, 0x4f1}, {0x80000001, 0x4, 0x7, 0x76, 0x6, 0x5}, {0xb11, 0x1, 0x7f, 0xe5f, 0x4, 0x6}, {0xa10, 0x9, 0x6, 0xff, 0x800, 0x10001}, {0xffff, 0x5, 0x1, 0x6, 0x5, 0xdc8}, {0x4, 0x8506, 0x7ff, 0x2, 0x5, 0x7fffffff}, {0x800, 0x1, 0x3, 0x2, 0x2}, {0x53, 0x40, 0xd, 0x4, 0x874, 0x189}, {0x4740, 0xed, 0x1, 0xfd3, 0x5, 0x4}, {0x2, 0x6, 0x2, 0x9, 0x7d47, 0x8}, {0x8, 0x4, 0x3, 0xe, 0x40, 0x200}, {0x4, 0x6, 0x7, 0x72, 0x8000, 0x3dc}, {0x6, 0x37, 0x9, 0x5, 0x5, 0x80}, {0x9, 0xffff8001, 0x840f, 0x1, 0x6, 0x4}, {0x2, 0x2, 0x5, 0x5, 0x912, 0x3}, {0x0, 0x7, 0xfffff502, 0xff, 0x4, 0x4}, {0xfffffffe, 0x6, 0x3ff, 0x800, 0x6, 0x2}, {0x7, 0x4, 0x8001, 0x437, 0x7, 0x628}, {0x2, 0x3, 0x5, 0x6, 0x4, 0x8}, {0xfffff801, 0x7fff, 0x1000000, 0xfffffff5, 0x8, 0x9e}, {0x5, 0x1, 0x5, 0x200, 0xffff37db, 0x1}, {0x200, 0x2, 0x1, 0x3ff, 0x8, 0x3}, {0x4, 0x2, 0x3e03, 0x4, 0x8, 0xa08f}, {0xff, 0x3, 0x7, 0x4, 0x10, 0xdbaf}, {0x4, 0xfffffffb, 0x2, 0xc47, 0x8, 0x5bc}, {0x79, 0x2f3, 0x8, 0xffff, 0x1}, {0xe, 0x800, 0x2, 0xfffffff8, 0x5, 0x1}, {0x80, 0xc66, 0x9fa1, 0xfffffffc, 0x8, 0x41}, {0x7f, 0x9, 0xfffffff7, 0x4, 0x3, 0x800}, {0x9, 0x1, 0x4, 0x6, 0x7, 0x8000}, {0x5, 0x2, 0x987, 0x5, 0x0, 0xffff4377}, {0x2, 0x9, 0x6, 0x4, 0x0, 0x9}, {0xc, 0x1, 0x0, 0x2, 0x4, 0x2}, {0xffffffff, 0x0, 0xfffffffc, 0x1, 0x400, 0xffffff00}, {0x3, 0x80000000, 0x3, 0x14e7dcd1, 0x6, 0x2}, {0x7, 0x10001, 0x10, 0x8, 0xa, 0x6}, {0x1, 0x100, 0x3, 0x1ff, 0x5}, {0xe, 0x1, 0x0, 0x3, 0x3, 0x7}, {0x7, 0x2, 0x2, 0x3, 0x0, 0xfffffff9}, {0x80000000, 0x1, 0x8, 0x4, 0x800, 0x8}, {0xfffffff9, 0x81, 0x401, 0x7, 0x4, 0x3}, {0x898, 0x919, 0x3, 0x16000, 0x7, 0x9}, {0x130dd208, 0x63f, 0x1, 0x8e, 0x2, 0x6}, {0xc08f, 0x4, 0x4, 0x3, 0x7, 0x3}, {0x2f, 0xffffffff, 0x281, 0x6, 0x7, 0x4}, {0x2, 0x4, 0x1, 0xffff1cb0, 0x8, 0x401}, {0xffffffff, 0x40, 0x8, 0x2, 0x1, 0xc}, {0x23e9d24a, 0x3b, 0xffffffff, 0x9, 0x8, 0x9}, {0x10001, 0x32, 0x10001, 0x3, 0x52, 0xfffffffc}, {0x4, 0x1, 0xfb, 0x4, 0x6, 0x6}, {0x4, 0x47, 0x7, 0x5, 0x0, 0x7fffffff}, {0x3, 0xbc3f, 0x7, 0x80000001, 0xf, 0x8000}, {0x0, 0x0, 0xa32, 0x8, 0xc, 0x8}, {0x1ff, 0x3, 0x5, 0x8, 0x0, 0x7}, {0x3, 0x3b, 0x8, 0x2, 0x7ff}, {0x5, 0x4909, 0x2, 0x40, 0x7fff, 0x1}, {0x8, 0x1ff, 0x3, 0xfffffffa, 0x1, 0x43}, {0x8, 0x4, 0x6, 0x6, 0x35e, 0x7}, {0x8, 0x7, 0x8, 0x8, 0x3}, {0x8, 0x8, 0xe, 0x7, 0x67, 0x1ff}, {0x3, 0x100000, 0x7, 0x7e2b, 0x5, 0x5}, {0x10001, 0x10000, 0x5, 0x3, 0xfffffff8, 0x4}, {0x6, 0x991e, 0x7, 0x7, 0xc97, 0x4}, {0xa, 0x0, 0x8, 0x5, 0x2, 0x6}, {0x8, 0x6, 0x8001, 0x5, 0x8, 0x9}, {0x2, 0x1, 0x400, 0xffff, 0xc, 0x7}, {0x9, 0xffffffff, 0x9, 0x3ff, 0xc, 0x5}, {0xa, 0x2, 0xfff, 0x7, 0xfff, 0x7}, {0x3, 0x2, 0x9, 0x80, 0x7, 0x8}, {0x800, 0x7, 0x5, 0x8, 0xb351, 0x40}, {0xfffffffe, 0x400, 0x8003, 0x75ce, 0x4, 0x1}, {0xffff, 0x5, 0x80000000, 0x8, 0x3, 0x10001}, {0x6, 0x8, 0x3ce, 0x3, 0x56000, 0x1000}, {0x3, 0x83e, 0xa, 0x5, 0x7, 0x8}, {0x9, 0x4, 0x1, 0x6, 0x6, 0x5}, {0x5, 0x8000, 0x8, 0x0, 0x40000000, 0xff}, {0x6, 0xea, 0x2, 0xf7, 0xe, 0x6}, {0x8, 0x1, 0x2, 0xff, 0x8, 0x8}, {0x3, 0x8, 0x10000, 0x81, 0x2, 0x9ca}, {0xfff, 0xaadb, 0xfb5, 0xe7b, 0x2, 0x401}, {0x5, 0x4, 0x1000, 0x8001, 0xe1, 0x2}, {0x8000, 0xc5, 0x8, 0x0, 0x2, 0x5}, {0x8, 0x2b, 0x6, 0x8, 0x6, 0xfffffff7}, {0x2, 0x7fffffff, 0x3, 0x5, 0x0, 0x5}, {0xf, 0x7fff, 0x0, 0x8000, 0x0, 0x8}, {0x4, 0x0, 0x7, 0xa9c, 0x1, 0x9}, {0x4, 0xffff, 0x79a, 0x5, 0x0, 0x2}, {0x1, 0x9, 0x4, 0xffffffff, 0x31, 0x401}, {0x4, 0x7, 0x8, 0x1, 0xfff, 0x1}, {0x4, 0xf, 0x6d0, 0xf, 0x6, 0x70}, {0xd0d, 0x7, 0x3, 0x10000, 0x2, 0x8}, {0x6044, 0x6, 0x8e, 0x81, 0xb, 0x8}, {0xfb56, 0xd1, 0x0, 0xfffffff4, 0x5, 0x2}, {0xfffffff9, 0x8, 0x1, 0x7fff, 0x8, 0xb4b}, {0x5, 0x4dc3, 0x855e, 0x8, 0x1, 0x7}, {0xd, 0xfffffff8, 0x6, 0x6e, 0x5, 0xffffffff}, {0x9, 0x6, 0x8, 0x7ff, 0x7, 0x18a}, {0x2, 0x2, 0x1fcd, 0x9, 0x0, 0x8}, {0x4, 0x4, 0x850, 0x51, 0x3ff, 0xb7}, {0x7, 0x7, 0x9, 0x9}, {0x477, 0x9, 0xf7, 0x7fffffff, 0x2c00000, 0x5}, {0x10, 0x80000000, 0x6dc, 0x3a98c5bc, 0x9, 0x7}, {0x8, 0x7, 0x753f390a, 0x5, 0xb}, {0x200, 0x4, 0x8, 0xd, 0x101, 0x9f8}, {0x200, 0x1707589b, 0x6, 0x6, 0x80}, {0x4, 0x7, 0x8, 0x4, 0x7, 0x7}, {0x0, 0xffffff00, 0x5, 0x4, 0x7, 0xfffffffb}, {0x9, 0x100, 0xfa7, 0x1000, 0x2, 0x4}, {0x7f, 0x57, 0x0, 0x8, 0x68f3, 0x841}, {0x6, 0x1, 0x10, 0xffffffff, 0x0, 0xfffffff8}, {0x3ff, 0x3ff, 0x8001, 0xfff, 0x0, 0x2}, {0x7, 0x4, 0x7, 0x5, 0x6e1b, 0x5}, {0xfffff2b6, 0x7, 0x2, 0xfffffffd, 0xd, 0x45b0}, {0x80000001, 0xfffffffd, 0x81, 0xfffffffb, 0x6}, {0x401, 0x7, 0xe, 0x9, 0x7, 0x2}, {0xf69, 0x57, 0x0, 0x8, 0x5}, {0x4, 0xfff, 0xa1, 0x9, 0x800, 0xfff}, {0x4, 0x8, 0xa7c, 0x0, 0xcd, 0x2}, {0x9, 0x7f, 0x5, 0x7, 0x4, 0x9}, {0x3, 0x1, 0x101, 0x0, 0xc, 0x7}, {0xe5a, 0x8, 0x6, 0x2, 0xffffffc0, 0xc}, {0x5, 0xfffffffd, 0xffff, 0x9973, 0x8, 0xe4a}, {0x7ff, 0x9, 0x3, 0xf0, 0x81}, {0x100, 0x6, 0x9, 0x5, 0x80000000, 0x5}, {0x0, 0x80000000, 0x99, 0x2, 0xc, 0x7}, {0x378140be, 0x4, 0x7ff, 0x10, 0x7f77, 0xffffff81}, {0x401, 0x10001, 0x8, 0x4, 0x2, 0x8}], [{0x0, 0x1}, {0x3}, {0x0, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2}, {0x5}, {0x3, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x3}, {0x2}, {0x3}, {0x0, 0x1}, {0x5}, {0x3, 0x1}, {0x2, 0x1}, {0x1}, {0x4}, {0x4, 0x1}, {0x0, 0x32820417c2b438f9}, {0x3}, {0x4, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x5}, {}, {0x4}, {0x2, 0x1}, {0x3}, {0x3, 0x1}, {0x5, 0x1}, {0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {}, {0x5}, {0x1}, {0x4}, {0x2}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x3}, {0x4, 0x1}, {0x5, 0x1}, {0x4}, {0x3}, {0x5}, {0x4, 0x1}, {0x5}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x4}, {0x3, 0x1}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x2}, {0x4, 0x1}, {0x2}, {0x4}, {0x4, 0x1}, {0x3}, {}, {0x1}, {0x2, 0x1}, {0x2}, {0x5}, {}, {0x3}, {0x5}, {0x2, 0x1}, {0x5}, {0x3, 0x1}, {0x1}, {}, {0x0, 0x1}, {0x5}, {0x3, 0x1}, {0x5, 0x1}, {0x4}, {0x1, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x3}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x5}, {0x2, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x1}, {0x2}, {0x5}, {0x3, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x1}, {0x5, 0x1}, {0x1}, {0x4}, {0x3}, {0x3, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x3, 0x21577a60a46d04d}, {0x1}, {0x5, 0x1}, {0x3}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x1}, {0x2, 0x1}, {0x4}, {0x3, 0x1}], 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0xe8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c0000000201010157000000000000d4388560123b4d27da56ac6446798e5495399afe9df996b437ba6d006d6906404dc4f1f0191262d309adaee3256201e944ed1dd36b7b4beba43d4db8859da1dee0347d8b97d54490ca0ad7ecdf62aa93780679bdfde64482e8be58fe479784238e099fd01cfc27105e01321bf7be107c5805dc6f97150d692487ee8c31e55651efe1ded49b93865b529031f112fb72954b093f2d2d2a40f6342cf6f814cf35f0f15e3cbcdde54f69486258afbf00bf23065a78"], 0x1c}, 0x1, 0x0, 0x0, 0x4880}, 0x0)
r8 = io_uring_setup(0x7ba6, &(0x7f0000000140)={0x0, 0x12fd, 0x1, 0x1, 0x36a})
io_uring_enter(r8, 0x6972, 0xefd7, 0x2, &(0x7f0000000080)={[0x669e]}, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r9, 0x8946, 0x0)
syz_open_dev$vim2m(&(0x7f0000000300), 0x1b33, 0x2)

0s ago: executing program 7 (id=558):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r0 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r2, &(0x7f0000000380)='./bus\x00')
readlinkat(r2, &(0x7f0000000400)='./bus\x00', &(0x7f0000000680)=""/206, 0xce)
readlinkat(r2, &(0x7f0000000000)='./bus\x00', &(0x7f00000002c0)=""/163, 0xa3)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40110}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r5}]}, 0x40}}, 0x40000)

kernel console output (not intermixed with test programs):

226]  ? copy_fpstate_to_sigframe+0x2b8/0xb20
[  109.936923][ T7226]  ? __local_bh_enable_ip+0x9e/0x120
[  109.936946][ T7226]  copy_fpstate_to_sigframe+0x789/0xb20
[  109.936971][ T7226]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  109.937001][ T7226]  ? x86_task_fpu+0x5f/0x90
[  109.937023][ T7226]  get_sigframe+0x3fb/0x940
[  109.937047][ T7226]  ? __pfx_get_sigframe+0x10/0x10
[  109.937065][ T7226]  ? rcu_is_watching+0x12/0xc0
[  109.937092][ T7226]  ? _raw_spin_unlock_irq+0x23/0x50
[  109.937117][ T7226]  ? siginfo_layout+0x156/0x290
[  109.937137][ T7226]  ia32_setup_rt_frame+0xed/0xb00
[  109.937168][ T7226]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  109.937190][ T7226]  ? __mutex_unlock_slowpath+0x15c/0x790
[  109.937219][ T7226]  arch_do_signal_or_restart+0x43f/0x770
[  109.937242][ T7226]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  109.937267][ T7226]  ? ksys_write+0x1ac/0x250
[  109.937290][ T7226]  exit_to_user_mode_loop+0x86/0x4a0
[  109.937316][ T7226]  do_int80_emulation+0x4b8/0x6b0
[  109.937335][ T7226]  asm_int80_emulation+0x1a/0x20
[  109.937351][ T7226] RIP: 0023:0xf7145cab
[  109.937366][ T7226] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  109.937381][ T7226] RSP: 002b:00000000f54064bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  109.937394][ T7226] RAX: 0000000000000001 RBX: 0000000000000005 RCX: 00000000f54065c0
[  109.937400][ T7226] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  109.937406][ T7226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  109.937412][ T7226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  109.937418][ T7226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  109.937432][ T7226]  </TASK>
[  110.284707][  T133] usb usb38-port1: attempt power cycle
[  110.287447][ T7234] x_tables: duplicate underflow at hook 1
[  110.594957][ T7237] hub 8-0:1.0: USB hub found
[  110.647001][ T7237] hub 8-0:1.0: 1 port detected
[  110.846702][ T7240] FAULT_INJECTION: forcing a failure.
[  110.846702][ T7240] name failslab, interval 1, probability 0, space 0, times 0
[  110.851942][ T7240] CPU: 3 UID: 0 PID: 7240 Comm: syz.5.261 Not tainted syzkaller #0 PREEMPT(full) 
[  110.851967][ T7240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  110.851978][ T7240] Call Trace:
[  110.851985][ T7240]  <TASK>
[  110.851994][ T7240]  dump_stack_lvl+0x100/0x190
[  110.852029][ T7240]  should_fail_ex.cold+0x5/0xa
[  110.852052][ T7240]  should_failslab+0xc2/0x120
[  110.852075][ T7240]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  110.852102][ T7240]  ? do_getname+0x35/0x390
[  110.852130][ T7240]  do_getname+0x35/0x390
[  110.852155][ T7240]  __do_sys_file_getattr+0x47b/0x530
[  110.852178][ T7240]  ? __pfx___do_sys_file_getattr+0x10/0x10
[  110.852202][ T7240]  ? fput+0x79/0x100
[  110.852231][ T7240]  ? __pfx_ksys_write+0x10/0x10
[  110.852255][ T7240]  __do_fast_syscall_32+0xe3/0x8c0
[  110.852280][ T7240]  do_fast_syscall_32+0x32/0x70
[  110.852300][ T7240]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  110.852321][ T7240] RIP: 0023:0xf709ef6c
[  110.852338][ T7240] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  110.852353][ T7240] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 00000000000001d4
[  110.852373][ T7240] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  110.852385][ T7240] RDX: 00000000800000c0 RSI: 0000000000000018 RDI: 0000000000000100
[  110.852395][ T7240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  110.852405][ T7240] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  110.852416][ T7240] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  110.852438][ T7240]  </TASK>
[  110.953735][  T133] usb usb38-port1: unable to enumerate USB device
[  111.202538][ T7251] x_tables: duplicate underflow at hook 1
[  111.578982][ T7253] hub 8-0:1.0: USB hub found
[  111.581450][ T7253] hub 8-0:1.0: 1 port detected
[  112.222999][ T7268] x_tables: duplicate underflow at hook 1
[  112.990282][ T7275] x_tables: duplicate underflow at hook 1
[  114.069138][ T7288] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  114.228909][ T7287] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  114.231087][ T7287] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  114.233973][ T7287] vhci_hcd vhci_hcd.0: Device attached
[  114.260319][ T7287] netlink: 4 bytes leftover after parsing attributes in process `syz.3.275'.
[  114.424416][ T7287] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.424593][ T7302] tmpfs: Bad value for 'mpol'
[  114.429762][ T7287] 8021q: adding VLAN 0 to HW filter on device team0
[  114.433770][ T7302] input: syz0 as /devices/virtual/input/input16
[  114.443225][ T7287] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  114.511036][  T133] usb 44-1: SetAddress Request (6) to port 0
[  114.513385][  T133] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[  114.612214][ T7291] vhci_hcd: connection reset by peer
[  114.615576][ T1161] vhci_hcd vhci_hcd.3: stop threads
[  114.621030][ T1161] vhci_hcd vhci_hcd.3: release socket
[  114.624570][ T1161] vhci_hcd vhci_hcd.3: disconnect device
[  114.781025][ T6023] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  114.921120][ T6023] usb 5-1: device descriptor read/64, error -71
[  115.161125][ T6023] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  115.307862][ T6023] usb 5-1: device descriptor read/64, error -71
[  115.364755][ T7319] netlink: 64 bytes leftover after parsing attributes in process `syz.5.283'.
[  115.368610][ T7319] netlink: 60 bytes leftover after parsing attributes in process `syz.5.283'.
[  115.371928][ T7319] unsupported nlmsg_type 40
[  115.376595][ T7319] loop7: detected capacity change from 0 to 7
[  115.394858][ T7319] Dev loop7: unable to read RDB block 7
[  115.396768][ T7319]  loop7: unable to read partition table
[  115.398687][ T7319] loop7: partition table beyond EOD, truncated
[  115.400705][ T7319] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  115.431163][ T6023] usb usb5-port1: attempt power cycle
[  115.793354][ T6023] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  115.812881][ T6023] usb 5-1: device descriptor read/8, error -71
[  116.053051][ T7339] FAULT_INJECTION: forcing a failure.
[  116.053051][ T7339] name failslab, interval 1, probability 0, space 0, times 0
[  116.058990][ T7339] CPU: 1 UID: 0 PID: 7339 Comm: syz.3.287 Not tainted syzkaller #0 PREEMPT(full) 
[  116.059014][ T7339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  116.059023][ T7339] Call Trace:
[  116.059030][ T7339]  <TASK>
[  116.059036][ T7339]  dump_stack_lvl+0x100/0x190
[  116.059074][ T7339]  should_fail_ex.cold+0x5/0xa
[  116.059094][ T7339]  ? tomoyo_realpath_from_path+0xb6/0x690
[  116.059122][ T7339]  should_failslab+0xc2/0x120
[  116.059145][ T7339]  __kmalloc_noprof+0xe0/0x850
[  116.059170][ T7339]  tomoyo_realpath_from_path+0xb6/0x690
[  116.059197][ T7339]  tomoyo_path_number_perm+0x23c/0x580
[  116.059219][ T7339]  ? tomoyo_path_number_perm+0x22e/0x580
[  116.059241][ T7339]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  116.059284][ T7339]  ? find_held_lock+0x2b/0x80
[  116.059300][ T7339]  ? hook_file_ioctl_common+0x146/0x410
[  116.059319][ T7339]  ? __fget_files+0x215/0x3d0
[  116.059337][ T7339]  ? __fget_files+0x21f/0x3d0
[  116.059356][ T7339]  security_file_ioctl_compat+0xd3/0x230
[  116.059378][ T7339]  __ia32_compat_sys_ioctl+0xc2/0x360
[  116.059405][ T7339]  __do_fast_syscall_32+0xe3/0x8c0
[  116.059429][ T7339]  do_fast_syscall_32+0x32/0x70
[  116.059446][ T7339]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  116.059467][ T7339] RIP: 0023:0xf7fe4f6c
[  116.059481][ T7339] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  116.059496][ T7339] RSP: 002b:00000000f546450c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  116.059515][ T7339] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080082102
[  116.059526][ T7339] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  116.059536][ T7339] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  116.059601][ T7339] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  116.059610][ T7339] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  116.059631][ T7339]  </TASK>
[  116.059639][ T7339] ERROR: Out of memory at tomoyo_realpath_from_path.
[  116.070959][ T6023] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  116.152959][ T6023] usb 5-1: device descriptor read/8, error -71
[  116.261331][ T6023] usb usb5-port1: unable to enumerate USB device
[  116.451519][ T7346] FAULT_INJECTION: forcing a failure.
[  116.451519][ T7346] name failslab, interval 1, probability 0, space 0, times 0
[  116.460218][ T7346] CPU: 3 UID: 0 PID: 7346 Comm: syz.4.289 Not tainted syzkaller #0 PREEMPT(full) 
[  116.460243][ T7346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  116.460250][ T7346] Call Trace:
[  116.460255][ T7346]  <TASK>
[  116.460260][ T7346]  dump_stack_lvl+0x100/0x190
[  116.460283][ T7346]  should_fail_ex.cold+0x5/0xa
[  116.460297][ T7346]  ? tomoyo_realpath_from_path+0xb6/0x690
[  116.460314][ T7346]  should_failslab+0xc2/0x120
[  116.460327][ T7346]  __kmalloc_noprof+0xe0/0x850
[  116.460348][ T7346]  tomoyo_realpath_from_path+0xb6/0x690
[  116.460368][ T7346]  tomoyo_path_number_perm+0x23c/0x580
[  116.460381][ T7346]  ? tomoyo_path_number_perm+0x22e/0x580
[  116.460396][ T7346]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  116.460423][ T7346]  ? find_held_lock+0x2b/0x80
[  116.460434][ T7346]  ? hook_file_ioctl_common+0x146/0x410
[  116.460449][ T7346]  ? __fget_files+0x215/0x3d0
[  116.460463][ T7346]  ? __fget_files+0x21f/0x3d0
[  116.460476][ T7346]  security_file_ioctl_compat+0xd3/0x230
[  116.460492][ T7346]  __ia32_compat_sys_ioctl+0xc2/0x360
[  116.460511][ T7346]  __do_fast_syscall_32+0xe3/0x8c0
[  116.460527][ T7346]  do_fast_syscall_32+0x32/0x70
[  116.460540][ T7346]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  116.460555][ T7346] RIP: 0023:0xf7f45f6c
[  116.460564][ T7346] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  116.460576][ T7346] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  116.460588][ T7346] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000008914
[  116.460594][ T7346] RDX: 0000000080002280 RSI: 0000000000000000 RDI: 0000000000000000
[  116.460601][ T7346] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  116.460607][ T7346] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  116.460614][ T7346] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  116.460627][ T7346]  </TASK>
[  116.460632][ T7346] ERROR: Out of memory at tomoyo_realpath_from_path.
[  116.528721][ T7346] syzkaller0: entered promiscuous mode
[  116.530473][ T7346] syzkaller0: entered allmulticast mode
[  116.669610][ T7348] tmpfs: Bad value for 'mpol'
[  116.677575][ T7348] input: syz0 as /devices/virtual/input/input17
[  116.936363][ T7359] FAULT_INJECTION: forcing a failure.
[  116.936363][ T7359] name failslab, interval 1, probability 0, space 0, times 0
[  116.940660][ T7359] CPU: 3 UID: 0 PID: 7359 Comm: syz.5.293 Not tainted syzkaller #0 PREEMPT(full) 
[  116.940677][ T7359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  116.940684][ T7359] Call Trace:
[  116.940689][ T7359]  <TASK>
[  116.940695][ T7359]  dump_stack_lvl+0x100/0x190
[  116.940718][ T7359]  should_fail_ex.cold+0x5/0xa
[  116.940732][ T7359]  should_failslab+0xc2/0x120
[  116.940745][ T7359]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  116.940763][ T7359]  ? do_getname+0x35/0x390
[  116.940781][ T7359]  do_getname+0x35/0x390
[  116.940796][ T7359]  __ia32_sys_statx+0x1ad/0x1f0
[  116.940814][ T7359]  __do_fast_syscall_32+0xe3/0x8c0
[  116.940830][ T7359]  do_fast_syscall_32+0x32/0x70
[  116.940842][ T7359]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  116.940871][ T7359] RIP: 0023:0xf709ef6c
[  116.940880][ T7359] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  116.940892][ T7359] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 000000000000017f
[  116.940903][ T7359] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800021c0
[  116.940910][ T7359] RDX: 0000000000002900 RSI: 000000000000088c RDI: 0000000000000000
[  116.940916][ T7359] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  116.940922][ T7359] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  116.940929][ T7359] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  116.940942][ T7359]  </TASK>
[  117.119619][ T7363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.294'.
[  117.127214][ T7363] netlink: 72 bytes leftover after parsing attributes in process `syz.3.294'.
[  117.237346][ T7366] input: syz0 as /devices/virtual/input/input18
[  117.711516][ T7382] FAULT_INJECTION: forcing a failure.
[  117.711516][ T7382] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.720121][ T7382] CPU: 1 UID: 0 PID: 7382 Comm: syz.4.300 Not tainted syzkaller #0 PREEMPT(full) 
[  117.720139][ T7382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  117.720146][ T7382] Call Trace:
[  117.720150][ T7382]  <TASK>
[  117.720154][ T7382]  dump_stack_lvl+0x100/0x190
[  117.720176][ T7382]  should_fail_ex.cold+0x5/0xa
[  117.720190][ T7382]  _copy_from_user+0x2e/0xd0
[  117.720206][ T7382]  get_compat_msghdr+0xb3/0x4b0
[  117.720225][ T7382]  ? __pfx_get_compat_msghdr+0x10/0x10
[  117.720248][ T7382]  ___sys_sendmsg+0x1b6/0x1e0
[  117.720264][ T7382]  ? __pfx____sys_sendmsg+0x10/0x10
[  117.720294][ T7382]  __sys_sendmsg+0x170/0x220
[  117.720305][ T7382]  ? __pfx___sys_sendmsg+0x10/0x10
[  117.720320][ T7382]  ? __pfx_ksys_write+0x10/0x10
[  117.720335][ T7382]  __do_fast_syscall_32+0xe3/0x8c0
[  117.720350][ T7382]  do_fast_syscall_32+0x32/0x70
[  117.720363][ T7382]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  117.720377][ T7382] RIP: 0023:0xf7f45f6c
[  117.720387][ T7382] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  117.720398][ T7382] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  117.720410][ T7382] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  117.720417][ T7382] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  117.720423][ T7382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  117.720429][ T7382] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  117.720435][ T7382] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  117.720448][ T7382]  </TASK>
[  117.992283][ T7399] netdevsim netdevsim3: Direct firmware load for  failed with error -2
[  117.995421][ T7399] netdevsim netdevsim3: Falling back to sysfs fallback for: 
[  118.072033][ T7401] x_tables: duplicate underflow at hook 1
[  118.158790][ T7402] hub 8-0:1.0: USB hub found
[  118.162385][ T7402] hub 8-0:1.0: 1 port detected
[  118.670813][ T7405] tmpfs: Bad value for 'mpol'
[  118.680700][ T7405] input: syz0 as /devices/virtual/input/input19
[  119.240103][ T7419] FAULT_INJECTION: forcing a failure.
[  119.240103][ T7419] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.244779][ T7419] CPU: 2 UID: 0 PID: 7419 Comm: syz.3.308 Not tainted syzkaller #0 PREEMPT(full) 
[  119.244798][ T7419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  119.244805][ T7419] Call Trace:
[  119.244810][ T7419]  <TASK>
[  119.244817][ T7419]  dump_stack_lvl+0x100/0x190
[  119.244840][ T7419]  should_fail_ex.cold+0x5/0xa
[  119.244855][ T7419]  _copy_from_user+0x2e/0xd0
[  119.244871][ T7419]  __sys_bpf+0x243/0x4b90
[  119.244887][ T7419]  ? __pfx___sys_bpf+0x10/0x10
[  119.244900][ T7419]  ? proc_fail_nth_write+0x9f/0x220
[  119.244915][ T7419]  ? find_held_lock+0x2b/0x80
[  119.244930][ T7419]  ? find_held_lock+0x2b/0x80
[  119.244941][ T7419]  ? ksys_write+0x190/0x250
[  119.244955][ T7419]  ? __mutex_unlock_slowpath+0x15c/0x790
[  119.244976][ T7419]  ? fput+0x79/0x100
[  119.244990][ T7419]  ? ksys_write+0x1ac/0x250
[  119.245003][ T7419]  __ia32_sys_bpf+0x79/0xf0
[  119.245017][ T7419]  ? lockdep_hardirqs_on+0x78/0x100
[  119.245028][ T7419]  __do_fast_syscall_32+0xe3/0x8c0
[  119.245042][ T7419]  do_fast_syscall_32+0x32/0x70
[  119.245055][ T7419]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  119.245154][ T7419] RIP: 0023:0xf7fe4f6c
[  119.245166][ T7419] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  119.245177][ T7419] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  119.245189][ T7419] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[  119.245196][ T7419] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  119.245202][ T7419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  119.245208][ T7419] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  119.245214][ T7419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.245232][ T7419]  </TASK>
[  119.551003][  T133] usb 44-1: device descriptor read/8, error -110
[  119.951707][  T133] usb usb44-port1: attempt power cycle
[  119.978417][   T80] Bluetooth: hci4: Frame reassembly failed (-84)
[  119.982058][   T80] Bluetooth: hci4: Frame reassembly failed (-84)
[  120.101198][   T80] Bluetooth: hci4: Frame reassembly failed (-84)
[  120.473173][ T7446] netlink: 24 bytes leftover after parsing attributes in process `syz.0.314'.
[  120.511699][ T7438] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  120.514508][ T7438] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  120.531266][ T7438] vhci_hcd vhci_hcd.0: Device attached
[  120.594999][ T7451] x_tables: duplicate underflow at hook 1
[  120.612646][  T133] usb usb44-port1: unable to enumerate USB device
[  120.801075][ T5951] usb 38-1: SetAddress Request (6) to port 0
[  120.803215][ T5951] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd
[  120.805449][ T7452] hub 8-0:1.0: USB hub found
[  120.808974][ T7452] hub 8-0:1.0: 1 port detected
[  120.907289][ T7448] vhci_hcd: connection reset by peer
[  120.909887][   T80] vhci_hcd vhci_hcd.0: stop threads
[  120.911731][   T80] vhci_hcd vhci_hcd.0: release socket
[  120.913879][ T7459] tmpfs: Bad value for 'mpol'
[  120.915555][   T80] vhci_hcd vhci_hcd.0: disconnect device
[  120.925656][ T7455] input: syz0 as /devices/virtual/input/input20
[  121.535425][ T7466] FAULT_INJECTION: forcing a failure.
[  121.535425][ T7466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.540953][ T7466] CPU: 2 UID: 0 PID: 7466 Comm: syz.4.321 Not tainted syzkaller #0 PREEMPT(full) 
[  121.540985][ T7466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  121.540996][ T7466] Call Trace:
[  121.541005][ T7466]  <TASK>
[  121.541013][ T7466]  dump_stack_lvl+0x100/0x190
[  121.541047][ T7466]  should_fail_ex.cold+0x5/0xa
[  121.541069][ T7466]  _copy_from_user+0x2e/0xd0
[  121.541094][ T7466]  get_compat_msghdr+0xb3/0x4b0
[  121.541123][ T7466]  ? __pfx_get_compat_msghdr+0x10/0x10
[  121.541157][ T7466]  ___sys_sendmsg+0x1b6/0x1e0
[  121.541182][ T7466]  ? __pfx____sys_sendmsg+0x10/0x10
[  121.541229][ T7466]  __sys_sendmsg+0x170/0x220
[  121.541248][ T7466]  ? __pfx___sys_sendmsg+0x10/0x10
[  121.541273][ T7466]  ? __pfx_ksys_write+0x10/0x10
[  121.541296][ T7466]  __do_fast_syscall_32+0xe3/0x8c0
[  121.541321][ T7466]  do_fast_syscall_32+0x32/0x70
[  121.541341][ T7466]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  121.541363][ T7466] RIP: 0023:0xf7f45f6c
[  121.541380][ T7466] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  121.541395][ T7466] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  121.541413][ T7466] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  121.541423][ T7466] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  121.541432][ T7466] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  121.541441][ T7466] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  121.541451][ T7466] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  121.541474][ T7466]  </TASK>
[  122.001000][ T6026] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  122.021215][ T5952] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  122.153595][ T6026] usb 9-1: config index 0 descriptor too short (expected 39, got 27)
[  122.157161][ T6026] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  122.162313][ T6026] usb 9-1: config 0 interface 0 has no altsetting 0
[  122.167481][ T6026] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  122.171880][ T6026] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  122.175402][ T6026] usb 9-1: Product: syz
[  122.177412][ T6026] usb 9-1: Manufacturer: syz
[  122.179435][ T6026] usb 9-1: SerialNumber: syz
[  122.187911][ T6026] usb 9-1: config 0 descriptor??
[  122.192786][ T6026] hub 9-1:0.0: bad descriptor, ignoring hub
[  122.195419][ T6026] hub 9-1:0.0: probe with driver hub failed with error -5
[  122.203633][ T6026] usb 9-1: selecting invalid altsetting 0
[  122.627621][ T6026] usb 9-1: USB disconnect, device number 3
[  122.639049][ T7485] x_tables: duplicate underflow at hook 1
[  122.761039][ T7486] hub 8-0:1.0: USB hub found
[  122.764668][ T7486] hub 8-0:1.0: 1 port detected
[  122.981169][ T6026] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  123.141355][ T6026] usb 9-1: config index 0 descriptor too short (expected 39, got 27)
[  123.143880][ T6026] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  123.146747][ T6026] usb 9-1: config 0 interface 0 has no altsetting 0
[  123.153236][ T6026] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  123.155765][ T6026] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  123.158015][ T6026] usb 9-1: Product: syz
[  123.159332][ T6026] usb 9-1: Manufacturer: syz
[  123.160753][ T6026] usb 9-1: SerialNumber: syz
[  123.165143][ T6026] usb 9-1: config 0 descriptor??
[  123.171330][ T6026] hub 9-1:0.0: bad descriptor, ignoring hub
[  123.173412][ T6026] hub 9-1:0.0: probe with driver hub failed with error -5
[  123.177087][ T6026] usb 9-1: selecting invalid altsetting 0
[  123.343567][ T7488] x_tables: duplicate underflow at hook 1
[  123.373716][   T40] audit: type=1326 audit(1775429857.249:2959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  123.387693][   T40] audit: type=1326 audit(1775429857.249:2960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  123.396648][   T40] audit: type=1326 audit(1775429857.249:2961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  123.441086][   T40] audit: type=1326 audit(1775429857.249:2962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  123.458153][   T40] audit: type=1326 audit(1775429857.249:2963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  123.460222][ T7494] hub 8-0:1.0: USB hub found
[  123.468525][ T7494] hub 8-0:1.0: 1 port detected
[  123.478486][   T40] audit: type=1326 audit(1775429857.249:2964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  123.520166][   T40] audit: type=1326 audit(1775429857.249:2965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  123.529705][   T40] audit: type=1326 audit(1775429857.249:2966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  123.550172][   T40] audit: type=1326 audit(1775429857.249:2967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  123.557878][ T6023] usb 9-1: USB disconnect, device number 4
[  123.560455][   T40] audit: type=1326 audit(1775429857.249:2968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.5.328" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709ef6c code=0x7ffc0000
[  124.213798][ T7511] FAULT_INJECTION: forcing a failure.
[  124.213798][ T7511] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.219105][ T7511] CPU: 2 UID: 0 PID: 7511 Comm: syz.5.333 Not tainted syzkaller #0 PREEMPT(full) 
[  124.219134][ T7511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  124.219146][ T7511] Call Trace:
[  124.219153][ T7511]  <TASK>
[  124.219161][ T7511]  dump_stack_lvl+0x100/0x190
[  124.219198][ T7511]  should_fail_ex.cold+0x5/0xa
[  124.219221][ T7511]  _copy_from_user+0x2e/0xd0
[  124.219247][ T7511]  get_compat_msghdr+0xb3/0x4b0
[  124.219277][ T7511]  ? _parse_integer_limit+0x17f/0x1d0
[  124.219303][ T7511]  ? __pfx_get_compat_msghdr+0x10/0x10
[  124.219333][ T7511]  ? _kstrtoull+0x13c/0x1f0
[  124.219358][ T7511]  ? __pfx__kstrtoull+0x10/0x10
[  124.219390][ T7511]  ___sys_sendmsg+0x1b6/0x1e0
[  124.219418][ T7511]  ? __pfx____sys_sendmsg+0x10/0x10
[  124.219442][ T7511]  ? __lock_acquire+0x4a5/0x2630
[  124.219475][ T7511]  ? find_held_lock+0x2b/0x80
[  124.219507][ T7511]  __sys_sendmmsg+0x2ff/0x430
[  124.219528][ T7511]  ? __pfx___sys_sendmmsg+0x10/0x10
[  124.219552][ T7511]  ? __fget_files+0x215/0x3d0
[  124.219580][ T7511]  ? fput+0x79/0x100
[  124.219600][ T7511]  ? ksys_write+0x1ac/0x250
[  124.219616][ T7511]  ? __pfx_ksys_write+0x10/0x10
[  124.219635][ T7511]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  124.219663][ T7511]  ? lockdep_hardirqs_on+0x78/0x100
[  124.219682][ T7511]  __do_fast_syscall_32+0xe3/0x8c0
[  124.219705][ T7511]  do_fast_syscall_32+0x32/0x70
[  124.219724][ T7511]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  124.219747][ T7511] RIP: 0023:0xf709ef6c
[  124.219762][ T7511] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  124.219778][ T7511] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  124.219796][ T7511] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800002c0
[  124.219807][ T7511] RDX: 000000000000009f RSI: 0000000000000000 RDI: 0000000000000000
[  124.219817][ T7511] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  124.219827][ T7511] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  124.219837][ T7511] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  124.219860][ T7511]  </TASK>
[  124.434657][ T7516] can0: slcan on pty30.
[  124.707261][ T7517] can0 (unregistered): slcan off pty30.
[  124.964374][ T7541] netlink: 64 bytes leftover after parsing attributes in process `syz.4.340'.
[  124.967831][ T7541] netlink: 60 bytes leftover after parsing attributes in process `syz.4.340'.
[  124.985652][ T7541] loop7: detected capacity change from 0 to 7
[  125.024118][ T7541] Dev loop7: unable to read RDB block 7
[  125.026373][ T7541]  loop7: unable to read partition table
[  125.028694][ T7541] loop7: partition table beyond EOD, truncated
[  125.033568][ T7541] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  125.264747][ T7552] netlink: 'syz.0.343': attribute type 4 has an invalid length.
[  125.341954][ T7554] netlink: 36 bytes leftover after parsing attributes in process `syz.0.344'.
[  125.345108][ T7554] netlink: 5 bytes leftover after parsing attributes in process `syz.0.344'.
[  125.423171][ T7562] FAULT_INJECTION: forcing a failure.
[  125.423171][ T7562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.427215][ T7562] CPU: 2 UID: 0 PID: 7562 Comm: syz.4.345 Not tainted syzkaller #0 PREEMPT(full) 
[  125.427233][ T7562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  125.427241][ T7562] Call Trace:
[  125.427247][ T7562]  <TASK>
[  125.427253][ T7562]  dump_stack_lvl+0x100/0x190
[  125.427276][ T7562]  should_fail_ex.cold+0x5/0xa
[  125.427290][ T7562]  _copy_from_iter+0x1f4/0x1690
[  125.427313][ T7562]  ? __pfx__copy_from_iter+0x10/0x10
[  125.427328][ T7562]  ? __lock_acquire+0x4a5/0x2630
[  125.427350][ T7562]  ? __lock_acquire+0x4a5/0x2630
[  125.427368][ T7562]  default_write_copy+0x10e/0x1a0
[  125.427431][ T7562]  do_transfer+0x172/0x210
[  125.427444][ T7562]  ? __pfx_default_write_copy+0x10/0x10
[  125.427458][ T7562]  ? __pfx_do_transfer+0x10/0x10
[  125.427472][ T7562]  ? do_raw_spin_lock+0x128/0x260
[  125.427491][ T7562]  ? rcu_is_watching+0x12/0xc0
[  125.427510][ T7562]  ? interleaved_copy+0x2f/0x110
[  125.427521][ T7562]  ? __pfx_default_write_copy+0x10/0x10
[  125.427537][ T7562]  __snd_pcm_lib_xfer+0x100e/0x20a0
[  125.427556][ T7562]  ? __pfx_default_write_copy+0x10/0x10
[  125.427573][ T7562]  ? __pfx_interleaved_copy+0x10/0x10
[  125.427585][ T7562]  ? __pfx___snd_pcm_lib_xfer+0x10/0x10
[  125.427602][ T7562]  ? do_raw_spin_lock+0x128/0x260
[  125.427621][ T7562]  ? __up_read+0x2c5/0x700
[  125.427640][ T7562]  snd_pcm_oss_write3+0xd0/0x1d0
[  125.427659][ T7562]  snd_pcm_oss_write2+0x32b/0x400
[  125.427675][ T7562]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  125.427690][ T7562]  ? snd_pcm_kernel_ioctl+0x14a/0x2e0
[  125.427709][ T7562]  ? snd_pcm_oss_prepare+0x11e/0x240
[  125.427725][ T7562]  snd_pcm_oss_write+0x729/0xa30
[  125.427742][ T7562]  ? security_file_permission+0x76/0x210
[  125.427762][ T7562]  vfs_write+0x2aa/0x1070
[  125.427774][ T7562]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  125.427791][ T7562]  ? __pfx_vfs_write+0x10/0x10
[  125.427801][ T7562]  ? find_held_lock+0x2b/0x80
[  125.427812][ T7562]  ? __fget_files+0x215/0x3d0
[  125.427823][ T7562]  ? __fget_files+0x215/0x3d0
[  125.427836][ T7562]  ? __fget_files+0x21f/0x3d0
[  125.427851][ T7562]  ksys_write+0x12a/0x250
[  125.427862][ T7562]  ? __pfx_ksys_write+0x10/0x10
[  125.427873][ T7562]  ? __pfx_ksys_write+0x10/0x10
[  125.427886][ T7562]  __do_fast_syscall_32+0xe3/0x8c0
[  125.427902][ T7562]  do_fast_syscall_32+0x32/0x70
[  125.427915][ T7562]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  125.427930][ T7562] RIP: 0023:0xf7f45f6c
[  125.427941][ T7562] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  125.427952][ T7562] RSP: 002b:00000000f53e550c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  125.427964][ T7562] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080002200
[  125.427971][ T7562] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 0000000000000000
[  125.427977][ T7562] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  125.427984][ T7562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  125.427990][ T7562] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  125.428003][ T7562]  </TASK>
[  125.870986][ T5951] usb 38-1: device descriptor read/8, error -110
[  126.286698][ T5951] usb usb38-port1: attempt power cycle
[  126.851508][ T5951] usb usb38-port1: unable to enumerate USB device
[  127.049940][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  127.054835][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  127.057888][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  127.062055][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  127.065740][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  127.085816][ T5952] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  127.089225][ T5952] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  127.095274][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  127.101196][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  127.105006][ T5952] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  127.334273][ T7575] chnl_net:caif_netlink_parms(): no params data found
[  127.366046][ T1161] bridge_slave_1: left allmulticast mode
[  127.367885][ T1161] bridge_slave_1: left promiscuous mode
[  127.368057][ T1161] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.383935][ T1161] bridge_slave_0: left allmulticast mode
[  127.386047][ T1161] bridge_slave_0: left promiscuous mode
[  127.388394][ T1161] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.605470][ T1161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  127.610548][ T1161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  127.615229][ T1161] bond0 (unregistering): Released all slaves
[  127.697659][ T7575] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.701043][ T7575] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.704567][ T7575] bridge_slave_0: entered allmulticast mode
[  127.708778][ T7575] bridge_slave_0: entered promiscuous mode
[  127.714519][ T7575] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.718018][ T7575] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.721475][ T7575] bridge_slave_1: entered allmulticast mode
[  127.725758][ T7575] bridge_slave_1: entered promiscuous mode
[  127.746763][ T7575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.752189][ T7575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.767482][ T7575] team0: Port device team_slave_0 added
[  127.770700][ T7575] team0: Port device team_slave_1 added
[  127.788887][ T7575] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.791523][ T7575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  127.799445][ T7575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  127.804069][ T7575] batman_adv: batadv0: Adding interface: batadv_slave_1
[  127.806253][ T7575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  127.814446][ T7575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.837338][ T7575] hsr_slave_0: entered promiscuous mode
[  127.839651][ T7575] hsr_slave_1: entered promiscuous mode
[  127.842246][ T7575] debugfs: 'hsr0' already exists in 'hsr'
[  127.844185][ T7575] Cannot create hsr debugfs directory
[  127.978812][ T7575] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  127.985129][ T7575] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  127.990512][ T7575] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  127.998493][ T7575] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  128.097323][ T7575] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.123809][ T7575] 8021q: adding VLAN 0 to HW filter on device team0
[  128.133443][  T118] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.135763][  T118] bridge0: port 1(bridge_slave_0) entered forwarding state
[  128.146748][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.149043][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[  128.163749][ T1161] hsr_slave_0: left promiscuous mode
[  128.166091][ T1161] hsr_slave_1: left promiscuous mode
[  128.175602][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.191755][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_1
[  128.295252][ T1161] team0 (unregistering): Port device team_slave_1 removed
[  128.315413][ T1161] team0 (unregistering): Port device team_slave_0 removed
[  128.652836][ T7575] 8021q: adding VLAN 0 to HW filter on device batadv0
[  128.690257][ T7636] netlink: 104 bytes leftover after parsing attributes in process `syz.0.357'.
[  128.697098][ T7636] openvswitch: netlink: Flow key attr not present in new flow.
[  128.852516][ T7575] veth0_vlan: entered promiscuous mode
[  128.868278][ T7575] veth1_vlan: entered promiscuous mode
[  128.887729][ T7575] veth0_macvtap: entered promiscuous mode
[  128.892597][ T7575] veth1_macvtap: entered promiscuous mode
[  128.904771][ T7575] batman_adv: batadv0: Interface activated: batadv_slave_0
[  128.911401][ T7575] batman_adv: batadv0: Interface activated: batadv_slave_1
[  128.917630][   T43] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.920688][   T43] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.924664][   T43] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.927670][   T43] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.980660][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.985774][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.007523][  T267] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.010340][  T267] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.141324][   T63] Bluetooth: hci0: command tx timeout
[  129.356304][ T7654] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  129.358581][ T7654] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  129.362242][ T7654] vhci_hcd vhci_hcd.0: Device attached
[  129.373121][ T7657] FAULT_INJECTION: forcing a failure.
[  129.373121][ T7657] name failslab, interval 1, probability 0, space 0, times 0
[  129.377703][ T7657] CPU: 2 UID: 0 PID: 7657 Comm: syz.0.360 Not tainted syzkaller #0 PREEMPT(full) 
[  129.377721][ T7657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  129.377727][ T7657] Call Trace:
[  129.377732][ T7657]  <TASK>
[  129.377737][ T7657]  dump_stack_lvl+0x100/0x190
[  129.377759][ T7657]  should_fail_ex.cold+0x5/0xa
[  129.377773][ T7657]  ? tomoyo_realpath_from_path+0xb6/0x690
[  129.377790][ T7657]  should_failslab+0xc2/0x120
[  129.377803][ T7657]  __kmalloc_noprof+0xe0/0x850
[  129.377824][ T7657]  tomoyo_realpath_from_path+0xb6/0x690
[  129.377847][ T7657]  tomoyo_path_number_perm+0x23c/0x580
[  129.377865][ T7657]  ? tomoyo_path_number_perm+0x22e/0x580
[  129.377892][ T7657]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  129.377935][ T7657]  ? find_held_lock+0x2b/0x80
[  129.377951][ T7657]  ? hook_file_ioctl_common+0x146/0x410
[  129.377972][ T7657]  ? __fget_files+0x215/0x3d0
[  129.377993][ T7657]  ? __fget_files+0x21f/0x3d0
[  129.378015][ T7657]  security_file_ioctl_compat+0xd3/0x230
[  129.378041][ T7657]  __ia32_compat_sys_ioctl+0xc2/0x360
[  129.378073][ T7657]  __do_fast_syscall_32+0xe3/0x8c0
[  129.378098][ T7657]  do_fast_syscall_32+0x32/0x70
[  129.378119][ T7657]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.378141][ T7657] RIP: 0023:0xf708ef6c
[  129.378156][ T7657] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  129.378174][ T7657] RSP: 002b:00000000f545c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  129.378195][ T7657] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000005401
[  129.378207][ T7657] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  129.378217][ T7657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  129.378228][ T7657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  129.378239][ T7657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  129.378264][ T7657]  </TASK>
[  129.378271][ T7657] ERROR: Out of memory at tomoyo_realpath_from_path.
[  129.382983][ T7654] kAFS: unparsable volume name
[  129.561333][ T7658] random: crng reseeded on system resumption
[  129.616110][   T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.618649][   T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.701225][  T133] usb 46-1: SetAddress Request (2) to port 0
[  129.703946][  T133] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  130.008664][ T7655] vhci_hcd: connection reset by peer
[  130.012211][   T43] vhci_hcd vhci_hcd.4: stop threads
[  130.013874][   T43] vhci_hcd vhci_hcd.4: release socket
[  130.015696][   T43] vhci_hcd vhci_hcd.4: disconnect device
[  130.850709][ T7677] x_tables: duplicate underflow at hook 1
[  130.962647][ T7679] hub 8-0:1.0: USB hub found
[  130.965134][ T7679] hub 8-0:1.0: 1 port detected
[  131.230971][   T63] Bluetooth: hci0: command tx timeout
[  131.855105][ T7685] FAULT_INJECTION: forcing a failure.
[  131.855105][ T7685] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.860525][ T7685] CPU: 2 UID: 0 PID: 7685 Comm: syz.4.368 Not tainted syzkaller #0 PREEMPT(full) 
[  131.860551][ T7685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  131.860561][ T7685] Call Trace:
[  131.860568][ T7685]  <TASK>
[  131.860575][ T7685]  dump_stack_lvl+0x100/0x190
[  131.860608][ T7685]  should_fail_ex.cold+0x5/0xa
[  131.860629][ T7685]  _copy_from_user+0x2e/0xd0
[  131.860651][ T7685]  get_compat_msghdr+0xb3/0x4b0
[  131.860678][ T7685]  ? __pfx_get_compat_msghdr+0x10/0x10
[  131.860710][ T7685]  ___sys_sendmsg+0x1b6/0x1e0
[  131.860734][ T7685]  ? __pfx____sys_sendmsg+0x10/0x10
[  131.860782][ T7685]  __sys_sendmsg+0x170/0x220
[  131.860799][ T7685]  ? __pfx___sys_sendmsg+0x10/0x10
[  131.860822][ T7685]  ? __pfx_ksys_write+0x10/0x10
[  131.860844][ T7685]  __do_fast_syscall_32+0xe3/0x8c0
[  131.860891][ T7685]  do_fast_syscall_32+0x32/0x70
[  131.860909][ T7685]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  131.860929][ T7685] RIP: 0023:0xf7f45f6c
[  131.860943][ T7685] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  131.860958][ T7685] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  131.860975][ T7685] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000640
[  131.860985][ T7685] RDX: 0000000000040840 RSI: 0000000000000000 RDI: 0000000000000000
[  131.860994][ T7685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  131.861003][ T7685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  131.861012][ T7685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  131.861033][ T7685]  </TASK>
[  132.983148][ T7698] x_tables: duplicate underflow at hook 1
[  133.155036][ T7696] tmpfs: Bad value for 'mpol'
[  133.164189][ T7696] input: syz0 as /devices/virtual/input/input21
[  133.301029][   T63] Bluetooth: hci0: command tx timeout
[  133.657184][ T7701] hub 8-0:1.0: USB hub found
[  133.660830][ T7701] hub 8-0:1.0: 1 port detected
[  133.910111][ T7709] x_tables: duplicate underflow at hook 1
[  133.986550][ T7710] hub 8-0:1.0: USB hub found
[  133.989173][ T7710] hub 8-0:1.0: 1 port detected
[  134.769717][  T133] usb 46-1: device descriptor read/8, error -110
[  134.902248][ T7723] FAULT_INJECTION: forcing a failure.
[  134.902248][ T7723] name failslab, interval 1, probability 0, space 0, times 0
[  134.907703][ T7723] CPU: 2 UID: 0 PID: 7723 Comm: syz.3.377 Not tainted syzkaller #0 PREEMPT(full) 
[  134.907728][ T7723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  134.907739][ T7723] Call Trace:
[  134.907746][ T7723]  <TASK>
[  134.907753][ T7723]  dump_stack_lvl+0x100/0x190
[  134.907784][ T7723]  should_fail_ex.cold+0x5/0xa
[  134.907805][ T7723]  should_failslab+0xc2/0x120
[  134.907825][ T7723]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  134.907849][ T7723]  ? do_getname+0x35/0x390
[  134.907877][ T7723]  do_getname+0x35/0x390
[  134.907906][ T7723]  do_sys_openat2+0xc5/0x1e0
[  134.907929][ T7723]  ? __pfx_do_sys_openat2+0x10/0x10
[  134.907949][ T7723]  ? __fget_files+0x215/0x3d0
[  134.907970][ T7723]  ? __fget_files+0x21f/0x3d0
[  134.907989][ T7723]  __ia32_compat_sys_openat+0x12d/0x210
[  134.908013][ T7723]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  134.908038][ T7723]  ? __pfx_ksys_write+0x10/0x10
[  134.908059][ T7723]  __do_fast_syscall_32+0xe3/0x8c0
[  134.908082][ T7723]  do_fast_syscall_32+0x32/0x70
[  134.908102][ T7723]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.908124][ T7723] RIP: 0023:0xf7fe4f6c
[  134.908139][ T7723] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  134.908154][ T7723] RSP: 002b:00000000f548550c EFLAGS: 00000292 ORIG_RAX: 0000000000000127
[  134.908172][ T7723] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000000
[  134.908183][ T7723] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  134.908193][ T7723] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  134.908202][ T7723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  134.908212][ T7723] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.908234][ T7723]  </TASK>
[  135.119519][ T7732] tmpfs: Bad value for 'mpol'
[  135.128347][ T7732] input: syz0 as /devices/virtual/input/input22
[  135.182928][  T133] usb usb46-port1: attempt power cycle
[  135.380961][   T63] Bluetooth: hci0: command 0x0419 tx timeout
[  135.753487][  T133] usb usb46-port1: unable to enumerate USB device
[  135.841402][ T7748] tmpfs: Bad value for 'mpol'
[  135.935356][ T7748] input: syz0 as /devices/virtual/input/input23
[  135.956652][ T7747] x_tables: duplicate underflow at hook 1
[  136.101588][ T5951] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  136.103177][ T7752] hub 8-0:1.0: USB hub found
[  136.104029][ T5951] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  136.105792][ T7752] hub 8-0:1.0: 1 port detected
[  136.366389][ T7756] futex_wake_op: syz.6.384 tries to shift op by 144; fix this program
[  137.625347][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  137.627393][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  137.844533][ T7783] FAULT_INJECTION: forcing a failure.
[  137.844533][ T7783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.848912][ T7783] CPU: 1 UID: 0 PID: 7783 Comm: syz.4.392 Not tainted syzkaller #0 PREEMPT(full) 
[  137.848929][ T7783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  137.848940][ T7783] Call Trace:
[  137.848946][ T7783]  <TASK>
[  137.848952][ T7783]  dump_stack_lvl+0x100/0x190
[  137.848985][ T7783]  should_fail_ex.cold+0x5/0xa
[  137.849006][ T7783]  _copy_from_user+0x2e/0xd0
[  137.849032][ T7783]  get_compat_msghdr+0xb3/0x4b0
[  137.849064][ T7783]  ? __pfx_get_compat_msghdr+0x10/0x10
[  137.849100][ T7783]  ___sys_sendmsg+0x1b6/0x1e0
[  137.849126][ T7783]  ? __pfx____sys_sendmsg+0x10/0x10
[  137.849178][ T7783]  __sys_sendmsg+0x170/0x220
[  137.849196][ T7783]  ? __pfx___sys_sendmsg+0x10/0x10
[  137.849221][ T7783]  ? __pfx_ksys_write+0x10/0x10
[  137.849245][ T7783]  __do_fast_syscall_32+0xe3/0x8c0
[  137.849270][ T7783]  do_fast_syscall_32+0x32/0x70
[  137.849290][ T7783]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.849312][ T7783] RIP: 0023:0xf7f45f6c
[  137.849327][ T7783] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  137.849344][ T7783] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  137.849362][ T7783] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000800000c0
[  137.849374][ T7783] RDX: 00000000000000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  137.849384][ T7783] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  137.849394][ T7783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  137.849401][ T7783] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  137.849421][ T7783]  </TASK>
[  137.930555][   T40] kauditd_printk_skb: 309 callbacks suppressed
[  137.930576][   T40] audit: type=1326 audit(1775429871.859:3278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  137.943838][   T40] audit: type=1326 audit(1775429871.859:3279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  137.953229][   T40] audit: type=1326 audit(1775429871.859:3280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  137.983615][   T40] audit: type=1326 audit(1775429871.859:3281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  137.995978][   T40] audit: type=1326 audit(1775429871.859:3282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  138.006231][   T40] audit: type=1326 audit(1775429871.859:3283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  138.018686][   T40] audit: type=1326 audit(1775429871.859:3284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  138.028341][   T40] audit: type=1326 audit(1775429871.859:3285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  138.037080][   T40] audit: type=1326 audit(1775429871.869:3286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  138.049182][   T40] audit: type=1326 audit(1775429871.869:3287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.0.391" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf708ef6c code=0x7ffc0000
[  138.354681][ T7790] FAULT_INJECTION: forcing a failure.
[  138.354681][ T7790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.360341][ T7790] CPU: 3 UID: 0 PID: 7790 Comm: syz.4.394 Not tainted syzkaller #0 PREEMPT(full) 
[  138.360367][ T7790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  138.360378][ T7790] Call Trace:
[  138.360386][ T7790]  <TASK>
[  138.360394][ T7790]  dump_stack_lvl+0x100/0x190
[  138.360428][ T7790]  should_fail_ex.cold+0x5/0xa
[  138.360452][ T7790]  _copy_from_user+0x2e/0xd0
[  138.360477][ T7790]  get_compat_msghdr+0xb3/0x4b0
[  138.360508][ T7790]  ? __pfx_get_compat_msghdr+0x10/0x10
[  138.360544][ T7790]  ___sys_sendmsg+0x1b6/0x1e0
[  138.360570][ T7790]  ? __pfx____sys_sendmsg+0x10/0x10
[  138.360623][ T7790]  __sys_sendmsg+0x170/0x220
[  138.360642][ T7790]  ? __pfx___sys_sendmsg+0x10/0x10
[  138.360668][ T7790]  ? __pfx_ksys_write+0x10/0x10
[  138.360693][ T7790]  __do_fast_syscall_32+0xe3/0x8c0
[  138.360717][ T7790]  do_fast_syscall_32+0x32/0x70
[  138.360737][ T7790]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  138.360759][ T7790] RIP: 0023:0xf7f45f6c
[  138.360775][ T7790] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  138.360792][ T7790] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  138.360810][ T7790] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000500
[  138.360821][ T7790] RDX: 0000000000000804 RSI: 0000000000000000 RDI: 0000000000000000
[  138.360831][ T7790] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  138.360840][ T7790] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  138.360864][ T7790] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  138.360889][ T7790]  </TASK>
[  138.770421][ T7799] syzkaller1: entered promiscuous mode
[  138.773486][ T7799] syzkaller1: entered allmulticast mode
[  138.983067][ T7804] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.986610][ T7804] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.026278][ T7807] netlink: 8 bytes leftover after parsing attributes in process `syz.6.399'.
[  139.042861][ T7804] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.049772][ T7804] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.107948][ T7804] batman_adv: batadv0: Interface deactivated: gretap1
[  139.112412][   T13] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.115753][   T13] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.118876][   T13] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.124042][   T13] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.382480][ T7816] dlm: Unknown command passed to DLM device : 3
[  139.382480][ T7816] 
[  139.628420][ T7826] FAULT_INJECTION: forcing a failure.
[  139.628420][ T7826] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.634481][ T7826] CPU: 1 UID: 0 PID: 7826 Comm: syz.4.404 Not tainted syzkaller #0 PREEMPT(full) 
[  139.634532][ T7826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  139.634559][ T7826] Call Trace:
[  139.634565][ T7826]  <TASK>
[  139.634572][ T7826]  dump_stack_lvl+0x100/0x190
[  139.634607][ T7826]  should_fail_ex.cold+0x5/0xa
[  139.634629][ T7826]  _copy_from_user+0x2e/0xd0
[  139.634656][ T7826]  get_compat_msghdr+0xb3/0x4b0
[  139.634683][ T7826]  ? __pfx_get_compat_msghdr+0x10/0x10
[  139.634721][ T7826]  ___sys_sendmsg+0x1b6/0x1e0
[  139.634746][ T7826]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.634797][ T7826]  __sys_sendmsg+0x170/0x220
[  139.634815][ T7826]  ? __pfx___sys_sendmsg+0x10/0x10
[  139.634840][ T7826]  ? __pfx_ksys_write+0x10/0x10
[  139.634866][ T7826]  __do_fast_syscall_32+0xe3/0x8c0
[  139.634886][ T7826]  do_fast_syscall_32+0x32/0x70
[  139.634908][ T7826]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  139.634931][ T7826] RIP: 0023:0xf7f45f6c
[  139.634946][ T7826] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  139.634963][ T7826] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  139.634983][ T7826] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000500
[  139.634995][ T7826] RDX: 0000000000000804 RSI: 0000000000000000 RDI: 0000000000000000
[  139.635005][ T7826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  139.635013][ T7826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  139.635024][ T7826] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  139.635048][ T7826]  </TASK>
[  139.733989][ T7830] FAULT_INJECTION: forcing a failure.
[  139.733989][ T7830] name failslab, interval 1, probability 0, space 0, times 0
[  139.741221][ T7830] CPU: 2 UID: 0 PID: 7830 Comm: syz.3.405 Not tainted syzkaller #0 PREEMPT(full) 
[  139.741245][ T7830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  139.741256][ T7830] Call Trace:
[  139.741262][ T7830]  <TASK>
[  139.741268][ T7830]  dump_stack_lvl+0x100/0x190
[  139.741300][ T7830]  should_fail_ex.cold+0x5/0xa
[  139.741320][ T7830]  ? tomoyo_realpath_from_path+0xb6/0x690
[  139.741366][ T7830]  should_failslab+0xc2/0x120
[  139.741385][ T7830]  __kmalloc_noprof+0xe0/0x850
[  139.741415][ T7830]  tomoyo_realpath_from_path+0xb6/0x690
[  139.741444][ T7830]  tomoyo_path_number_perm+0x23c/0x580
[  139.741463][ T7830]  ? tomoyo_path_number_perm+0x22e/0x580
[  139.741484][ T7830]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  139.741526][ T7830]  ? find_held_lock+0x2b/0x80
[  139.741543][ T7830]  ? hook_file_ioctl_common+0x146/0x410
[  139.741563][ T7830]  ? __fget_files+0x215/0x3d0
[  139.741584][ T7830]  ? __fget_files+0x21f/0x3d0
[  139.741604][ T7830]  security_file_ioctl_compat+0xd3/0x230
[  139.741628][ T7830]  __ia32_compat_sys_ioctl+0xc2/0x360
[  139.741655][ T7830]  __do_fast_syscall_32+0xe3/0x8c0
[  139.741677][ T7830]  do_fast_syscall_32+0x32/0x70
[  139.741696][ T7830]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  139.741717][ T7830] RIP: 0023:0xf7fe4f6c
[  139.741730][ T7830] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  139.741746][ T7830] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  139.741763][ T7830] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000008914
[  139.741774][ T7830] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  139.741783][ T7830] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  139.741792][ T7830] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  139.741802][ T7830] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  139.741824][ T7830]  </TASK>
[  139.741885][ T7830] ERROR: Out of memory at tomoyo_realpath_from_path.
[  139.760819][ T7833] netlink: 20 bytes leftover after parsing attributes in process `syz.4.406'.
[  139.847349][ T7838] dlm: no locking on control device
[  139.849924][ T7837] netlink: 68 bytes leftover after parsing attributes in process `syz.0.407'.
[  139.852099][ T7833] netlink: 112 bytes leftover after parsing attributes in process `syz.4.406'.
[  140.039751][ T7846] tmpfs: Bad value for 'mpol'
[  140.043773][ T7846] input: syz0 as /devices/virtual/input/input24
[  140.359517][ T7864] netdevsim netdevsim6: Direct firmware load for  failed with error -2
[  140.363798][ T7864] netdevsim netdevsim6: Falling back to sysfs fallback for: 
[  140.993344][ T7872] capability: warning: `syz.4.416' uses 32-bit capabilities (legacy support in use)
[  141.024906][ T7874] FAULT_INJECTION: forcing a failure.
[  141.024906][ T7874] name failslab, interval 1, probability 0, space 0, times 0
[  141.029186][ T7874] CPU: 0 UID: 0 PID: 7874 Comm: syz.3.415 Not tainted syzkaller #0 PREEMPT(full) 
[  141.029209][ T7874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  141.029219][ T7874] Call Trace:
[  141.029225][ T7874]  <TASK>
[  141.029232][ T7874]  dump_stack_lvl+0x100/0x190
[  141.029262][ T7874]  should_fail_ex.cold+0x5/0xa
[  141.029282][ T7874]  should_failslab+0xc2/0x120
[  141.029300][ T7874]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  141.029326][ T7874]  ? do_getname+0x35/0x390
[  141.029348][ T7874]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  141.029373][ T7874]  do_getname+0x35/0x390
[  141.029397][ T7874]  user_path_at+0x26/0x60
[  141.029415][ T7874]  __ia32_sys_umount+0x109/0x190
[  141.029436][ T7874]  ? __pfx___ia32_sys_umount+0x10/0x10
[  141.029462][ T7874]  __do_fast_syscall_32+0xe3/0x8c0
[  141.029485][ T7874]  do_fast_syscall_32+0x32/0x70
[  141.029506][ T7874]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  141.029528][ T7874] RIP: 0023:0xf7fe4f6c
[  141.029544][ T7874] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  141.029561][ T7874] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000034
[  141.029579][ T7874] RAX: ffffffffffffffda RBX: 00000000800002c0 RCX: 000000000000000b
[  141.029590][ T7874] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  141.029599][ T7874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  141.029609][ T7874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  141.029618][ T7874] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  141.029641][ T7874]  </TASK>
[  141.160741][ T7881] netlink: 36 bytes leftover after parsing attributes in process `syz.6.418'.
[  141.209841][ T7887] netlink: 64 bytes leftover after parsing attributes in process `syz.6.419'.
[  141.214957][ T7887] netlink: 60 bytes leftover after parsing attributes in process `syz.6.419'.
[  141.221636][ T7887] loop7: detected capacity change from 0 to 7
[  141.350431][ T7896] netlink: 44 bytes leftover after parsing attributes in process `syz.0.417'.
[  141.353789][ T7896] bridge_slave_1: left allmulticast mode
[  141.355736][ T7896] bridge_slave_1: left promiscuous mode
[  141.357998][ T7896] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.363614][ T7887] Dev loop7: unable to read RDB block 7
[  141.365710][ T7887]  loop7: unable to read partition table
[  141.369216][ T7887] loop7: partition table beyond EOD, truncated
[  141.374331][ T7899] FAULT_INJECTION: forcing a failure.
[  141.374331][ T7899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.377957][ T7887] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  141.378786][ T7899] CPU: 3 UID: 0 PID: 7899 Comm: syz.3.420 Not tainted syzkaller #0 PREEMPT(full) 
[  141.378803][ T7899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  141.378810][ T7899] Call Trace:
[  141.378815][ T7899]  <TASK>
[  141.378820][ T7899]  dump_stack_lvl+0x100/0x190
[  141.378844][ T7899]  should_fail_ex.cold+0x5/0xa
[  141.378858][ T7899]  _copy_from_user+0x2e/0xd0
[  141.378874][ T7899]  get_compat_msghdr+0xb3/0x4b0
[  141.378893][ T7899]  ? __pfx_get_compat_msghdr+0x10/0x10
[  141.378917][ T7899]  ___sys_sendmsg+0x1b6/0x1e0
[  141.378934][ T7899]  ? __pfx____sys_sendmsg+0x10/0x10
[  141.378964][ T7899]  __sys_sendmsg+0x170/0x220
[  141.378977][ T7899]  ? __pfx___sys_sendmsg+0x10/0x10
[  141.378992][ T7899]  ? __pfx_ksys_write+0x10/0x10
[  141.379007][ T7899]  __do_fast_syscall_32+0xe3/0x8c0
[  141.379022][ T7899]  do_fast_syscall_32+0x32/0x70
[  141.379036][ T7899]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  141.379050][ T7899] RIP: 0023:0xf7fe4f6c
[  141.379061][ T7899] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  141.379072][ T7899] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  141.379084][ T7899] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000f00
[  141.379091][ T7899] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  141.379097][ T7899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  141.379104][ T7899] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  141.379114][ T7899] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  141.379128][ T7899]  </TASK>
[  141.383872][ T7896] bridge_slave_0: left allmulticast mode
[  141.383928][ T7896] bridge_slave_0: left promiscuous mode
[  141.384077][ T7896] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.933413][ T7917] syzkaller1: entered promiscuous mode
[  141.935371][ T7917] syzkaller1: entered allmulticast mode
[  142.813025][ T7928] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6)
[  142.815140][ T7928] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  142.819247][ T7928] vhci_hcd vhci_hcd.0: Device attached
[  142.925943][ T7932] random: crng reseeded on system resumption
[  143.111398][ T6025] usb 50-1: SetAddress Request (2) to port 0
[  143.116891][ T6025] usb 50-1: new SuperSpeed USB device number 2 using vhci_hcd
[  143.140645][ T7939] FAULT_INJECTION: forcing a failure.
[  143.140645][ T7939] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.144855][ T7939] CPU: 2 UID: 0 PID: 7939 Comm: syz.4.434 Not tainted syzkaller #0 PREEMPT(full) 
[  143.144871][ T7939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  143.144879][ T7939] Call Trace:
[  143.144883][ T7939]  <TASK>
[  143.144889][ T7939]  dump_stack_lvl+0x100/0x190
[  143.144910][ T7939]  should_fail_ex.cold+0x5/0xa
[  143.144924][ T7939]  _copy_from_user+0x2e/0xd0
[  143.144940][ T7939]  get_compat_msghdr+0xb3/0x4b0
[  143.144959][ T7939]  ? __pfx_get_compat_msghdr+0x10/0x10
[  143.144982][ T7939]  ___sys_sendmsg+0x1b6/0x1e0
[  143.144998][ T7939]  ? __pfx____sys_sendmsg+0x10/0x10
[  143.145028][ T7939]  __sys_sendmsg+0x170/0x220
[  143.145040][ T7939]  ? __pfx___sys_sendmsg+0x10/0x10
[  143.145055][ T7939]  ? __pfx_ksys_write+0x10/0x10
[  143.145070][ T7939]  __do_fast_syscall_32+0xe3/0x8c0
[  143.145085][ T7939]  do_fast_syscall_32+0x32/0x70
[  143.145098][ T7939]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  143.145113][ T7939] RIP: 0023:0xf7f45f6c
[  143.145122][ T7939] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  143.145133][ T7939] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  143.145144][ T7939] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  143.145151][ T7939] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[  143.145158][ T7939] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  143.145164][ T7939] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  143.145170][ T7939] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  143.145183][ T7939]  </TASK>
[  143.310095][ T7944] x_tables: duplicate underflow at hook 1
[  143.389624][ T7945] hub 8-0:1.0: USB hub found
[  143.391933][ T7945] hub 8-0:1.0: 1 port detected
[  144.051890][ T7929] vhci_hcd: connection reset by peer
[  144.057971][ T1161] vhci_hcd vhci_hcd.6: stop threads
[  144.061495][ T1161] vhci_hcd vhci_hcd.6: release socket
[  144.064754][ T1161] vhci_hcd vhci_hcd.6: disconnect device
[  144.154757][ T7951] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.332571][ T7951] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.458753][ T7951] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.745067][ T7951] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.775655][ T7958] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  144.800068][ T7958] syzkaller0: entered promiscuous mode
[  144.802589][ T7958] syzkaller0: entered allmulticast mode
[  144.881791][ T1173] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.020495][   T43] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.036315][  T118] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.044541][  T118] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.422086][ T7970] netdevsim netdevsim3: Direct firmware load for  failed with error -2
[  146.425855][ T7970] netdevsim netdevsim3: Falling back to sysfs fallback for: 
[  146.539783][ T7968] ip6erspan0: entered allmulticast mode
[  147.639696][ T7992] netlink: 4 bytes leftover after parsing attributes in process `syz.3.448'.
[  147.706394][ T7994] FAULT_INJECTION: forcing a failure.
[  147.706394][ T7994] name failslab, interval 1, probability 0, space 0, times 0
[  147.711500][ T7994] CPU: 3 UID: 0 PID: 7994 Comm: syz.6.449 Not tainted syzkaller #0 PREEMPT(full) 
[  147.711527][ T7994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  147.711537][ T7994] Call Trace:
[  147.711545][ T7994]  <TASK>
[  147.711553][ T7994]  dump_stack_lvl+0x100/0x190
[  147.711586][ T7994]  should_fail_ex.cold+0x5/0xa
[  147.711608][ T7994]  should_failslab+0xc2/0x120
[  147.711629][ T7994]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  147.711656][ T7994]  ? do_getname+0x35/0x390
[  147.711682][ T7994]  do_getname+0x35/0x390
[  147.711707][ T7994]  __ia32_compat_sys_execveat+0xc4/0x130
[  147.711727][ T7994]  __do_fast_syscall_32+0xe3/0x8c0
[  147.711751][ T7994]  do_fast_syscall_32+0x32/0x70
[  147.711770][ T7994]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.711792][ T7994] RIP: 0023:0xf703ef6c
[  147.711810][ T7994] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  147.711832][ T7994] RSP: 002b:00000000f53eb50c EFLAGS: 00000292 ORIG_RAX: 0000000000000166
[  147.711850][ T7994] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080001400
[  147.711861][ T7994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  147.711870][ T7994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.711880][ T7994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.711889][ T7994] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.711912][ T7994]  </TASK>
[  147.923310][   T40] kauditd_printk_skb: 56 callbacks suppressed
[  147.923323][   T40] audit: type=1326 audit(1775954169.881:3344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  147.935573][   T40] audit: type=1326 audit(1775954169.881:3345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  147.944800][   T40] audit: type=1326 audit(1775954169.881:3346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  147.953983][   T40] audit: type=1326 audit(1775954169.881:3347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  147.962409][   T40] audit: type=1326 audit(1775954169.891:3348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  147.982418][   T40] audit: type=1326 audit(1775954169.891:3349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  147.989520][   T40] audit: type=1326 audit(1775954169.891:3350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  147.996718][   T40] audit: type=1326 audit(1775954169.891:3351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  148.004397][   T40] audit: type=1326 audit(1775954169.891:3352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  148.013164][   T40] audit: type=1326 audit(1775954169.891:3353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.6.450" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  148.152926][ T6025] usb 50-1: device descriptor read/8, error -110
[  148.461995][ T8010] FAULT_INJECTION: forcing a failure.
[  148.461995][ T8010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.471071][ T8010] CPU: 3 UID: 0 PID: 8010 Comm: syz.3.454 Not tainted syzkaller #0 PREEMPT(full) 
[  148.471098][ T8010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  148.471108][ T8010] Call Trace:
[  148.471117][ T8010]  <TASK>
[  148.471124][ T8010]  dump_stack_lvl+0x100/0x190
[  148.471156][ T8010]  should_fail_ex.cold+0x5/0xa
[  148.471176][ T8010]  _copy_from_user+0x2e/0xd0
[  148.471199][ T8010]  get_compat_msghdr+0xb3/0x4b0
[  148.471245][ T8010]  ? __pfx_get_compat_msghdr+0x10/0x10
[  148.471278][ T8010]  ___sys_sendmsg+0x1b6/0x1e0
[  148.471303][ T8010]  ? __pfx____sys_sendmsg+0x10/0x10
[  148.471354][ T8010]  __sys_sendmsg+0x170/0x220
[  148.471371][ T8010]  ? __pfx___sys_sendmsg+0x10/0x10
[  148.471395][ T8010]  ? __pfx_ksys_write+0x10/0x10
[  148.471417][ T8010]  __do_fast_syscall_32+0xe3/0x8c0
[  148.471440][ T8010]  do_fast_syscall_32+0x32/0x70
[  148.471459][ T8010]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.471480][ T8010] RIP: 0023:0xf7fe4f6c
[  148.471495][ T8010] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  148.471511][ T8010] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  148.471529][ T8010] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000340
[  148.471539][ T8010] RDX: 0000000000008002 RSI: 0000000000000000 RDI: 0000000000000000
[  148.471549][ T8010] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  148.471558][ T8010] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  148.471567][ T8010] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  148.471589][ T8010]  </TASK>
[  148.617040][ T6025] usb usb50-port1: attempt power cycle
[  148.745639][ T8023] netlink: 36 bytes leftover after parsing attributes in process `syz.6.459'.
[  148.749029][ T8023] netlink: 16 bytes leftover after parsing attributes in process `syz.6.459'.
[  148.762848][ T8024] tmpfs: Bad value for 'mpol'
[  148.768244][ T8024] input: syz0 as /devices/virtual/input/input25
[  148.811664][ T8028] netlink: 64 bytes leftover after parsing attributes in process `syz.6.460'.
[  148.815648][ T8028] netlink: 60 bytes leftover after parsing attributes in process `syz.6.460'.
[  148.831396][ T8028] loop7: detected capacity change from 0 to 7
[  148.859562][ T8028] Dev loop7: unable to read RDB block 7
[  148.862413][ T8028]  loop7: unable to read partition table
[  148.868899][ T8028] loop7: partition table beyond EOD, truncated
[  148.872439][ T8028] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  149.197321][ T8032] netlink: 64 bytes leftover after parsing attributes in process `syz.6.461'.
[  149.200459][ T8032] netlink: 60 bytes leftover after parsing attributes in process `syz.6.461'.
[  149.206916][ T8032] loop7: detected capacity change from 0 to 7
[  149.226179][ T7492] Dev loop7: unable to read RDB block 7
[  149.226372][ T6025] usb usb50-port1: unable to enumerate USB device
[  149.228203][ T7492]  loop7: unable to read partition table
[  149.233380][ T7492] loop7: partition table beyond EOD, truncated
[  149.289580][ T8032] Dev loop7: unable to read RDB block 7
[  149.291671][ T8032]  loop7: unable to read partition table
[  149.294735][ T8032] loop7: partition table beyond EOD, truncated
[  149.297519][ T8032] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  149.774007][ T8048] tipc: Started in network mode
[  149.776224][ T8048] tipc: Node identity 46b289a55cc6, cluster identity 4711
[  149.779559][ T8048] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  149.789355][ T8048] syzkaller0: entered promiscuous mode
[  149.791871][ T8048] syzkaller0: entered allmulticast mode
[  149.823805][ T8048] tipc: Resetting bearer <eth:syzkaller0>
[  149.834008][ T8047] tipc: Resetting bearer <eth:syzkaller0>
[  149.851392][ T8047] tipc: Disabling bearer <eth:syzkaller0>
[  150.537022][   T43] Bluetooth: hci4: Frame reassembly failed (-84)
[  150.714696][ T8066] netlink: 216 bytes leftover after parsing attributes in process `syz.0.470'.
[  150.718707][ T8066] tc_dump_action: action bad kind
[  151.119636][ T8070] netdevsim netdevsim3: Direct firmware load for  failed with error -2
[  151.125790][ T8070] netdevsim netdevsim3: Falling back to sysfs fallback for: 
[  152.074060][ T8081] netlink: 41 bytes leftover after parsing attributes in process `syz.3.475'.
[  152.078009][ T8081] netlink: 116 bytes leftover after parsing attributes in process `syz.3.475'.
[  152.300321][ T8086] netdevsim netdevsim3: Direct firmware load for  failed with error -2
[  152.303509][ T8086] netdevsim netdevsim3: Falling back to sysfs fallback for: 
[  152.442436][ T5952] Bluetooth: hci4: command 0x1003 tx timeout
[  152.442742][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  153.041592][ T5952] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  153.045056][ T5952] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  153.048131][ T5952] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  153.052898][ T5952] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  153.056026][ T5952] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  153.064976][   T63] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  153.068550][   T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  153.071926][   T63] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  153.075580][   T63] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  153.078657][   T63] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  153.208792][   T40] kauditd_printk_skb: 45 callbacks suppressed
[  153.208812][   T40] audit: type=1326 audit(1775954175.218:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.228826][   T40] audit: type=1326 audit(1775954175.238:3400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.244125][   T40] audit: type=1326 audit(1775954175.248:3401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.257783][   T40] audit: type=1326 audit(1775954175.248:3402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.267925][   T40] audit: type=1326 audit(1775954175.248:3403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.286793][   T40] audit: type=1326 audit(1775954175.248:3404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.295770][   T40] audit: type=1326 audit(1775954175.289:3405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.311222][   T40] audit: type=1326 audit(1775954175.289:3406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.347291][ T8090] chnl_net:caif_netlink_parms(): no params data found
[  153.351003][   T40] audit: type=1326 audit(1775954175.359:3407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.365131][   T40] audit: type=1326 audit(1775954175.369:3408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8091 comm="syz.6.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[  153.616373][   T61] batman_adv: batadv0: Removing interface: gretap1
[  153.650115][ T8090] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.652963][ T8090] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.660145][ T8090] bridge_slave_0: entered allmulticast mode
[  153.663403][ T8090] bridge_slave_0: entered promiscuous mode
[  153.667491][ T8090] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.670319][ T8090] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.673291][ T8090] bridge_slave_1: entered allmulticast mode
[  153.678846][ T8090] bridge_slave_1: entered promiscuous mode
[  153.698024][ T8090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  153.703330][ T8090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  153.712810][   T61] tipc: Left network mode
[  153.730536][ T8090] team0: Port device team_slave_0 added
[  153.734489][ T8090] team0: Port device team_slave_1 added
[  153.764784][ T8090] batman_adv: batadv0: Adding interface: batadv_slave_0
[  153.767562][ T8090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  153.783656][ T8090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  153.794901][ T8090] batman_adv: batadv0: Adding interface: batadv_slave_1
[  153.800089][ T8090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  153.808260][ T8090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  153.845042][ T8119] __nla_validate_parse: 1 callbacks suppressed
[  153.845062][ T8119] netlink: 64 bytes leftover after parsing attributes in process `syz.4.485'.
[  153.850666][ T8119] netlink: 60 bytes leftover after parsing attributes in process `syz.4.485'.
[  153.854852][ T8119] loop7: detected capacity change from 0 to 7
[  153.867803][ T8090] hsr_slave_0: entered promiscuous mode
[  153.870514][ T8090] hsr_slave_1: entered promiscuous mode
[  153.879237][ T7492] Dev loop7: unable to read RDB block 7
[  153.881611][ T7492]  loop7: unable to read partition table
[  153.884780][ T7492] loop7: partition table beyond EOD, truncated
[  153.919901][ T8119] Dev loop7: unable to read RDB block 7
[  153.920592][ T8123] FAULT_INJECTION: forcing a failure.
[  153.920592][ T8123] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.922339][ T8119]  loop7: unable to read partition table
[  153.929963][ T8119] loop7: partition table beyond EOD, truncated
[  153.932465][ T8123] CPU: 1 UID: 0 PID: 8123 Comm: syz.6.486 Not tainted syzkaller #0 PREEMPT(full) 
[  153.932482][ T8123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  153.932489][ T8123] Call Trace:
[  153.932493][ T8123]  <TASK>
[  153.932498][ T8123]  dump_stack_lvl+0x100/0x190
[  153.932533][ T8123]  should_fail_ex.cold+0x5/0xa
[  153.932547][ T8123]  _copy_from_user+0x2e/0xd0
[  153.932563][ T8123]  get_compat_msghdr+0xb3/0x4b0
[  153.932582][ T8123]  ? __pfx_get_compat_msghdr+0x10/0x10
[  153.932605][ T8123]  ___sys_sendmsg+0x1b6/0x1e0
[  153.932621][ T8123]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.932652][ T8123]  __sys_sendmsg+0x170/0x220
[  153.932663][ T8123]  ? __pfx___sys_sendmsg+0x10/0x10
[  153.932679][ T8123]  ? __pfx_ksys_write+0x10/0x10
[  153.932693][ T8123]  __do_fast_syscall_32+0xe3/0x8c0
[  153.932709][ T8123]  do_fast_syscall_32+0x32/0x70
[  153.932722][ T8123]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.932736][ T8123] RIP: 0023:0xf703ef6c
[  153.932745][ T8123] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  153.932757][ T8123] RSP: 002b:00000000f542d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  153.932769][ T8123] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009b40
[  153.932775][ T8123] RDX: 0000000024000840 RSI: 0000000000000000 RDI: 0000000000000000
[  153.932782][ T8123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.932788][ T8123] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  153.932794][ T8123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.932808][ T8123]  </TASK>
[  153.993083][ T8119] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  154.016076][   T61] hsr_slave_0: left promiscuous mode
[  154.018916][   T61] hsr_slave_1: left promiscuous mode
[  154.022168][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  154.026001][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  154.203141][   T61] team0 (unregistering): Port device team_slave_1 removed
[  154.210608][   T61] team0 (unregistering): Port device team_slave_0 removed
[  154.409694][ T8146] FAULT_INJECTION: forcing a failure.
[  154.409694][ T8146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.423967][ T8146] CPU: 0 UID: 0 PID: 8146 Comm: syz.4.492 Not tainted syzkaller #0 PREEMPT(full) 
[  154.423994][ T8146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  154.424004][ T8146] Call Trace:
[  154.424010][ T8146]  <TASK>
[  154.424017][ T8146]  dump_stack_lvl+0x100/0x190
[  154.424049][ T8146]  should_fail_ex.cold+0x5/0xa
[  154.424069][ T8146]  _copy_from_user+0x2e/0xd0
[  154.424092][ T8146]  get_compat_msghdr+0xb3/0x4b0
[  154.424124][ T8146]  ? __pfx_get_compat_msghdr+0x10/0x10
[  154.424155][ T8146]  ___sys_sendmsg+0x1b6/0x1e0
[  154.424179][ T8146]  ? __pfx____sys_sendmsg+0x10/0x10
[  154.424225][ T8146]  __sys_sendmsg+0x170/0x220
[  154.424242][ T8146]  ? __pfx___sys_sendmsg+0x10/0x10
[  154.424264][ T8146]  ? __pfx_ksys_write+0x10/0x10
[  154.424286][ T8146]  __do_fast_syscall_32+0xe3/0x8c0
[  154.424308][ T8146]  do_fast_syscall_32+0x32/0x70
[  154.424325][ T8146]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  154.424345][ T8146] RIP: 0023:0xf7f45f6c
[  154.424359][ T8146] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  154.424374][ T8146] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  154.424391][ T8146] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  154.424402][ T8146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  154.424411][ T8146] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  154.424420][ T8146] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  154.424429][ T8146] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  154.424450][ T8146]  </TASK>
[  154.523189][ T8090] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  154.534734][ T8090] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  154.537703][ T8155] netlink: 64 bytes leftover after parsing attributes in process `syz.4.494'.
[  154.541852][ T8155] netlink: 60 bytes leftover after parsing attributes in process `syz.4.494'.
[  154.546862][ T8155] loop7: detected capacity change from 0 to 7
[  154.578335][ T8090] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  154.596188][ T8090] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  154.612800][ T8155] Dev loop7: unable to read RDB block 7
[  154.614652][ T8155]  loop7: unable to read partition table
[  154.616719][ T8155] loop7: partition table beyond EOD, truncated
[  154.640160][ T8155] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  154.788953][ T8090] 8021q: adding VLAN 0 to HW filter on device bond0
[  154.799252][ T8090] 8021q: adding VLAN 0 to HW filter on device team0
[  154.812428][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.815952][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.833178][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.836819][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.895569][ T8090] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  154.910986][   T61] IPVS: stop unused estimator thread 0...
[  155.026817][ T8090] 8021q: adding VLAN 0 to HW filter on device batadv0
[  155.144610][   T63] Bluetooth: hci3: command tx timeout
[  155.152350][ T8190] FAULT_INJECTION: forcing a failure.
[  155.152350][ T8190] name failslab, interval 1, probability 0, space 0, times 0
[  155.159371][ T8190] CPU: 1 UID: 0 PID: 8190 Comm: syz.4.498 Not tainted syzkaller #0 PREEMPT(full) 
[  155.159397][ T8190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  155.159409][ T8190] Call Trace:
[  155.159415][ T8190]  <TASK>
[  155.159422][ T8190]  dump_stack_lvl+0x100/0x190
[  155.159456][ T8190]  should_fail_ex.cold+0x5/0xa
[  155.159476][ T8190]  should_failslab+0xc2/0x120
[  155.159494][ T8190]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  155.159521][ T8190]  ? do_getname+0x35/0x390
[  155.159549][ T8190]  do_getname+0x35/0x390
[  155.159575][ T8190]  __ia32_sys_rename+0x56/0xb0
[  155.159597][ T8190]  __do_fast_syscall_32+0xe3/0x8c0
[  155.159622][ T8190]  do_fast_syscall_32+0x32/0x70
[  155.159641][ T8190]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.159664][ T8190] RIP: 0023:0xf7f45f6c
[  155.159679][ T8190] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  155.159696][ T8190] RSP: 002b:00000000f53e550c EFLAGS: 00000292 ORIG_RAX: 0000000000000026
[  155.159717][ T8190] RAX: ffffffffffffffda RBX: 0000000080000180 RCX: 0000000080000440
[  155.159729][ T8190] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  155.159738][ T8190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.159749][ T8190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.159759][ T8190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.159780][ T8190]  </TASK>
[  155.221043][ T8193] netlink: 64 bytes leftover after parsing attributes in process `syz.3.497'.
[  155.229964][ T8193] netlink: 60 bytes leftover after parsing attributes in process `syz.3.497'.
[  155.237522][ T8193] loop7: detected capacity change from 0 to 7
[  155.265820][ T7492] Dev loop7: unable to read RDB block 7
[  155.268282][ T7492]  loop7: unable to read partition table
[  155.270502][ T7492] loop7: partition table beyond EOD, truncated
[  155.301983][ T8193] Dev loop7: unable to read RDB block 7
[  155.305656][ T8193]  loop7: unable to read partition table
[  155.307678][ T8193] loop7: partition table beyond EOD, truncated
[  155.309691][ T8193] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  155.379569][ T8090] veth0_vlan: entered promiscuous mode
[  155.394771][ T8090] veth1_vlan: entered promiscuous mode
[  155.416298][ T8090] veth0_macvtap: entered promiscuous mode
[  155.420704][ T8090] veth1_macvtap: entered promiscuous mode
[  155.431938][ T8090] batman_adv: batadv0: Interface activated: batadv_slave_0
[  155.439013][ T8090] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.455834][   T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.458752][   T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.463370][   T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.467286][   T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.550605][  T267] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.556727][  T267] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.573143][  T267] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.575678][  T267] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.903285][ T6024] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  156.982962][  T133] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  157.064513][ T6024] usb 12-1: unable to read config index 0 descriptor/start: -61
[  157.067201][ T6024] usb 12-1: can't read configurations, error -61
[  157.083078][ T8237] FAULT_INJECTION: forcing a failure.
[  157.083078][ T8237] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.087438][ T8237] CPU: 0 UID: 0 PID: 8237 Comm: syz.6.509 Not tainted syzkaller #0 PREEMPT(full) 
[  157.087454][ T8237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  157.087461][ T8237] Call Trace:
[  157.087466][ T8237]  <TASK>
[  157.087471][ T8237]  dump_stack_lvl+0x100/0x190
[  157.087494][ T8237]  should_fail_ex.cold+0x5/0xa
[  157.087508][ T8237]  _copy_from_user+0x2e/0xd0
[  157.087524][ T8237]  get_compat_msghdr+0xb3/0x4b0
[  157.087543][ T8237]  ? _parse_integer_limit+0x17f/0x1d0
[  157.087562][ T8237]  ? __pfx_get_compat_msghdr+0x10/0x10
[  157.087581][ T8237]  ? _kstrtoull+0x13c/0x1f0
[  157.087598][ T8237]  ? __pfx__kstrtoull+0x10/0x10
[  157.087617][ T8237]  ___sys_sendmsg+0x1b6/0x1e0
[  157.087634][ T8237]  ? __pfx____sys_sendmsg+0x10/0x10
[  157.087649][ T8237]  ? __lock_acquire+0x4a5/0x2630
[  157.087670][ T8237]  ? find_held_lock+0x2b/0x80
[  157.087689][ T8237]  __sys_sendmmsg+0x2ff/0x430
[  157.087703][ T8237]  ? __pfx___sys_sendmmsg+0x10/0x10
[  157.087719][ T8237]  ? __fget_files+0x215/0x3d0
[  157.087737][ T8237]  ? fput+0x79/0x100
[  157.087750][ T8237]  ? ksys_write+0x1ac/0x250
[  157.087762][ T8237]  ? __pfx_ksys_write+0x10/0x10
[  157.087774][ T8237]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  157.087793][ T8237]  ? lockdep_hardirqs_on+0x78/0x100
[  157.087806][ T8237]  __do_fast_syscall_32+0xe3/0x8c0
[  157.087821][ T8237]  do_fast_syscall_32+0x32/0x70
[  157.087834][ T8237]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.087850][ T8237] RIP: 0023:0xf703ef6c
[  157.087860][ T8237] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  157.087872][ T8237] RSP: 002b:00000000f542d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  157.087884][ T8237] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  157.087891][ T8237] RDX: 0000000004924b68 RSI: 0000000000000000 RDI: 0000000000000000
[  157.087897][ T8237] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  157.087904][ T8237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  157.087910][ T8237] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.087924][ T8237]  </TASK>
[  157.172991][  T133] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  157.176747][  T133] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  157.180720][  T133] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  157.184680][  T133] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.190460][  T133] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  157.194215][  T133] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  157.197485][  T133] usb 9-1: Product: syz
[  157.198892][  T133] usb 9-1: Manufacturer: syz
[  157.202387][   T63] Bluetooth: hci3: command tx timeout
[  157.204651][  T133] cdc_wdm 9-1:1.0: skipping garbage
[  157.206349][  T133] cdc_wdm 9-1:1.0: skipping garbage
[  157.210186][  T133] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  157.212654][ T6024] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  157.215485][  T133] cdc_wdm 9-1:1.0: Unknown control protocol
[  157.279497][ T8239] netlink: 64 bytes leftover after parsing attributes in process `syz.6.510'.
[  157.282385][ T8239] netlink: 60 bytes leftover after parsing attributes in process `syz.6.510'.
[  157.286727][ T8239] loop7: detected capacity change from 0 to 7
[  157.306762][ T8239] Dev loop7: unable to read RDB block 7
[  157.308620][ T8239]  loop7: unable to read partition table
[  157.311169][ T8239] loop7: partition table beyond EOD, truncated
[  157.313391][ T8239] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  157.385726][ T6024] usb 12-1: unable to read config index 0 descriptor/start: -61
[  157.389216][ T6024] usb 12-1: can't read configurations, error -61
[  157.393195][ T6024] usb usb12-port1: attempt power cycle
[  157.405797][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.408986][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.411988][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.414912][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.417693][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.420519][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.423812][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.426850][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.429639][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.431764][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.433905][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.436105][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.438181][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.440263][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.442518][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.444803][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.447201][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.449515][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.452721][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  157.454826][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  157.459716][  T133] usb 9-1: USB disconnect, device number 5
[  157.461914][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  157.738015][ T6024] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  157.760024][ T6024] usb 12-1: unable to read config index 0 descriptor/start: -61
[  157.762487][ T6024] usb 12-1: can't read configurations, error -61
[  157.897442][ T6024] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  157.939799][ T6024] usb 12-1: unable to read config index 0 descriptor/start: -61
[  157.944061][ T6024] usb 12-1: can't read configurations, error -61
[  157.949808][ T6024] usb usb12-port1: unable to enumerate USB device
[  158.268649][ T8254] x_tables: duplicate underflow at hook 1
[  158.357514][ T8256] hub 8-0:1.0: USB hub found
[  158.361691][ T8256] hub 8-0:1.0: 1 port detected
[  159.278687][   T63] Bluetooth: hci3: command tx timeout
[  159.712548][ T8267] tipc: Failed to remove unknown binding: 66,1,1/0:1209574737/1209574739
[  159.718320][ T8267] tipc: Failed to remove unknown binding: 66,1,1/0:1209574737/1209574739
[  160.092813][ T8271] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.239777][ T8271] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.381265][ T8271] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.476408][  T133] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[  160.637020][ T8271] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.697786][  T133] usb 12-1: config index 0 descriptor too short (expected 45, got 36)
[  160.704833][  T133] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.709651][  T133] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.714121][  T133] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  160.758001][  T133] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  160.761980][  T133] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.836913][   T61] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.858502][   T61] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.883075][   T61] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.911402][   T61] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.927006][  T133] usb 12-1: config 0 descriptor??
[  161.336278][   T63] Bluetooth: hci3: command tx timeout
[  161.957840][ T8282] netlink: 64 bytes leftover after parsing attributes in process `syz.4.519'.
[  161.962479][ T8282] netlink: 60 bytes leftover after parsing attributes in process `syz.4.519'.
[  161.968092][ T8282] loop7: detected capacity change from 0 to 7
[  161.987860][ T8282] Dev loop7: unable to read RDB block 7
[  161.990300][ T8282]  loop7: unable to read partition table
[  161.992882][ T8282] loop7: partition table beyond EOD, truncated
[  161.995829][ T8282] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  162.172609][ T5348] Dev loop7: unable to read RDB block 7
[  162.178373][ T5348]  loop7: unable to read partition table
[  162.181736][ T5348] loop7: partition table beyond EOD, truncated
[  162.604856][   T40] kauditd_printk_skb: 15 callbacks suppressed
[  162.604870][   T40] audit: type=1326 audit(1775954184.667:3424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.615778][   T40] audit: type=1326 audit(1775954184.677:3425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.630049][   T40] audit: type=1326 audit(1775954184.687:3426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.645030][   T40] audit: type=1326 audit(1775954184.687:3427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.648497][ T6005] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  162.657881][   T40] audit: type=1326 audit(1775954184.687:3428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.666428][   T40] audit: type=1326 audit(1775954184.707:3429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.673723][   T40] audit: type=1326 audit(1775954184.707:3430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.681508][   T40] audit: type=1326 audit(1775954184.717:3431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.691429][   T40] audit: type=1326 audit(1775954184.717:3432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.700305][   T40] audit: type=1326 audit(1775954184.717:3433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8292 comm="syz.4.523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45f6c code=0x7ffc0000
[  162.797604][ T6005] usb 8-1: Using ep0 maxpacket: 16
[  162.802880][ T6005] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.806388][ T6005] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  162.819053][ T6005] usb 8-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  162.821979][ T6005] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.826216][ T6005] usb 8-1: config 0 descriptor??
[  162.988636][  T133] usbhid 12-1:0.0: can't add hid device: -71
[  162.992752][  T133] usbhid 12-1:0.0: probe with driver usbhid failed with error -71
[  163.020945][  T133] usb 12-1: USB disconnect, device number 6
[  163.036691][ T8297] FAULT_INJECTION: forcing a failure.
[  163.036691][ T8297] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.043997][ T8297] CPU: 0 UID: 0 PID: 8297 Comm: syz.7.524 Not tainted syzkaller #0 PREEMPT(full) 
[  163.044051][ T8297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  163.044068][ T8297] Call Trace:
[  163.044075][ T8297]  <TASK>
[  163.044082][ T8297]  dump_stack_lvl+0x100/0x190
[  163.044117][ T8297]  should_fail_ex.cold+0x5/0xa
[  163.044139][ T8297]  _copy_from_user+0x2e/0xd0
[  163.044164][ T8297]  get_compat_msghdr+0xb3/0x4b0
[  163.044192][ T8297]  ? _parse_integer_limit+0x17f/0x1d0
[  163.044219][ T8297]  ? __pfx_get_compat_msghdr+0x10/0x10
[  163.044250][ T8297]  ? _kstrtoull+0x13c/0x1f0
[  163.044274][ T8297]  ? __pfx__kstrtoull+0x10/0x10
[  163.044303][ T8297]  ___sys_sendmsg+0x1b6/0x1e0
[  163.044329][ T8297]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.044351][ T8297]  ? __lock_acquire+0x4a5/0x2630
[  163.044385][ T8297]  ? find_held_lock+0x2b/0x80
[  163.044417][ T8297]  __sys_sendmmsg+0x2ff/0x430
[  163.044438][ T8297]  ? __pfx___sys_sendmmsg+0x10/0x10
[  163.044463][ T8297]  ? __fget_files+0x215/0x3d0
[  163.044493][ T8297]  ? fput+0x79/0x100
[  163.044514][ T8297]  ? ksys_write+0x1ac/0x250
[  163.044531][ T8297]  ? __pfx_ksys_write+0x10/0x10
[  163.044551][ T8297]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  163.044580][ T8297]  ? lockdep_hardirqs_on+0x78/0x100
[  163.044597][ T8297]  __do_fast_syscall_32+0xe3/0x8c0
[  163.044619][ T8297]  do_fast_syscall_32+0x32/0x70
[  163.044640][ T8297]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  163.044663][ T8297] RIP: 0023:0xf700ef6c
[  163.044680][ T8297] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  163.044697][ T8297] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  163.044718][ T8297] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000440
[  163.044728][ T8297] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  163.044739][ T8297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  163.044750][ T8297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  163.044760][ T8297] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  163.044782][ T8297]  </TASK>
[  163.250351][ T6005] kye 0003:0458:5016.0002: control desc unexpectedly large
[  163.257400][ T6005] input: HID 0458:5016 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0458:5016.0002/input/input26
[  163.323969][   T13] Bluetooth: hci4: Frame reassembly failed (-84)
[  163.336555][ T6005] input: HID 0458:5016 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0458:5016.0002/input/input27
[  163.448481][ T6005] kye 0003:0458:5016.0002: input,hiddev0,hidraw1: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.3-1/input0
[  163.526177][ T6005] usb 8-1: USB disconnect, device number 4
[  163.728642][ T8308] netlink: 8 bytes leftover after parsing attributes in process `syz.4.527'.
[  163.955351][ T8313] netlink: 64 bytes leftover after parsing attributes in process `syz.6.528'.
[  163.958489][ T8313] netlink: 60 bytes leftover after parsing attributes in process `syz.6.528'.
[  163.963839][ T8313] loop7: detected capacity change from 0 to 7
[  163.994782][ T8313] Dev loop7: unable to read RDB block 7
[  163.998937][ T8313]  loop7: unable to read partition table
[  164.001996][ T8313] loop7: partition table beyond EOD, truncated
[  164.004916][ T8313] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  164.547319][ T8322] FAULT_INJECTION: forcing a failure.
[  164.547319][ T8322] name failslab, interval 1, probability 0, space 0, times 0
[  164.567683][ T8322] CPU: 1 UID: 0 PID: 8322 Comm: syz.6.531 Not tainted syzkaller #0 PREEMPT(full) 
[  164.567711][ T8322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  164.567721][ T8322] Call Trace:
[  164.567727][ T8322]  <TASK>
[  164.567734][ T8322]  dump_stack_lvl+0x100/0x190
[  164.567776][ T8322]  should_fail_ex.cold+0x5/0xa
[  164.567797][ T8322]  ? tomoyo_realpath_from_path+0xb6/0x690
[  164.567821][ T8322]  should_failslab+0xc2/0x120
[  164.567840][ T8322]  __kmalloc_noprof+0xe0/0x850
[  164.567870][ T8322]  tomoyo_realpath_from_path+0xb6/0x690
[  164.567898][ T8322]  tomoyo_path_number_perm+0x23c/0x580
[  164.567918][ T8322]  ? tomoyo_path_number_perm+0x22e/0x580
[  164.567939][ T8322]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  164.567983][ T8322]  ? find_held_lock+0x2b/0x80
[  164.567998][ T8322]  ? hook_file_ioctl_common+0x146/0x410
[  164.568019][ T8322]  ? __fget_files+0x215/0x3d0
[  164.568041][ T8322]  ? __fget_files+0x21f/0x3d0
[  164.568061][ T8322]  security_file_ioctl_compat+0xd3/0x230
[  164.568085][ T8322]  __ia32_compat_sys_ioctl+0xc2/0x360
[  164.568113][ T8322]  __do_fast_syscall_32+0xe3/0x8c0
[  164.568136][ T8322]  do_fast_syscall_32+0x32/0x70
[  164.568155][ T8322]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  164.568177][ T8322] RIP: 0023:0xf703ef6c
[  164.568190][ T8322] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  164.568206][ T8322] RSP: 002b:00000000f542d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  164.568223][ T8322] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000400442c8
[  164.568233][ T8322] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  164.568243][ T8322] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  164.568252][ T8322] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  164.568260][ T8322] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  164.568282][ T8322]  </TASK>
[  164.568289][ T8322] ERROR: Out of memory at tomoyo_realpath_from_path.
[  164.966346][ T8332] FAULT_INJECTION: forcing a failure.
[  164.966346][ T8332] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.971385][ T8332] CPU: 0 UID: 0 PID: 8332 Comm: syz.6.532 Not tainted syzkaller #0 PREEMPT(full) 
[  164.971411][ T8332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  164.971423][ T8332] Call Trace:
[  164.971431][ T8332]  <TASK>
[  164.971439][ T8332]  dump_stack_lvl+0x100/0x190
[  164.971473][ T8332]  should_fail_ex.cold+0x5/0xa
[  164.971493][ T8332]  _copy_from_user+0x2e/0xd0
[  164.971519][ T8332]  move_addr_to_kernel+0x65/0x170
[  164.971550][ T8332]  __sys_bind+0x11d/0x260
[  164.971581][ T8332]  ? __pfx___sys_bind+0x10/0x10
[  164.971613][ T8332]  ? ksys_write+0x1ac/0x250
[  164.971631][ T8332]  ? __pfx_ksys_write+0x10/0x10
[  164.971653][ T8332]  __ia32_sys_bind+0x71/0xb0
[  164.971676][ T8332]  ? lockdep_hardirqs_on+0x78/0x100
[  164.971697][ T8332]  __do_fast_syscall_32+0xe3/0x8c0
[  164.971728][ T8332]  do_fast_syscall_32+0x32/0x70
[  164.971748][ T8332]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  164.971772][ T8332] RIP: 0023:0xf703ef6c
[  164.971789][ T8332] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  164.971805][ T8332] RSP: 002b:00000000f542d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000169
[  164.971824][ T8332] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800003c0
[  164.971835][ T8332] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  164.971844][ T8332] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  164.971855][ T8332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  164.971867][ T8332] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  164.971890][ T8332]  </TASK>
[  165.061262][ T8339] netlink: 12 bytes leftover after parsing attributes in process `syz.3.534'.
[  165.078988][ T8343] FAULT_INJECTION: forcing a failure.
[  165.078988][ T8343] name failslab, interval 1, probability 0, space 0, times 0
[  165.082968][ T8343] CPU: 3 UID: 0 PID: 8343 Comm: syz.6.535 Not tainted syzkaller #0 PREEMPT(full) 
[  165.082983][ T8343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  165.082991][ T8343] Call Trace:
[  165.082995][ T8343]  <TASK>
[  165.083000][ T8343]  dump_stack_lvl+0x100/0x190
[  165.083023][ T8343]  should_fail_ex.cold+0x5/0xa
[  165.083036][ T8343]  ? tomoyo_realpath_from_path+0xb6/0x690
[  165.083054][ T8343]  should_failslab+0xc2/0x120
[  165.083067][ T8343]  __kmalloc_noprof+0xe0/0x850
[  165.083088][ T8343]  tomoyo_realpath_from_path+0xb6/0x690
[  165.083107][ T8343]  tomoyo_path_number_perm+0x23c/0x580
[  165.083120][ T8343]  ? tomoyo_path_number_perm+0x22e/0x580
[  165.083135][ T8343]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  165.083163][ T8343]  ? find_held_lock+0x2b/0x80
[  165.083174][ T8343]  ? hook_file_ioctl_common+0x146/0x410
[  165.083189][ T8343]  ? __fget_files+0x215/0x3d0
[  165.083203][ T8343]  ? __fget_files+0x21f/0x3d0
[  165.083216][ T8343]  security_file_ioctl_compat+0xd3/0x230
[  165.083232][ T8343]  __ia32_compat_sys_ioctl+0xc2/0x360
[  165.083251][ T8343]  __do_fast_syscall_32+0xe3/0x8c0
[  165.083266][ T8343]  do_fast_syscall_32+0x32/0x70
[  165.083279][ T8343]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  165.083293][ T8343] RIP: 0023:0xf703ef6c
[  165.083303][ T8343] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  165.083354][ T8343] RSP: 002b:00000000f542d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  165.083366][ T8343] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000400448c9
[  165.083373][ T8343] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  165.083379][ T8343] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  165.083385][ T8343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  165.083391][ T8343] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  165.083406][ T8343]  </TASK>
[  165.083410][ T8343] ERROR: Out of memory at tomoyo_realpath_from_path.
[  165.313609][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  165.314117][ T5952] Bluetooth: hci4: command 0x1003 tx timeout
[  165.863247][ T8375] netlink: 64 bytes leftover after parsing attributes in process `syz.7.539'.
[  165.867770][ T8375] netlink: 60 bytes leftover after parsing attributes in process `syz.7.539'.
[  165.877900][ T8375] loop7: detected capacity change from 0 to 7
[  165.921451][ T7492] Dev loop7: unable to read RDB block 7
[  165.924210][ T7492]  loop7: unable to read partition table
[  165.928014][ T7492] loop7: partition table beyond EOD, truncated
[  165.986845][ T8375] Dev loop7: unable to read RDB block 7
[  165.999910][ T8375]  loop7: unable to read partition table
[  166.002045][ T8375] loop7: partition table beyond EOD, truncated
[  166.004304][ T8375] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  166.779532][ T8399] overlay: Unknown parameter 'measure'
[  167.884766][ T8420] syzkaller0: entered promiscuous mode
[  167.886588][ T8420] syzkaller0: entered allmulticast mode
[  167.890498][ T8420] FAULT_INJECTION: forcing a failure.
[  167.890498][ T8420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.894786][ T8420] CPU: 3 UID: 0 PID: 8420 Comm: syz.3.544 Not tainted syzkaller #0 PREEMPT(full) 
[  167.894803][ T8420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  167.894810][ T8420] Call Trace:
[  167.894814][ T8420]  <TASK>
[  167.894819][ T8420]  dump_stack_lvl+0x100/0x190
[  167.894841][ T8420]  should_fail_ex.cold+0x5/0xa
[  167.894855][ T8420]  _copy_from_user+0x2e/0xd0
[  167.894871][ T8420]  move_addr_to_kernel+0x65/0x170
[  167.894887][ T8420]  __sys_sendto+0x1c9/0x4b0
[  167.894904][ T8420]  ? __pfx___sys_sendto+0x10/0x10
[  167.894926][ T8420]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  167.894945][ T8420]  ? fput+0x79/0x100
[  167.894959][ T8420]  ? ksys_write+0x1ac/0x250
[  167.894971][ T8420]  __ia32_sys_sendto+0xdd/0x1b0
[  167.894988][ T8420]  ? __do_fast_syscall_32+0x94/0x8c0
[  167.895000][ T8420]  ? lockdep_hardirqs_on+0x78/0x100
[  167.895011][ T8420]  __do_fast_syscall_32+0xe3/0x8c0
[  167.895031][ T8420]  do_fast_syscall_32+0x32/0x70
[  167.895044][ T8420]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.895059][ T8420] RIP: 0023:0xf7fe4f6c
[  167.895069][ T8420] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  167.895080][ T8420] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000171
[  167.895091][ T8420] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000800005c0
[  167.895098][ T8420] RDX: 0000000000000001 RSI: 0000000000000040 RDI: 00000000800001c0
[  167.895104][ T8420] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  167.895110][ T8420] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  167.895117][ T8420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  167.895130][ T8420]  </TASK>
[  168.168825][ T8431] FAULT_INJECTION: forcing a failure.
[  168.168825][ T8431] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.176085][ T8431] CPU: 3 UID: 0 PID: 8431 Comm: syz.7.546 Not tainted syzkaller #0 PREEMPT(full) 
[  168.176103][ T8431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  168.176111][ T8431] Call Trace:
[  168.176115][ T8431]  <TASK>
[  168.176120][ T8431]  dump_stack_lvl+0x100/0x190
[  168.176144][ T8431]  should_fail_ex.cold+0x5/0xa
[  168.176158][ T8431]  _copy_from_user+0x2e/0xd0
[  168.176175][ T8431]  get_compat_msghdr+0xb3/0x4b0
[  168.176195][ T8431]  ? __pfx_get_compat_msghdr+0x10/0x10
[  168.176219][ T8431]  ___sys_sendmsg+0x1b6/0x1e0
[  168.176236][ T8431]  ? __pfx____sys_sendmsg+0x10/0x10
[  168.176269][ T8431]  __sys_sendmsg+0x170/0x220
[  168.176281][ T8431]  ? __pfx___sys_sendmsg+0x10/0x10
[  168.176297][ T8431]  ? __pfx_ksys_write+0x10/0x10
[  168.176312][ T8431]  __do_fast_syscall_32+0xe3/0x8c0
[  168.176327][ T8431]  do_fast_syscall_32+0x32/0x70
[  168.176341][ T8431]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  168.176356][ T8431] RIP: 0023:0xf700ef6c
[  168.176366][ T8431] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  168.176380][ T8431] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  168.176398][ T8431] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  168.176408][ T8431] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  168.176417][ T8431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  168.176425][ T8431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  168.176435][ T8431] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  168.176457][ T8431]  </TASK>
[  168.404824][ T8441] x_tables: duplicate underflow at hook 1
[  168.590779][ T8444] hub 8-0:1.0: USB hub found
[  168.593440][ T8444] hub 8-0:1.0: 1 port detected
[  169.334551][  T267] Bluetooth: hci4: Frame reassembly failed (-84)
[  169.337727][  T267] Bluetooth: hci4: Frame reassembly failed (-84)
[  169.647044][ T8463] tmpfs: Bad value for 'mpol'
[  169.653771][ T8463] input: syz0 as /devices/virtual/input/input28
[  169.708778][ T8454] netlink: 24 bytes leftover after parsing attributes in process `syz.6.551'.
[  169.731520][ T8454] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[  169.734061][ T8454] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  169.741537][ T8454] vhci_hcd vhci_hcd.0: Device attached
[  170.018329][ T5939] usb 50-1: SetAddress Request (6) to port 0
[  170.022796][ T5939] usb 50-1: new SuperSpeed USB device number 6 using vhci_hcd
[  170.156433][ T8466] vhci_hcd: connection reset by peer
[  170.159525][   T43] vhci_hcd vhci_hcd.6: stop threads
[  170.162543][   T43] vhci_hcd vhci_hcd.6: release socket
[  170.165312][   T43] vhci_hcd vhci_hcd.6: disconnect device
[  171.244010][ T8477] FAULT_INJECTION: forcing a failure.
[  171.244010][ T8477] name failslab, interval 1, probability 0, space 0, times 0
[  171.262447][ T8477] CPU: 0 UID: 0 PID: 8477 Comm: syz.7.556 Not tainted syzkaller #0 PREEMPT(full) 
[  171.262468][ T8477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  171.262475][ T8477] Call Trace:
[  171.262481][ T8477]  <TASK>
[  171.262487][ T8477]  dump_stack_lvl+0x100/0x190
[  171.262511][ T8477]  should_fail_ex.cold+0x5/0xa
[  171.262525][ T8477]  ? iter_file_splice_write+0x1d8/0x10a0
[  171.262542][ T8477]  should_failslab+0xc2/0x120
[  171.262559][ T8477]  __kmalloc_noprof+0xe0/0x850
[  171.262582][ T8477]  ? find_held_lock+0x2b/0x80
[  171.262602][ T8477]  iter_file_splice_write+0x1d8/0x10a0
[  171.262621][ T8477]  ? aa_file_perm+0x7f3/0x14d0
[  171.262646][ T8477]  ? __lock_acquire+0x4a5/0x2630
[  171.262661][ T8477]  ? __pfx_aa_file_perm+0x10/0x10
[  171.262679][ T8477]  ? __pfx_iter_file_splice_write+0x10/0x10
[  171.262692][ T8477]  ? __lock_acquire+0x4a5/0x2630
[  171.262707][ T8477]  ? __pfx___might_resched+0x10/0x10
[  171.262734][ T8477]  ? __pfx_iter_file_splice_write+0x10/0x10
[  171.262747][ T8477]  do_splice+0x109c/0x1fd0
[  171.262760][ T8477]  ? __lock_acquire+0x4a5/0x2630
[  171.262774][ T8477]  ? ksys_write+0x190/0x250
[  171.262789][ T8477]  ? __pfx_do_splice+0x10/0x10
[  171.262800][ T8477]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  171.262812][ T8477]  ? find_held_lock+0x2b/0x80
[  171.262825][ T8477]  __do_splice+0x33b/0x370
[  171.262839][ T8477]  ? __pfx___do_splice+0x10/0x10
[  171.262855][ T8477]  __ia32_sys_splice+0x189/0x250
[  171.262869][ T8477]  __do_fast_syscall_32+0xe3/0x8c0
[  171.262885][ T8477]  do_fast_syscall_32+0x32/0x70
[  171.262899][ T8477]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  171.262914][ T8477] RIP: 0023:0xf700ef6c
[  171.262925][ T8477] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  171.262936][ T8477] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000139
[  171.262955][ T8477] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  171.262962][ T8477] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000005
[  171.262968][ T8477] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000
[  171.262974][ T8477] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  171.262981][ T8477] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  171.262996][ T8477]  </TASK>
[  171.449726][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  171.453117][ T5952] Bluetooth: hci4: command 0x1003 tx timeout
[  171.511783][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  171.511796][   T40] audit: type=1326 audit(1775954193.625:3443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.7.557" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700ef6c code=0x0
[  171.679970][ T5951] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  171.682179][ T5951] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  171.684238][   T63] Bluetooth: hci3: command 0x0c1a tx timeout
[  171.796926][ T8324] ------------[ cut here ]------------
[  171.799253][ T8324] workqueue: cannot queue hci_tx_work on wq hci3
[  171.801397][ T8324] WARNING: kernel/workqueue.c:2270 at __queue_work+0xd08/0x1150, CPU#1: kbnepd bnep0/8324
[  171.804987][ T8324] Modules linked in:
[  171.807326][ T8324] CPU: 1 UID: 0 PID: 8324 Comm: kbnepd bnep0 Not tainted syzkaller #0 PREEMPT(full) 
[  171.810390][ T8324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  171.813735][ T8324] RIP: 0010:__queue_work+0xd0c/0x1150
[  171.815485][ T8324] Code: 00 00 00 fc ff df 49 8d 94 24 78 01 00 00 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 04 04 00 00 48 8d 3d c8 96 0d 0f 48 8b 75 18 <67> 48 0f b9 3a e9 2a f7 ff ff e8 55 df 38 00 90 0f 0b 90 e9 b2 f5
[  171.822578][ T8324] RSP: 0018:ffffc90023def840 EFLAGS: 00010046
[  171.824727][ T8324] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffff11009f4e98d
[  171.827447][ T8324] RDX: ffff88802af38978 RSI: ffffffff8a82b4a0 RDI: ffffffff90dd0060
[  171.829975][ T8324] RBP: ffff88804fa74c50 R08: 0000000000000005 R09: 0000000000000000
[  171.832495][ T8324] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88802af38800
[  171.835410][ T8324] R13: ffff88802544c980 R14: 0000000000000025 R15: ffff88802adbf000
[  171.838625][ T8324] FS:  0000000000000000(0000) GS:ffff888097240000(0000) knlGS:0000000000000000
[  171.841551][ T8324] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  171.843846][ T8324] CR2: 00007ffe586ab480 CR3: 0000000071f4f000 CR4: 0000000000352ef0
[  171.846487][ T8324] Call Trace:
[  171.847567][ T8324]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  171.848558][ T8324]  ? hci_send_acl+0x7c4/0xee0
[  171.850659][ T8324]  ? queue_work_on+0xea/0x1e0
[  171.852174][ T8324]  ? rcu_is_watching+0x12/0xc0
[  171.853886][ T8324]  queue_work_on+0x180/0x1e0
[  171.855457][ T8324]  l2cap_chan_send+0x4ba/0x2cf0
[  171.857131][ T8324]  ? l2cap_sock_sendmsg+0x3d4/0x4b0
[  171.859094][ T8324]  ? mark_held_locks+0x40/0x70
[  171.860783][ T8324]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  171.862752][ T8324]  ? __pfx___mutex_lock+0x10/0x10
[  171.864375][ T8324]  ? __pfx_l2cap_chan_send+0x10/0x10
[  171.866390][ T8324]  ? l2cap_sock_sendmsg+0x2d9/0x4b0
[  171.868624][ T8324]  ? l2cap_sock_sendmsg+0x2d9/0x4b0
[  171.870338][ T8324]  l2cap_sock_sendmsg+0x3e7/0x4b0
[  171.871982][ T8324]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  171.873802][ T8324]  ? __pfx___schedule+0x10/0x10
[  171.875530][ T8324]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  171.877503][ T8324]  sock_sendmsg+0x35b/0x3d0
[  171.879180][ T8324]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  171.881099][ T8324]  ? __pfx_sock_sendmsg+0x10/0x10
[  171.883253][ T8324]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  171.885171][ T8324]  ? iov_iter_kvec+0x42/0x1d0
[  171.886730][ T8324]  bnep_session+0x1254/0x2dc0
[  171.888251][ T8324]  ? __pfx_bnep_session+0x10/0x10
[  171.889866][ T8324]  ? do_raw_spin_lock+0x128/0x260
[  171.891513][ T8324]  ? __pfx_woken_wake_function+0x10/0x10
[  171.893325][ T8324]  ? rcu_is_watching+0x12/0xc0
[  171.894936][ T8324]  ? __kthread_parkme+0x18c/0x230
[  171.896668][ T8324]  ? kthread+0x13a/0x450
[  171.898336][ T8324]  ? __pfx_bnep_session+0x10/0x10
[  171.900124][ T8324]  kthread+0x370/0x450
[  171.901480][ T8324]  ? __pfx_kthread+0x10/0x10
[  171.902998][ T8324]  ret_from_fork+0x754/0xd80
[  171.904494][ T8324]  ? __pfx_ret_from_fork+0x10/0x10
[  171.906126][ T8324]  ? __switch_to+0x7b4/0x1120
[  171.907857][ T8324]  ? __pfx_kthread+0x10/0x10
[  171.909780][ T8324]  ret_from_fork_asm+0x1a/0x30
[  171.911522][ T8324]  </TASK>
[  171.912538][ T8324] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  171.915032][ T8324] CPU: 1 UID: 0 PID: 8324 Comm: kbnepd bnep0 Not tainted syzkaller #0 PREEMPT(full) 
[  171.918330][ T8324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  171.921480][ T8324] Call Trace:
[  171.922561][ T8324]  <TASK>
[  171.923547][ T8324]  dump_stack_lvl+0x100/0x190
[  171.925159][ T8324]  vpanic+0x552/0x970
[  171.926483][ T8324]  ? __pfx_vpanic+0x10/0x10
[  171.928398][ T8324]  panic+0xd1/0xe0
[  171.929640][ T8324]  ? __pfx_panic+0x10/0x10
[  171.931112][ T8324]  ? check_panic_on_warn+0x1f/0x90
[  171.932923][ T8324]  check_panic_on_warn.cold+0x19/0x34
[  171.934881][ T8324]  ? __queue_work+0xd08/0x1150
[  171.936534][ T8324]  __warn.cold+0x191/0x348
[  171.938110][ T8324]  __report_bug+0x296/0x3d0
[  171.939783][ T8324]  ? __queue_work+0xd08/0x1150
[  171.941342][ T8324]  ? __pfx___report_bug+0x10/0x10
[  171.943338][ T8324]  ? __pfx_hci_tx_work+0x10/0x10
[  171.945102][ T8324]  ? __lock_acquire+0x4a5/0x2630
[  171.946696][ T8324]  ? l2cap_sock_alloc_skb_cb+0x229/0x500
[  171.948439][ T8324]  report_bug_entry+0xe1/0x290
[  171.949961][ T8324]  ? __queue_work+0xd0c/0x1150
[  171.951514][ T8324]  handle_bug+0x1cd/0x2a0
[  171.952896][ T8324]  exc_invalid_op+0x17/0x50
[  171.954420][ T8324]  asm_exc_invalid_op+0x1a/0x20
[  171.956118][ T8324] RIP: 0010:__queue_work+0xd0c/0x1150
[  171.958006][ T8324] Code: 00 00 00 fc ff df 49 8d 94 24 78 01 00 00 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 04 04 00 00 48 8d 3d c8 96 0d 0f 48 8b 75 18 <67> 48 0f b9 3a e9 2a f7 ff ff e8 55 df 38 00 90 0f 0b 90 e9 b2 f5
[  171.965194][ T8324] RSP: 0018:ffffc90023def840 EFLAGS: 00010046
[  171.967196][ T8324] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffff11009f4e98d
[  171.969608][ T8324] RDX: ffff88802af38978 RSI: ffffffff8a82b4a0 RDI: ffffffff90dd0060
[  171.971984][ T8324] RBP: ffff88804fa74c50 R08: 0000000000000005 R09: 0000000000000000
[  171.974989][ T8324] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88802af38800
[  171.978454][ T8324] R13: ffff88802544c980 R14: 0000000000000025 R15: ffff88802adbf000
[  171.980966][ T8324]  ? __pfx_hci_tx_work+0x10/0x10
[  171.982573][ T8324]  ? hci_send_acl+0x7c4/0xee0
[  171.984088][ T8324]  ? queue_work_on+0xea/0x1e0
[  171.985618][ T8324]  ? rcu_is_watching+0x12/0xc0
[  171.987247][ T8324]  queue_work_on+0x180/0x1e0
[  171.988800][ T8324]  l2cap_chan_send+0x4ba/0x2cf0
[  171.990781][ T8324]  ? l2cap_sock_sendmsg+0x3d4/0x4b0
[  171.992540][ T8324]  ? mark_held_locks+0x40/0x70
[  171.994106][ T8324]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  171.996025][ T8324]  ? __pfx___mutex_lock+0x10/0x10
[  171.997874][ T8324]  ? __pfx_l2cap_chan_send+0x10/0x10
[  171.999570][ T8324]  ? l2cap_sock_sendmsg+0x2d9/0x4b0
[  172.001234][ T8324]  ? l2cap_sock_sendmsg+0x2d9/0x4b0
[  172.002982][ T8324]  l2cap_sock_sendmsg+0x3e7/0x4b0
[  172.004871][ T8324]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  172.006922][ T8324]  ? __pfx___schedule+0x10/0x10
[  172.008485][ T8324]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  172.010225][ T8324]  sock_sendmsg+0x35b/0x3d0
[  172.011691][ T8324]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  172.013475][ T8324]  ? __pfx_sock_sendmsg+0x10/0x10
[  172.015084][ T8324]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  172.016932][ T8324]  ? iov_iter_kvec+0x42/0x1d0
[  172.018545][ T8324]  bnep_session+0x1254/0x2dc0
[  172.020282][ T8324]  ? __pfx_bnep_session+0x10/0x10
[  172.022612][ T8324]  ? do_raw_spin_lock+0x128/0x260
[  172.024382][ T8324]  ? __pfx_woken_wake_function+0x10/0x10
[  172.026128][ T8324]  ? rcu_is_watching+0x12/0xc0
[  172.028065][ T8324]  ? __kthread_parkme+0x18c/0x230
[  172.029675][ T8324]  ? kthread+0x13a/0x450
[  172.031039][ T8324]  ? __pfx_bnep_session+0x10/0x10
[  172.032626][ T8324]  kthread+0x370/0x450
[  172.033918][ T8324]  ? __pfx_kthread+0x10/0x10
[  172.035382][ T8324]  ret_from_fork+0x754/0xd80
[  172.037059][ T8324]  ? __pfx_ret_from_fork+0x10/0x10
[  172.039028][ T8324]  ? __switch_to+0x7b4/0x1120
[  172.040572][ T8324]  ? __pfx_kthread+0x10/0x10
[  172.042172][ T8324]  ret_from_fork_asm+0x1a/0x30
[  172.044021][ T8324]  </TASK>
[  172.046190][ T8324] Kernel Offset: disabled
[  172.047784][ T8324] Rebooting in 86400 seconds..