last executing test programs:

8m30.39005975s ago: executing program 3 (id=616):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f0000000000))
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000280)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
r1 = io_uring_setup(0x1783, &(0x7f0000000640)={0x0, 0xfffffffe, 0x800, 0x400, 0x2b3})
r2 = openat$nmem0(0xffffff9c, &(0x7f00000002c0), 0x50200, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000400)=@broute={'broute\x00', 0x20, 0x0, 0xc0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x80000340], 0x0, &(0x7f0000000300), &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x110)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r3, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0xf00, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0xd00000)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, 0x0)
r4 = socket(0x11, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r6=>0x0})
bind$packet(r4, &(0x7f0000000180)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @dev}, 0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x800)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000100))

8m30.30080288s ago: executing program 3 (id=617):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
syz_emit_ethernet(0x0, 0x0, 0x0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
creat(0x0, 0xd931d3864d39dcca)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000780)=ANY=[@ANYBLOB="14010000330001000000000000000000010100800c0001000000000000000000140003"], 0x114}], 0x1}, 0x4)
r3 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000340)=<r5=>0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
readv(r6, &(0x7f0000000080), 0x0)

8m29.914074908s ago: executing program 3 (id=619):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x50080, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000300)={'syzkaller0\x00', 0x4000})
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@get={0xe0, 0x13, 0x1, 0x0, 0x0, {{'cbc(blowfish)\x00'}}}, 0xe0}}, 0x0)
pwritev2(r1, &(0x7f0000000040)=[{&(0x7f00000030c0)="e5352cabaaeaeb668e453699057985d75d90cc0e4ac4649a0871bce1c65b1457bb288c3bbb5d611229bcd4b6062dcdc358aa5c24a97f5038e598dcfce5d500c566e19b9ecdc19a428af59ca334871aa38310166f1ced0bb740b8b5958341a9e2f8f9b3f633f7927addbcc3b4974a14a5b5d951e88d2f6dbbda338656989a360a350c00261b331364c5e2df73758c36857dad0f74acdbe77aff7082566366acf30bf9e87a3744704c3c89325d4827f8d6e3e461ab6a91ccedec0587e7492b429ad4c7b648948abda576025f5f0654f92026ce6254ade9c34c8f3c0ddbdd3c09da4b9babb88ce8b1b9e44be8c664ff8b3c1a281e8c17915ba61052fef4f54e92306dc76b2322c945e881682b8408fe64934e815cdd4f7b61f4e510d264bfda5c2534fba5e78c7ba1642a81fb383e6b7cb90c85c785eaad0195f501c37d9e871f3c1744495654c7383735982f2b773308e1ab579f91413db79b7284c073a0ff57a1728fbc9a112a001de7bfebabfaf4d0555b75fa998a291f16573f380368ef6264b8955718d55851b34d011792a424dc040f956850296abe55633f0a64ba3bd1189db3631c026eb572216dfe8be2bb0a5c5d8d9e7ffe0854f8bed29f5a022fdab553b2e51be4e0a9a2ec16f292dd96042f4d81f5c3678f95eb65ff820b0c25a55a6a5eeef40dc8ad74e1b6a4eea0dc3c92491403ef1b041f90dbd88fae7420a28a0ba88682955f9dfe48e0ba9d36aa11f54537c7d4172aec68d64fd88d501ff078cb0ba4f33ae4056a77f8265aa29f6fba32c0ef1882e0c195edda83f434d07b468ebf394edbe393be47defa90c7e40248bfeafde04c36ca568c261e9b2ef302ee16d802497c2da346e0a81dc5ec25d6b4323e9e075e75c5098fa3a0b1070f4c8c7ee7b0b6f7ec3c48d22bf63f3036b3bb0e14ba00972591364b2afefc68a5e942e5ab343511c4ac494a00e23fecd5df5529b3227f0a0e25f52bd70282cc8c9e03551183d177908332b4818637a417d5908fa49a724a529b84d5726d8b2c14a13a3c4da710f67af35ace4572f79843ab220779d39ad0f542ade5630c08544ccf478b318e3b338c515b1a0d36d8d56df6856f6d54f013624d8a04d0c804c97945e5bcfc805c5ed5cf636a36afdee14a4016462e5f52dcfd3094a784d40397ab7aba56de797b01339aa5e0d5a1e8f3bf0c966eac4b51e0378aa31146d2f0de591470102a0d20a9921e4bbeb8ab26999287506f72b552c5de228956b30cdd9f494a0bafd8262b8200d9ef8a8bdcdf1d83c85912456d9b63f881314a95a894c65072caff586a0ec8d05cc6cf7b55762f7086959a853c7673c95f1fcd0b73823f437751e5e64e34aa0a2b0cb41783fc779ce1f97950ab0efa96a6da72ed84ee26067b8d26e6bc6fca9b05e985ec0412b00918b0d0a49dd17bb5d05799d8aa2d336a5c48d66a95d6098568641ae3eeefc45ea82dd52ab18c4388840f2dba673807af224a38548839d1bd0439a0f762a59acea99266b1bfe7ebf4c03563ec42bb0486a4aa7535226d1b8a72114a4c7275dfd43ec3ce59cd958020c4757d708315089649183ef42fe1b07d36d384cbe4099bef4f5aa8d8ff254a95faf59a9645fb468a0b525c1465ef36ca489a817d0daf7d0e037dcb9ff0a80b4396c7ca0e8010b098c956194c94497ef7b7c90f45257079c99832b4fd38b6449226e8eded16846a325e9c6d9cceb9a3161040c7ebd160a816f8aa8f83edada96f13bbb055c88a0bc32960e12a07a2fa36df7905692cb424dac18aa1e0e754955cd2501484e86db89a4cfe5b04daaf9528fe1b577c18960312c086fbf9eaa0e42e7a943b1c65ba7b6362fe3e58fb281cc7bb3990b4f10c4fdc40b2eed2c6d28b6d42daab0e828fb93c08e6df0dc2b662df4e8e7bd5e4dbffafa9ab2448cff2625e3757745754c7c2af1ccaf55c950122d17cdf83b3485882ff1cb98693e54344fd073aa34ccfad82e1d50b5728345efa1af9652b4975274586a05280bb6642ed675eef1e5680a55bf7c9595b451af2dca6e9769c6bf674d0bd2e3803659d7480089ac80fe13504ca8d3aa95dc21ee14863dee4a09814b017f183ce0f23ef9397c59f66f3d4c970a9f221a882b6ae6fad835f9e468d34e60dd41d3ba64fc56b9a7c682a0faefef20497a4c1e20beeaf24f223a2cc69fa18de3e2fe683987a4d78f547cc27cbff57da7b63a56c4a2d94aa0f3b2fabbf19dc575d5ddb4fe967f6bfc3a12e2615a21712cb696698ab42916e9056c7c6b0203398d2ecd88a7dde3e6c3336e867250318455bf78016ba1ed977cbc2513b634619266bddf1f4a6e9d889a6e1aa99ebec5008a549540d0eccb7014936a83106f26a7b2b743bbd16101f52bb4f5c526d0579aee9311587a32881cc6078a93b91cb60799abb97b328da9a12a11c67e71f80ff0a1ad56d2d33464df2b7dc1f94f3ead1f319e8e2815de868774358787be6935a3a2244dfe27513265ee05f21e30184467fad6fed47725fbab3434a29acc69de47ed72a36873a9843625245776f351e77bc9dca59bf1bc233414bda1090e2ed644a3cdb9d8352511e6389360fb7f82ba76dd225f32959f7d704becaec84744925a080bd3e05568c612d9f3ca69753cac7f1d4550a4680ffd8ed41e16a4caf1dd8cee4d148dd642c74666a4f8e6480bc072a06e1f379015a0207f25ffe6da11ec17c88691c4af0cf05a045df725e8af73c2c48573827d4e157244323e2b6b495aca68412534980cd72fea14aca32374805295895565d57958bdf04b8ed0090598d109565b1f34829fc6c8f809f1b307702fe26d35b0012768b4bfaf17f6c64a06db2c9243f0bb5bbe28271a884c2f00dd8e1da74c49a49b7008dbcd07e7864a6e03e4807ca3261643b609cbae695a33b6da2ac0f2e9b25af194cfc1b5458a539e805f646271cddfd0b961f307ba9a4930456ce0bebc072e6e9e303f029e48069d5998f7ba7a9d8c9a55b635c1179b95a57f9bdbc638ecac126dd95ca4b559546ce5f96963816352f24ca11e3add447c7fb17fdca55e057b2a569ae37765964d796828eac4e3da796041243210abd867d751fd964b806b1e78fc94173068700a20a0796aef0e3696550e87a0bea92d7e72d7e935d9cd128be39a6358ab2f0354f8e6120d8ab107c300d57a255f35146aa7ff8ee875a57dd21b3a34d39198b07807fa8487be16accc977d481a223855ecf1c992605e2561bd50e9ed2cdfbf1c86abcc213f0fb68c3ca846006650c1043c5207af9dfbbf30dfc77dc7c04a10615a2458877193c61e272a1d1281caf4743772d01edd9c7840446754eef98ab623cffce279aaded60d39844c94325d32b68c7e882097cc21908937de8a58d08d8179ed82f23f4449d270e2379220c3980730d026c29f05553d968716fa5227390c2ac1238f29b4da73275162e9fbdee6e840b4569a781d5a8357e9ac3dd2fa57e07ab1ef6dc18690e9213142f05e80a5951c894df5ca1f570e2415391c9e55799b0afb6124fdb3a01fd9d25a4f5c3ee32ac3c7994431451ac6b7f3700b6a1c3946f082608620ad14a27e2c1f883c097a48343adc8ff80a2b54c23eebbf76359d71b0a75a0ab7a4f62248dd4b0e89cff323ace931457694e52fe4faa8819f3659c6ad1d6b5e0aad3041c0a68065d1c1fd27e18a16c5bd31a4fd86dbd9bc2a88814e8b029f6262de57d40e7c8e6f7735b9c7015e1a99b5f483618d325009ac29d38d24805318ad4ae247e44f41aa28c22ab138540853e5290694c415a20947765dfba5b12f9b3510c3350e4ff919f20cb1823c702e043dd5bc08e1b59191ec9a26fd75aa5d4e54e2bae72dad9fe1fefa95fd85fa5dcb340a734d0b8f1a9f9513da09f20272b7595b82aa0060c647577ba9e61acc7b3dca4bc92b3a306d3db6b1d530a43bf07409152f94270927b21c15e4a12e527006c1a108331b6ac036c8a4798478d4b4477ef630c1a9c0b68c6e2f630bf488909fe474b77205e33093a9b8c3581c82fb4ec027aca820ba64dde0c45ac47e9cac43c3a02b026d0aeb64077a82652fec0e9e73c3ee61950423f3ee62ee7e3044950fb088300524f859ab3f26524072cd7f49997c70b019c342b66a6d3e1fef2c3ff1145c7bc20f620711e4493384e590db89f7bb472dcee12833c43bfa956e75dffd37bd51079c633ef2a4b820818f1ee9c8e313e2e58d2e59d3ff2f50a37c0dcaf50a7683341efc27f8b27c7c0fdb18ec8d0f7ddce42f33214b633d2b1aea28d511bcae891931276b187e8077c4a74e4ba4e2a4cee08c9d1a691cad9a15e4fad668916398777dd336fabc73f66f630db0419d629a29746e6b1ec77e39960db6ca8e56c60464e6e2ed54e1d7ca6e0755ad8e439494915460228cd29cd3971fa5d72c93eafe54aba0c5ceea2a1b4b56df22cce0e842a93e8c83176d71b2b6a00c6c06a89f18a0a070b3aa397bd49f159a5f5ca4a6aa88e27ff6e37b2249ff29b402e5ee7eac65aac254d1fcc433db2d5a7a3aae54ae4c689fd7e8d3d161151efc5688bb9cb8ce09a89d52bc557a75980dd832cb8f816f842ac2b6285e8f21df99a8afcd66756027ed37f60dc2bc7533cf16783ffcce778360a650caed3db453d36cc1b60602a0f9c13c68b1c128c0dc09b40a227fd397692a315d152012b444d552898aaeada0a62e3f070333ab1fb032492b4b4c5ab6150db525e542618c59b0c8f44c00af95b88efdf03291783ba8806e13d9e97004d5ad2a34c08bcdd53a829377da1cbfdec1c1ade94ea7cd77c30029d031b37f255dc362d1e4decb399dd6e5e47df92b6e13feb34bbbe6f62b8b6443eb0ce950c271570d21c99c87d917b62a43d16c28b06c2313909c4e7a568214f2d31d9b26cd101f9045a64798a277d99e4ddac9670b474403df53564690f12d9aca5ca9fe4dd23d9c8bb5aac3baca3d0d98cb0b84b657edd5f1dc7aaef1ff4ee3421c4e269f337aa392533be29b9173c03ad4bbbeddd99a728aa9fe6213453f5d548cfd33c192220500a4ac569736ac06fbb783877ffaa82cd61545a191c33eae359d6d843acefff22e2653e7171d8b2753a1de8079b24d0677a261423c95364dc86228e4ced8d9ca612d5dbc62647da21ac26302b12c30b5a8c5485075238627861ca8fd4c6bec2aca96e8cda272a978bb43da2afcf894ce1f55eb3e3e475e18735718129fdc7f1d7ac9f58d03e255e2aab1014e47a55ebbeef9840a9f2ec5447dd865fd7d209ebfe62d7fd59a0c593186be0bffc27de5ee7a6fb192ef819aa68f362d629587da6b7151060cf69d6d243359755a9ece85d7d6078a39e9452989b24f758477365ed141241679c8a5f234d1b0b8a3c151985c906697170ff61bbe6e8f7308177db173466c1b03810f9bb818e145cb3d7a3f74c1662f21fea51eeed27b48f31b9abd5e45349477813b7bde6bac12ddbc1806f60ff0d2c92ae634036740604603da58adc154d015a6100207f3de74d9ee9015427c22561e886c1877d49aa5fa7bdb6d9ddad8e7fca54a860fa224ca49a36aaae33e0e31f88de4cbc4c3f79e90400aadbaa351b76797ef00425473f6bddb1eca6f401c423125944079bc84211623e4df938c7ac7693511c23d1e8a9834cf3ece77fe8deaf7a8aa2639734a3d215d95d0b7c3493afb20b6678f2488619b76943b2617585731985ae148312cba37cbf5cba7a1728f63519f6f6d6b2e7835e09a49ef7d8fae7cfbeda8c5426ce785c3e0e1ddf2e7ff398ee994699937e67e4f6b7190c6acb2bc04aeaa5614b2ef8", 0x1000}], 0x1, 0x400, 0xc3be, 0x10)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x90000)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd74)
r5 = syz_io_uring_setup(0x497, &(0x7f0000000340)={0x0, 0x7079, 0x0, 0x14, 0xce}, &(0x7f00000003c0)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='stat\x00')
read$FUSE(r8, &(0x7f0000004180)={0x2020}, 0x2020)
getpeername$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x3, '\x00', r9, r8, 0x2, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$ptmx(0xffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r4})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r3, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r10, &(0x7f0000000040)=0x1f00, 0x12)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)

8m29.333848727s ago: executing program 3 (id=623):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x370, 0x0, 0x9403, 0x0, 0x1e0, 0x2c0, 0x2a8, 0x3d8, 0x3d8, 0x2a8, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1bc, 0x1e0, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@inet=@recent0={{0xf4}, {0x0, 0xfffffffd, 0x1, 0x0, 'syz0\x00'}}]}, @common=@unspec=@CLASSIFY={0x24}}, {{@ipv6={@local, @loopback, [], [], 'pimreg1\x00', 'veth1_to_bridge\x00'}, 0x0, 0xa4, 0xc8}, @common=@unspec=@CONNSECMARK={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3cc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000180), 0x3, 0x2)
close(r2)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010003b15000000000000004000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000024001280090001007866726d000000001400028004000300040000000800020000000000"], 0x44}}, 0x0)
signalfd4(r1, &(0x7f0000000000)={[0x9, 0x4]}, 0x8, 0x80000)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x84000, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$BTRFS_IOC_INO_PATHS(r3, 0xc0389423, &(0x7f0000000a40)={0x7, 0x20, [0x10, 0x8000000000000000, 0x3, 0xffffffffffffff7f], &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0]})
write$UHID_INPUT(r3, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b3243078b089b3430076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r4 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f00000009c0)={0x1, 0x3}, 0x8)
ioctl$VIDIOC_DV_TIMINGS_CAP(r4, 0xc0905664, &(0x7f0000000400)={0x0, 0x0, '\x00', @raw_data=[0x7, 0xffff7fff, 0xfffffffe, 0x8, 0x5, 0x82e, 0x48, 0x9, 0x7fffffff, 0xffff, 0x8, 0x8, 0x6, 0x1ff, 0x40, 0x6, 0x0, 0x2, 0x98f, 0x10001, 0x3, 0x8, 0x0, 0x8, 0x5, 0x8001, 0x7, 0x10000, 0x8, 0x8000, 0x42, 0x1a]})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000340)={'syztnl2\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7, 0x8000, 0xfffffffd, 0x9, {{0x13, 0x4, 0x1, 0x6, 0x4c, 0x66, 0x0, 0x16, 0x2f, 0x0, @remote, @private=0xa010102, {[@timestamp_addr={0x44, 0x2c, 0x2c, 0x1, 0x2, [{@broadcast, 0x6}, {@rand_addr=0x64010100, 0xa4}, {@dev={0xac, 0x14, 0x14, 0x1a}, 0x5}, {@loopback, 0x4a49}, {@empty, 0x5}]}, @generic={0x82, 0xb, "e34b72d30cc1363ee2"}]}}}}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
openat$ipvs(0xffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r6 = pidfd_getfd(0xffffffffffffffff, r1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000600)=@bpf_tracing={0x1a, 0x11, &(0x7f0000000a80)=ANY=[@ANYBLOB="18030000000000000000000025a6cc327594216bc502c0de6a8b2e53e9a54f386206ea44223b822d484781f0b3b9a4f19c2b4e13cf720e7a9aae8be23d86c7e805fe81317bf7d74374fb57d29da8e65f0ca51962f2747d1a3995277515c823fa7c3c4609a61bcb641322752108f31f612cc0fc5f04020000000000000004887a0e4625801d43046ba232abf6ae473b15806538d65c6b50e9893528c1f98f6a0330d9be9f72580daa2f15fcc3a751da1ee563e23230cff978e769091a650cc341cfaf99", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018340000020000000000000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000480)='syzkaller\x00', 0x56, 0x31, &(0x7f00000004c0)=""/49, 0x41100, 0x40, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0x1, 0x3}, 0x10, 0x25e51, 0xffffffffffffffff, 0x3, &(0x7f0000000580)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f00000005c0)=[{0x1, 0x1, 0x9, 0x7}, {0x9, 0x3, 0xc, 0x4}, {0x2, 0x4, 0x10, 0x9}], 0x10, 0xe1c, @void, @value}, 0x94)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r6, 0x8208ae63, &(0x7f0000000600)={0x1, 0x0, @pic={0x2, 0x81, 0x3, 0x47, 0xce, 0x2, 0x81, 0x5, 0xc4, 0xd, 0x7f, 0xff, 0x9, 0x5, 0x6, 0xc}})
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f0000000000)={[0x2, 0x7, 0x0, 0x180, 0x7, 0x0, 0xf1, 0x0, 0x8000000000000, 0x4, 0x0, 0x9, 0x0, 0x0, 0x0, 0xbd9], 0x1, 0x3c4210})

8m28.974793153s ago: executing program 3 (id=631):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='virtio_transport_alloc_pkt\x00', r0}, 0x10)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
r2 = fsopen(&(0x7f00000000c0)='xfs\x00', 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000000)="10204305", 0x5e0, 0x0, &(0x7f0000000340)={0x11, 0x8100, r4, 0x1, 0x0, 0x6, @local}, 0x14)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
read(r2, &(0x7f0000000140)=""/37, 0x25)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)
r5 = syz_open_dev$mouse(&(0x7f0000000000), 0x7, 0x400900)
ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000000200)={0x1, 0x750, 0xa4, &(0x7f00000002c0)=""/164})

8m28.534421241s ago: executing program 3 (id=637):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xa0, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r3}, 0x10)
lremovexattr(0x0, 0x0)
syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0xf946, 0x80, 0x5, 0x1001}, &(0x7f0000000040), 0x0)
eventfd2(0x58, 0x80000)
r4 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r4, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4008000}, 0x40)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'wg0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x0, 0x2, 0x9, 0x9}}}}]}, 0x48}}, 0x44080)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xb}, {0x0, 0xa}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0xc}}]}, 0x38}}, 0x4000)

8m28.465193594s ago: executing program 32 (id=637):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xa0, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r3}, 0x10)
lremovexattr(0x0, 0x0)
syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0xf946, 0x80, 0x5, 0x1001}, &(0x7f0000000040), 0x0)
eventfd2(0x58, 0x80000)
r4 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r4, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4008000}, 0x40)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'wg0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x0, 0x2, 0x9, 0x9}}}}]}, 0x48}}, 0x44080)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xb}, {0x0, 0xa}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0xc}}]}, 0x38}}, 0x4000)

8m28.42465832s ago: executing program 2 (id=640):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0xfffffff9, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000180)="0b041000e0ff020002004788aa96a13bb1000000000088641100", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

8m28.25420871s ago: executing program 2 (id=642):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$mice(0xffffff9c, &(0x7f0000000040), 0x3011c1)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000080)={'sit0\x00', <r3=>0x0, 0x700, 0x708, 0x3, 0x8, {{0x1d, 0x4, 0x0, 0x1c, 0x74, 0x66, 0x0, 0xff, 0x4, 0x0, @private=0xa010101, @multicast2, {[@lsrr={0x83, 0x1f, 0xb3, [@broadcast, @local, @dev={0xac, 0x14, 0x14, 0x14}, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @multicast2]}, @lsrr={0x83, 0x17, 0x3e, [@private=0xa010102, @multicast2, @local, @local, @multicast1]}, @lsrr={0x83, 0x13, 0x28, [@rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x29}, @local, @dev={0xac, 0x14, 0x14, 0x43}]}, @generic={0x7, 0xe, "37e65bf198cde48281620269"}, @generic={0x44, 0x7, "f8485cb677"}, @noop]}}}}})
r4 = getuid()
setsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x33}, @in=@rand_addr=0x64010101, 0x4e23, 0x1, 0x4e21, 0x9, 0xa, 0xa0, 0x20, 0xff, r3, r4}, {0x100000001, 0x4, 0x7890f1d3, 0x0, 0x7fffffffffffffff, 0x1e, 0x7, 0x7}, {0x4, 0x12, 0x7}, 0x3, 0x6e6bbb, 0x0, 0x0, 0x4, 0x2}, {{@in=@local, 0x4d3, 0x2b}, 0xa, @in=@multicast1, 0x0, 0x228d3dbb38986da0, 0x1, 0x5e, 0x4, 0x5, 0x9}}, 0xe4)
r5 = openat$vcsu(0xffffff9c, &(0x7f0000000280), 0x20100, 0x0)
r6 = syz_io_uring_setup(0x6c72, &(0x7f00000002c0)={0x0, 0x5be0, 0x1000, 0x1, 0xe1, 0x0, r5}, &(0x7f0000000340), &(0x7f0000000380))
sendmsg$nl_route_sched(r2, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=@getqdisc={0x28, 0x26, 0x300, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0x9, 0xb}, {0xe, 0xe}, {0x0, 0x1}}, [{0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x821}, 0x4800)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r5, 0xc0505350, &(0x7f00000004c0)={{0x8, 0x7}, {0x4, 0x6}, 0x5, 0x0, 0xc0})
r7 = openat$dsp(0xffffff9c, &(0x7f0000000540), 0x44a00, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r7, 0xc0045006, &(0x7f0000000580))
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f00000005c0)={<r8=>0x0, 0x80000001, 0x1, [0x7fff, 0x0, 0x7, 0x3, 0x5], [0x2, 0x0, 0x6, 0x6, 0x1ff, 0x8, 0x8, 0x8, 0x7, 0xfffffffffffffffd, 0x3, 0xa4f8, 0x6, 0x1ff, 0x5, 0xfffffffffffffffa, 0x0, 0x91, 0x0, 0x3, 0x4, 0x7f, 0x5, 0x206c, 0xfffffffffffffff9, 0x8000000000000001, 0x1ff, 0x6, 0x66a, 0x0, 0x3, 0xf, 0x1, 0x1a37, 0xa, 0x8, 0x8, 0x1, 0x8, 0x7, 0xfffffffffffff621, 0x9, 0x5, 0xffffffffffffff80, 0x0, 0x1000, 0xe, 0xffffffffffffffff, 0x3, 0x4, 0xc1a, 0x0, 0x5, 0x5, 0xc9, 0x5ee48a13, 0x7fffffffffffffff, 0x8, 0x7, 0x4919, 0x4, 0x401, 0xffffffff, 0x9, 0x3, 0x50, 0xb, 0x7, 0x600000000, 0x473, 0x2, 0x5d8, 0x5, 0x6f400000000000, 0x8, 0x7, 0x8, 0x8, 0x8, 0x80000000, 0x0, 0xfffffffffffffff3, 0x72, 0x9, 0x1, 0x101, 0xfffffffffffffffd, 0x7, 0x4, 0x6, 0x989, 0x1, 0x5, 0x4, 0x7, 0x9, 0x2, 0xfffffffffffffffa, 0x3, 0x8, 0xe9, 0x8001, 0xff, 0x2, 0x0, 0x400, 0x5, 0x4, 0x3ff, 0x8, 0x3, 0x3a9, 0x7, 0x100, 0xfb, 0x7, 0x10001, 0x9, 0x100, 0x0, 0x800]})
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000a00)={r8, 0x4, 0x0, [0x6, 0x26, 0x8000000000000000, 0x6, 0x6c7], [0x1a, 0x1, 0xb, 0x0, 0x1, 0x4, 0xce91, 0x2, 0x7, 0xb6, 0xfd, 0x3, 0x100000000, 0x0, 0x800, 0x6, 0x1, 0x3, 0x5, 0x3ff, 0x7fffffffffffffff, 0xae8d, 0x40, 0x7e, 0x5, 0x9, 0x7, 0x2, 0x7fff, 0xfffffffffffffffd, 0x0, 0xad5d, 0x1, 0x800, 0x5, 0x3, 0x9, 0x3ff, 0x80, 0xa, 0x2, 0x5, 0x9, 0x101, 0x8, 0x45348f7, 0x68, 0x9, 0x3, 0x138, 0x3, 0x9, 0x6, 0x8001, 0x6, 0x128, 0x7, 0xe000000000000000, 0x1, 0x6, 0xfdc, 0x7fffffff, 0x6, 0x3ff, 0x43c37ab9, 0xfffffffffffffffb, 0xffffffff, 0x1, 0x4, 0xb4e, 0x7ff, 0x12, 0x1, 0x7f80000, 0x3ff, 0x3000000000000, 0x1, 0x2, 0x5, 0x0, 0x7, 0x200, 0xfffffffffffffff8, 0x9, 0x1, 0x1, 0x0, 0x7, 0x0, 0x8, 0x0, 0x8000000000000001, 0xc, 0x9, 0x9, 0x0, 0xfffffffffffffff9, 0x629c8f4b, 0x7, 0xa54c, 0x3, 0x6b7aa4c0, 0x8, 0x2, 0xf, 0xb4b, 0x6, 0x8, 0xc, 0x5, 0x1, 0xffffffffffffff35, 0x3, 0xffffffff, 0x8, 0x4, 0x100000001, 0x2, 0x4, 0x8000, 0x5]})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000e40)={{0x1, 0x1, 0x18, <r9=>r6, {0x1}}, './file0\x00'})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f0000000e80)={<r10=>0x0, 0x0, r5})
ioctl$DRM_IOCTL_GEM_FLINK(r9, 0xc008640a, &(0x7f0000000ec0)={r10, <r11=>0x0})
ioctl$BLKPBSZGET(r9, 0x127b, &(0x7f0000000f00))
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r2, 0x6612)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000f40))
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000f80)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x1000, 0x2})
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r9, 0x40047211, &(0x7f0000000fc0)=0x20)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001000)=0x108180, 0x4)
fsetxattr$security_capability(r1, &(0x7f0000001040), &(0x7f0000001080)=@v3={0x3000000, [{0x1ff, 0x1}, {0xa50, 0x2}], r4}, 0x18, 0x2)
ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f00000010c0)={r11})
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40046607, &(0x7f0000001100)=0x96ce)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r9, 0xc010640b, &(0x7f0000001140)={r11})
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r9, 0x894b, &(0x7f0000001180))
getpid()

8m28.094658945s ago: executing program 2 (id=643):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1, 0xd528, 0x300}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r2}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x88000}, 0x0)

8m28.042750907s ago: executing program 2 (id=644):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x50080, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000300)={'syzkaller0\x00', 0x4000})
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@get={0xe0, 0x13, 0x1, 0x0, 0x0, {{'cbc(blowfish)\x00'}}}, 0xe0}}, 0x0)
pwritev2(r1, &(0x7f0000000040)=[{&(0x7f00000030c0)="e5352cabaaeaeb668e453699057985d75d90cc0e4ac4649a0871bce1c65b1457bb288c3bbb5d611229bcd4b6062dcdc358aa5c24a97f5038e598dcfce5d500c566e19b9ecdc19a428af59ca334871aa38310166f1ced0bb740b8b5958341a9e2f8f9b3f633f7927addbcc3b4974a14a5b5d951e88d2f6dbbda338656989a360a350c00261b331364c5e2df73758c36857dad0f74acdbe77aff7082566366acf30bf9e87a3744704c3c89325d4827f8d6e3e461ab6a91ccedec0587e7492b429ad4c7b648948abda576025f5f0654f92026ce6254ade9c34c8f3c0ddbdd3c09da4b9babb88ce8b1b9e44be8c664ff8b3c1a281e8c17915ba61052fef4f54e92306dc76b2322c945e881682b8408fe64934e815cdd4f7b61f4e510d264bfda5c2534fba5e78c7ba1642a81fb383e6b7cb90c85c785eaad0195f501c37d9e871f3c1744495654c7383735982f2b773308e1ab579f91413db79b7284c073a0ff57a1728fbc9a112a001de7bfebabfaf4d0555b75fa998a291f16573f380368ef6264b8955718d55851b34d011792a424dc040f956850296abe55633f0a64ba3bd1189db3631c026eb572216dfe8be2bb0a5c5d8d9e7ffe0854f8bed29f5a022fdab553b2e51be4e0a9a2ec16f292dd96042f4d81f5c3678f95eb65ff820b0c25a55a6a5eeef40dc8ad74e1b6a4eea0dc3c92491403ef1b041f90dbd88fae7420a28a0ba88682955f9dfe48e0ba9d36aa11f54537c7d4172aec68d64fd88d501ff078cb0ba4f33ae4056a77f8265aa29f6fba32c0ef1882e0c195edda83f434d07b468ebf394edbe393be47defa90c7e40248bfeafde04c36ca568c261e9b2ef302ee16d802497c2da346e0a81dc5ec25d6b4323e9e075e75c5098fa3a0b1070f4c8c7ee7b0b6f7ec3c48d22bf63f3036b3bb0e14ba00972591364b2afefc68a5e942e5ab343511c4ac494a00e23fecd5df5529b3227f0a0e25f52bd70282cc8c9e03551183d177908332b4818637a417d5908fa49a724a529b84d5726d8b2c14a13a3c4da710f67af35ace4572f79843ab220779d39ad0f542ade5630c08544ccf478b318e3b338c515b1a0d36d8d56df6856f6d54f013624d8a04d0c804c97945e5bcfc805c5ed5cf636a36afdee14a4016462e5f52dcfd3094a784d40397ab7aba56de797b01339aa5e0d5a1e8f3bf0c966eac4b51e0378aa31146d2f0de591470102a0d20a9921e4bbeb8ab26999287506f72b552c5de228956b30cdd9f494a0bafd8262b8200d9ef8a8bdcdf1d83c85912456d9b63f881314a95a894c65072caff586a0ec8d05cc6cf7b55762f7086959a853c7673c95f1fcd0b73823f437751e5e64e34aa0a2b0cb41783fc779ce1f97950ab0efa96a6da72ed84ee26067b8d26e6bc6fca9b05e985ec0412b00918b0d0a49dd17bb5d05799d8aa2d336a5c48d66a95d6098568641ae3eeefc45ea82dd52ab18c4388840f2dba673807af224a38548839d1bd0439a0f762a59acea99266b1bfe7ebf4c03563ec42bb0486a4aa7535226d1b8a72114a4c7275dfd43ec3ce59cd958020c4757d708315089649183ef42fe1b07d36d384cbe4099bef4f5aa8d8ff254a95faf59a9645fb468a0b525c1465ef36ca489a817d0daf7d0e037dcb9ff0a80b4396c7ca0e8010b098c956194c94497ef7b7c90f45257079c99832b4fd38b6449226e8eded16846a325e9c6d9cceb9a3161040c7ebd160a816f8aa8f83edada96f13bbb055c88a0bc32960e12a07a2fa36df7905692cb424dac18aa1e0e754955cd2501484e86db89a4cfe5b04daaf9528fe1b577c18960312c086fbf9eaa0e42e7a943b1c65ba7b6362fe3e58fb281cc7bb3990b4f10c4fdc40b2eed2c6d28b6d42daab0e828fb93c08e6df0dc2b662df4e8e7bd5e4dbffafa9ab2448cff2625e3757745754c7c2af1ccaf55c950122d17cdf83b3485882ff1cb98693e54344fd073aa34ccfad82e1d50b5728345efa1af9652b4975274586a05280bb6642ed675eef1e5680a55bf7c9595b451af2dca6e9769c6bf674d0bd2e3803659d7480089ac80fe13504ca8d3aa95dc21ee14863dee4a09814b017f183ce0f23ef9397c59f66f3d4c970a9f221a882b6ae6fad835f9e468d34e60dd41d3ba64fc56b9a7c682a0faefef20497a4c1e20beeaf24f223a2cc69fa18de3e2fe683987a4d78f547cc27cbff57da7b63a56c4a2d94aa0f3b2fabbf19dc575d5ddb4fe967f6bfc3a12e2615a21712cb696698ab42916e9056c7c6b0203398d2ecd88a7dde3e6c3336e867250318455bf78016ba1ed977cbc2513b634619266bddf1f4a6e9d889a6e1aa99ebec5008a549540d0eccb7014936a83106f26a7b2b743bbd16101f52bb4f5c526d0579aee9311587a32881cc6078a93b91cb60799abb97b328da9a12a11c67e71f80ff0a1ad56d2d33464df2b7dc1f94f3ead1f319e8e2815de868774358787be6935a3a2244dfe27513265ee05f21e30184467fad6fed47725fbab3434a29acc69de47ed72a36873a9843625245776f351e77bc9dca59bf1bc233414bda1090e2ed644a3cdb9d8352511e6389360fb7f82ba76dd225f32959f7d704becaec84744925a080bd3e05568c612d9f3ca69753cac7f1d4550a4680ffd8ed41e16a4caf1dd8cee4d148dd642c74666a4f8e6480bc072a06e1f379015a0207f25ffe6da11ec17c88691c4af0cf05a045df725e8af73c2c48573827d4e157244323e2b6b495aca68412534980cd72fea14aca32374805295895565d57958bdf04b8ed0090598d109565b1f34829fc6c8f809f1b307702fe26d35b0012768b4bfaf17f6c64a06db2c9243f0bb5bbe28271a884c2f00dd8e1da74c49a49b7008dbcd07e7864a6e03e4807ca3261643b609cbae695a33b6da2ac0f2e9b25af194cfc1b5458a539e805f646271cddfd0b961f307ba9a4930456ce0bebc072e6e9e303f029e48069d5998f7ba7a9d8c9a55b635c1179b95a57f9bdbc638ecac126dd95ca4b559546ce5f96963816352f24ca11e3add447c7fb17fdca55e057b2a569ae37765964d796828eac4e3da796041243210abd867d751fd964b806b1e78fc94173068700a20a0796aef0e3696550e87a0bea92d7e72d7e935d9cd128be39a6358ab2f0354f8e6120d8ab107c300d57a255f35146aa7ff8ee875a57dd21b3a34d39198b07807fa8487be16accc977d481a223855ecf1c992605e2561bd50e9ed2cdfbf1c86abcc213f0fb68c3ca846006650c1043c5207af9dfbbf30dfc77dc7c04a10615a2458877193c61e272a1d1281caf4743772d01edd9c7840446754eef98ab623cffce279aaded60d39844c94325d32b68c7e882097cc21908937de8a58d08d8179ed82f23f4449d270e2379220c3980730d026c29f05553d968716fa5227390c2ac1238f29b4da73275162e9fbdee6e840b4569a781d5a8357e9ac3dd2fa57e07ab1ef6dc18690e9213142f05e80a5951c894df5ca1f570e2415391c9e55799b0afb6124fdb3a01fd9d25a4f5c3ee32ac3c7994431451ac6b7f3700b6a1c3946f082608620ad14a27e2c1f883c097a48343adc8ff80a2b54c23eebbf76359d71b0a75a0ab7a4f62248dd4b0e89cff323ace931457694e52fe4faa8819f3659c6ad1d6b5e0aad3041c0a68065d1c1fd27e18a16c5bd31a4fd86dbd9bc2a88814e8b029f6262de57d40e7c8e6f7735b9c7015e1a99b5f483618d325009ac29d38d24805318ad4ae247e44f41aa28c22ab138540853e5290694c415a20947765dfba5b12f9b3510c3350e4ff919f20cb1823c702e043dd5bc08e1b59191ec9a26fd75aa5d4e54e2bae72dad9fe1fefa95fd85fa5dcb340a734d0b8f1a9f9513da09f20272b7595b82aa0060c647577ba9e61acc7b3dca4bc92b3a306d3db6b1d530a43bf07409152f94270927b21c15e4a12e527006c1a108331b6ac036c8a4798478d4b4477ef630c1a9c0b68c6e2f630bf488909fe474b77205e33093a9b8c3581c82fb4ec027aca820ba64dde0c45ac47e9cac43c3a02b026d0aeb64077a82652fec0e9e73c3ee61950423f3ee62ee7e3044950fb088300524f859ab3f26524072cd7f49997c70b019c342b66a6d3e1fef2c3ff1145c7bc20f620711e4493384e590db89f7bb472dcee12833c43bfa956e75dffd37bd51079c633ef2a4b820818f1ee9c8e313e2e58d2e59d3ff2f50a37c0dcaf50a7683341efc27f8b27c7c0fdb18ec8d0f7ddce42f33214b633d2b1aea28d511bcae891931276b187e8077c4a74e4ba4e2a4cee08c9d1a691cad9a15e4fad668916398777dd336fabc73f66f630db0419d629a29746e6b1ec77e39960db6ca8e56c60464e6e2ed54e1d7ca6e0755ad8e439494915460228cd29cd3971fa5d72c93eafe54aba0c5ceea2a1b4b56df22cce0e842a93e8c83176d71b2b6a00c6c06a89f18a0a070b3aa397bd49f159a5f5ca4a6aa88e27ff6e37b2249ff29b402e5ee7eac65aac254d1fcc433db2d5a7a3aae54ae4c689fd7e8d3d161151efc5688bb9cb8ce09a89d52bc557a75980dd832cb8f816f842ac2b6285e8f21df99a8afcd66756027ed37f60dc2bc7533cf16783ffcce778360a650caed3db453d36cc1b60602a0f9c13c68b1c128c0dc09b40a227fd397692a315d152012b444d552898aaeada0a62e3f070333ab1fb032492b4b4c5ab6150db525e542618c59b0c8f44c00af95b88efdf03291783ba8806e13d9e97004d5ad2a34c08bcdd53a829377da1cbfdec1c1ade94ea7cd77c30029d031b37f255dc362d1e4decb399dd6e5e47df92b6e13feb34bbbe6f62b8b6443eb0ce950c271570d21c99c87d917b62a43d16c28b06c2313909c4e7a568214f2d31d9b26cd101f9045a64798a277d99e4ddac9670b474403df53564690f12d9aca5ca9fe4dd23d9c8bb5aac3baca3d0d98cb0b84b657edd5f1dc7aaef1ff4ee3421c4e269f337aa392533be29b9173c03ad4bbbeddd99a728aa9fe6213453f5d548cfd33c192220500a4ac569736ac06fbb783877ffaa82cd61545a191c33eae359d6d843acefff22e2653e7171d8b2753a1de8079b24d0677a261423c95364dc86228e4ced8d9ca612d5dbc62647da21ac26302b12c30b5a8c5485075238627861ca8fd4c6bec2aca96e8cda272a978bb43da2afcf894ce1f55eb3e3e475e18735718129fdc7f1d7ac9f58d03e255e2aab1014e47a55ebbeef9840a9f2ec5447dd865fd7d209ebfe62d7fd59a0c593186be0bffc27de5ee7a6fb192ef819aa68f362d629587da6b7151060cf69d6d243359755a9ece85d7d6078a39e9452989b24f758477365ed141241679c8a5f234d1b0b8a3c151985c906697170ff61bbe6e8f7308177db173466c1b03810f9bb818e145cb3d7a3f74c1662f21fea51eeed27b48f31b9abd5e45349477813b7bde6bac12ddbc1806f60ff0d2c92ae634036740604603da58adc154d015a6100207f3de74d9ee9015427c22561e886c1877d49aa5fa7bdb6d9ddad8e7fca54a860fa224ca49a36aaae33e0e31f88de4cbc4c3f79e90400aadbaa351b76797ef00425473f6bddb1eca6f401c423125944079bc84211623e4df938c7ac7693511c23d1e8a9834cf3ece77fe8deaf7a8aa2639734a3d215d95d0b7c3493afb20b6678f2488619b76943b2617585731985ae148312cba37cbf5cba7a1728f63519f6f6d6b2e7835e09a49ef7d8fae7cfbeda8c5426ce785c3e0e1ddf2e7ff398ee994699937e67e4f6b7190c6acb2bc04aeaa5614b2ef8", 0x1000}], 0x1, 0x400, 0xc3be, 0x10)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x90000)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = dup(0xffffffffffffffff)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd74)
r5 = syz_io_uring_setup(0x497, &(0x7f0000000340)={0x0, 0x7079, 0x0, 0x14, 0xce}, &(0x7f00000003c0)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='stat\x00')
read$FUSE(r8, &(0x7f0000004180)={0x2020}, 0x2020)
getpeername$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x7, 0x0, r4, 0x3, '\x00', r9, r8, 0x2, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$ptmx(0xffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_CLOSE)
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r3, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r10, &(0x7f0000000040)=0x1f00, 0x12)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)

8m27.874095621s ago: executing program 2 (id=645):
mkdir(&(0x7f0000000000)='./file3\x00', 0x3)
mount$cgroup(0x0, &(0x7f0000000140)='./file3\x00', &(0x7f0000000180), 0x1000000, &(0x7f0000000340)={[{@name={'name', 0x3d, 'S\xd7\xaa\xe0\x83H\xbbQ\xf0|\x1c\xcfj\x9d\x88\xa31B\x1e\xc33\t\x8f\x81\x12\xa1\xf3\xcd\xc4|\xbbq\x04\x06\xfda\tW\x99;+\xea\xdd\xb4n\x13\n\xd1\x84nT\xf4\xef\xb6\xde\xfa\xd8K#\x02-\xc2R\x9a\xc6\x8e\xc5\xc2\b\x97\x98\xb9\xa7\xc9\xb0\xdaz\xfb)\x96WDKaJ\x96\a\x0em\x95\x86/\x89\x9dS4\x958ko\x82\"\xbf\xcdt#n\x89S\xe6\xe8\xfc\xf3\x18j\xb8\xfa\xbf\x02\xd1\xc2\xd7\x1e\xd4_\x0e\xc0x\xed\xae\xa0n\xd3q\x96\x8bN\xee\xa9\xc6M\xd8V\xe6\x9b\no\xe6?\x03\x88\x86\xbdF\xe9m\x03%\xf8!\xe3\xdd\xe6\x9e:\x9c\x05\xa1\xa8\x9a\x02\xaaJ\x8b\xfblY\xd2\x00\xfb[D\x93?\x91\xa7\xa4\xf9\xbe8\x018G{z{.`\xb5qR\xbf\xc8\f\x14\xc6M\xcdW\x86!\xa7\xb5\xc5y\xf5*#di?,\xd3\xfb\xbc\xca\xae\xe7_\x8d\x85\xae\xfa(\xd8\xb9\xf8?\xd7\x9a\x10\x9dn\xfd\xa1\vr[#7\x80\xf3?Q\xb6[N:h\xe8\a\xd4*\x05\xa3a\xab\xdbh\xd5\x1a\xbb\xd7L\awKMFK\f\xe4\tQ\x1f[N\xe6\xc8\xb4\xb2\'9\xb0\xf7\xd7\xda\xb69t\x8e\x9b\x96\x8e\x0e\xd14\x04Y\xc4\x8b\x18GV\x8e\xf1\xc9\xe5'}}]})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0x5b, 0x0}}], 0x800000000000214, 0x20000001)
preadv(r0, &(0x7f0000000580)=[{&(0x7f00000004c0)=""/151, 0x97}, {&(0x7f0000000280)=""/39, 0x27}, {&(0x7f0000000300)=""/63, 0x3f}, {&(0x7f0000000640)=""/233, 0xe9}, {&(0x7f0000000740)=""/223, 0xdf}, {&(0x7f0000000840)=""/240, 0xf0}], 0x6, 0x2, 0x101)
io_setup(0x30, &(0x7f0000000600))
pipe2$9p(&(0x7f00000000c0), 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="600000001800dd8d000000000000000002000000ff0000060000000008000700ac1414bb08001e006907200008000700ac1e010108000b00ffffffff0800", @ANYRES8=r3], 0x60}}, 0x44000)

8m27.163971633s ago: executing program 2 (id=648):
r0 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000140)={0x7, 0x1, 0x2})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="58000000020601080080090000000000000000080c00078005001410400000001100030068706f7274000000000900020073797a3100000000050005000200000005000400001000000500010007000000"], 0x58}, 0x1, 0x0, 0x0, 0x44000}, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000000)={0x5, @raw_data="28e2df56ba8b538bc0177be63ac08fa673a6f73c08648d16a7b696bbb0a42aceb137d0322ccc123a90d2c39f6c9a80de44a4d4d3cc0ff418f294c07b19354737896b5533822a3ca0b4f7dd3ee0923abaf747bf4d0e335a7957eb23ee888fca6ebda76dee65431604352d9930cdefc60450a5920241bfb960b0eb34460c2e3eed8e6318d5302ac0550d14fb7339f1effadf6556da0e143d95fa9d16d820b828fa0d1006d59d631d88cb9a941c26e10bd049070bd58dcb88ab019cdae2c73f9415807ced1cd944c563"})
r2 = openat$cuse(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
r3 = getuid()
r4 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(r5, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x400, &(0x7f0000000280)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, r3}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@default_permissions}, {@max_read={'max_read', 0x3d, 0xeb1d}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x600}}, {@default_permissions}], [{@smackfstransmute={'smackfstransmute', 0x3d, '[%-%-}'}}]}})

8m27.107897362s ago: executing program 33 (id=648):
r0 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000140)={0x7, 0x1, 0x2})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="58000000020601080080090000000000000000080c00078005001410400000001100030068706f7274000000000900020073797a3100000000050005000200000005000400001000000500010007000000"], 0x58}, 0x1, 0x0, 0x0, 0x44000}, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000000)={0x5, @raw_data="28e2df56ba8b538bc0177be63ac08fa673a6f73c08648d16a7b696bbb0a42aceb137d0322ccc123a90d2c39f6c9a80de44a4d4d3cc0ff418f294c07b19354737896b5533822a3ca0b4f7dd3ee0923abaf747bf4d0e335a7957eb23ee888fca6ebda76dee65431604352d9930cdefc60450a5920241bfb960b0eb34460c2e3eed8e6318d5302ac0550d14fb7339f1effadf6556da0e143d95fa9d16d820b828fa0d1006d59d631d88cb9a941c26e10bd049070bd58dcb88ab019cdae2c73f9415807ced1cd944c563"})
r2 = openat$cuse(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
r3 = getuid()
r4 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(r5, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x400, &(0x7f0000000280)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, r3}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@default_permissions}, {@max_read={'max_read', 0x3d, 0xeb1d}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x600}}, {@default_permissions}], [{@smackfstransmute={'smackfstransmute', 0x3d, '[%-%-}'}}]}})

6m40.07344463s ago: executing program 1 (id=1501):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a000000020000", 0x7)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0xa}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f00000002c0)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x5, @loopback, 0xffffffff}, 0x1c)

6m39.931205476s ago: executing program 1 (id=1504):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001d40)=@newtaction={0x84, 0x30, 0x1, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0xffffffffffffff84, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x7, 0x0, 0x0, {0x6}}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0)

6m39.853800494s ago: executing program 1 (id=1505):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r1, 0x201, 0x400000, 0x0, {{}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x0)

6m39.853637816s ago: executing program 1 (id=1506):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x800)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000140)={0x7, 0x69dee8ce, 0x1, 'queue0\x00', 0xffff8001})

6m39.733603667s ago: executing program 1 (id=1507):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
socket$unix(0x1, 0x1, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000c80)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x12}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

6m39.733156662s ago: executing program 1 (id=1508):
r0 = syz_io_uring_setup(0x92e, &(0x7f0000000300)={0x0, 0x20000000, 0x10100, 0x1}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x3, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0, 0x0, 0x2}, {0x0}, {0x0, 0x0, 0xfffc}, {0x0, 0x0, 0x2}]}, 0x4}, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
open(0x0, 0x64842, 0x22)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
clock_nanosleep(0xfffffff2, 0x225c17d03, &(0x7f0000000400), 0x0)
io_setup(0x1, 0x0)
io_submit(0x0, 0x1, &(0x7f00000000c0)=[0x0])
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000002080)={0x0, 0x0, 0x0}, 0x0, 0x3})

6m35.926069489s ago: executing program 4 (id=1528):
syz_emit_ethernet(0xa6, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd6000080000703afffe8000000000000000000000000000bbff02000000000000000000000000000186009078000000000000000000000000050aa78ce54006598080a8030037004023493b87aafaffffffffffffff23732472e4fa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5affeffffffffffffffff60000000000000d277bcf38a5779519e783cfb168e9a5b3f2d2eeded99ddf839a733975477f0f0bf15e92324b3c32f6a0f6399d42e21d6efcb2835536f293a15473d2c74ed01ded93b1418deba6e58493d19d93ef12aab20b482e11a6966a1a3e35b890dbc17b6009ac35115c6c43f3b837c5c6674f33e7af1c78ac0ceb19a0f83e227b807265069d4af56c27f929b735fbdd9def3cab79da1d1fe48eba3feab970c216254956de39de81c57571c80540d1e116a2335f985d67c707fedc3383dd7aa97e9c7dda65a5ce34882bec3718728595691f3c90b8e0d50a751546e6a32fa409544b549469108c9b791ef8ea0b42da35a50396c84b272fed119ce1d6bb53d56e83ee766aa26be961fd75706931089d422"], 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000000)={@loopback, @multicast2}, &(0x7f0000000040)=0xc)
syz_clone3(&(0x7f00000024c0)={0x204000000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), {0x5}, &(0x7f0000000240)=""/111, 0x6f, &(0x7f00000023c0)=""/145, &(0x7f0000002480)=[0xffffffffffffffff, 0x0], 0x2}, 0x58)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x40, 0x165)
r1 = openat(r0, &(0x7f0000000040)='./file1\x00', 0x281c2, 0x120)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYRES32=r5], 0x48)
r6 = accept4(r2, 0x0, 0x0, 0x0)
sendmsg$kcm(r6, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x4000000)
fcntl$setlease(r1, 0x400, 0x1)
open(&(0x7f0000000340)='./file1\x00', 0x0, 0x100)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
syz_clone3(&(0x7f0000003a80)={0x20218000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
creat(&(0x7f00000002c0)='./file0\x00', 0x109)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0x1, 0x2], 0x0, 0x0, 0x2, 0x1}}, 0x40)
open$dir(&(0x7f0000000000)='./file1\x00', 0x40000, 0x80)

6m34.703716619s ago: executing program 4 (id=1533):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x108)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000ac0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000002280)={'wpan3\x00', <r2=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYRES16=r1, @ANYBLOB="010029bd7000fcdbdf252100", @ANYRES32=r2, @ANYBLOB="24002d800500"], 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000000100)=ANY=[@ANYRESDEC=r0])
add_key$fscrypt_provisioning(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x2}, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100"], 0x48, 0xfffffffffffffffe)
io_getevents(0x0, 0xfffe, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002a80)={0x2020}, 0x2020)

6m34.620838333s ago: executing program 4 (id=1534):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0xfffffffd)
r1 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0x82, &(0x7f0000000500)={0x0, 0x3, 0x9, 0x8, 0x9c1, 0x6, 0x4, 0x5, {0x0, @in={{0x2, 0x4e21, @broadcast}}, 0x4, 0xfffffffc, 0x6, 0x6, 0x1}}, &(0x7f0000000140)=0xb0)

6m34.620561331s ago: executing program 4 (id=1535):
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_ecred_reconf_req={{0x19, 0xe3, 0x4}, {0x4, 0xc}}}}, 0x11)

6m33.517353661s ago: executing program 4 (id=1544):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$EBT_SO_GET_INIT_ENTRIES(r0, 0x0, 0x83, &(0x7f0000000300)={'filter\x00', 0x0, 0x3, 0x0, [0x7, 0x93, 0x3, 0xfa7, 0x8, 0xfffffffffffffffb], 0x0, 0x0, 0x0}, &(0x7f0000000100)=0x78)
bind$netlink(0xffffffffffffffff, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, 0x0)
read$midi(0xffffffffffffffff, 0x0, 0x43)
r2 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
r3 = syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x6080, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x121441, 0x0)
ioctl$BLKDISCARD(r4, 0x125f, 0x0)
ioctl$RTC_SET_TIME(r3, 0x40187013, 0x0)
write$RDMA_USER_CM_CMD_QUERY(r2, 0x0, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x4001100, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20058811)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, 0x0, 0x1d)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)

6m24.617599048s ago: executing program 34 (id=1508):
r0 = syz_io_uring_setup(0x92e, &(0x7f0000000300)={0x0, 0x20000000, 0x10100, 0x1}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x3, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0, 0x0, 0x2}, {0x0}, {0x0, 0x0, 0xfffc}, {0x0, 0x0, 0x2}]}, 0x4}, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
open(0x0, 0x64842, 0x22)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
clock_nanosleep(0xfffffff2, 0x225c17d03, &(0x7f0000000400), 0x0)
io_setup(0x1, 0x0)
io_submit(0x0, 0x1, &(0x7f00000000c0)=[0x0])
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000002080)={0x0, 0x0, 0x0}, 0x0, 0x3})

6m23.684932083s ago: executing program 4 (id=1552):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = fsopen(&(0x7f0000000100)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, 0x0, 0x0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x458, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x388, 0xffffffff, 0xffffffff, 0x388, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @dev={0xfe, 0x80, '\x00', 0x3f}, [0xff], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @private2, [0x0, 0xffffff00], [0xffffffff, 0xff, 0x0, 0xffffff00], 'gre0\x00', 'veth0\x00', {0xff}, {0xff}, 0x87, 0xe, 0x6, 0x9}, 0x0, 0x258, 0x2b8, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x3, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x4, 0x0, 0x2001000, 0x6, 0x3, 0x0, 0x20}, {0x2}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@private=0xa010101, [0xffffffff, 0xffffff00], 0x4e20, 0x4e23, 0x4e20, 0x4e21, 0x41f86f8c, 0x9, 0x49, 0x7, 0x8}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4b8)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
mkdirat(0xffffffffffffffff, &(0x7f0000002040)='\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = openat(0xffffffffffffffff, 0x0, 0x0, 0x71)
getxattr(&(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)=@known='system.posix_acl_access\x00', 0x0, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140100001600010028bd7000fddbdf25fe8000000000000000000000000000bbfe80000000000000000000000000002e", @ANYRES32=0x0, @ANYBLOB="fc000000000000000000000000000000000004d233000000fe8000000000000000000000000000aaffffffff0000000001040000000000"], 0x114}}, 0x0)
socket$inet6(0xa, 0x3, 0x1)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000080)=r4, 0x4)
dup(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000c7f000)='./file0\x00', &(0x7f0000df9000)='nfs4\x00', 0x0, &(0x7f0000000440)='w4]\x0f:\"\xc1\xeb,NG\x0fwp%\xdd\x03VvS8w}h\x8c\x04-A\xba\x14D\x017\xc1\xbc0L\xcc\x1b\xf0\x1f\xee\x9c!;\xa7{g\xab\xbf\xa8,j\xb0\xd2G\xd7K\xd9\xa8')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=0x1, @ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
ioctl$NS_GET_OWNER_UID(r4, 0xb704, &(0x7f0000000240))
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000380)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="0004"], 0x0, 0x0, 0x0, 0x0}, 0x0)

6m8.528635692s ago: executing program 35 (id=1552):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = fsopen(&(0x7f0000000100)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, 0x0, 0x0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x458, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x388, 0xffffffff, 0xffffffff, 0x388, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @dev={0xfe, 0x80, '\x00', 0x3f}, [0xff], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @private2, [0x0, 0xffffff00], [0xffffffff, 0xff, 0x0, 0xffffff00], 'gre0\x00', 'veth0\x00', {0xff}, {0xff}, 0x87, 0xe, 0x6, 0x9}, 0x0, 0x258, 0x2b8, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x3, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x4, 0x0, 0x2001000, 0x6, 0x3, 0x0, 0x20}, {0x2}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@private=0xa010101, [0xffffffff, 0xffffff00], 0x4e20, 0x4e23, 0x4e20, 0x4e21, 0x41f86f8c, 0x9, 0x49, 0x7, 0x8}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4b8)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
mkdirat(0xffffffffffffffff, &(0x7f0000002040)='\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = openat(0xffffffffffffffff, 0x0, 0x0, 0x71)
getxattr(&(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)=@known='system.posix_acl_access\x00', 0x0, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140100001600010028bd7000fddbdf25fe8000000000000000000000000000bbfe80000000000000000000000000002e", @ANYRES32=0x0, @ANYBLOB="fc000000000000000000000000000000000004d233000000fe8000000000000000000000000000aaffffffff0000000001040000000000"], 0x114}}, 0x0)
socket$inet6(0xa, 0x3, 0x1)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000080)=r4, 0x4)
dup(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000c7f000)='./file0\x00', &(0x7f0000df9000)='nfs4\x00', 0x0, &(0x7f0000000440)='w4]\x0f:\"\xc1\xeb,NG\x0fwp%\xdd\x03VvS8w}h\x8c\x04-A\xba\x14D\x017\xc1\xbc0L\xcc\x1b\xf0\x1f\xee\x9c!;\xa7{g\xab\xbf\xa8,j\xb0\xd2G\xd7K\xd9\xa8')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=0x1, @ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
ioctl$NS_GET_OWNER_UID(r4, 0xb704, &(0x7f0000000240))
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000380)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="0004"], 0x0, 0x0, 0x0, 0x0}, 0x0)

52.205887246s ago: executing program 0 (id=3660):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='hybla\x00', 0x6)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bd", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635af71dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="b5d3838236773268a73daecfa0fdc5beb5a7ac332a11523627b41db31da6be0055bf716aa2b23b97d43cc40c632f6b9850f364ba0831ed0d6f7157f204275aa850d992d81ba6ab984bd809254e847b644cf6459a8139c3ebba62168141343c853896523ffb04131b2786acc44a57f5b1bd33cdaef8dd3c0526b7454eefe5", 0x7e}], 0x1}}], 0x3, 0x0)

45.183809532s ago: executing program 0 (id=3660):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='hybla\x00', 0x6)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bd", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635af71dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="b5d3838236773268a73daecfa0fdc5beb5a7ac332a11523627b41db31da6be0055bf716aa2b23b97d43cc40c632f6b9850f364ba0831ed0d6f7157f204275aa850d992d81ba6ab984bd809254e847b644cf6459a8139c3ebba62168141343c853896523ffb04131b2786acc44a57f5b1bd33cdaef8dd3c0526b7454eefe5", 0x7e}], 0x1}}], 0x3, 0x0)

34.782632748s ago: executing program 0 (id=3660):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='hybla\x00', 0x6)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bd", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635af71dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="b5d3838236773268a73daecfa0fdc5beb5a7ac332a11523627b41db31da6be0055bf716aa2b23b97d43cc40c632f6b9850f364ba0831ed0d6f7157f204275aa850d992d81ba6ab984bd809254e847b644cf6459a8139c3ebba62168141343c853896523ffb04131b2786acc44a57f5b1bd33cdaef8dd3c0526b7454eefe5", 0x7e}], 0x1}}], 0x3, 0x0)

24.571947895s ago: executing program 0 (id=3660):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='hybla\x00', 0x6)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bd", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635af71dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="b5d3838236773268a73daecfa0fdc5beb5a7ac332a11523627b41db31da6be0055bf716aa2b23b97d43cc40c632f6b9850f364ba0831ed0d6f7157f204275aa850d992d81ba6ab984bd809254e847b644cf6459a8139c3ebba62168141343c853896523ffb04131b2786acc44a57f5b1bd33cdaef8dd3c0526b7454eefe5", 0x7e}], 0x1}}], 0x3, 0x0)

18.418947355s ago: executing program 0 (id=3660):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='hybla\x00', 0x6)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bd", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635af71dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="b5d3838236773268a73daecfa0fdc5beb5a7ac332a11523627b41db31da6be0055bf716aa2b23b97d43cc40c632f6b9850f364ba0831ed0d6f7157f204275aa850d992d81ba6ab984bd809254e847b644cf6459a8139c3ebba62168141343c853896523ffb04131b2786acc44a57f5b1bd33cdaef8dd3c0526b7454eefe5", 0x7e}], 0x1}}], 0x3, 0x0)

8.130421834s ago: executing program 0 (id=3660):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='hybla\x00', 0x6)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bd", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635af71dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)="b5d3838236773268a73daecfa0fdc5beb5a7ac332a11523627b41db31da6be0055bf716aa2b23b97d43cc40c632f6b9850f364ba0831ed0d6f7157f204275aa850d992d81ba6ab984bd809254e847b644cf6459a8139c3ebba62168141343c853896523ffb04131b2786acc44a57f5b1bd33cdaef8dd3c0526b7454eefe5", 0x7e}], 0x1}}], 0x3, 0x0)

2.241063286s ago: executing program 5 (id=4372):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x50080, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000300)={'syzkaller0\x00', 0x4000})
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@get={0xe0, 0x13, 0x1, 0x0, 0x0, {{'cbc(blowfish)\x00'}}}, 0xe0}}, 0x0)
pwritev2(r1, &(0x7f0000000040)=[{&(0x7f00000030c0)="e5352cabaaeaeb668e453699057985d75d90cc0e4ac4649a0871bce1c65b1457bb288c3bbb5d611229bcd4b6062dcdc358aa5c24a97f5038e598dcfce5d500c566e19b9ecdc19a428af59ca334871aa38310166f1ced0bb740b8b5958341a9e2f8f9b3f633f7927addbcc3b4974a14a5b5d951e88d2f6dbbda338656989a360a350c00261b331364c5e2df73758c36857dad0f74acdbe77aff7082566366acf30bf9e87a3744704c3c89325d4827f8d6e3e461ab6a91ccedec0587e7492b429ad4c7b648948abda576025f5f0654f92026ce6254ade9c34c8f3c0ddbdd3c09da4b9babb88ce8b1b9e44be8c664ff8b3c1a281e8c17915ba61052fef4f54e92306dc76b2322c945e881682b8408fe64934e815cdd4f7b61f4e510d264bfda5c2534fba5e78c7ba1642a81fb383e6b7cb90c85c785eaad0195f501c37d9e871f3c1744495654c7383735982f2b773308e1ab579f91413db79b7284c073a0ff57a1728fbc9a112a001de7bfebabfaf4d0555b75fa998a291f16573f380368ef6264b8955718d55851b34d011792a424dc040f956850296abe55633f0a64ba3bd1189db3631c026eb572216dfe8be2bb0a5c5d8d9e7ffe0854f8bed29f5a022fdab553b2e51be4e0a9a2ec16f292dd96042f4d81f5c3678f95eb65ff820b0c25a55a6a5eeef40dc8ad74e1b6a4eea0dc3c92491403ef1b041f90dbd88fae7420a28a0ba88682955f9dfe48e0ba9d36aa11f54537c7d4172aec68d64fd88d501ff078cb0ba4f33ae4056a77f8265aa29f6fba32c0ef1882e0c195edda83f434d07b468ebf394edbe393be47defa90c7e40248bfeafde04c36ca568c261e9b2ef302ee16d802497c2da346e0a81dc5ec25d6b4323e9e075e75c5098fa3a0b1070f4c8c7ee7b0b6f7ec3c48d22bf63f3036b3bb0e14ba00972591364b2afefc68a5e942e5ab343511c4ac494a00e23fecd5df5529b3227f0a0e25f52bd70282cc8c9e03551183d177908332b4818637a417d5908fa49a724a529b84d5726d8b2c14a13a3c4da710f67af35ace4572f79843ab220779d39ad0f542ade5630c08544ccf478b318e3b338c515b1a0d36d8d56df6856f6d54f013624d8a04d0c804c97945e5bcfc805c5ed5cf636a36afdee14a4016462e5f52dcfd3094a784d40397ab7aba56de797b01339aa5e0d5a1e8f3bf0c966eac4b51e0378aa31146d2f0de591470102a0d20a9921e4bbeb8ab26999287506f72b552c5de228956b30cdd9f494a0bafd8262b8200d9ef8a8bdcdf1d83c85912456d9b63f881314a95a894c65072caff586a0ec8d05cc6cf7b55762f7086959a853c7673c95f1fcd0b73823f437751e5e64e34aa0a2b0cb41783fc779ce1f97950ab0efa96a6da72ed84ee26067b8d26e6bc6fca9b05e985ec0412b00918b0d0a49dd17bb5d05799d8aa2d336a5c48d66a95d6098568641ae3eeefc45ea82dd52ab18c4388840f2dba673807af224a38548839d1bd0439a0f762a59acea99266b1bfe7ebf4c03563ec42bb0486a4aa7535226d1b8a72114a4c7275dfd43ec3ce59cd958020c4757d708315089649183ef42fe1b07d36d384cbe4099bef4f5aa8d8ff254a95faf59a9645fb468a0b525c1465ef36ca489a817d0daf7d0e037dcb9ff0a80b4396c7ca0e8010b098c956194c94497ef7b7c90f45257079c99832b4fd38b6449226e8eded16846a325e9c6d9cceb9a3161040c7ebd160a816f8aa8f83edada96f13bbb055c88a0bc32960e12a07a2fa36df7905692cb424dac18aa1e0e754955cd2501484e86db89a4cfe5b04daaf9528fe1b577c18960312c086fbf9eaa0e42e7a943b1c65ba7b6362fe3e58fb281cc7bb3990b4f10c4fdc40b2eed2c6d28b6d42daab0e828fb93c08e6df0dc2b662df4e8e7bd5e4dbffafa9ab2448cff2625e3757745754c7c2af1ccaf55c950122d17cdf83b3485882ff1cb98693e54344fd073aa34ccfad82e1d50b5728345efa1af9652b4975274586a05280bb6642ed675eef1e5680a55bf7c9595b451af2dca6e9769c6bf674d0bd2e3803659d7480089ac80fe13504ca8d3aa95dc21ee14863dee4a09814b017f183ce0f23ef9397c59f66f3d4c970a9f221a882b6ae6fad835f9e468d34e60dd41d3ba64fc56b9a7c682a0faefef20497a4c1e20beeaf24f223a2cc69fa18de3e2fe683987a4d78f547cc27cbff57da7b63a56c4a2d94aa0f3b2fabbf19dc575d5ddb4fe967f6bfc3a12e2615a21712cb696698ab42916e9056c7c6b0203398d2ecd88a7dde3e6c3336e867250318455bf78016ba1ed977cbc2513b634619266bddf1f4a6e9d889a6e1aa99ebec5008a549540d0eccb7014936a83106f26a7b2b743bbd16101f52bb4f5c526d0579aee9311587a32881cc6078a93b91cb60799abb97b328da9a12a11c67e71f80ff0a1ad56d2d33464df2b7dc1f94f3ead1f319e8e2815de868774358787be6935a3a2244dfe27513265ee05f21e30184467fad6fed47725fbab3434a29acc69de47ed72a36873a9843625245776f351e77bc9dca59bf1bc233414bda1090e2ed644a3cdb9d8352511e6389360fb7f82ba76dd225f32959f7d704becaec84744925a080bd3e05568c612d9f3ca69753cac7f1d4550a4680ffd8ed41e16a4caf1dd8cee4d148dd642c74666a4f8e6480bc072a06e1f379015a0207f25ffe6da11ec17c88691c4af0cf05a045df725e8af73c2c48573827d4e157244323e2b6b495aca68412534980cd72fea14aca32374805295895565d57958bdf04b8ed0090598d109565b1f34829fc6c8f809f1b307702fe26d35b0012768b4bfaf17f6c64a06db2c9243f0bb5bbe28271a884c2f00dd8e1da74c49a49b7008dbcd07e7864a6e03e4807ca3261643b609cbae695a33b6da2ac0f2e9b25af194cfc1b5458a539e805f646271cddfd0b961f307ba9a4930456ce0bebc072e6e9e303f029e48069d5998f7ba7a9d8c9a55b635c1179b95a57f9bdbc638ecac126dd95ca4b559546ce5f96963816352f24ca11e3add447c7fb17fdca55e057b2a569ae37765964d796828eac4e3da796041243210abd867d751fd964b806b1e78fc94173068700a20a0796aef0e3696550e87a0bea92d7e72d7e935d9cd128be39a6358ab2f0354f8e6120d8ab107c300d57a255f35146aa7ff8ee875a57dd21b3a34d39198b07807fa8487be16accc977d481a223855ecf1c992605e2561bd50e9ed2cdfbf1c86abcc213f0fb68c3ca846006650c1043c5207af9dfbbf30dfc77dc7c04a10615a2458877193c61e272a1d1281caf4743772d01edd9c7840446754eef98ab623cffce279aaded60d39844c94325d32b68c7e882097cc21908937de8a58d08d8179ed82f23f4449d270e2379220c3980730d026c29f05553d968716fa5227390c2ac1238f29b4da73275162e9fbdee6e840b4569a781d5a8357e9ac3dd2fa57e07ab1ef6dc18690e9213142f05e80a5951c894df5ca1f570e2415391c9e55799b0afb6124fdb3a01fd9d25a4f5c3ee32ac3c7994431451ac6b7f3700b6a1c3946f082608620ad14a27e2c1f883c097a48343adc8ff80a2b54c23eebbf76359d71b0a75a0ab7a4f62248dd4b0e89cff323ace931457694e52fe4faa8819f3659c6ad1d6b5e0aad3041c0a68065d1c1fd27e18a16c5bd31a4fd86dbd9bc2a88814e8b029f6262de57d40e7c8e6f7735b9c7015e1a99b5f483618d325009ac29d38d24805318ad4ae247e44f41aa28c22ab138540853e5290694c415a20947765dfba5b12f9b3510c3350e4ff919f20cb1823c702e043dd5bc08e1b59191ec9a26fd75aa5d4e54e2bae72dad9fe1fefa95fd85fa5dcb340a734d0b8f1a9f9513da09f20272b7595b82aa0060c647577ba9e61acc7b3dca4bc92b3a306d3db6b1d530a43bf07409152f94270927b21c15e4a12e527006c1a108331b6ac036c8a4798478d4b4477ef630c1a9c0b68c6e2f630bf488909fe474b77205e33093a9b8c3581c82fb4ec027aca820ba64dde0c45ac47e9cac43c3a02b026d0aeb64077a82652fec0e9e73c3ee61950423f3ee62ee7e3044950fb088300524f859ab3f26524072cd7f49997c70b019c342b66a6d3e1fef2c3ff1145c7bc20f620711e4493384e590db89f7bb472dcee12833c43bfa956e75dffd37bd51079c633ef2a4b820818f1ee9c8e313e2e58d2e59d3ff2f50a37c0dcaf50a7683341efc27f8b27c7c0fdb18ec8d0f7ddce42f33214b633d2b1aea28d511bcae891931276b187e8077c4a74e4ba4e2a4cee08c9d1a691cad9a15e4fad668916398777dd336fabc73f66f630db0419d629a29746e6b1ec77e39960db6ca8e56c60464e6e2ed54e1d7ca6e0755ad8e439494915460228cd29cd3971fa5d72c93eafe54aba0c5ceea2a1b4b56df22cce0e842a93e8c83176d71b2b6a00c6c06a89f18a0a070b3aa397bd49f159a5f5ca4a6aa88e27ff6e37b2249ff29b402e5ee7eac65aac254d1fcc433db2d5a7a3aae54ae4c689fd7e8d3d161151efc5688bb9cb8ce09a89d52bc557a75980dd832cb8f816f842ac2b6285e8f21df99a8afcd66756027ed37f60dc2bc7533cf16783ffcce778360a650caed3db453d36cc1b60602a0f9c13c68b1c128c0dc09b40a227fd397692a315d152012b444d552898aaeada0a62e3f070333ab1fb032492b4b4c5ab6150db525e542618c59b0c8f44c00af95b88efdf03291783ba8806e13d9e97004d5ad2a34c08bcdd53a829377da1cbfdec1c1ade94ea7cd77c30029d031b37f255dc362d1e4decb399dd6e5e47df92b6e13feb34bbbe6f62b8b6443eb0ce950c271570d21c99c87d917b62a43d16c28b06c2313909c4e7a568214f2d31d9b26cd101f9045a64798a277d99e4ddac9670b474403df53564690f12d9aca5ca9fe4dd23d9c8bb5aac3baca3d0d98cb0b84b657edd5f1dc7aaef1ff4ee3421c4e269f337aa392533be29b9173c03ad4bbbeddd99a728aa9fe6213453f5d548cfd33c192220500a4ac569736ac06fbb783877ffaa82cd61545a191c33eae359d6d843acefff22e2653e7171d8b2753a1de8079b24d0677a261423c95364dc86228e4ced8d9ca612d5dbc62647da21ac26302b12c30b5a8c5485075238627861ca8fd4c6bec2aca96e8cda272a978bb43da2afcf894ce1f55eb3e3e475e18735718129fdc7f1d7ac9f58d03e255e2aab1014e47a55ebbeef9840a9f2ec5447dd865fd7d209ebfe62d7fd59a0c593186be0bffc27de5ee7a6fb192ef819aa68f362d629587da6b7151060cf69d6d243359755a9ece85d7d6078a39e9452989b24f758477365ed141241679c8a5f234d1b0b8a3c151985c906697170ff61bbe6e8f7308177db173466c1b03810f9bb818e145cb3d7a3f74c1662f21fea51eeed27b48f", 0xf00}], 0x1, 0x400, 0xc3be, 0x10)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x90000)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd74)
r6 = syz_io_uring_setup(0x497, &(0x7f0000000340)={0x0, 0x7079, 0x0, 0x14, 0xce}, &(0x7f00000003c0)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='stat\x00')
read$FUSE(r9, &(0x7f0000004180)={0x2020}, 0x2020)
getpeername$packet(r9, 0x0, &(0x7f0000000180))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x7, 0x0, r5, 0x3, '\x00', 0x0, r9, 0x2, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$ptmx(0xffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r4})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r3, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r10, &(0x7f0000000040)=0x1f00, 0x12)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)

1.940204007s ago: executing program 5 (id=4374):
r0 = openat$fb1(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x3f, 0x0, 0x1, 0x3e, 0xddffffff, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3})

1.879989551s ago: executing program 5 (id=4376):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
ioctl$SIOCSIFHWADDR(r5, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.669723865s ago: executing program 7 (id=4378):
unshare(0x42000080)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="300000002000010300000000fcdbdf250200000400000000007ffd00140003006d"], 0x30}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)

1.530170566s ago: executing program 6 (id=4379):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f00000000c0)={0x0, 0x873d, 0x10100, 0x0, 0x1e3}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0xd, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x18}, [@tail_call={{0x18, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2}, {}, {0x85, 0x0, 0x0, 0xba}}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1.32076257s ago: executing program 6 (id=4380):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f00000001c0)={0x28, 0x0, 0x2711, @local}, 0x10)
mprotect(&(0x7f00000ff000/0x14000)=nil, 0x14000, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QUERYBUF(r4, 0xc044560f, &(0x7f0000000080)=@mmap={0x7f, 0x1, 0x4, 0x10, 0xb200, {}, {0x5, 0x0, 0x3, 0x0, 0x81, 0x2, "e43d8daa"}, 0x1, 0x1, {}, 0x10})
sendmsg$nl_route(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000001a00010000000000000000000a0080a36d55dd2ce0833e719880d677978d00000200000000000005001b003a000000"], 0x24}}, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'syz_tun\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)={0x1c, 0x41, 0x107, 0xfffffffc, 0x0, {0x3, 0x7c}, [@nested={0x4, 0x136}, @nested={0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='xfs\x00', 0x0, 0x0)

1.320281811s ago: executing program 7 (id=4381):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSBRK(r0, 0x5427)
ioctl$KDGETLED(0xffffffffffffffff, 0x4b31, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf580672"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='numa_maps\x00')
read$FUSE(r4, &(0x7f0000002140)={0x2020}, 0x2020)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0x3517, 0x93c7, 0x42, 0x0, 0x0)
r6 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000002f80), 0x2, 0x0)
write$6lowpan_enable(r6, &(0x7f0000002fc0)='1', 0x1)
r7 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000003040), 0x2, 0x0)
write$6lowpan_control(r7, &(0x7f0000003080)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, 0x0, 0x0)

847.102879ms ago: executing program 5 (id=4382):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x50080, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000300)={'syzkaller0\x00', 0x4000})
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@get={0xe0, 0x13, 0x1, 0x0, 0x0, {{'cbc(blowfish)\x00'}}}, 0xe0}}, 0x0)
pwritev2(r1, &(0x7f0000000040)=[{&(0x7f00000030c0)="e5352cabaaeaeb668e453699057985d75d90cc0e4ac4649a0871bce1c65b1457bb288c3bbb5d611229bcd4b6062dcdc358aa5c24a97f5038e598dcfce5d500c566e19b9ecdc19a428af59ca334871aa38310166f1ced0bb740b8b5958341a9e2f8f9b3f633f7927addbcc3b4974a14a5b5d951e88d2f6dbbda338656989a360a350c00261b331364c5e2df73758c36857dad0f74acdbe77aff7082566366acf30bf9e87a3744704c3c89325d4827f8d6e3e461ab6a91ccedec0587e7492b429ad4c7b648948abda576025f5f0654f92026ce6254ade9c34c8f3c0ddbdd3c09da4b9babb88ce8b1b9e44be8c664ff8b3c1a281e8c17915ba61052fef4f54e92306dc76b2322c945e881682b8408fe64934e815cdd4f7b61f4e510d264bfda5c2534fba5e78c7ba1642a81fb383e6b7cb90c85c785eaad0195f501c37d9e871f3c1744495654c7383735982f2b773308e1ab579f91413db79b7284c073a0ff57a1728fbc9a112a001de7bfebabfaf4d0555b75fa998a291f16573f380368ef6264b8955718d55851b34d011792a424dc040f956850296abe55633f0a64ba3bd1189db3631c026eb572216dfe8be2bb0a5c5d8d9e7ffe0854f8bed29f5a022fdab553b2e51be4e0a9a2ec16f292dd96042f4d81f5c3678f95eb65ff820b0c25a55a6a5eeef40dc8ad74e1b6a4eea0dc3c92491403ef1b041f90dbd88fae7420a28a0ba88682955f9dfe48e0ba9d36aa11f54537c7d4172aec68d64fd88d501ff078cb0ba4f33ae4056a77f8265aa29f6fba32c0ef1882e0c195edda83f434d07b468ebf394edbe393be47defa90c7e40248bfeafde04c36ca568c261e9b2ef302ee16d802497c2da346e0a81dc5ec25d6b4323e9e075e75c5098fa3a0b1070f4c8c7ee7b0b6f7ec3c48d22bf63f3036b3bb0e14ba00972591364b2afefc68a5e942e5ab343511c4ac494a00e23fecd5df5529b3227f0a0e25f52bd70282cc8c9e03551183d177908332b4818637a417d5908fa49a724a529b84d5726d8b2c14a13a3c4da710f67af35ace4572f79843ab220779d39ad0f542ade5630c08544ccf478b318e3b338c515b1a0d36d8d56df6856f6d54f013624d8a04d0c804c97945e5bcfc805c5ed5cf636a36afdee14a4016462e5f52dcfd3094a784d40397ab7aba56de797b01339aa5e0d5a1e8f3bf0c966eac4b51e0378aa31146d2f0de591470102a0d20a9921e4bbeb8ab26999287506f72b552c5de228956b30cdd9f494a0bafd8262b8200d9ef8a8bdcdf1d83c85912456d9b63f881314a95a894c65072caff586a0ec8d05cc6cf7b55762f7086959a853c7673c95f1fcd0b73823f437751e5e64e34aa0a2b0cb41783fc779ce1f97950ab0efa96a6da72ed84ee26067b8d26e6bc6fca9b05e985ec0412b00918b0d0a49dd17bb5d05799d8aa2d336a5c48d66a95d6098568641ae3eeefc45ea82dd52ab18c4388840f2dba673807af224a38548839d1bd0439a0f762a59acea99266b1bfe7ebf4c03563ec42bb0486a4aa7535226d1b8a72114a4c7275dfd43ec3ce59cd958020c4757d708315089649183ef42fe1b07d36d384cbe4099bef4f5aa8d8ff254a95faf59a9645fb468a0b525c1465ef36ca489a817d0daf7d0e037dcb9ff0a80b4396c7ca0e8010b098c956194c94497ef7b7c90f45257079c99832b4fd38b6449226e8eded16846a325e9c6d9cceb9a3161040c7ebd160a816f8aa8f83edada96f13bbb055c88a0bc32960e12a07a2fa36df7905692cb424dac18aa1e0e754955cd2501484e86db89a4cfe5b04daaf9528fe1b577c18960312c086fbf9eaa0e42e7a943b1c65ba7b6362fe3e58fb281cc7bb3990b4f10c4fdc40b2eed2c6d28b6d42daab0e828fb93c08e6df0dc2b662df4e8e7bd5e4dbffafa9ab2448cff2625e3757745754c7c2af1ccaf55c950122d17cdf83b3485882ff1cb98693e54344fd073aa34ccfad82e1d50b5728345efa1af9652b4975274586a05280bb6642ed675eef1e5680a55bf7c9595b451af2dca6e9769c6bf674d0bd2e3803659d7480089ac80fe13504ca8d3aa95dc21ee14863dee4a09814b017f183ce0f23ef9397c59f66f3d4c970a9f221a882b6ae6fad835f9e468d34e60dd41d3ba64fc56b9a7c682a0faefef20497a4c1e20beeaf24f223a2cc69fa18de3e2fe683987a4d78f547cc27cbff57da7b63a56c4a2d94aa0f3b2fabbf19dc575d5ddb4fe967f6bfc3a12e2615a21712cb696698ab42916e9056c7c6b0203398d2ecd88a7dde3e6c3336e867250318455bf78016ba1ed977cbc2513b634619266bddf1f4a6e9d889a6e1aa99ebec5008a549540d0eccb7014936a83106f26a7b2b743bbd16101f52bb4f5c526d0579aee9311587a32881cc6078a93b91cb60799abb97b328da9a12a11c67e71f80ff0a1ad56d2d33464df2b7dc1f94f3ead1f319e8e2815de868774358787be6935a3a2244dfe27513265ee05f21e30184467fad6fed47725fbab3434a29acc69de47ed72a36873a9843625245776f351e77bc9dca59bf1bc233414bda1090e2ed644a3cdb9d8352511e6389360fb7f82ba76dd225f32959f7d704becaec84744925a080bd3e05568c612d9f3ca69753cac7f1d4550a4680ffd8ed41e16a4caf1dd8cee4d148dd642c74666a4f8e6480bc072a06e1f379015a0207f25ffe6da11ec17c88691c4af0cf05a045df725e8af73c2c48573827d4e157244323e2b6b495aca68412534980cd72fea14aca32374805295895565d57958bdf04b8ed0090598d109565b1f34829fc6c8f809f1b307702fe26d35b0012768b4bfaf17f6c64a06db2c9243f0bb5bbe28271a884c2f00dd8e1da74c49a49b7008dbcd07e7864a6e03e4807ca3261643b609cbae695a33b6da2ac0f2e9b25af194cfc1b5458a539e805f646271cddfd0b961f307ba9a4930456ce0bebc072e6e9e303f029e48069d5998f7ba7a9d8c9a55b635c1179b95a57f9bdbc638ecac126dd95ca4b559546ce5f96963816352f24ca11e3add447c7fb17fdca55e057b2a569ae37765964d796828eac4e3da796041243210abd867d751fd964b806b1e78fc94173068700a20a0796aef0e3696550e87a0bea92d7e72d7e935d9cd128be39a6358ab2f0354f8e6120d8ab107c300d57a255f35146aa7ff8ee875a57dd21b3a34d39198b07807fa8487be16accc977d481a223855ecf1c992605e2561bd50e9ed2cdfbf1c86abcc213f0fb68c3ca846006650c1043c5207af9dfbbf30dfc77dc7c04a10615a2458877193c61e272a1d1281caf4743772d01edd9c7840446754eef98ab623cffce279aaded60d39844c94325d32b68c7e882097cc21908937de8a58d08d8179ed82f23f4449d270e2379220c3980730d026c29f05553d968716fa5227390c2ac1238f29b4da73275162e9fbdee6e840b4569a781d5a8357e9ac3dd2fa57e07ab1ef6dc18690e9213142f05e80a5951c894df5ca1f570e2415391c9e55799b0afb6124fdb3a01fd9d25a4f5c3ee32ac3c7994431451ac6b7f3700b6a1c3946f082608620ad14a27e2c1f883c097a48343adc8ff80a2b54c23eebbf76359d71b0a75a0ab7a4f62248dd4b0e89cff323ace931457694e52fe4faa8819f3659c6ad1d6b5e0aad3041c0a68065d1c1fd27e18a16c5bd31a4fd86dbd9bc2a88814e8b029f6262de57d40e7c8e6f7735b9c7015e1a99b5f483618d325009ac29d38d24805318ad4ae247e44f41aa28c22ab138540853e5290694c415a20947765dfba5b12f9b3510c3350e4ff919f20cb1823c702e043dd5bc08e1b59191ec9a26fd75aa5d4e54e2bae72dad9fe1fefa95fd85fa5dcb340a734d0b8f1a9f9513da09f20272b7595b82aa0060c647577ba9e61acc7b3dca4bc92b3a306d3db6b1d530a43bf07409152f94270927b21c15e4a12e527006c1a108331b6ac036c8a4798478d4b4477ef630c1a9c0b68c6e2f630bf488909fe474b77205e33093a9b8c3581c82fb4ec027aca820ba64dde0c45ac47e9cac43c3a02b026d0aeb64077a82652fec0e9e73c3ee61950423f3ee62ee7e3044950fb088300524f859ab3f26524072cd7f49997c70b019c342b66a6d3e1fef2c3ff1145c7bc20f620711e4493384e590db89f7bb472dcee12833c43bfa956e75dffd37bd51079c633ef2a4b820818f1ee9c8e313e2e58d2e59d3ff2f50a37c0dcaf50a7683341efc27f8b27c7c0fdb18ec8d0f7ddce42f33214b633d2b1aea28d511bcae891931276b187e8077c4a74e4ba4e2a4cee08c9d1a691cad9a15e4fad668916398777dd336fabc73f66f630db0419d629a29746e6b1ec77e39960db6ca8e56c60464e6e2ed54e1d7ca6e0755ad8e439494915460228cd29cd3971fa5d72c93eafe54aba0c5ceea2a1b4b56df22cce0e842a93e8c83176d71b2b6a00c6c06a89f18a0a070b3aa397bd49f159a5f5ca4a6aa88e27ff6e37b2249ff29b402e5ee7eac65aac254d1fcc433db2d5a7a3aae54ae4c689fd7e8d3d161151efc5688bb9cb8ce09a89d52bc557a75980dd832cb8f816f842ac2b6285e8f21df99a8afcd66756027ed37f60dc2bc7533cf16783ffcce778360a650caed3db453d36cc1b60602a0f9c13c68b1c128c0dc09b40a227fd397692a315d152012b444d552898aaeada0a62e3f070333ab1fb032492b4b4c5ab6150db525e542618c59b0c8f44c00af95b88efdf03291783ba8806e13d9e97004d5ad2a34c08bcdd53a829377da1cbfdec1c1ade94ea7cd77c30029d031b37f255dc362d1e4decb399dd6e5e47df92b6e13feb34bbbe6f62b8b6443eb0ce950c271570d21c99c87d917b62a43d16c28b06c2313909c4e7a568214f2d31d9b26cd101f9045a64798a277d99e4ddac9670b474403df53564690f12d9aca5ca9fe4dd23d9c8bb5aac3baca3d0d98cb0b84b657edd5f1dc7aaef1ff4ee3421c4e269f337aa392533be29b9173c03ad4bbbeddd99a728aa9fe6213453f5d548cfd33c192220500a4ac569736ac06fbb783877ffaa82cd61545a191c33eae359d6d843acefff22e2653e7171d8b2753a1de8079b24d0677a261423c95364dc86228e4ced8d9ca612d5dbc62647da21ac26302b12c30b5a8c5485075238627861ca8fd4c6bec2aca96e8cda272a978bb43da2afcf894ce1f55eb3e3e475e18735718129fdc7f1d7ac9f58d03e255e2aab1014e47a55ebbeef9840a9f2ec5447dd865fd7d209ebfe62d7fd59a0c593186be0bffc27de5ee7a6fb192ef819aa68f362d629587da6b7151060cf69d6d243359755a9ece85d7d6078a39e9452989b24f758477365ed141241679c8a5f234d1b0b8a3c151985c906697170ff61bbe6e8f7308177db173466c1b03810f9bb818e145cb3d7a3f74c1662f21fea51eeed27b48f", 0xf00}], 0x1, 0x400, 0xc3be, 0x10)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x90000)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd74)
r6 = syz_io_uring_setup(0x497, &(0x7f0000000340)={0x0, 0x7079, 0x0, 0x14, 0xce}, &(0x7f00000003c0)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='stat\x00')
read$FUSE(r9, &(0x7f0000004180)={0x2020}, 0x2020)
getpeername$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @remote}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x7, 0x0, r5, 0x3, '\x00', r10, r9, 0x2, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$ptmx(0xffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r4})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r3, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r11, &(0x7f0000000040)=0x1f00, 0x12)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)

630.284258ms ago: executing program 5 (id=4383):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb790789005e107538e486dd6317ce"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48) (fail_nth: 89)

420.241387ms ago: executing program 7 (id=4384):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b00010062726964676500004000028008000500010000000600270000000001080001"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

420.01453ms ago: executing program 7 (id=4385):
socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x585d}, [@IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x1}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x840}, 0x8040)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x6d8a, &(0x7f0000000300)={0x0, 0x37b2, 0x10100, 0x0, 0x8a}, &(0x7f0000000180), &(0x7f0000000280))
syz_emit_ethernet(0xbb, &(0x7f0000000780)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb88480000000000000d000000000000000a00000000005bb4ed3d868fbe388a748c0fe34820beab5cba10d62c343a989f8b8edbafbf4fe31b1508ff5323e2fbdf5b1b5b59c9e3dc8fb7f6ac4c1f46c9f633ffda3a8005d604f01629b78049af506a9606ddffb5577dbe96aec7207a75379855fe484571b246a400d303862718a08969dd4ea8d9f76236ac59816d8ce4445779a98d670c55dd894f5924d23159d8911f2c0d2a87c309be29f86ae23f72c5828ff034f633cc072ad4c3773dbcfefa2909b9b7b000846dab8869e91be052e683d5bc8e6bec27777e259f52b4d4eb278e835e59a1f3f49dbcf00164ad59eed925c2ab3be3ee2cf3fdb931af08252805b4d9cc2f5077b02d884617b8a7c8811d570dc973b4bad0b26f61833fff12e00a067f05f1bb6af5b02ba41ab5bb8253147456d9d67edc9270fb98cde12cd64b65a638d48afc"], 0x0)
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r3)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
r4 = memfd_create(&(0x7f0000000180)='/!-(\x00\xa1\xad\x83e`\xa7\xc42\xdd\x9c~\xa9\x8eR_\xc8\x00\x00\x04\x00\x00\x00\x00\x03\xb3\x138\xc3\xbf\xf0\x89\xec<\x80\xe2Bj.u\x9f\x1ct<\x0f\xccn\xefP\xc0\xaab\xb8_\r\x9c\x80\xa9\xad\xd4EV\xa4\xfct\xbd\x96\xdf\r5\x9a', 0x5)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001800010600000000000000001c140000fe00000100000000050013"], 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000900)=ANY=[@ANYRESDEC=r4, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="ffffffff00000000000000000000000000000000320000000a01010100000000000000000000000000000000020000000100000000000000000200000000000001000080000000000200000000000000000000000000000000000000000000100000000000000000000000000000000004000000000000000d000000000000000a0000000000000000000000010000000000000000000000000000000a00050600000000480003006465666c6174650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048000100706f6c79313330352d6e656f6e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e45a374610764d2f51525abf098ac0585d912104eccce9852ac2ff578ae37eb4cb2022056624a8ff849e8ee73783270c6e1833818b6b9d319c3641c256bbceccbddd3d6e9be70b1090d3a22a85af8f89b84a49a891700ab61cc82dd31e68a9623580bc85f916a20abbcd877ca8fb0d3974339452fe83773be7e141dc53987e75cd37b3a8137f560817648fbef4a9b0"], 0x17c}, 0x1, 0x0, 0x0, 0x4810}, 0x4000084)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f00"/55], 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x810)
socket$xdp(0x2c, 0x3, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
read$FUSE(r6, &(0x7f0000002080)={0x2020}, 0x2020)
io_uring_register$IORING_REGISTER_MEM_REGION(r6, 0x22, &(0x7f0000000340)={0x0}, 0x1)
sendmsg$RDMA_NLDEV_CMD_SET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000000214010028bd7000fddbdf250900020073797a3100000000080001000000000008fc4400", @ANYRES32, @ANYBLOB="050054000100b2ac08000100000000000900020073"], 0x48}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)

395.692263ms ago: executing program 6 (id=4386):
r0 = socket(0x200000100000011, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x7, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="34000000020000010000000000000600d96e6c8d5e85080045f00d80724e11d569116e3a1ce41e2a560254ea0043"], 0x34}, {&(0x7f0000000840)={0x100, 0x12, 0x2, 0x70bd29, 0x25dfdbfb, "", [@typed={0x4, 0x1d}, @typed={0x14, 0x14a, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @typed={0x8, 0xd6, 0x0, 0x0, @uid}, @generic="d48cb6e0923cd59a3e83a6fd94606324932eba72d539f9f82fba9d909251e499390ed659d28eace0babe86942fa91445ecc89a7bf11f44809aae1948ed37d5ac0d21c43f655de16d95cf2ca2ed2c82fd207bd27c8e5e046e2b043f4695a7fd09b11cb9e18a8cc63c86928eecfc2d42e0499d8707a2b4dd3217d72b5b05d53b891fb088805fa5c5e58ecc81fe72ea0afa8c08ce4464fb49b874f13edf2ee11db71e597e999eda9dd15f362d28e5d2d8c543a0ae6b73d9e419925acf474f40d60dc8402a8409d2fbd9c7d04b1c1d01"]}, 0x100}], 0x2, 0x0, 0x0, 0x20000080}, 0x4000)

329.286071ms ago: executing program 6 (id=4387):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r3, 0x301, 0xfffffffc, 0x0, {0x2b}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r5, &(0x7f0000000600)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r6, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="000300000b000000140012800900010076657468000000000400028008000a00", @ANYRES32=r6], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x24004004}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00'})
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x3e9, &(0x7f0000000940)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000e8848000f0f0000000000000000006004d6d503a73a0100000000000000000000ffffe0000001200100000000000000000000000000000416000000000000c91000000000000000000000ffffffffffff00010007180000000104260f000800000000000000db0c0000000000000502000a00010001010004010304704753d7e3687e18b6ed3f36731408b958b9c6e3359f6677f2071b35368f8572e32718a01f7655c648ffa4d32c65e04697e54758f348d33b1d3b3931fd49cb28266ed69f22218dd80789e148851589dca8d406d8e473070def9d6bcc57b6f8e7ff8795d643ba21937acad9040104010400000000000612010300000000fe8000000000000000000000000000bb0000000000000000000000000000000000000000000000000000ffffe0000002fc000000000000000000000000000001fe8000000000000000000000000000bbfc010000000000000000000000000001fe80000000000000000000000000000aff010000000000000000000000000001fe80000000000000000000000000000c040090780000000463d747d30c0d3200fc010000000000000000000000000000000000000000000000000000000000000604016c00000000fe880000000000000000000000000101000000000000000000000000000000003300000000000000050200090401f5001600022165000000110000000073000000270404026738ff00fc010000000000000000000000000001200100000000000000000000000000013b01000000000000050200050001000502000400000000002c11000000000000050202040502000104010205129c53eb3ae340a84cd1dada8d5bd74246b2e744285609d6a7c11c87257a6bef8d60a00624ff4921085d5cb8d8f394b1630a21d8943a918a127b9dc488392943d48e85d698159f98db88968a8af225097a91c1e12c649516ca1731fd12a2551bf5890570743705ff23e04a2ac1e1b88401080000000000000000010200000000000000002900013167000000dd3dfb4d8cf15bf6b843ddc33e8b503e922649d9431fafcb28a5c122e0dea111c3472aa0a02cc4691ab7ee946b9a6e23b528da4ad7961cf7439ad6863290996be32ef73ab490414f65e22e1f7fe45f984fe2387f81ec7eac54a5ab4f7e1c73750f23964ada01f0be80155de0d307f0c8b923e0d3d17b7ce62ba94389a5af985f44b8da6123321afc6846610f01d67964beebe616a77c25a9683c55a0baf2b8ef6d659d6247046e34efcfd91862436e029ec2f46eebcd1a18f3adcb18918ac5f7c9ac0761a1025ed55f593a21f1998aa26b7ff7dde6e06627b693874c4ead78594a0a340f5bdd47f6c49e8987f179f124e8a0d1a278865982149f7f6b27304a309e5ebca62a09f051a247ffea01f2243ce18a3491488666a2ea419fb6e650e74ed55951716cc81d2a4f3f092ddf8ab359dee86f94bacee0be2966a13946b566334dfaaf5d0b85a48a4906ce05488a1405e9304ffd94d16bb8d95a44f3bf0e212d10285d37ad8eb62826797deb4ffc39c27a2fce6e926308320e8160ebed3b119569784843724b57e909b23bbde6403dd2f8d06faef8aa4eb44edf6161df41a531879b13d466925f5e86f899ee60330e193f8d8b91e00677fb3826e131e363e123b6765ba68cbc8490804a372a8f407e6d3487b68b95a409cae9c00a59e78a4f1057ddb1c9e7081769f3de943731da1d732d1e1cbf2ab00385b1b91e4b6659e1e0476dcd9e1f0e708f82028609b7278fd5366ea74c4874292e5c0829e7cc92424c6e18e821a3736b57948b40000000"], 0x0)
recvmsg(r8, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x600041a5)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618000000008553", @ANYRES32=0x0, @ANYBLOB="000000000000060008000a00", @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

328.884491ms ago: executing program 5 (id=4388):
openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
pselect6(0x0, 0x0, 0x0, &(0x7f00000005c0)={0x3ff, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffe}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000009, 0x114}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
r3 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prctl$PR_CAP_AMBIENT(0x2f, 0x2, 0x4000000000)
openat$vnet(0xffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc1105518, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, [0x327cf3e4, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x9, 0x4, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1c00000, 0x0, 0x0, 0x200000000, 0x0, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x4000, 0x0, 0x7fffffffffffffff, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]})

209.700571ms ago: executing program 7 (id=4389):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r1)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, &(0x7f0000000200)={0x1, 0x101})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x7, 0x4, 0x20, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_GET_MAP_INFO(0x4, &(0x7f0000000140)={r3, 0x58, &(0x7f0000000200)}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r4=>0x0})
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x4b0, 0xbbba, 0x2, 0x0, 0x0, {}, {0x0, 0x2}, {0x4000000}, {0x0, 0x8}, 0x0, 0x3f0, 0x0, 0xd613, 0x0, 0x3e00})
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000003140)={0x0, 0x2, &(0x7f0000003100)={&(0x7f00000001c0)={0x30, r2, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x44}}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x40040}, 0x20040084)

209.486521ms ago: executing program 7 (id=4390):
open$dir(&(0x7f0000000080)='./file0\x00', 0xa440, 0x82)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1048001, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
symlink(&(0x7f0000000000)='.\x00', 0x0)
r1 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
setpgid(r1, 0x0)
r2 = getpgid(r1)
setpgid(0x0, r2)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r3, &(0x7f0000000000)=0xfe8e, 0x12)
chdir(&(0x7f0000000000)='./file1\x00')
r4 = memfd_create(&(0x7f0000000540)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\"%/u\x17\xdam\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d[\v\xfc\xad\x0f\xa8\xc5\xad\x001\x8b%\xaa?\x00\x00\x00\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV', 0x3)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = dup(r5)
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r7, 0x40000000af01, 0x0)
ptrace(0x4208, r1)
ioctl$VHOST_SET_MEM_TABLE(r7, 0x4008af03, &(0x7f0000000340))
ioctl$VHOST_SET_FEATURES(r7, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r7, 0x4008af30, &(0x7f00000002c0)={0x0, r6})
ioctl$VHOST_RESET_OWNER(r7, 0xaf02, 0x0)
dup(0xffffffffffffffff)
r8 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200), 0x1830d0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@access_client}, {@msize={'msize', 0x3d, 0x5}}, {@version_9p2000}, {@cachetag={'cachetag', 0x3d, '+\\&.%+['}}, {@debug={'debug', 0x3d, 0x3}}, {@debug={'debug', 0x3d, 0x8}}, {@uname={'uname', 0x3d, '[!\\'}}], [{@subj_role={'subj_role', 0x3d, '\xe8\xba\x10\x16\xa4c\x98\x94iYY5\x9f\x1e\xf4\x88\xd8F\x05\xb5'}}]}})

193.938µs ago: executing program 6 (id=4391):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'bond0\x00', <r1=>0x0})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8)
bind$packet(r0, &(0x7f0000000200)={0x11, 0xf8, r1, 0x1, 0x5, 0x6, @multicast}, 0x14)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x3}, 0x1c)

0s ago: executing program 6 (id=4392):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x21be, &(0x7f0000000200)={0x0, 0x1c2a, 0x10100, 0x0, 0xffffffff, 0x0, r1}, 0x0, &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
socket(0x28, 0x5, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x16b601, 0x0)
write$sequencer(r3, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x9)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000080))
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x3000000}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})

kernel console output (not intermixed with test programs):

 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  567.397171][T18463] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  567.397182][T18463] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000008010aa01
[  567.397188][T18463] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  567.397194][T18463] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  567.397200][T18463] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  567.397205][T18463] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  567.397218][T18463]  </TASK>
[  567.397228][T18463] ERROR: Out of memory at tomoyo_realpath_from_path.
[  567.479706][T18378] 8021q: adding VLAN 0 to HW filter on device batadv0
[  567.505580][T18378] veth0_vlan: entered promiscuous mode
[  567.510365][T18378] veth1_vlan: entered promiscuous mode
[  567.525912][T18378] veth0_macvtap: entered promiscuous mode
[  567.529584][T18378] veth1_macvtap: entered promiscuous mode
[  567.539847][T18378] batman_adv: batadv0: Interface activated: batadv_slave_0
[  567.546532][T18378] batman_adv: batadv0: Interface activated: batadv_slave_1
[  567.551478][T18378] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  567.554441][T18378] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  567.557355][T18378] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  567.560464][T18378] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  567.612480][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  567.616046][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  567.635353][  T684] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  567.641014][  T684] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  567.922575][T18485] usb usb3: usbfs: process 18485 (syz.5.4070) did not claim interface 0 before use
[  568.192720][ T5978] e1000 0000:00:06.0 eth0: Reset adapter
[  568.302727][   T58] e1000 0000:00:06.0 eth0: Reset adapter
[  568.461038][T18498] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4075'.
[  568.469052][T18498] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4075'.
[  568.472482][T18498] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4075'.
[  568.475384][T18498] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4075'.
[  569.210085][T18505] FAULT_INJECTION: forcing a failure.
[  569.210085][T18505] name failslab, interval 1, probability 0, space 0, times 0
[  569.215431][T18505] CPU: 1 UID: 0 PID: 18505 Comm: syz.5.4077 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  569.215447][T18505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  569.215453][T18505] Call Trace:
[  569.215457][T18505]  <TASK>
[  569.215461][T18505]  dump_stack_lvl+0x16c/0x1f0
[  569.215478][T18505]  should_fail_ex+0x512/0x640
[  569.215493][T18505]  ? fs_reclaim_acquire+0xae/0x150
[  569.215509][T18505]  ? tomoyo_encode2+0x100/0x3e0
[  569.215534][T18505]  should_failslab+0xc2/0x120
[  569.215546][T18505]  __kmalloc_noprof+0xd2/0x510
[  569.215557][T18505]  ? d_absolute_path+0x136/0x1a0
[  569.215572][T18505]  tomoyo_encode2+0x100/0x3e0
[  569.215586][T18505]  tomoyo_encode+0x29/0x50
[  569.215599][T18505]  tomoyo_realpath_from_path+0x18f/0x6e0
[  569.215617][T18505]  tomoyo_path_number_perm+0x245/0x580
[  569.215627][T18505]  ? tomoyo_path_number_perm+0x237/0x580
[  569.215640][T18505]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  569.215665][T18505]  ? find_held_lock+0x2b/0x80
[  569.215675][T18505]  ? hook_file_ioctl_common+0x145/0x410
[  569.215686][T18505]  ? __fget_files+0x204/0x3c0
[  569.215703][T18505]  ? __fget_files+0x20e/0x3c0
[  569.215717][T18505]  ? fput+0x20/0xf0
[  569.215730][T18505]  security_file_ioctl_compat+0x9b/0x240
[  569.215744][T18505]  __ia32_compat_sys_ioctl+0xc3/0x360
[  569.215760][T18505]  __do_fast_syscall_32+0x73/0x120
[  569.215775][T18505]  do_fast_syscall_32+0x32/0x80
[  569.215788][T18505]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  569.215801][T18505] RIP: 0023:0xf711e579
[  569.215809][T18505] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  569.215820][T18505] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  569.215830][T18505] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601
[  569.215836][T18505] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  569.215841][T18505] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  569.215847][T18505] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  569.215853][T18505] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  569.215866][T18505]  </TASK>
[  569.215918][T18505] ERROR: Out of memory at tomoyo_realpath_from_path.
[  569.232636][   T58] e1000 0000:00:06.0 eth0: Reset adapter
[  569.989217][ T1173] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.268605][ T1173] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.274791][T14600] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  571.280029][T14600] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  571.283873][T14600] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  571.288141][T14600] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  571.291526][T14600] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  571.316364][T18511] lo speed is unknown, defaulting to 1000
[  571.319210][T18511] lo speed is unknown, defaulting to 1000
[  571.404384][T18511] chnl_net:caif_netlink_parms(): no params data found
[  571.423325][   T58] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  571.507951][ T1173] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.513571][T18511] bridge0: port 1(bridge_slave_0) entered blocking state
[  571.515847][T18511] bridge0: port 1(bridge_slave_0) entered disabled state
[  571.518319][T18511] bridge_slave_0: entered allmulticast mode
[  571.521223][T18511] bridge_slave_0: entered promiscuous mode
[  571.524495][T18511] bridge0: port 2(bridge_slave_1) entered blocking state
[  571.526804][T18511] bridge0: port 2(bridge_slave_1) entered disabled state
[  571.529170][T18511] bridge_slave_1: entered allmulticast mode
[  571.531860][T18511] bridge_slave_1: entered promiscuous mode
[  571.583748][T18511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  571.603153][ T1173] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.614298][T18511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  571.651818][T18511] team0: Port device team_slave_0 added
[  571.655427][T18511] team0: Port device team_slave_1 added
[  571.697256][T18522] FAULT_INJECTION: forcing a failure.
[  571.697256][T18522] name failslab, interval 1, probability 0, space 0, times 0
[  571.697287][T18511] batman_adv: batadv0: Adding interface: batadv_slave_0
[  571.701433][T18522] CPU: 1 UID: 0 PID: 18522 Comm: syz.5.4080 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  571.701450][T18522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  571.701457][T18522] Call Trace:
[  571.701461][T18522]  <TASK>
[  571.701465][T18522]  dump_stack_lvl+0x16c/0x1f0
[  571.701484][T18522]  should_fail_ex+0x512/0x640
[  571.701498][T18522]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  571.701511][T18522]  should_failslab+0xc2/0x120
[  571.701524][T18522]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  571.701535][T18522]  ? __alloc_skb+0x2b2/0x380
[  571.701548][T18522]  __alloc_skb+0x2b2/0x380
[  571.701558][T18522]  ? __pfx___alloc_skb+0x10/0x10
[  571.701569][T18522]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  571.701585][T18522]  netlink_alloc_large_skb+0x69/0x130
[  571.701598][T18522]  netlink_sendmsg+0x6a1/0xdd0
[  571.701612][T18522]  ? __pfx_netlink_sendmsg+0x10/0x10
[  571.701625][T18522]  ? __import_iovec+0x1c8/0x660
[  571.701643][T18522]  ____sys_sendmsg+0xa95/0xc70
[  571.701658][T18522]  ? __pfx_____sys_sendmsg+0x10/0x10
[  571.701671][T18522]  ? get_compat_msghdr+0x11a/0x170
[  571.701687][T18522]  ___sys_sendmsg+0x134/0x1d0
[  571.701699][T18522]  ? __pfx____sys_sendmsg+0x10/0x10
[  571.701726][T18522]  __sys_sendmsg+0x16d/0x220
[  571.701737][T18522]  ? __pfx___sys_sendmsg+0x10/0x10
[  571.701752][T18522]  ? rcu_is_watching+0x12/0xc0
[  571.701763][T18522]  ? rcu_is_watching+0x12/0xc0
[  571.701773][T18522]  __do_fast_syscall_32+0x73/0x120
[  571.701788][T18522]  do_fast_syscall_32+0x32/0x80
[  571.701802][T18522]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  571.701815][T18522] RIP: 0023:0xf711e579
[  571.701823][T18522] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  571.701833][T18522] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  571.701843][T18522] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  571.701849][T18522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  571.701855][T18522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  571.701860][T18522] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  571.701866][T18522] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  571.701879][T18522]  </TASK>
[  571.778623][T18526] FAULT_INJECTION: forcing a failure.
[  571.778623][T18526] name failslab, interval 1, probability 0, space 0, times 0
[  571.780781][T18511] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  571.783345][T18526] CPU: 3 UID: 0 PID: 18526 Comm: syz.6.4082 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  571.783362][T18526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  571.783368][T18526] Call Trace:
[  571.783373][T18526]  <TASK>
[  571.783377][T18526]  dump_stack_lvl+0x16c/0x1f0
[  571.783394][T18526]  should_fail_ex+0x512/0x640
[  571.783408][T18526]  ? fs_reclaim_acquire+0xae/0x150
[  571.783424][T18526]  ? tomoyo_encode2+0x100/0x3e0
[  571.783437][T18526]  should_failslab+0xc2/0x120
[  571.783450][T18526]  __kmalloc_noprof+0xd2/0x510
[  571.783460][T18526]  ? d_absolute_path+0x136/0x1a0
[  571.783475][T18526]  tomoyo_encode2+0x100/0x3e0
[  571.783490][T18526]  tomoyo_encode+0x29/0x50
[  571.783502][T18526]  tomoyo_realpath_from_path+0x18f/0x6e0
[  571.783533][T18526]  tomoyo_path_number_perm+0x245/0x580
[  571.783544][T18526]  ? tomoyo_path_number_perm+0x237/0x580
[  571.783557][T18526]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  571.783583][T18526]  ? find_held_lock+0x2b/0x80
[  571.783592][T18526]  ? hook_file_ioctl_common+0x145/0x410
[  571.783607][T18526]  ? __fget_files+0x204/0x3c0
[  571.783625][T18526]  ? __fget_files+0x20e/0x3c0
[  571.783639][T18526]  ? fput+0x20/0xf0
[  571.783652][T18526]  security_file_ioctl_compat+0x9b/0x240
[  571.783666][T18526]  __ia32_compat_sys_ioctl+0xc3/0x360
[  571.783682][T18526]  __do_fast_syscall_32+0x73/0x120
[  571.783700][T18526]  do_fast_syscall_32+0x32/0x80
[  571.783713][T18526]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  571.783726][T18526] RIP: 0023:0xf7f88579
[  571.783734][T18526] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  571.783744][T18526] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  571.783753][T18526] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000001261
[  571.783760][T18526] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  571.783765][T18526] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  571.783771][T18526] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  571.783776][T18526] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  571.783789][T18526]  </TASK>
[  571.783832][T18526] ERROR: Out of memory at tomoyo_realpath_from_path.
[  571.786037][T18511] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  571.887432][T18511] batman_adv: batadv0: Adding interface: batadv_slave_1
[  571.889701][T18511] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  571.898965][T18511] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  571.903648][T18530] FAULT_INJECTION: forcing a failure.
[  571.903648][T18530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  571.908398][T18530] CPU: 3 UID: 0 PID: 18530 Comm: syz.5.4084 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  571.908413][T18530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  571.908420][T18530] Call Trace:
[  571.908424][T18530]  <TASK>
[  571.908429][T18530]  dump_stack_lvl+0x16c/0x1f0
[  571.908447][T18530]  should_fail_ex+0x512/0x640
[  571.908463][T18530]  _copy_from_user+0x2e/0xd0
[  571.908478][T18530]  copy_from_sockptr_offset.constprop.0+0x153/0x1a0
[  571.908494][T18530]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  571.908509][T18530]  ? __local_bh_enable_ip+0xa4/0x120
[  571.908521][T18530]  ? lockdep_hardirqs_on+0x7c/0x110
[  571.908536][T18530]  do_ip_getsockopt+0x1a88/0x2100
[  571.908552][T18530]  ? __pfx_do_ip_getsockopt+0x10/0x10
[  571.908566][T18530]  ? _kstrtoull+0x145/0x200
[  571.908577][T18530]  ? __pfx__kstrtoull+0x10/0x10
[  571.908587][T18530]  ? aa_label_sk_perm+0x19b/0x5a0
[  571.908608][T18530]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  571.908620][T18530]  ? __lock_acquire+0x5ca/0x1ba0
[  571.908643][T18530]  ? get_pid_task+0xfc/0x250
[  571.908656][T18530]  ? __pfx___might_resched+0x10/0x10
[  571.908669][T18530]  ip_getsockopt+0x9b/0x1e0
[  571.908682][T18530]  ? aa_sk_perm+0x2f4/0xb10
[  571.908706][T18530]  ? __pfx_ip_getsockopt+0x10/0x10
[  571.908721][T18530]  ? __pfx_aa_sk_perm+0x10/0x10
[  571.908734][T18530]  tcp_getsockopt+0x9e/0x100
[  571.908743][T18530]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  571.908758][T18530]  do_sock_getsockopt+0x3fc/0x800
[  571.908774][T18530]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  571.908786][T18530]  ? __fget_files+0x204/0x3c0
[  571.908808][T18530]  __sys_getsockopt+0x123/0x1a0
[  571.908822][T18530]  __ia32_sys_getsockopt+0xbc/0x160
[  571.908832][T18530]  ? lockdep_hardirqs_on+0x7c/0x110
[  571.908845][T18530]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  571.908858][T18530]  __do_fast_syscall_32+0x73/0x120
[  571.908873][T18530]  do_fast_syscall_32+0x32/0x80
[  571.908887][T18530]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  571.908900][T18530] RIP: 0023:0xf711e579
[  571.908908][T18530] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  571.908918][T18530] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  571.908927][T18530] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  571.908934][T18530] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000080695ffc
[  571.908940][T18530] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  571.908945][T18530] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  571.908951][T18530] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  571.908964][T18530]  </TASK>
[  572.003761][    C3] vkms_vblank_simulate: vblank timer overrun
[  572.636245][T18511] hsr_slave_0: entered promiscuous mode
[  572.644094][T18511] hsr_slave_1: entered promiscuous mode
[  572.784878][ T1173] bridge_slave_1: left allmulticast mode
[  572.786812][ T1173] bridge_slave_1: left promiscuous mode
[  572.788767][ T1173] bridge0: port 2(bridge_slave_1) entered disabled state
[  572.794463][ T1173] bridge_slave_0: left allmulticast mode
[  572.796345][ T1173] bridge_slave_0: left promiscuous mode
[  572.798229][ T1173] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.140801][ T1173] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  573.150770][ T1173] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  573.158646][ T1173] bond0 (unregistering): Released all slaves
[  573.342628][T14600] Bluetooth: hci2: command tx timeout
[  573.494812][ T1173] hsr_slave_0: left promiscuous mode
[  573.497475][ T1173] hsr_slave_1: left promiscuous mode
[  573.499616][ T1173] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  573.503624][ T1173] batman_adv: batadv0: Removing interface: batadv_slave_0
[  573.507585][ T1173] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  573.510501][ T1173] batman_adv: batadv0: Removing interface: batadv_slave_1
[  573.538722][ T1173] veth1_macvtap: left promiscuous mode
[  573.540642][ T1173] veth0_macvtap: left promiscuous mode
[  573.543104][ T1173] veth1_vlan: left promiscuous mode
[  573.544841][ T1173] veth0_vlan: left promiscuous mode
[  574.191504][T18578] FAULT_INJECTION: forcing a failure.
[  574.191504][T18578] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  574.198943][T18578] CPU: 3 UID: 0 PID: 18578 Comm: syz.5.4096 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  574.198968][T18578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  574.198978][T18578] Call Trace:
[  574.198986][T18578]  <TASK>
[  574.198994][T18578]  dump_stack_lvl+0x16c/0x1f0
[  574.199022][T18578]  should_fail_ex+0x512/0x640
[  574.199050][T18578]  should_fail_alloc_page+0xe7/0x130
[  574.199099][T18578]  prepare_alloc_pages+0x3c2/0x610
[  574.199125][T18578]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  574.199148][T18578]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  574.199167][T18578]  ? unwind_get_return_address+0x59/0xa0
[  574.199188][T18578]  ? arch_stack_walk+0xa6/0x100
[  574.199213][T18578]  ? __lock_acquire+0x5ca/0x1ba0
[  574.199245][T18578]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  574.199264][T18578]  ? stack_trace_save+0x8e/0xc0
[  574.199290][T18578]  ? find_held_lock+0x2b/0x80
[  574.199306][T18578]  ? __update_page_owner_handle+0x37c/0x530
[  574.199326][T18578]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  574.199351][T18578]  ? policy_nodemask+0xea/0x4e0
[  574.199374][T18578]  alloc_pages_mpol+0x1fb/0x550
[  574.199396][T18578]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  574.199423][T18578]  alloc_pages_noprof+0x131/0x390
[  574.199444][T18578]  __pmd_alloc+0x3f/0x870
[  574.199466][T18578]  ? find_held_lock+0x2b/0x80
[  574.199484][T18578]  __handle_mm_fault+0x948/0x2a40
[  574.199507][T18578]  ? __pfx___handle_mm_fault+0x10/0x10
[  574.199538][T18578]  ? find_vma+0xbf/0x140
[  574.199559][T18578]  ? __pfx_find_vma+0x10/0x10
[  574.199584][T18578]  handle_mm_fault+0x3fe/0xad0
[  574.199607][T18578]  do_user_addr_fault+0x7a6/0x1370
[  574.199627][T18578]  ? rcu_is_watching+0x12/0xc0
[  574.199647][T18578]  exc_page_fault+0x5c/0xc0
[  574.199669][T18578]  asm_exc_page_fault+0x26/0x30
[  574.199686][T18578] RIP: 0010:_copy_from_user+0x93/0xd0
[  574.199711][T18578] Code: f6 ec fc 89 ee 4c 89 ef 48 b8 00 f0 ff ff ff 7f 00 00 48 39 c3 48 0f 47 d8 e8 59 80 51 fd 0f 01 cb 4c 89 ef 48 89 de 48 89 e9 <f3> a4 0f 1f 00 49 89 cc 48 89 cb 0f 01 ca 31 ff 48 89 ce e8 c5 f1
[  574.199727][T18578] RSP: 0018:ffffc90003847a48 EFLAGS: 00050297
[  574.199741][T18578] RAX: 0000000000000001 RBX: 00000000800066c0 RCX: 000000000000001c
[  574.199751][T18578] RDX: fffff52000708f55 RSI: 00000000800066c0 RDI: ffffc90003847a90
[  574.199762][T18578] RBP: 000000000000001c R08: 0000000000000001 R09: fffff52000708f55
[  574.199772][T18578] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000
[  574.199781][T18578] R13: ffffc90003847a90 R14: ffffc90003847b50 R15: 00000000800066c0
[  574.199804][T18578]  ? _copy_from_user+0x87/0xd0
[  574.199828][T18578]  get_compat_msghdr+0xa7/0x170
[  574.199846][T18578]  ? __pfx_get_compat_msghdr+0x10/0x10
[  574.199867][T18578]  ? __lock_acquire+0x5ca/0x1ba0
[  574.199892][T18578]  ___sys_recvmsg+0x191/0x1a0
[  574.199912][T18578]  ? __pfx____sys_recvmsg+0x10/0x10
[  574.199944][T18578]  ? get_pid_task+0xb0/0x250
[  574.199972][T18578]  do_recvmmsg+0x568/0x740
[  574.199995][T18578]  ? __pfx_do_recvmmsg+0x10/0x10
[  574.200032][T18578]  ? __fget_files+0x20e/0x3c0
[  574.200060][T18578]  __sys_recvmmsg+0x21c/0x280
[  574.200079][T18578]  ? __pfx___sys_recvmmsg+0x10/0x10
[  574.200096][T18578]  ? __pfx_ksys_write+0x10/0x10
[  574.200114][T18578]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  574.200130][T18578]  ? lockdep_hardirqs_on+0x7c/0x110
[  574.200149][T18578]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  574.200168][T18578]  __do_fast_syscall_32+0x73/0x120
[  574.200192][T18578]  do_fast_syscall_32+0x32/0x80
[  574.200213][T18578]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  574.200231][T18578] RIP: 0023:0xf711e579
[  574.200255][T18578] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  574.200270][T18578] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  574.200285][T18578] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800066c0
[  574.200295][T18578] RDX: 0000000000000a0d RSI: 0000000000000000 RDI: 0000000000000000
[  574.200305][T18578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  574.200314][T18578] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  574.200322][T18578] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  574.200341][T18578]  </TASK>
[  574.564076][ T1173] team0 (unregistering): Port device team_slave_1 removed
[  574.730867][ T1173] team0 (unregistering): Port device team_slave_0 removed
[  574.820730][T18593] usb usb3: usbfs: process 18593 (syz.6.4102) did not claim interface 0 before use
[  575.383479][T18573] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  575.387006][T18573] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  575.390150][T18573] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  575.424238][T14600] Bluetooth: hci2: command 0x041b tx timeout
[  575.498860][T18602] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4104'.
[  575.636161][T18511] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  575.640383][T18511] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  575.652272][T18511] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  575.657845][T18511] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  575.705616][T18511] 8021q: adding VLAN 0 to HW filter on device bond0
[  575.714684][T18511] 8021q: adding VLAN 0 to HW filter on device team0
[  575.719919][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[  575.722310][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[  575.727866][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  575.730350][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  575.865024][T18511] 8021q: adding VLAN 0 to HW filter on device batadv0
[  575.890216][T18511] veth0_vlan: entered promiscuous mode
[  575.895278][T18511] veth1_vlan: entered promiscuous mode
[  575.916246][T18511] veth0_macvtap: entered promiscuous mode
[  575.918817][T18610] overlay: Unknown parameter 'fsmagic'
[  575.923993][T18511] veth1_macvtap: entered promiscuous mode
[  575.937438][T18511] batman_adv: batadv0: Interface activated: batadv_slave_0
[  575.945241][T18511] batman_adv: batadv0: Interface activated: batadv_slave_1
[  575.951547][T18511] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  575.956359][T18511] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  575.960016][T18511] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  575.964206][T18511] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  576.008570][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  576.013957][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  576.031639][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  576.035487][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  577.416807][T18631] 9pnet_virtio: no channels available for device syz
[  577.738079][T18639] FAULT_INJECTION: forcing a failure.
[  577.738079][T18639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  577.744833][T18639] CPU: 0 UID: 0 PID: 18639 Comm: syz.6.4116 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  577.744848][T18639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  577.744855][T18639] Call Trace:
[  577.744858][T18639]  <TASK>
[  577.744863][T18639]  dump_stack_lvl+0x16c/0x1f0
[  577.744881][T18639]  should_fail_ex+0x512/0x640
[  577.744897][T18639]  _copy_to_user+0x32/0xd0
[  577.744913][T18639]  put_cmsg_compat+0x218/0x730
[  577.744927][T18639]  ? __pfx_put_cmsg_compat+0x10/0x10
[  577.744937][T18639]  ? find_held_lock+0x2b/0x80
[  577.744952][T18639]  ? kernel_text_address+0x8d/0x100
[  577.744967][T18639]  ? __kernel_text_address+0xd/0x40
[  577.744983][T18639]  put_cmsg+0x51e/0x5e0
[  577.744996][T18639]  put_cmsg_scm_timestamping64+0x150/0x260
[  577.745008][T18639]  ? __pfx_put_cmsg_scm_timestamping64+0x10/0x10
[  577.745024][T18639]  __sock_recv_timestamp+0x6bd/0x1720
[  577.745042][T18639]  ? __pfx___sock_recv_timestamp+0x10/0x10
[  577.745058][T18639]  ? simple_copy_to_iter+0x4e/0x90
[  577.745073][T18639]  ? __skb_datagram_iter+0x1a8/0x8c0
[  577.745087][T18639]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  577.745108][T18639]  ip_recv_error+0x2e6/0xda0
[  577.745124][T18639]  ? __pfx_ip_recv_error+0x10/0x10
[  577.745142][T18639]  inet_recv_error+0xda/0x110
[  577.745157][T18639]  tcp_recvmsg+0x5eb/0x680
[  577.745173][T18639]  ? __pfx_tcp_recvmsg+0x10/0x10
[  577.745187][T18639]  ? trace_mm_page_alloc+0x11f/0x1a0
[  577.745204][T18639]  ? aa_sk_perm+0x2f4/0xb10
[  577.745217][T18639]  ? __pfx_tcp_recvmsg+0x10/0x10
[  577.745230][T18639]  inet_recvmsg+0x12a/0x6a0
[  577.745244][T18639]  ? __pfx_inet_recvmsg+0x10/0x10
[  577.745262][T18639]  sock_recvmsg+0x1b2/0x250
[  577.745275][T18639]  ____sys_recvmsg+0x218/0x6b0
[  577.745291][T18639]  ? __pfx_____sys_recvmsg+0x10/0x10
[  577.745304][T18639]  ? import_iovec+0x86/0xb0
[  577.745323][T18639]  ? __lock_acquire+0x5ca/0x1ba0
[  577.745338][T18639]  ___sys_recvmsg+0x114/0x1a0
[  577.745350][T18639]  ? __pfx____sys_recvmsg+0x10/0x10
[  577.745367][T18639]  ? get_pid_task+0xb0/0x250
[  577.745384][T18639]  do_recvmmsg+0x568/0x740
[  577.745393][T18639]  ? find_held_lock+0x2b/0x80
[  577.745404][T18639]  ? __pfx_do_recvmmsg+0x10/0x10
[  577.745424][T18639]  ? __fget_files+0x20e/0x3c0
[  577.745441][T18639]  __sys_recvmmsg+0x21c/0x280
[  577.745453][T18639]  ? __pfx___sys_recvmmsg+0x10/0x10
[  577.745465][T18639]  ? __pfx_ksys_write+0x10/0x10
[  577.745476][T18639]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  577.745487][T18639]  ? lockdep_hardirqs_on+0x7c/0x110
[  577.745505][T18639]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  577.745519][T18639]  __do_fast_syscall_32+0x73/0x120
[  577.745534][T18639]  do_fast_syscall_32+0x32/0x80
[  577.745548][T18639]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  577.745560][T18639] RIP: 0023:0xf7f88579
[  577.745569][T18639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  577.745578][T18639] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  577.745588][T18639] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080005b40
[  577.745594][T18639] RDX: 0000000000000001 RSI: 0000000000003072 RDI: 0000000000000000
[  577.745600][T18639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  577.745605][T18639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  577.745623][T18639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  577.745637][T18639]  </TASK>
[  578.041743][T18647] FAULT_INJECTION: forcing a failure.
[  578.041743][T18647] name failslab, interval 1, probability 0, space 0, times 0
[  578.045999][T18647] CPU: 2 UID: 0 PID: 18647 Comm: syz.7.4120 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  578.046014][T18647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  578.046020][T18647] Call Trace:
[  578.046024][T18647]  <TASK>
[  578.046028][T18647]  dump_stack_lvl+0x16c/0x1f0
[  578.046046][T18647]  should_fail_ex+0x512/0x640
[  578.046060][T18647]  ? fs_reclaim_acquire+0xae/0x150
[  578.046076][T18647]  ? tomoyo_encode2+0x100/0x3e0
[  578.046088][T18647]  should_failslab+0xc2/0x120
[  578.046101][T18647]  __kmalloc_noprof+0xd2/0x510
[  578.046115][T18647]  tomoyo_encode2+0x100/0x3e0
[  578.046130][T18647]  tomoyo_encode+0x29/0x50
[  578.046142][T18647]  tomoyo_realpath_from_path+0x18f/0x6e0
[  578.046157][T18647]  ? tomoyo_profile+0x47/0x60
[  578.046173][T18647]  tomoyo_path_number_perm+0x245/0x580
[  578.046184][T18647]  ? tomoyo_path_number_perm+0x237/0x580
[  578.046197][T18647]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  578.046222][T18647]  ? find_held_lock+0x2b/0x80
[  578.046232][T18647]  ? hook_file_ioctl_common+0x145/0x410
[  578.046243][T18647]  ? __fget_files+0x204/0x3c0
[  578.046260][T18647]  ? __fget_files+0x20e/0x3c0
[  578.046274][T18647]  ? fput+0x20/0xf0
[  578.046287][T18647]  security_file_ioctl_compat+0x9b/0x240
[  578.046307][T18647]  __ia32_compat_sys_ioctl+0xc3/0x360
[  578.046323][T18647]  __do_fast_syscall_32+0x73/0x120
[  578.046338][T18647]  do_fast_syscall_32+0x32/0x80
[  578.046352][T18647]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  578.046364][T18647] RIP: 0023:0xf70be579
[  578.046372][T18647] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  578.046382][T18647] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  578.046391][T18647] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008946
[  578.046398][T18647] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  578.046403][T18647] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  578.046409][T18647] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  578.046414][T18647] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  578.046427][T18647]  </TASK>
[  578.046815][T18647] ERROR: Out of memory at tomoyo_realpath_from_path.
[  578.349832][T18649] usb usb3: usbfs: process 18649 (syz.7.4121) did not claim interface 0 before use
[  578.707986][   T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  580.013002][T18657] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4124'.
[  580.125122][   T67] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  580.132101][   T67] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  580.138773][   T67] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  580.153421][   T67] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  580.162753][   T67] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  580.202694][T18665] lo speed is unknown, defaulting to 1000
[  580.205823][T18665] lo speed is unknown, defaulting to 1000
[  580.252336][   T34] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  580.372112][   T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  580.423181][   T34] usb 10-1: Using ep0 maxpacket: 8
[  580.458329][   T34] usb 10-1: config 0 has no interfaces?
[  580.465464][   T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  580.468123][   T34] usb 10-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[  580.472465][   T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.492837][   T34] usb 10-1: config 0 descriptor??
[  580.530425][   T40] audit: type=1326 audit(1746717697.583:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18670 comm="syz.6.4127" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f88579 code=0x0
[  580.582027][T18673] FAULT_INJECTION: forcing a failure.
[  580.582027][T18673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  580.586480][T18673] CPU: 0 UID: 0 PID: 18673 Comm: syz.6.4127 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  580.586494][T18673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  580.586500][T18673] Call Trace:
[  580.586504][T18673]  <TASK>
[  580.586508][T18673]  dump_stack_lvl+0x16c/0x1f0
[  580.586528][T18673]  should_fail_ex+0x512/0x640
[  580.586544][T18673]  _copy_to_user+0x32/0xd0
[  580.586560][T18673]  simple_read_from_buffer+0xcb/0x170
[  580.586576][T18673]  proc_fail_nth_read+0x197/0x270
[  580.586590][T18673]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  580.586605][T18673]  ? rw_verify_area+0xcf/0x680
[  580.586619][T18673]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  580.586632][T18673]  vfs_read+0x1de/0xc70
[  580.586643][T18673]  ? __pfx___mutex_lock+0x10/0x10
[  580.586657][T18673]  ? __pfx_vfs_read+0x10/0x10
[  580.586669][T18673]  ? __fget_files+0x20e/0x3c0
[  580.586688][T18673]  ksys_read+0x12a/0x240
[  580.586697][T18673]  ? __pfx_ksys_read+0x10/0x10
[  580.586707][T18673]  ? rcu_is_watching+0x12/0xc0
[  580.586719][T18673]  __do_fast_syscall_32+0x73/0x120
[  580.586734][T18673]  do_fast_syscall_32+0x32/0x80
[  580.586748][T18673]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  580.586760][T18673] RIP: 0023:0xf7f88579
[  580.586769][T18673] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  580.586779][T18673] RSP: 002b:00000000f5085590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  580.586789][T18673] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5085620
[  580.586795][T18673] RDX: 000000000000000f RSI: 00000000f7412ff4 RDI: 0000000000000000
[  580.586801][T18673] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  580.586807][T18673] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  580.586812][T18673] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  580.586825][T18673]  </TASK>
[  580.669730][   T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  580.676589][T18665] chnl_net:caif_netlink_parms(): no params data found
[  580.763220][T18665] bridge0: port 1(bridge_slave_0) entered blocking state
[  580.766385][T18665] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.769545][T18665] bridge_slave_0: entered allmulticast mode
[  580.773221][T18665] bridge_slave_0: entered promiscuous mode
[  580.777565][T18665] bridge0: port 2(bridge_slave_1) entered blocking state
[  580.780044][T18665] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.782612][T18665] bridge_slave_1: entered allmulticast mode
[  580.785518][T18665] bridge_slave_1: entered promiscuous mode
[  580.871160][T18665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  580.880276][T18665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  580.905536][   T24] usb 10-1: USB disconnect, device number 16
[  580.930356][   T46] bridge_slave_1: left allmulticast mode
[  580.933470][   T46] bridge_slave_1: left promiscuous mode
[  580.935433][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.939334][   T46] bridge_slave_0: left allmulticast mode
[  580.941461][   T46] bridge_slave_0: left promiscuous mode
[  580.945387][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.243236][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  581.247602][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  581.251779][   T46] bond0 (unregistering): Released all slaves
[  581.262564][T18665] team0: Port device team_slave_0 added
[  581.275061][T18665] team0: Port device team_slave_1 added
[  581.334289][T18689] usb usb3: usbfs: process 18689 (syz.5.4130) did not claim interface 0 before use
[  581.343753][T18665] batman_adv: batadv0: Adding interface: batadv_slave_0
[  581.346127][T18665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.354791][T18665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  581.359300][T18665] batman_adv: batadv0: Adding interface: batadv_slave_1
[  581.361624][T18665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.371142][T18665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  581.441551][T18665] hsr_slave_0: entered promiscuous mode
[  581.444288][T18665] hsr_slave_1: entered promiscuous mode
[  581.446902][T18665] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  581.449458][T18665] Cannot create hsr debugfs directory
[  581.460475][T18692] FAULT_INJECTION: forcing a failure.
[  581.460475][T18692] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  581.465054][T18692] CPU: 1 UID: 0 PID: 18692 Comm: syz.5.4131 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  581.465069][T18692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  581.465075][T18692] Call Trace:
[  581.465080][T18692]  <TASK>
[  581.465084][T18692]  dump_stack_lvl+0x16c/0x1f0
[  581.465101][T18692]  should_fail_ex+0x512/0x640
[  581.465118][T18692]  _copy_from_user+0x2e/0xd0
[  581.465133][T18692]  ucma_get_event+0xcb/0x730
[  581.465149][T18692]  ? __pfx_ucma_get_event+0x10/0x10
[  581.465163][T18692]  ? find_held_lock+0x2b/0x80
[  581.465172][T18692]  ? __might_fault+0xe3/0x190
[  581.465197][T18692]  ? __might_fault+0xe3/0x190
[  581.465207][T18692]  ? __might_fault+0x13b/0x190
[  581.465221][T18692]  ? __pfx_ucma_get_event+0x10/0x10
[  581.465235][T18692]  ucma_write+0x1f8/0x330
[  581.465248][T18692]  ? __pfx_ucma_write+0x10/0x10
[  581.465259][T18692]  ? bpf_lsm_file_permission+0x9/0x10
[  581.465275][T18692]  ? security_file_permission+0x71/0x210
[  581.465289][T18692]  ? rw_verify_area+0xcf/0x680
[  581.465305][T18692]  vfs_write+0x25c/0x1180
[  581.465314][T18692]  ? __pfx_ucma_write+0x10/0x10
[  581.465328][T18692]  ? __pfx_vfs_write+0x10/0x10
[  581.465336][T18692]  ? find_held_lock+0x2b/0x80
[  581.465345][T18692]  ? __fget_files+0x204/0x3c0
[  581.465362][T18692]  ? __fget_files+0x20e/0x3c0
[  581.465380][T18692]  ksys_write+0x205/0x240
[  581.465389][T18692]  ? __pfx_ksys_write+0x10/0x10
[  581.465400][T18692]  ? rcu_is_watching+0x12/0xc0
[  581.465411][T18692]  __do_fast_syscall_32+0x73/0x120
[  581.465433][T18692]  do_fast_syscall_32+0x32/0x80
[  581.465447][T18692]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  581.465459][T18692] RIP: 0023:0xf711e579
[  581.465467][T18692] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  581.465478][T18692] RSP: 002b:00000000f50ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  581.465487][T18692] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000380
[  581.465493][T18692] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  581.465499][T18692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  581.465504][T18692] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  581.465510][T18692] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  581.465522][T18692]  </TASK>
[  581.675472][   T46] hsr_slave_0: left promiscuous mode
[  581.678301][   T46] hsr_slave_1: left promiscuous mode
[  581.680446][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  581.684280][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  581.688223][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  581.690728][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  581.723797][   T46] veth1_macvtap: left promiscuous mode
[  581.725668][   T46] veth0_macvtap: left promiscuous mode
[  581.727526][   T46] veth1_vlan: left promiscuous mode
[  581.729284][   T46] veth0_vlan: left promiscuous mode
[  581.843387][T18704] FAULT_INJECTION: forcing a failure.
[  581.843387][T18704] name failslab, interval 1, probability 0, space 0, times 0
[  581.852293][T18704] CPU: 3 UID: 0 PID: 18704 Comm: syz.7.4134 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  581.852310][T18704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  581.852316][T18704] Call Trace:
[  581.852324][T18704]  <TASK>
[  581.852329][T18704]  dump_stack_lvl+0x16c/0x1f0
[  581.852346][T18704]  should_fail_ex+0x512/0x640
[  581.852361][T18704]  ? fs_reclaim_acquire+0xae/0x150
[  581.852378][T18704]  ? tomoyo_encode2+0x100/0x3e0
[  581.852391][T18704]  should_failslab+0xc2/0x120
[  581.852404][T18704]  __kmalloc_noprof+0xd2/0x510
[  581.852418][T18704]  tomoyo_encode2+0x100/0x3e0
[  581.852433][T18704]  tomoyo_encode+0x29/0x50
[  581.852446][T18704]  tomoyo_realpath_from_path+0x18f/0x6e0
[  581.852461][T18704]  ? tomoyo_profile+0x47/0x60
[  581.852478][T18704]  tomoyo_path_number_perm+0x245/0x580
[  581.852489][T18704]  ? tomoyo_path_number_perm+0x237/0x580
[  581.852501][T18704]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  581.852530][T18704]  ? find_held_lock+0x2b/0x80
[  581.852540][T18704]  ? hook_file_ioctl_common+0x145/0x410
[  581.852551][T18704]  ? __fget_files+0x204/0x3c0
[  581.852568][T18704]  ? __fget_files+0x20e/0x3c0
[  581.852581][T18704]  ? fput+0x20/0xf0
[  581.852594][T18704]  security_file_ioctl_compat+0x9b/0x240
[  581.852608][T18704]  __ia32_compat_sys_ioctl+0xc3/0x360
[  581.852624][T18704]  __do_fast_syscall_32+0x73/0x120
[  581.852639][T18704]  do_fast_syscall_32+0x32/0x80
[  581.852653][T18704]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  581.852665][T18704] RIP: 0023:0xf70be579
[  581.852673][T18704] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  581.852682][T18704] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  581.852692][T18704] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000008b04
[  581.852699][T18704] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  581.852704][T18704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  581.852710][T18704] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  581.852715][T18704] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  581.852728][T18704]  </TASK>
[  581.852739][T18704] ERROR: Out of memory at tomoyo_realpath_from_path.
[  582.226697][   T67] Bluetooth: hci2: command tx timeout
[  582.523343][T18707] FAULT_INJECTION: forcing a failure.
[  582.523343][T18707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  582.527566][T18707] CPU: 0 UID: 0 PID: 18707 Comm: syz.6.4135 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  582.527581][T18707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  582.527587][T18707] Call Trace:
[  582.527591][T18707]  <TASK>
[  582.527596][T18707]  dump_stack_lvl+0x16c/0x1f0
[  582.527613][T18707]  should_fail_ex+0x512/0x640
[  582.527630][T18707]  strncpy_from_user+0x3b/0x2e0
[  582.527644][T18707]  getname_flags.part.0+0x8f/0x550
[  582.527659][T18707]  getname_flags+0x93/0xf0
[  582.527674][T18707]  do_readlinkat+0xb4/0x3a0
[  582.527686][T18707]  ? fput+0x70/0xf0
[  582.527698][T18707]  ? __pfx_do_readlinkat+0x10/0x10
[  582.527708][T18707]  ? ksys_write+0x1b9/0x240
[  582.527718][T18707]  ? __pfx_ksys_write+0x10/0x10
[  582.527729][T18707]  __ia32_sys_readlink+0x76/0xc0
[  582.527742][T18707]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  582.527756][T18707]  __do_fast_syscall_32+0x73/0x120
[  582.527771][T18707]  do_fast_syscall_32+0x32/0x80
[  582.527785][T18707]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  582.527798][T18707] RIP: 0023:0xf7f88579
[  582.527807][T18707] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  582.527816][T18707] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000055
[  582.527827][T18707] RAX: ffffffffffffffda RBX: 0000000080000100 RCX: 0000000000000000
[  582.527833][T18707] RDX: 000000000000fff1 RSI: 0000000000000000 RDI: 0000000000000000
[  582.527839][T18707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  582.527844][T18707] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  582.527850][T18707] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  582.527862][T18707]  </TASK>
[  582.883167][T18713] siw: device registration error -23
[  582.888378][   T46] team0 (unregistering): Port device team_slave_1 removed
[  583.021061][   T46] team0 (unregistering): Port device team_slave_0 removed
[  583.869946][T18721] overlayfs: conflicting lowerdir path
[  583.928172][T18719] usb usb3: usbfs: process 18719 (syz.6.4139) did not claim interface 0 before use
[  584.187293][T18665] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  584.191729][T18665] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  584.204712][T18665] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  584.210604][T18665] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  584.266741][T18665] 8021q: adding VLAN 0 to HW filter on device bond0
[  584.276825][T18665] 8021q: adding VLAN 0 to HW filter on device team0
[  584.283364][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[  584.286395][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[  584.298767][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[  584.301237][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[  584.312268][T14600] Bluetooth: hci2: command tx timeout
[  584.518511][T18665] 8021q: adding VLAN 0 to HW filter on device batadv0
[  584.551580][T18665] veth0_vlan: entered promiscuous mode
[  584.563983][T18665] veth1_vlan: entered promiscuous mode
[  584.583781][T18665] veth0_macvtap: entered promiscuous mode
[  584.587856][T18665] veth1_macvtap: entered promiscuous mode
[  584.599468][T18665] batman_adv: batadv0: Interface activated: batadv_slave_0
[  584.606724][T18665] batman_adv: batadv0: Interface activated: batadv_slave_1
[  584.613982][T18665] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  584.616944][T18665] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  584.619837][T18665] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  584.623083][T18665] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  584.692917][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  584.695479][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  584.705025][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  584.707833][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  585.212697][   T24] e1000 0000:00:06.0 eth0: Reset adapter
[  585.322610][   T24] e1000 0000:00:06.0 eth0: Reset adapter
[  586.373556][T18765] usb usb3: usbfs: process 18765 (syz.5.4152) did not claim interface 0 before use
[  586.382422][T14600] Bluetooth: hci2: command 0x040f tx timeout
[  586.482487][T18772] FAULT_INJECTION: forcing a failure.
[  586.482487][T18772] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  586.487031][T18772] CPU: 1 UID: 0 PID: 18772 Comm: syz.5.4154 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  586.487047][T18772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  586.487064][T18772] Call Trace:
[  586.487070][T18772]  <TASK>
[  586.487076][T18772]  dump_stack_lvl+0x16c/0x1f0
[  586.487094][T18772]  should_fail_ex+0x512/0x640
[  586.487110][T18772]  copy_fpstate_to_sigframe+0x878/0xb10
[  586.487128][T18772]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  586.487142][T18772]  ? posixtimer_deliver_signal+0xed/0x6a0
[  586.487162][T18772]  ? posixtimer_deliver_signal+0x1af/0x6a0
[  586.487177][T18772]  get_sigframe+0x4a8/0x9c0
[  586.487193][T18772]  ? __pfx_get_sigframe+0x10/0x10
[  586.487207][T18772]  ? _raw_spin_unlock_irq+0x23/0x50
[  586.487219][T18772]  ? siginfo_layout+0x177/0x290
[  586.487231][T18772]  ia32_setup_rt_frame+0xe3/0xb30
[  586.487245][T18772]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  586.487255][T18772]  ? __do_compat_sys_waitid+0x17a/0x250
[  586.487273][T18772]  arch_do_signal_or_restart+0x47b/0x7a0
[  586.487287][T18772]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  586.487305][T18772]  ? __pfx_ksys_write+0x10/0x10
[  586.487318][T18772]  syscall_exit_to_user_mode+0x150/0x2a0
[  586.487332][T18772]  __do_fast_syscall_32+0x80/0x120
[  586.487347][T18772]  do_fast_syscall_32+0x32/0x80
[  586.487361][T18772]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  586.487374][T18772] RIP: 0023:0xf711e577
[  586.487382][T18772] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  586.487392][T18772] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 000000000000011c
[  586.487403][T18772] RAX: 000000000000011c RBX: 0000000000000000 RCX: 0000000000000000
[  586.487409][T18772] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
[  586.487415][T18772] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  586.487420][T18772] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  586.487426][T18772] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  586.487438][T18772]  </TASK>
[  586.490165][T18774] bond0: (slave bridge0): Releasing backup interface
[  587.503243][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  588.568581][  T684] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  588.696907][  T684] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  588.777645][  T684] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  588.855599][  T684] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  588.947495][  T684] bridge_slave_1: left allmulticast mode
[  588.949372][  T684] bridge_slave_1: left promiscuous mode
[  588.951319][  T684] bridge0: port 2(bridge_slave_1) entered disabled state
[  588.955242][  T684] bridge_slave_0: left allmulticast mode
[  588.957087][  T684] bridge_slave_0: left promiscuous mode
[  588.959013][  T684] bridge0: port 1(bridge_slave_0) entered disabled state
[  589.228472][  T684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  589.232917][  T684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  589.236712][  T684] bond0 (unregistering): Released all slaves
[  589.529052][  T684] hsr_slave_0: left promiscuous mode
[  589.531254][  T684] hsr_slave_1: left promiscuous mode
[  589.533811][  T684] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  589.536973][  T684] batman_adv: batadv0: Removing interface: batadv_slave_0
[  589.540085][  T684] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  589.542815][  T684] batman_adv: batadv0: Removing interface: batadv_slave_1
[  589.567725][  T684] veth1_macvtap: left promiscuous mode
[  589.569708][  T684] veth0_macvtap: left promiscuous mode
[  589.571696][  T684] veth1_vlan: left promiscuous mode
[  589.574806][  T684] veth0_vlan: left promiscuous mode
[  589.963942][T18784] 9pnet_virtio: no channels available for device syz
[  590.083970][T14600] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  590.096889][T14600] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  590.101090][T14600] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  590.109628][T14600] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  590.124652][T14600] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  590.426006][  T684] team0 (unregistering): Port device team_slave_1 removed
[  590.513659][  T684] team0 (unregistering): Port device team_slave_0 removed
[  591.169314][T18786] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  591.182302][T18786] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  591.188685][T18786] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  591.203515][T18792] lo speed is unknown, defaulting to 1000
[  591.206325][T18792] lo speed is unknown, defaulting to 1000
[  591.415107][T18792] chnl_net:caif_netlink_parms(): no params data found
[  591.547132][T18792] bridge0: port 1(bridge_slave_0) entered blocking state
[  591.549519][T18792] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.552076][T18792] bridge_slave_0: entered allmulticast mode
[  591.555421][T18792] bridge_slave_0: entered promiscuous mode
[  591.558722][T18792] bridge0: port 2(bridge_slave_1) entered blocking state
[  591.561128][T18792] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.563737][T18792] bridge_slave_1: entered allmulticast mode
[  591.566410][T18792] bridge_slave_1: entered promiscuous mode
[  591.615210][T18792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  591.621364][T18792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  591.665093][T18792] team0: Port device team_slave_0 added
[  591.670445][T18792] team0: Port device team_slave_1 added
[  591.715768][T18792] batman_adv: batadv0: Adding interface: batadv_slave_0
[  591.718552][T18792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  591.729394][T18792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  591.735194][T18792] batman_adv: batadv0: Adding interface: batadv_slave_1
[  591.737593][T18792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  591.746170][T18792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  591.783462][T18792] hsr_slave_0: entered promiscuous mode
[  591.785789][T18792] hsr_slave_1: entered promiscuous mode
[  592.202605][T18792] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  592.236374][   T67] Bluetooth: hci2: command tx timeout
[  592.786684][T18792] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  592.801644][T18792] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  592.805959][T18792] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  592.867652][   T40] audit: type=1800 audit(1746717709.923:568): pid=18813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4169" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  592.900583][T18792] 8021q: adding VLAN 0 to HW filter on device bond0
[  592.921038][T18792] 8021q: adding VLAN 0 to HW filter on device team0
[  592.933557][  T684] bridge0: port 1(bridge_slave_0) entered blocking state
[  592.936048][  T684] bridge0: port 1(bridge_slave_0) entered forwarding state
[  592.943166][  T684] bridge0: port 2(bridge_slave_1) entered blocking state
[  592.945496][  T684] bridge0: port 2(bridge_slave_1) entered forwarding state
[  593.033569][T18818] usb usb3: usbfs: process 18818 (syz.5.4163) did not claim interface 0 before use
[  593.214790][T18825] usb usb3: usbfs: process 18825 (syz.5.4164) did not claim interface 0 before use
[  593.331030][T18792] 8021q: adding VLAN 0 to HW filter on device batadv0
[  593.365892][T18792] veth0_vlan: entered promiscuous mode
[  593.373399][T18792] veth1_vlan: entered promiscuous mode
[  593.393979][T18792] veth0_macvtap: entered promiscuous mode
[  593.398258][T18792] veth1_macvtap: entered promiscuous mode
[  593.408194][T18792] batman_adv: batadv0: Interface activated: batadv_slave_0
[  593.415659][T18792] batman_adv: batadv0: Interface activated: batadv_slave_1
[  593.425012][T18792] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  593.427906][T18792] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  593.430733][T18792] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  593.433915][T18792] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  593.480170][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  593.483316][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  593.498727][  T684] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  593.501324][  T684] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  594.023808][T18838] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4167'.
[  594.080183][T18839] netlink: 'syz.7.4167': attribute type 3 has an invalid length.
[  594.312297][ T5948] Bluetooth: hci2: command 0x041b tx timeout
[  594.952240][T14600] Bluetooth: hci0: command 0x041b tx timeout
[  595.029504][T18858] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4172'.
[  595.032550][T18858] openvswitch: netlink: Flow key attr not present in new flow.
[  595.062574][ T5978] e1000 0000:00:06.0 eth0: Reset adapter
[  595.292542][ T5978] e1000 0000:00:06.0 eth0: Reset adapter
[  595.427471][T18864] usb usb3: usbfs: process 18864 (syz.5.4174) did not claim interface 0 before use
[  595.898940][  T101] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  596.011264][T18876] netlink: 'syz.5.4179': attribute type 3 has an invalid length.
[  597.502002][  T101] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  597.673741][  T101] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  597.752342][  T101] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  597.753735][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  597.809092][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  597.813104][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  597.817096][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  597.821061][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  597.824289][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  597.846110][T18885] lo speed is unknown, defaulting to 1000
[  597.849137][T18885] lo speed is unknown, defaulting to 1000
[  597.962065][T18885] chnl_net:caif_netlink_parms(): no params data found
[  597.969942][  T101] bridge_slave_1: left allmulticast mode
[  597.971882][  T101] bridge_slave_1: left promiscuous mode
[  597.974223][  T101] bridge0: port 2(bridge_slave_1) entered disabled state
[  597.978055][  T101] bridge_slave_0: left allmulticast mode
[  597.979893][  T101] bridge_slave_0: left promiscuous mode
[  597.981837][  T101] bridge0: port 1(bridge_slave_0) entered disabled state
[  598.284573][  T101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  598.288726][  T101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  598.292604][  T101] bond0 (unregistering): Released all slaves
[  598.359092][T18885] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.361485][T18885] bridge0: port 1(bridge_slave_0) entered disabled state
[  598.368496][T18885] bridge_slave_0: entered allmulticast mode
[  598.371236][T18885] bridge_slave_0: entered promiscuous mode
[  598.380304][T18885] bridge0: port 2(bridge_slave_1) entered blocking state
[  598.385637][T18885] bridge0: port 2(bridge_slave_1) entered disabled state
[  598.388065][T18885] bridge_slave_1: entered allmulticast mode
[  598.390730][T18885] bridge_slave_1: entered promiscuous mode
[  598.438496][T18885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  598.443974][T18885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  598.476783][T18885] team0: Port device team_slave_0 added
[  598.480923][T18885] team0: Port device team_slave_1 added
[  598.530249][T18885] batman_adv: batadv0: Adding interface: batadv_slave_0
[  598.532983][T18885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  598.543185][T18885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  598.547596][T18885] batman_adv: batadv0: Adding interface: batadv_slave_1
[  598.550177][T18885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  598.559365][T18885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  598.603137][T18885] hsr_slave_0: entered promiscuous mode
[  598.605923][T18885] hsr_slave_1: entered promiscuous mode
[  598.608109][T18885] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  598.610606][T18885] Cannot create hsr debugfs directory
[  598.633741][  T101] hsr_slave_0: left promiscuous mode
[  598.635952][  T101] hsr_slave_1: left promiscuous mode
[  598.637948][  T101] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  598.640283][  T101] batman_adv: batadv0: Removing interface: batadv_slave_0
[  598.643826][  T101] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  598.646238][  T101] batman_adv: batadv0: Removing interface: batadv_slave_1
[  598.668153][  T101] veth1_macvtap: left promiscuous mode
[  598.669964][  T101] veth0_macvtap: left promiscuous mode
[  598.671800][  T101] veth1_vlan: left promiscuous mode
[  598.673923][  T101] veth0_vlan: left promiscuous mode
[  599.541010][  T101] team0 (unregistering): Port device team_slave_1 removed
[  599.633444][  T101] team0 (unregistering): Port device team_slave_0 removed
[  599.902846][ T5948] Bluetooth: hci2: command tx timeout
[  600.457545][T18910] usb usb3: usbfs: process 18910 (syz.7.4186) did not claim interface 0 before use
[  601.135912][T18918] FAULT_INJECTION: forcing a failure.
[  601.135912][T18918] name failslab, interval 1, probability 0, space 0, times 0
[  601.140176][T18918] CPU: 2 UID: 0 PID: 18918 Comm: syz.7.4189 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  601.140202][T18918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  601.140209][T18918] Call Trace:
[  601.140213][T18918]  <TASK>
[  601.140217][T18918]  dump_stack_lvl+0x16c/0x1f0
[  601.140236][T18918]  should_fail_ex+0x512/0x640
[  601.140250][T18918]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  601.140264][T18918]  should_failslab+0xc2/0x120
[  601.140276][T18918]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  601.140288][T18918]  ? __alloc_skb+0x2b2/0x380
[  601.140304][T18918]  __alloc_skb+0x2b2/0x380
[  601.140314][T18918]  ? __pfx___alloc_skb+0x10/0x10
[  601.140326][T18918]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  601.140341][T18918]  netlink_alloc_large_skb+0x69/0x130
[  601.140354][T18918]  netlink_sendmsg+0x6a1/0xdd0
[  601.140368][T18918]  ? __pfx_netlink_sendmsg+0x10/0x10
[  601.140381][T18918]  ? __import_iovec+0x1c8/0x660
[  601.140399][T18918]  ____sys_sendmsg+0xa95/0xc70
[  601.140415][T18918]  ? __pfx_____sys_sendmsg+0x10/0x10
[  601.140428][T18918]  ? get_compat_msghdr+0x11a/0x170
[  601.140445][T18918]  ___sys_sendmsg+0x134/0x1d0
[  601.140456][T18918]  ? __pfx____sys_sendmsg+0x10/0x10
[  601.140484][T18918]  __sys_sendmsg+0x16d/0x220
[  601.140495][T18918]  ? __pfx___sys_sendmsg+0x10/0x10
[  601.140511][T18918]  ? rcu_is_watching+0x12/0xc0
[  601.140523][T18918]  __do_fast_syscall_32+0x73/0x120
[  601.140538][T18918]  do_fast_syscall_32+0x32/0x80
[  601.140552][T18918]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  601.140564][T18918] RIP: 0023:0xf70be579
[  601.140572][T18918] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  601.140582][T18918] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  601.140592][T18918] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  601.140598][T18918] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  601.140604][T18918] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  601.140610][T18918] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  601.140615][T18918] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  601.140628][T18918]  </TASK>
[  601.248563][T18885] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  601.255295][T18885] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  601.265354][T18885] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  601.270420][T18885] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  601.586391][T18885] 8021q: adding VLAN 0 to HW filter on device bond0
[  601.790592][T18885] 8021q: adding VLAN 0 to HW filter on device team0
[  601.839770][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[  601.842617][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[  601.939233][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[  601.941692][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[  601.988814][T14600] Bluetooth: hci2: command tx timeout
[  602.151438][T18925] netlink: 'syz.7.4191': attribute type 3 has an invalid length.
[  602.188082][T18885] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  602.227965][T18931] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4192'.
[  602.230912][T18931] openvswitch: netlink: Flow key attr not present in new flow.
[  602.286056][T18885] 8021q: adding VLAN 0 to HW filter on device batadv0
[  602.309570][T18885] veth0_vlan: entered promiscuous mode
[  602.326046][T18885] veth1_vlan: entered promiscuous mode
[  602.341410][T18885] veth0_macvtap: entered promiscuous mode
[  602.354680][T18885] veth1_macvtap: entered promiscuous mode
[  602.509064][T18885] batman_adv: batadv0: Interface activated: batadv_slave_0
[  602.535444][T18885] batman_adv: batadv0: Interface activated: batadv_slave_1
[  602.569244][T18885] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  602.572493][T18885] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  602.578282][T18885] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  602.581372][T18885] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  602.969637][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  602.972997][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  603.166279][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  603.190493][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  603.255948][   T40] audit: type=1326 audit(1746717720.313:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.263738][   T40] audit: type=1326 audit(1746717720.313:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.271801][   T40] audit: type=1326 audit(1746717720.313:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.283672][   T40] audit: type=1326 audit(1746717720.313:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.290765][   T40] audit: type=1326 audit(1746717720.313:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.297981][   T40] audit: type=1326 audit(1746717720.313:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.305374][   T40] audit: type=1326 audit(1746717720.313:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.312905][   T40] audit: type=1326 audit(1746717720.313:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=38 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.319854][   T40] audit: type=1326 audit(1746717720.313:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.326838][   T40] audit: type=1326 audit(1746717720.313:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18944 comm="syz.6.4194" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f88579 code=0x7ffc0000
[  603.495667][T18956] usb usb3: usbfs: process 18956 (syz.6.4197) did not claim interface 0 before use
[  603.572791][T18962] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4200'.
[  603.663375][T18965] netlink: 'syz.6.4202': attribute type 3 has an invalid length.
[  603.682663][T18960] FAULT_INJECTION: forcing a failure.
[  603.682663][T18960] name failslab, interval 1, probability 0, space 0, times 0
[  603.687616][T18960] CPU: 1 UID: 0 PID: 18960 Comm: syz.5.4198 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  603.687630][T18960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  603.687637][T18960] Call Trace:
[  603.687641][T18960]  <TASK>
[  603.687646][T18960]  dump_stack_lvl+0x16c/0x1f0
[  603.687663][T18960]  should_fail_ex+0x512/0x640
[  603.687678][T18960]  ? fs_reclaim_acquire+0xae/0x150
[  603.687694][T18960]  ? tomoyo_encode2+0x100/0x3e0
[  603.687707][T18960]  should_failslab+0xc2/0x120
[  603.687720][T18960]  __kmalloc_noprof+0xd2/0x510
[  603.687734][T18960]  tomoyo_encode2+0x100/0x3e0
[  603.687749][T18960]  tomoyo_encode+0x29/0x50
[  603.687762][T18960]  tomoyo_realpath_from_path+0x18f/0x6e0
[  603.687777][T18960]  ? tomoyo_profile+0x47/0x60
[  603.687793][T18960]  tomoyo_path_number_perm+0x245/0x580
[  603.687804][T18960]  ? tomoyo_path_number_perm+0x237/0x580
[  603.687817][T18960]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  603.687854][T18960]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  603.687874][T18960]  ? from_kuid+0x8d/0xd0
[  603.687887][T18960]  ? __pfx_from_kuid+0x10/0x10
[  603.687903][T18960]  tomoyo_path_chown+0x173/0x1b0
[  603.687918][T18960]  ? __pfx_tomoyo_path_chown+0x10/0x10
[  603.687934][T18960]  ? from_vfsuid+0xea/0x140
[  603.687946][T18960]  ? __pfx_from_vfsuid+0x10/0x10
[  603.687960][T18960]  security_path_chown+0x12a/0x2e0
[  603.687972][T18960]  chown_common+0x3bb/0x670
[  603.687987][T18960]  ? __pfx_chown_common+0x10/0x10
[  603.688003][T18960]  ? find_held_lock+0x2b/0x80
[  603.688017][T18960]  ? mnt_get_write_access+0x20c/0x300
[  603.688032][T18960]  ksys_fchown+0x11f/0x170
[  603.688045][T18960]  __ia32_sys_fchown16+0xd3/0x100
[  603.688062][T18960]  __do_fast_syscall_32+0x73/0x120
[  603.688077][T18960]  do_fast_syscall_32+0x32/0x80
[  603.688091][T18960]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  603.688104][T18960] RIP: 0023:0xf711e579
[  603.688112][T18960] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  603.688122][T18960] RSP: 002b:00000000f50ed55c EFLAGS: 00000296 ORIG_RAX: 000000000000005f
[  603.688132][T18960] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  603.688138][T18960] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  603.688144][T18960] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  603.688149][T18960] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  603.688155][T18960] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  603.688168][T18960]  </TASK>
[  603.688180][T18960] ERROR: Out of memory at tomoyo_realpath_from_path.
[  603.922406][T18969] block nbd5: Device being setup by another task
[  603.998345][T18973] block nbd5: NBD_DISCONNECT
[  604.012314][T18968] block nbd5: Disconnected due to user request.
[  604.031996][T18973] block nbd5: Send disconnect failed -32
[  604.036325][T18968] block nbd5: shutting down sockets
[  604.062384][T14600] Bluetooth: hci2: command 0x040f tx timeout
[  604.583618][T18980] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4206'.
[  604.890502][T18986] usb usb3: usbfs: process 18986 (syz.6.4209) did not claim interface 0 before use
[  605.212526][T18996] netlink: 'syz.6.4212': attribute type 3 has an invalid length.
[  605.504975][T19006] FAULT_INJECTION: forcing a failure.
[  605.504975][T19006] name failslab, interval 1, probability 0, space 0, times 0
[  605.509052][T19006] CPU: 0 UID: 0 PID: 19006 Comm: syz.5.4216 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  605.509067][T19006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  605.509073][T19006] Call Trace:
[  605.509077][T19006]  <TASK>
[  605.509081][T19006]  dump_stack_lvl+0x16c/0x1f0
[  605.509099][T19006]  should_fail_ex+0x512/0x640
[  605.509114][T19006]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  605.509127][T19006]  should_failslab+0xc2/0x120
[  605.509140][T19006]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  605.509151][T19006]  ? __alloc_skb+0x2b2/0x380
[  605.509164][T19006]  __alloc_skb+0x2b2/0x380
[  605.509174][T19006]  ? __pfx___alloc_skb+0x10/0x10
[  605.509186][T19006]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  605.509201][T19006]  netlink_alloc_large_skb+0x69/0x130
[  605.509214][T19006]  netlink_sendmsg+0x6a1/0xdd0
[  605.509228][T19006]  ? __pfx_netlink_sendmsg+0x10/0x10
[  605.509241][T19006]  ? __import_iovec+0x1c8/0x660
[  605.509259][T19006]  ____sys_sendmsg+0xa95/0xc70
[  605.509276][T19006]  ? gfs2_create_inode+0x23e0/0x32c0
[  605.509289][T19006]  ? __pfx_____sys_sendmsg+0x10/0x10
[  605.509302][T19006]  ? get_compat_msghdr+0x11a/0x170
[  605.509318][T19006]  ___sys_sendmsg+0x134/0x1d0
[  605.509330][T19006]  ? __pfx____sys_sendmsg+0x10/0x10
[  605.509357][T19006]  __sys_sendmsg+0x16d/0x220
[  605.509368][T19006]  ? __pfx___sys_sendmsg+0x10/0x10
[  605.509384][T19006]  ? rcu_is_watching+0x12/0xc0
[  605.509396][T19006]  __do_fast_syscall_32+0x73/0x120
[  605.509411][T19006]  do_fast_syscall_32+0x32/0x80
[  605.509425][T19006]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  605.509437][T19006] RIP: 0023:0xf711e579
[  605.509445][T19006] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  605.509455][T19006] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  605.509465][T19006] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  605.509471][T19006] RDX: 0000000004000800 RSI: 0000000000000000 RDI: 0000000000000000
[  605.509477][T19006] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  605.509482][T19006] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  605.509488][T19006] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  605.509500][T19006]  </TASK>
[  605.585507][    C0] vkms_vblank_simulate: vblank timer overrun
[  605.804484][   T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.842298][  T837] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  605.992295][  T837] usb 10-1: Using ep0 maxpacket: 16
[  605.995487][   T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.996379][  T837] usb 10-1: config 0 has an invalid interface number: 145 but max is 0
[  606.002370][  T837] usb 10-1: config 0 has no interface number 0
[  606.006745][  T837] usb 10-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  606.009747][  T837] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.012384][  T837] usb 10-1: Product: syz
[  606.013757][  T837] usb 10-1: Manufacturer: syz
[  606.015358][  T837] usb 10-1: SerialNumber: syz
[  606.021942][  T837] usb 10-1: config 0 descriptor??
[  606.026526][  T837] hub 10-1:0.145: bad descriptor, ignoring hub
[  606.028558][  T837] hub 10-1:0.145: probe with driver hub failed with error -5
[  606.036573][  T837] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.145/input/input27
[  606.068921][   T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  606.161429][   T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  606.280733][   T46] bridge_slave_1: left allmulticast mode
[  606.283072][   T46] bridge_slave_1: left promiscuous mode
[  606.284976][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  606.289900][   T46] bridge_slave_0: left allmulticast mode
[  606.291845][   T46] bridge_slave_0: left promiscuous mode
[  606.294059][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  606.352782][T18941] usb 10-1: USB disconnect, device number 17
[  606.626916][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  606.631766][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  606.636082][   T46] bond0 (unregistering): Released all slaves
[  606.964036][   T46] hsr_slave_0: left promiscuous mode
[  606.966597][   T46] hsr_slave_1: left promiscuous mode
[  606.968744][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  606.971380][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  606.974419][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  606.976766][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  606.998263][   T46] veth1_macvtap: left promiscuous mode
[  607.000072][   T46] veth0_macvtap: left promiscuous mode
[  607.001867][   T46] veth1_vlan: left promiscuous mode
[  607.003786][   T46] veth0_vlan: left promiscuous mode
[  607.444227][T19014] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4219'.
[  607.455739][T19014] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4219'.
[  607.460707][T19014] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4219'.
[  607.466135][T19014] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4219'.
[  607.554198][T14600] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  607.559389][T14600] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  607.563237][T14600] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  607.568851][T14600] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  607.571407][T14600] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  608.113045][T19041] netlink: 'syz.6.4223': attribute type 3 has an invalid length.
[  608.358543][   T46] team0 (unregistering): Port device team_slave_1 removed
[  608.465340][   T46] team0 (unregistering): Port device team_slave_0 removed
[  609.133261][T19031] syzkaller0: entered promiscuous mode
[  609.135696][T19031] syzkaller0: entered allmulticast mode
[  609.595766][T14600] Bluetooth: hci2: command tx timeout
[  610.797886][T19021] lo speed is unknown, defaulting to 1000
[  610.800556][T19021] lo speed is unknown, defaulting to 1000
[  610.921465][T19021] chnl_net:caif_netlink_parms(): no params data found
[  611.181998][T19021] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.184730][T19021] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.187165][T19021] bridge_slave_0: entered allmulticast mode
[  611.190072][T19021] bridge_slave_0: entered promiscuous mode
[  611.194741][T19021] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.197058][T19021] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.199369][T19021] bridge_slave_1: entered allmulticast mode
[  611.202069][T19021] bridge_slave_1: entered promiscuous mode
[  611.248159][T19021] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  611.253375][T19021] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  611.295004][T19075] netlink: 'syz.7.4232': attribute type 3 has an invalid length.
[  611.303632][T19021] team0: Port device team_slave_0 added
[  611.308348][T19021] team0: Port device team_slave_1 added
[  611.375102][T19021] batman_adv: batadv0: Adding interface: batadv_slave_0
[  611.377472][T19021] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  611.386272][T19021] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  611.391059][T19021] batman_adv: batadv0: Adding interface: batadv_slave_1
[  611.393755][T19021] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  611.401970][T19021] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  611.448162][T19021] hsr_slave_0: entered promiscuous mode
[  611.450710][T19021] hsr_slave_1: entered promiscuous mode
[  611.472564][T19079] usb usb3: usbfs: process 19079 (syz.7.4233) did not claim interface 0 before use
[  611.672576][T14600] Bluetooth: hci2: command tx timeout
[  611.966884][T19021] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  611.972369][T19021] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  611.976568][T19021] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  611.980591][T19021] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  612.026585][T19021] 8021q: adding VLAN 0 to HW filter on device bond0
[  612.036096][T19021] 8021q: adding VLAN 0 to HW filter on device team0
[  612.041158][  T684] bridge0: port 1(bridge_slave_0) entered blocking state
[  612.043618][  T684] bridge0: port 1(bridge_slave_0) entered forwarding state
[  612.051696][  T684] bridge0: port 2(bridge_slave_1) entered blocking state
[  612.054168][  T684] bridge0: port 2(bridge_slave_1) entered forwarding state
[  612.161678][T19021] 8021q: adding VLAN 0 to HW filter on device batadv0
[  612.197143][T19021] veth0_vlan: entered promiscuous mode
[  612.206148][T19021] veth1_vlan: entered promiscuous mode
[  612.224204][T19021] veth0_macvtap: entered promiscuous mode
[  612.234190][T19021] veth1_macvtap: entered promiscuous mode
[  612.249333][T19021] batman_adv: batadv0: Interface activated: batadv_slave_0
[  612.257285][T19021] batman_adv: batadv0: Interface activated: batadv_slave_1
[  612.262114][T19021] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  612.266577][T19021] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  612.269339][T19021] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  612.272044][T19021] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  612.317396][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  612.323526][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  612.366462][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  612.382244][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  612.475013][T19095] netlink: 80 bytes leftover after parsing attributes in process `syz.7.4237'.
[  612.817994][T19103] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4239'.
[  612.821989][T19103] netlink: 'syz.7.4239': attribute type 5 has an invalid length.
[  612.825548][T19103] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4239'.
[  612.836372][T19103] netdevsim netdevsim7 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  612.840214][T19103] netdevsim netdevsim7 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  612.846396][T19103] netdevsim netdevsim7 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  612.850103][T19103] netdevsim netdevsim7 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  612.854359][T19103] geneve2: entered promiscuous mode
[  612.856636][T19103] geneve2: entered allmulticast mode
[  613.363594][T19112] netlink: 'syz.6.4241': attribute type 3 has an invalid length.
[  613.552254][T18616] usb 10-1: new low-speed USB device number 18 using dummy_hcd
[  613.575808][T19119] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4243'.
[  613.682243][T18616] usb 10-1: device descriptor read/64, error -71
[  613.747731][T19123] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4244'.
[  613.912700][   T24] e1000 0000:00:06.0 eth0: Reset adapter
[  613.942613][T18616] usb 10-1: new low-speed USB device number 19 using dummy_hcd
[  614.072276][T18616] usb 10-1: device descriptor read/64, error -71
[  614.182684][T18616] usb usb10-port1: attempt power cycle
[  614.566549][   T75] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.596784][T18616] usb 10-1: new low-speed USB device number 20 using dummy_hcd
[  615.190771][T18616] usb 10-1: device descriptor read/8, error -71
[  615.482373][T18616] usb 10-1: new low-speed USB device number 21 using dummy_hcd
[  615.503161][T18616] usb 10-1: device descriptor read/8, error -71
[  615.624311][T18616] usb usb10-port1: unable to enumerate USB device
[  616.063276][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  616.866009][T19145] netlink: 'syz.7.4251': attribute type 3 has an invalid length.
[  616.893388][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  616.898539][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  616.904925][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  616.908907][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  616.914266][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  616.953917][   T75] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.983303][T19146] lo speed is unknown, defaulting to 1000
[  616.985833][T19146] lo speed is unknown, defaulting to 1000
[  617.035175][   T75] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  617.121937][   T75] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  617.244438][T19146] chnl_net:caif_netlink_parms(): no params data found
[  617.399609][T19146] bridge0: port 1(bridge_slave_0) entered blocking state
[  617.402909][T19146] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.405518][T19146] bridge_slave_0: entered allmulticast mode
[  617.408769][T19146] bridge_slave_0: entered promiscuous mode
[  617.412087][   T75] bridge_slave_1: left allmulticast mode
[  617.415248][   T75] bridge_slave_1: left promiscuous mode
[  617.420208][   T75] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.425835][   T75] bridge_slave_0: left allmulticast mode
[  617.427697][   T75] bridge_slave_0: left promiscuous mode
[  617.429590][   T75] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.763044][   T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  617.767975][   T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  617.771872][   T75] bond0 (unregistering): Released all slaves
[  617.777703][T19146] bridge0: port 2(bridge_slave_1) entered blocking state
[  617.780151][T19146] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.783353][T19146] bridge_slave_1: entered allmulticast mode
[  617.790432][T19146] bridge_slave_1: entered promiscuous mode
[  617.842095][T19146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  617.850374][T19146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  617.974793][T19146] team0: Port device team_slave_0 added
[  617.997414][T19146] team0: Port device team_slave_1 added
[  618.034203][T19146] batman_adv: batadv0: Adding interface: batadv_slave_0
[  618.036714][T19146] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  618.047069][T19146] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  618.052011][T19146] batman_adv: batadv0: Adding interface: batadv_slave_1
[  618.054714][T19146] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  618.066807][T19146] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  618.562066][T19146] hsr_slave_0: entered promiscuous mode
[  618.579971][T19146] hsr_slave_1: entered promiscuous mode
[  618.589046][T19146] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  618.596791][T19146] Cannot create hsr debugfs directory
[  618.707324][   T75] hsr_slave_0: left promiscuous mode
[  618.712944][   T75] hsr_slave_1: left promiscuous mode
[  618.716908][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  618.719462][   T75] batman_adv: batadv0: Removing interface: batadv_slave_0
[  618.725830][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  618.728556][   T75] batman_adv: batadv0: Removing interface: batadv_slave_1
[  618.799260][   T75] veth1_macvtap: left promiscuous mode
[  618.801343][   T75] veth0_macvtap: left promiscuous mode
[  618.803705][   T75] veth1_vlan: left promiscuous mode
[  618.806116][   T75] veth0_vlan: left promiscuous mode
[  619.023254][ T5978] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  619.028361][T14600] Bluetooth: hci2: command tx timeout
[  619.740581][   T75] team0 (unregistering): Port device team_slave_1 removed
[  619.824670][   T75] team0 (unregistering): Port device team_slave_0 removed
[  620.850597][T19146] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  620.854580][T19146] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  620.858493][T19146] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  620.862886][T19146] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  620.899848][T19146] 8021q: adding VLAN 0 to HW filter on device bond0
[  620.917417][T19146] 8021q: adding VLAN 0 to HW filter on device team0
[  620.922645][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  620.925032][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  620.931090][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  620.933534][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  621.029834][T19146] 8021q: adding VLAN 0 to HW filter on device batadv0
[  621.050266][T19146] veth0_vlan: entered promiscuous mode
[  621.056476][T19146] veth1_vlan: entered promiscuous mode
[  621.070706][T19146] veth0_macvtap: entered promiscuous mode
[  621.075309][T19146] veth1_macvtap: entered promiscuous mode
[  621.084186][T19146] batman_adv: batadv0: Interface activated: batadv_slave_0
[  621.089603][T19146] batman_adv: batadv0: Interface activated: batadv_slave_1
[  621.094113][T19146] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  621.097006][T19146] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  621.099876][T19146] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  621.103047][T14600] Bluetooth: hci2: command tx timeout
[  621.108491][T19146] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  621.144696][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  621.147277][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  621.162114][ T1173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  621.164912][ T1173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  623.461299][   T75] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  623.824847][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  623.826975][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  625.313049][T19220] usb usb3: usbfs: process 19220 (syz.7.4267) did not claim interface 0 before use
[  625.373499][ T5978] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  625.382658][   T75] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.383078][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  625.392815][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  625.398145][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  625.402784][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  625.406781][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  625.437357][T19223] lo speed is unknown, defaulting to 1000
[  625.442488][T19223] lo speed is unknown, defaulting to 1000
[  625.471347][   T75] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.569084][T19229] [U] :
[  625.570304][T19229] [U] 
[  625.571372][T19229] [U] 
[  625.572364][T19229] [U] 
[  625.574168][T19229] [U] 
[  625.575412][T19229] [U] 
[  625.576561][T19229] [U] 
[  625.577631][T19229] [U] 
[  625.578799][T19229] [U] 
[  625.579800][T19229] [U] 
[  625.580754][T19229] [U] 
[  625.581847][T19229] [U] 
[  625.584873][T19229] [U] 
[  625.585951][T19229] [U] 
[  625.586980][T19229] [U] 
[  625.587989][T19229] [U] 
[  625.588336][   T75] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.588993][T19229] [U] 
[  625.593360][T19229] [U] 
[  625.594363][T19229] [U] 
[  625.595329][T19229] [U] 
[  625.596635][T19229] [U] 
[  625.597799][T19229] [U] 
[  625.598750][T19229] [U] 
[  625.599675][T19229] [U] 
[  625.602426][T19229] [U] 
[  625.603469][T19229] [U] 
[  625.604409][T19229] [U] 
[  625.605338][T19229] [U] 
[  625.607943][T19229] [U] 
[  625.608972][T19229] [U] 
[  625.610104][T19229] [U] 
[  625.611145][T19229] [U] 
[  625.616067][T19229] [U] 
[  625.617104][T19229] [U] 
[  625.618113][T19229] [U] 
[  625.619068][T19229] [U] 
[  625.620582][T19229] [U] 
[  625.621546][T19229] [U] 
[  625.622603][T19229] [U] 
[  625.623724][T19229] [U] 
[  625.625096][T19229] [U] 
[  625.626211][T19229] [U] 
[  625.627192][T19229] [U] 
[  625.628145][T19229] [U] 
[  625.629260][T19229] [U] 
[  625.630256][T19229] [U] 
[  625.631379][T19229] [U] 
[  625.632442][T19229] [U] 
[  625.633732][T19229] [U] 
[  625.634901][T19229] [U] 
[  625.636018][T19229] [U] 
[  625.636585][T19223] chnl_net:caif_netlink_parms(): no params data found
[  625.636950][T19229] [U] 
[  625.637122][T19229] [U] 
[  625.641150][T19229] [U] 
[  625.642078][T19229] [U] 
[  625.643079][T19229] [U] 
[  625.644281][T19229] [U] 
[  625.645229][T19229] [U] 
[  625.646278][T19229] [U] 
[  625.647217][T19229] [U] 
[  625.648267][T19229] [U] 
[  625.649179][T19229] [U] 
[  625.650119][T19229] [U] 
[  625.651128][T19229] [U] 
[  625.654085][T19229] [U] 
[  625.655257][T19229] [U] 
[  625.656531][T19229] [U] 
[  625.657525][T19229] [U] 
[  625.658650][T19229] [U] 
[  625.659605][T19229] [U] 
[  625.660754][T19229] [U] 
[  625.661919][T19229] [U] 
[  625.663573][T19229] [U] 
[  625.664717][T19229] [U] 
[  625.665799][T19229] [U] 
[  625.666965][T19229] [U] 
[  625.668277][T19229] [U] 
[  625.669442][T19229] [U] 
[  625.670617][T19229] [U] 
[  625.671789][T19229] [U] 
[  625.675375][T19229] [U] 
[  625.676490][T19229] [U] 
[  625.677412][T19229] [U] 
[  625.678333][T19229] [U] 
[  625.679872][T19229] [U] 
[  625.680806][T19229] [U] 
[  625.681723][T19229] [U] 
[  625.682680][T19229] [U] 
[  625.690259][T19229] [U] 
[  625.691223][T19229] [U] 
[  625.692152][T19229] [U] 
[  625.693080][T19229] [U] 
[  625.706457][T19229] [U] 
[  625.707427][T19229] [U] 
[  625.708366][T19229] [U] 
[  625.709260][T19229] [U] 
[  625.710853][T19229] [U] 
[  625.711750][T19229] [U] 
[  625.712681][T19229] [U] 
[  625.713603][T19229] [U] 
[  625.722452][T19229] [U] 
[  625.723465][T19229] [U] 
[  625.724407][T19229] [U] 
[  625.725346][T19229] [U] 
[  625.726490][T19229] [U] 
[  625.727461][T19229] [U] 
[  625.728412][T19229] [U] 
[  625.729350][T19229] [U] 
[  625.730544][T19229] [U] 
[  625.731578][T19229] [U] 
[  625.732594][T19229] [U] 
[  625.733561][T19229] [U] 
[  625.740829][T19229] [U] 
[  625.741825][T19229] [U] 
[  625.742782][T19229] [U] 
[  625.743772][T19229] [U] 
[  625.746391][T19229] [U] 
[  625.747394][T19229] [U] 
[  625.748339][T19229] [U] 
[  625.749308][T19229] [U] 
[  625.750461][T19229] [U] 
[  625.751439][T19229] [U] 
[  625.752533][T19229] [U] 
[  625.753495][T19229] [U] 
[  625.757819][T19229] [U] 
[  625.758890][T19229] [U] 
[  625.759825][T19229] [U] 
[  625.839234][T19223] bridge0: port 1(bridge_slave_0) entered blocking state
[  625.841836][T19223] bridge0: port 1(bridge_slave_0) entered disabled state
[  625.844270][T19223] bridge_slave_0: entered allmulticast mode
[  625.847195][T19223] bridge_slave_0: entered promiscuous mode
[  625.855619][T19223] bridge0: port 2(bridge_slave_1) entered blocking state
[  625.858124][T19223] bridge0: port 2(bridge_slave_1) entered disabled state
[  625.861273][T19223] bridge_slave_1: entered allmulticast mode
[  625.869386][T19223] bridge_slave_1: entered promiscuous mode
[  626.268113][T19223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  626.291390][   T75] bridge_slave_1: left allmulticast mode
[  626.298222][   T75] bridge_slave_1: left promiscuous mode
[  626.300804][   T75] bridge0: port 2(bridge_slave_1) entered disabled state
[  626.310257][   T75] bridge_slave_0: left allmulticast mode
[  626.312660][   T75] bridge_slave_0: left promiscuous mode
[  626.315360][   T75] bridge0: port 1(bridge_slave_0) entered disabled state
[  626.765607][T19228] [U] 
[  626.787755][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  626.787764][   T40] audit: type=1326 audit(1746717743.843:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19243 comm="syz.6.4271" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x0
[  627.028471][T19253] syz.5.4272 (19253): drop_caches: 2
[  627.038151][   T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  627.040871][T19253] syz.5.4272 (19253): drop_caches: 2
[  627.047890][   T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  627.055641][   T75] bond0 (unregistering): Released all slaves
[  627.088293][T19223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  627.099248][T19252] tipc: Enabled bearer <eth:geneve1>, priority 10
[  627.104357][T19244] veth1_macvtap: left promiscuous mode
[  627.161824][T19223] team0: Port device team_slave_0 added
[  627.183415][T19223] team0: Port device team_slave_1 added
[  627.225548][T19223] batman_adv: batadv0: Adding interface: batadv_slave_0
[  627.227869][T19223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  627.237023][T19223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  627.248780][T19223] batman_adv: batadv0: Adding interface: batadv_slave_1
[  627.251143][T19223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  627.260247][T19223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  627.314438][T19223] hsr_slave_0: entered promiscuous mode
[  627.316832][T19223] hsr_slave_1: entered promiscuous mode
[  627.354175][   T75] hsr_slave_0: left promiscuous mode
[  627.356398][   T75] hsr_slave_1: left promiscuous mode
[  627.358522][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  627.361065][   T75] batman_adv: batadv0: Removing interface: batadv_slave_0
[  627.364136][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  627.366706][   T75] batman_adv: batadv0: Removing interface: batadv_slave_1
[  627.394286][   T75] veth1_macvtap: left promiscuous mode
[  627.396167][   T75] veth0_macvtap: left promiscuous mode
[  627.397980][   T75] veth1_vlan: left promiscuous mode
[  627.399709][   T75] veth0_vlan: left promiscuous mode
[  627.432255][ T5948] Bluetooth: hci2: command tx timeout
[  627.686778][T19267] usb usb3: usbfs: process 19267 (syz.5.4277) did not claim interface 0 before use
[  628.183728][   T75] team0 (unregistering): Port device team_slave_1 removed
[  628.272455][   T75] team0 (unregistering): Port device team_slave_0 removed
[  629.155923][T19286] usb usb3: usbfs: process 19286 (syz.6.4282) did not claim interface 0 before use
[  629.512222][ T5948] Bluetooth: hci2: command 0x041b tx timeout
[  629.609342][T19304] vlan2: entered promiscuous mode
[  629.611664][T19304] vlan2: entered allmulticast mode
[  629.614518][T19304] hsr_slave_1: entered allmulticast mode
[  629.616881][T19223] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  629.621523][T19223] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  629.628246][T19223] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  629.633943][T19223] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  629.675784][T19223] 8021q: adding VLAN 0 to HW filter on device bond0
[  629.686524][T19223] 8021q: adding VLAN 0 to HW filter on device team0
[  629.691462][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  629.694117][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  629.702802][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[  629.705194][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[  629.994612][T19223] 8021q: adding VLAN 0 to HW filter on device batadv0
[  630.052719][T19223] veth0_vlan: entered promiscuous mode
[  630.057819][T19223] veth1_vlan: entered promiscuous mode
[  630.071849][T19223] veth0_macvtap: entered promiscuous mode
[  630.075843][T19223] veth1_macvtap: entered promiscuous mode
[  630.084175][T19223] batman_adv: batadv0: Interface activated: batadv_slave_0
[  630.090685][T19223] batman_adv: batadv0: Interface activated: batadv_slave_1
[  630.097712][T19223] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  630.101080][T19223] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  630.105717][T19223] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  630.108686][T19223] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  630.152019][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  630.163732][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  630.188638][T19316] netlink: 'syz.5.4292': attribute type 4 has an invalid length.
[  630.194666][T19316] netlink: 'syz.5.4292': attribute type 4 has an invalid length.
[  630.198874][T18542] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  630.202968][T18542] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  630.927181][T19330] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4296'.
[  630.933645][T19330] random: crng reseeded on system resumption
[  631.181497][T19335] IPVS: Error connecting to the multicast addr
[  631.722248][   T24] usb 11-1: new high-speed USB device number 20 using dummy_hcd
[  631.872419][   T24] usb 11-1: Using ep0 maxpacket: 8
[  631.876588][   T24] usb 11-1: unable to get BOS descriptor or descriptor too short
[  631.881333][   T24] usb 11-1: config 1 interface 0 altsetting 129 bulk endpoint 0x82 has invalid maxpacket 32
[  631.886202][   T24] usb 11-1: config 1 interface 0 altsetting 129 bulk endpoint 0x3 has invalid maxpacket 1013
[  631.890331][   T24] usb 11-1: config 1 interface 0 altsetting 129 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  631.895958][   T24] usb 11-1: config 1 interface 0 has no altsetting 0
[  631.903541][   T24] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  631.907177][   T24] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  631.910525][   T24] usb 11-1: Product: syz
[  631.913297][   T24] usb 11-1: Manufacturer: syz
[  631.915257][   T24] usb 11-1: SerialNumber: syz
[  631.920254][T19343] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  631.923520][T19343] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  632.009184][T19354] syz_tun: entered allmulticast mode
[  632.017615][T19354] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  632.061442][T19353] syz_tun: left allmulticast mode
[  632.140699][   T24] usb 11-1: bad CDC descriptors
[  632.150195][   T24] usb 11-1: USB disconnect, device number 20
[  632.578634][ T1173] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  634.159699][ T1173] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  634.238936][ T1173] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  634.321103][ T1173] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  634.402692][ T1173] bridge_slave_1: left allmulticast mode
[  634.404558][ T1173] bridge_slave_1: left promiscuous mode
[  634.406439][ T1173] bridge0: port 2(bridge_slave_1) entered disabled state
[  634.409787][ T1173] bridge_slave_0: left allmulticast mode
[  634.411614][ T1173] bridge_slave_0: left promiscuous mode
[  634.414126][ T1173] bridge0: port 1(bridge_slave_0) entered disabled state
[  634.544511][T14600] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  634.550740][T14600] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  634.557161][T14600] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  634.570464][T19397] netlink: 56 bytes leftover after parsing attributes in process `syz.6.4316'.
[  634.575685][T14600] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  634.583321][T14600] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  634.591723][T19397] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4316'.
[  634.864539][ T1173] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  634.873036][ T1173] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  634.957916][ T1173] bond0 (unregistering): Released all slaves
[  634.985614][T19395] lo speed is unknown, defaulting to 1000
[  634.988924][T19395] lo speed is unknown, defaulting to 1000
[  635.258838][T19395] chnl_net:caif_netlink_parms(): no params data found
[  635.383114][T19395] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.385788][T19395] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.388418][T19395] bridge_slave_0: entered allmulticast mode
[  635.391487][T19395] bridge_slave_0: entered promiscuous mode
[  635.394914][T19395] bridge0: port 2(bridge_slave_1) entered blocking state
[  635.397195][T19395] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.399765][T19395] bridge_slave_1: entered allmulticast mode
[  635.404588][T19395] bridge_slave_1: entered promiscuous mode
[  635.488796][ T1173] hsr_slave_0: left promiscuous mode
[  635.491648][ T1173] hsr_slave_1: left promiscuous mode
[  635.492729][   T40] audit: type=1326 audit(1746717752.523:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19423 comm="syz.5.4322" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  635.502689][ T1173] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  635.505880][ T1173] batman_adv: batadv0: Removing interface: batadv_slave_0
[  635.510795][ T1173] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  635.515082][ T1173] batman_adv: batadv0: Removing interface: batadv_slave_1
[  635.564150][ T1173] veth1_macvtap: left promiscuous mode
[  635.566021][ T1173] veth0_macvtap: left promiscuous mode
[  635.568137][ T1173] veth1_vlan: left promiscuous mode
[  635.570344][ T1173] veth0_vlan: left promiscuous mode
[  636.330598][T19436] syz.6.4323 (19436): drop_caches: 2
[  636.353856][T19436] syz.6.4323 (19436): drop_caches: 2
[  636.550534][T19440] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4324'.
[  636.564880][T19440] syz.7.4324 (19440): drop_caches: 2
[  636.567378][T19440] syz.7.4324 (19440): drop_caches: 2
[  636.625192][T14600] Bluetooth: hci2: command tx timeout
[  636.743041][ T1173] team0 (unregistering): Port device team_slave_1 removed
[  636.833678][ T1173] team0 (unregistering): Port device team_slave_0 removed
[  638.008101][T19395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  638.013757][T19427] tipc: Enabled bearer <eth:geneve1>, priority 10
[  638.021541][T19428] veth1_macvtap: left promiscuous mode
[  638.031558][T19395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  638.171333][T19395] team0: Port device team_slave_0 added
[  638.176775][T19395] team0: Port device team_slave_1 added
[  638.343259][T19395] batman_adv: batadv0: Adding interface: batadv_slave_0
[  638.352652][T19395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  638.362216][T19395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  638.370511][T19395] batman_adv: batadv0: Adding interface: batadv_slave_1
[  638.372997][T19395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  638.381394][T19395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  638.456733][T19461] netlink: 'syz.7.4330': attribute type 3 has an invalid length.
[  638.466015][T19395] hsr_slave_0: entered promiscuous mode
[  638.482511][T19395] hsr_slave_1: entered promiscuous mode
[  638.511668][T19463] Cache volume key already in use (9p,syz,)
[  638.567035][T19468] 9pnet_virtio: no channels available for device syz
[  638.702220][ T5948] Bluetooth: hci2: command tx timeout
[  638.992990][T19395] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  639.014125][T19395] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  639.026360][T19487] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  639.032829][T19395] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  639.137699][T19395] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  639.230105][T19395] 8021q: adding VLAN 0 to HW filter on device bond0
[  639.238341][T19395] 8021q: adding VLAN 0 to HW filter on device team0
[  639.244754][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[  639.247147][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[  639.252978][  T684] bridge0: port 2(bridge_slave_1) entered blocking state
[  639.255311][  T684] bridge0: port 2(bridge_slave_1) entered forwarding state
[  639.399125][T19395] 8021q: adding VLAN 0 to HW filter on device batadv0
[  639.427861][T19395] veth0_vlan: entered promiscuous mode
[  639.433981][T19395] veth1_vlan: entered promiscuous mode
[  639.450737][T19395] veth0_macvtap: entered promiscuous mode
[  639.456762][T19395] veth1_macvtap: entered promiscuous mode
[  639.466919][T19395] batman_adv: batadv0: Interface activated: batadv_slave_0
[  639.472875][T19395] batman_adv: batadv0: Interface activated: batadv_slave_1
[  639.518333][T19395] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  639.521272][T19395] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  639.525544][T19395] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  639.529751][T19395] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  639.610120][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  639.619977][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  639.643844][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  639.650167][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  640.794623][ T5948] Bluetooth: hci2: command 0x040f tx timeout
[  642.802383][   T65] usb 11-1: new high-speed USB device number 21 using dummy_hcd
[  642.886965][   T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  642.966658][   T65] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  642.970285][   T65] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  642.973902][   T65] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  642.978305][   T65] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  642.981287][   T65] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.985442][   T65] usb 11-1: config 0 descriptor??
[  643.395879][   T65] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  643.398355][   T65] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  643.401403][   T65] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  643.408988][   T65] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  643.732426][   T65] usb 11-1: USB disconnect, device number 21
[  643.899180][   T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.953866][   T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.017931][   T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.100035][   T46] bridge_slave_1: left allmulticast mode
[  644.102096][   T46] bridge_slave_1: left promiscuous mode
[  644.104158][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  644.107545][   T46] bridge_slave_0: left allmulticast mode
[  644.109552][   T46] bridge_slave_0: left promiscuous mode
[  644.111590][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  644.436996][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  644.441024][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  644.445897][   T46] bond0 (unregistering): Released all slaves
[  644.764287][   T46] hsr_slave_0: left promiscuous mode
[  644.766536][   T46] hsr_slave_1: left promiscuous mode
[  644.768749][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  644.771284][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  644.774396][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  644.776903][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  644.801378][   T46] veth1_macvtap: left promiscuous mode
[  644.803369][   T46] veth0_macvtap: left promiscuous mode
[  644.805251][   T46] veth1_vlan: left promiscuous mode
[  644.807007][   T46] veth0_vlan: left promiscuous mode
[  644.991445][T14600] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  644.995867][T14600] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  645.005171][T14600] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  645.030854][T14600] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  645.055549][T14600] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  645.141089][  T837] usb 12-1: new high-speed USB device number 21 using dummy_hcd
[  645.282815][  T837] usb 12-1: device descriptor read/64, error -71
[  645.552849][  T837] usb 12-1: new high-speed USB device number 22 using dummy_hcd
[  645.762395][  T837] usb 12-1: device descriptor read/64, error -71
[  645.849069][   T46] team0 (unregistering): Port device team_slave_1 removed
[  645.850762][T19581] 9pnet: Unknown protocol version 9p20\++}
[  645.912466][  T837] usb usb12-port1: attempt power cycle
[  645.941834][   T46] team0 (unregistering): Port device team_slave_0 removed
[  646.292204][  T837] usb 12-1: new high-speed USB device number 23 using dummy_hcd
[  646.325437][  T837] usb 12-1: device descriptor read/8, error -71
[  646.452184][ T6007] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  646.562876][  T837] usb 12-1: new high-speed USB device number 24 using dummy_hcd
[  646.582690][  T837] usb 12-1: device descriptor read/8, error -71
[  646.612371][T19583] lo speed is unknown, defaulting to 1000
[  646.614879][T19583] lo speed is unknown, defaulting to 1000
[  646.617157][T19583] lo speed is unknown, defaulting to 1000
[  646.620530][T19576] lo speed is unknown, defaulting to 1000
[  646.625077][T19576] lo speed is unknown, defaulting to 1000
[  646.710239][T19583] infiniband s
z1: set active
[  646.711928][T19583] infiniband s
z1: added lo
[  646.712451][  T837] usb usb12-port1: unable to enumerate USB device
[  646.717090][ T6007] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  646.720604][ T6007] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  646.724105][ T6007] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  646.738562][T19583] RDS/IB: s
z1: added
[  646.739977][T19583] smc: adding ib device s
z1 with port count 1
[  646.742011][T19583] smc:    ib device s
z1 port 1 has pnetid 
[  646.745875][T19583] lo speed is unknown, defaulting to 1000
[  646.768691][T19576] chnl_net:caif_netlink_parms(): no params data found
[  646.772059][ T6007] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.836900][ T4958] lo speed is unknown, defaulting to 1000
[  646.843230][T19587] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  646.848931][ T6007] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  646.861333][T19583] lo speed is unknown, defaulting to 1000
[  646.986767][T18941] lo speed is unknown, defaulting to 1000
[  647.034668][T19583] lo speed is unknown, defaulting to 1000
[  647.063580][T19576] bridge0: port 1(bridge_slave_0) entered blocking state
[  647.063656][T19576] bridge0: port 1(bridge_slave_0) entered disabled state
[  647.063722][T19576] bridge_slave_0: entered allmulticast mode
[  647.069063][T19576] bridge_slave_0: entered promiscuous mode
[  647.070200][T19576] bridge0: port 2(bridge_slave_1) entered blocking state
[  647.070256][T19576] bridge0: port 2(bridge_slave_1) entered disabled state
[  647.070319][T19576] bridge_slave_1: entered allmulticast mode
[  647.071063][T19576] bridge_slave_1: entered promiscuous mode
[  647.091458][ T6007] usb 10-1: USB disconnect, device number 22
[  647.154218][T19583] lo speed is unknown, defaulting to 1000
[  647.165815][T19576] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  647.181629][T19576] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  647.192238][ T5948] Bluetooth: hci2: command tx timeout
[  647.273317][T19576] team0: Port device team_slave_0 added
[  647.277279][T19576] team0: Port device team_slave_1 added
[  647.337463][T19576] batman_adv: batadv0: Adding interface: batadv_slave_0
[  647.339813][T19576] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  647.362186][T19576] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  647.366577][T19576] batman_adv: batadv0: Adding interface: batadv_slave_1
[  647.368859][T19576] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  647.392268][T19576] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  647.457956][T19576] hsr_slave_0: entered promiscuous mode
[  647.460235][T19576] hsr_slave_1: entered promiscuous mode
[  647.883131][T19576] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  647.887636][T19576] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  647.893023][T19576] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  647.897264][T19576] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  647.946493][T19576] 8021q: adding VLAN 0 to HW filter on device bond0
[  647.958083][T19576] 8021q: adding VLAN 0 to HW filter on device team0
[  647.964598][ T1239] bridge0: port 1(bridge_slave_0) entered blocking state
[  647.966985][ T1239] bridge0: port 1(bridge_slave_0) entered forwarding state
[  647.975257][ T1239] bridge0: port 2(bridge_slave_1) entered blocking state
[  647.977587][ T1239] bridge0: port 2(bridge_slave_1) entered forwarding state
[  648.099383][T19576] 8021q: adding VLAN 0 to HW filter on device batadv0
[  648.134197][T19576] veth0_vlan: entered promiscuous mode
[  648.145554][T19576] veth1_vlan: entered promiscuous mode
[  648.164652][T19615] usb usb8: usbfs: process 19615 (syz.7.4370) did not claim interface 0 before use
[  648.167124][T19576] veth0_macvtap: entered promiscuous mode
[  648.175776][T19576] veth1_macvtap: entered promiscuous mode
[  648.185966][T19576] batman_adv: batadv0: Interface activated: batadv_slave_0
[  648.196299][T19576] batman_adv: batadv0: Interface activated: batadv_slave_1
[  648.200981][T19576] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  648.204108][T19576] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  648.207001][T19576] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  648.209950][T19576] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  648.298946][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.301567][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  648.321825][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.331576][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  649.272249][T14600] Bluetooth: hci2: command tx timeout
[  649.323928][T19642] lo speed is unknown, defaulting to 1000
[  649.328910][T19642] lo speed is unknown, defaulting to 1000
[  649.333993][T19642] lo speed is unknown, defaulting to 1000
[  649.834485][T19657] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4380'.
[  650.486006][T19666] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4384'.
[  650.582035][T19671] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4385'.
[  650.674701][T19678] netlink: 'syz.6.4387': attribute type 1 has an invalid length.
[  650.703954][T19678] bond1: entered promiscuous mode
[  650.706029][T19678] 8021q: adding VLAN 0 to HW filter on device bond1
[  650.744811][T19678] bond1: (slave veth7): making interface the new active one
[  650.747295][T19678] veth7: entered promiscuous mode
[  650.749574][T19678] bond1: (slave veth7): Enslaving as an active interface with an up link
[  650.766374][T19678] tipc: Resetting bearer <eth:team0>
[  650.788131][T19678] bond1: (slave veth7): Releasing backup interface
[  650.790373][T19678] veth7: left promiscuous mode
[  650.853411][T19687] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  650.939964][T19685] 
[  650.940810][T19685] ======================================================
[  650.943264][T19685] WARNING: possible circular locking dependency detected
[  650.945549][T19685] 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 Not tainted
[  650.948662][T19685] ------------------------------------------------------
[  650.951593][T19685] syz.7.4390/19685 is trying to acquire lock:
[  650.953697][T19685] ffff8880693cf940 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x4a6/0xd60
[  650.956830][T19685] 
[  650.956830][T19685] but task is already holding lock:
[  650.959215][T19685] ffff88801bf52088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[  650.962204][T19685] 
[  650.962204][T19685] which lock already depends on the new lock.
[  650.962204][T19685] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  650.965540][T19685] 
[  650.965540][T19685] the existing dependency chain (in reverse order) is:
[  650.968601][T19685] 
[  650.968601][T19685] -> #2 (&of->mutex){+.+.}-{4:4}:
[  650.971087][T19685]        __mutex_lock+0x199/0xb90
[  650.972750][T19685]        kernfs_fop_write_iter+0x28f/0x510
[  650.974656][T19685]        iter_file_splice_write+0x91c/0x1150
[  650.976608][T19685]        do_splice+0x1475/0x1fc0
[  650.978228][T19685]        __do_splice+0x32a/0x360
[  650.979856][T19685]        __ia32_sys_splice+0x189/0x250
[  650.981627][T19685]        __do_fast_syscall_32+0x73/0x120
[  650.983457][T19685]        do_fast_syscall_32+0x32/0x80
[  650.985201][T19685]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  650.987445][T19685] 
[  650.987445][T19685] -> #1 (&pipe->mutex){+.+.}-{4:4}:
[  650.989833][T19685]        __mutex_lock+0x199/0xb90
[  650.991482][T19685]        anon_pipe_write+0x15d/0x1a70
[  650.993219][T19685]        __kernel_write_iter+0x71d/0xa90
[  650.995033][T19685]        __kernel_write+0xf5/0x140
[  650.996710][T19685]        autofs_notify_daemon+0x4db/0xd60
[  650.998561][T19685]        autofs_wait+0x10ca/0x1a70
[  651.000258][T19685]        autofs_mount_wait+0x132/0x380
[  651.002031][T19685]        autofs_d_automount+0x390/0x7f0
[  651.003836][T19685]        __traverse_mounts+0x192/0x790
[  651.005607][T19685]        step_into+0x5aa/0x2270
[  651.007207][T19685]        walk_component+0xfc/0x5b0
[  651.008891][T19685]        path_lookupat+0x17e/0x780
[  651.010592][T19685]        filename_lookup+0x224/0x5f0
[  651.012323][T19685]        user_path_at+0x3a/0x60
[  651.013924][T19685]        __ia32_sys_mount+0x1fb/0x310
[  651.015678][T19685]        __do_fast_syscall_32+0x73/0x120
[  651.017500][T19685]        do_fast_syscall_32+0x32/0x80
[  651.019258][T19685]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  651.021480][T19685] 
[  651.021480][T19685] -> #0 (&sbi->pipe_mutex){+.+.}-{4:4}:
[  651.024050][T19685]        __lock_acquire+0x1173/0x1ba0
[  651.025796][T19685]        lock_acquire+0x179/0x350
[  651.027456][T19685]        __mutex_lock+0x199/0xb90
[  651.029100][T19685]        autofs_notify_daemon+0x4a6/0xd60
[  651.030980][T19685]        autofs_wait+0x10ca/0x1a70
[  651.032653][T19685]        autofs_mount_wait+0x132/0x380
[  651.034436][T19685]        autofs_d_automount+0x390/0x7f0
[  651.036234][T19685]        __traverse_mounts+0x192/0x790
[  651.038003][T19685]        step_into+0x5aa/0x2270
[  651.039604][T19685]        walk_component+0xfc/0x5b0
[  651.041271][T19685]        path_lookupat+0x17e/0x780
[  651.042945][T19685]        filename_lookup+0x224/0x5f0
[  651.044692][T19685]        kern_path+0x35/0x50
[  651.046238][T19685]        lookup_bdev+0xd8/0x280
[  651.047853][T19685]        resume_store+0x1d6/0x460
[  651.049494][T19685]        kobj_attr_store+0x55/0x80
[  651.051202][T19685]        sysfs_kf_write+0xef/0x150
[  651.052887][T19685]        kernfs_fop_write_iter+0x351/0x510
[  651.054789][T19685]        vfs_write+0x5ba/0x1180
[  651.056373][T19685]        ksys_write+0x12a/0x240
[  651.057966][T19685]        __do_fast_syscall_32+0x73/0x120
[  651.059812][T19685]        do_fast_syscall_32+0x32/0x80
[  651.061639][T19685]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  651.063856][T19685] 
[  651.063856][T19685] other info that might help us debug this:
[  651.063856][T19685] 
[  651.067118][T19685] Chain exists of:
[  651.067118][T19685]   &sbi->pipe_mutex --> &pipe->mutex --> &of->mutex
[  651.067118][T19685] 
[  651.071106][T19685]  Possible unsafe locking scenario:
[  651.071106][T19685] 
[  651.073498][T19685]        CPU0                    CPU1
[  651.075271][T19685]        ----                    ----
[  651.077011][T19685]   lock(&of->mutex);
[  651.078458][T19685]                                lock(&pipe->mutex);
[  651.080613][T19685]                                lock(&of->mutex);
[  651.082746][T19685]   lock(&sbi->pipe_mutex);
[  651.084247][T19685] 
[  651.084247][T19685]  *** DEADLOCK ***
[  651.084247][T19685] 
[  651.086860][T19685] 4 locks held by syz.7.4390/19685:
[  651.088572][T19685]  #0: ffff888069683278 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[  651.091468][T19685]  #1: ffff888022820420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[  651.094364][T19685]  #2: ffff88801bf52088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[  651.097472][T19685]  #3: ffff88801c3a5d28 (kn->active#64){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[  651.100632][T19685] 
[  651.100632][T19685] stack backtrace:
[  651.102548][T19685] CPU: 0 UID: 0 PID: 19685 Comm: syz.7.4390 Not tainted 6.15.0-rc5-syzkaller-00043-gd76bb1ebb558 #0 PREEMPT(full) 
[  651.102565][T19685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  651.102572][T19685] Call Trace:
[  651.102576][T19685]  <TASK>
[  651.102582][T19685]  dump_stack_lvl+0x116/0x1f0
[  651.102598][T19685]  print_circular_bug+0x275/0x350
[  651.102612][T19685]  check_noncircular+0x14c/0x170
[  651.102626][T19685]  __lock_acquire+0x1173/0x1ba0
[  651.102641][T19685]  lock_acquire+0x179/0x350
[  651.102654][T19685]  ? autofs_notify_daemon+0x4a6/0xd60
[  651.102670][T19685]  ? __pfx___might_resched+0x10/0x10
[  651.102681][T19685]  ? irqentry_exit+0x3b/0x90
[  651.102695][T19685]  __mutex_lock+0x199/0xb90
[  651.102709][T19685]  ? autofs_notify_daemon+0x4a6/0xd60
[  651.102722][T19685]  ? autofs_notify_daemon+0x45a/0xd60
[  651.102736][T19685]  ? autofs_notify_daemon+0x4a6/0xd60
[  651.102751][T19685]  ? __pfx___mutex_lock+0x10/0x10
[  651.102763][T19685]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  651.102777][T19685]  ? from_kgid_munged+0xab/0x130
[  651.102792][T19685]  ? autofs_notify_daemon+0x4a6/0xd60
[  651.102806][T19685]  autofs_notify_daemon+0x4a6/0xd60
[  651.102820][T19685]  ? __pfx_autofs_notify_daemon+0x10/0x10
[  651.102835][T19685]  ? sysfs_kf_write+0xef/0x150
[  651.102846][T19685]  ? kernfs_fop_write_iter+0x351/0x510
[  651.102858][T19685]  ? vfs_write+0x5ba/0x1180
[  651.102871][T19685]  ? lockdep_init_map_type+0x5c/0x280
[  651.102883][T19685]  ? lockdep_init_map_type+0x5c/0x280
[  651.102896][T19685]  autofs_wait+0x10ca/0x1a70
[  651.102911][T19685]  ? __pfx_autofs_wait+0x10/0x10
[  651.102924][T19685]  ? __pfx_path_check_mount+0x10/0x10
[  651.102935][T19685]  ? find_held_lock+0x2b/0x80
[  651.102943][T19685]  ? path_has_submounts+0xcb/0x120
[  651.102955][T19685]  ? preempt_schedule_thunk+0x16/0x30
[  651.102970][T19685]  ? preempt_schedule_common+0x44/0xc0
[  651.102983][T19685]  autofs_mount_wait+0x132/0x380
[  651.102997][T19685]  autofs_d_automount+0x390/0x7f0
[  651.103011][T19685]  __traverse_mounts+0x192/0x790
[  651.103024][T19685]  step_into+0x5aa/0x2270
[  651.103039][T19685]  ? __pfx_step_into+0x10/0x10
[  651.103052][T19685]  ? __pfx___up_read+0x10/0x10
[  651.103065][T19685]  ? walk_component+0x35e/0x5b0
[  651.103078][T19685]  ? lookup_fast+0x156/0x610
[  651.103092][T19685]  walk_component+0xfc/0x5b0
[  651.103105][T19685]  path_lookupat+0x17e/0x780
[  651.103120][T19685]  filename_lookup+0x224/0x5f0
[  651.103135][T19685]  ? __pfx_filename_lookup+0x10/0x10
[  651.103153][T19685]  ? getname_kernel+0x52/0x370
[  651.103163][T19685]  ? __asan_memcpy+0x3c/0x60
[  651.103173][T19685]  kern_path+0x35/0x50
[  651.103186][T19685]  lookup_bdev+0xd8/0x280
[  651.103197][T19685]  ? __pfx_lookup_bdev+0x10/0x10
[  651.103208][T19685]  ? resume_store+0x1b8/0x460
[  651.103221][T19685]  ? __asan_memcpy+0x3c/0x60
[  651.103230][T19685]  resume_store+0x1d6/0x460
[  651.103243][T19685]  ? __pfx_resume_store+0x10/0x10
[  651.103258][T19685]  ? find_held_lock+0x2b/0x80
[  651.103267][T19685]  ? __pfx_resume_store+0x10/0x10
[  651.103280][T19685]  kobj_attr_store+0x55/0x80
[  651.103293][T19685]  ? __pfx_kobj_attr_store+0x10/0x10
[  651.103309][T19685]  sysfs_kf_write+0xef/0x150
[  651.103322][T19685]  kernfs_fop_write_iter+0x351/0x510
[  651.103333][T19685]  ? __pfx_sysfs_kf_write+0x10/0x10
[  651.103347][T19685]  vfs_write+0x5ba/0x1180
[  651.103355][T19685]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  651.103367][T19685]  ? __pfx___mutex_lock+0x10/0x10
[  651.103379][T19685]  ? __pfx_vfs_write+0x10/0x10
[  651.103391][T19685]  ksys_write+0x12a/0x240
[  651.103399][T19685]  ? __pfx_ksys_write+0x10/0x10
[  651.103408][T19685]  ? rcu_is_watching+0x12/0xc0
[  651.103417][T19685]  ? rcu_is_watching+0x12/0xc0
[  651.103426][T19685]  __do_fast_syscall_32+0x73/0x120
[  651.103439][T19685]  do_fast_syscall_32+0x32/0x80
[  651.103452][T19685]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  651.103464][T19685] RIP: 0023:0xf70be579
[  651.103473][T19685] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  651.103483][T19685] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  651.103492][T19685] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000000
[  651.103499][T19685] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000
[  651.103505][T19685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  651.103510][T19685] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  651.103516][T19685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  651.103525][T19685]  </TASK>
[  651.336498][T19685] PM: Image not found (code -6)
[  651.495001][ T1239] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.632627][ T1239] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.676134][ T1239] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.745447][ T1239] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.872817][ T1239] tipc: Resetting bearer <eth:geneve1>
[  651.899953][ T1239] tipc: Disabling bearer <eth:geneve1>
[  652.036815][ T1239] bond0 (unregistering): Released all slaves
[  652.111554][ T1239] bond1 (unregistering): Released all slaves
[  652.181287][ T1239] tipc: Disabling bearer <eth:team0>
[  652.188361][ T1239] tipc: Left network mode
[  652.307053][ T1239] mac80211_hwsim hwsim38 wlan0 (unregistering): left allmulticast mode
[  652.416450][ T1239] hsr_slave_0: left promiscuous mode
[  652.418439][ T1239] hsr_slave_1: left promiscuous mode
[  652.422715][ T1239] veth0_macvtap: left promiscuous mode
[  652.425224][ T1239] veth1_vlan: left promiscuous mode
[  652.427566][ T1239] veth0_vlan: left promiscuous mode
[  653.213482][ T5978] lo speed is unknown, defaulting to 1000
[  653.216016][ T5978] infiniband syz2: ib_query_port failed (-19)
[  653.625154][ T1239] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  653.628505][ T1239] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  653.706023][ T1239] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  653.710411][ T1239] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  653.786603][ T1239] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  653.791018][ T1239] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  653.901563][ T1239] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  653.905187][ T1239] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  653.997786][ T1239] tipc: Resetting bearer <eth:geneve1>
[  654.024159][ T1239] tipc: Disabling bearer <eth:geneve1>
[  654.326522][ T1239] bond0 (unregistering): Released all slaves
[  654.401045][ T1239] bond1 (unregistering): Released all slaves
[  654.405878][ T1239] bond2 (unregistering): (slave bond3): Releasing backup interface
[  654.409173][ T1239] bond2 (unregistering): Released all slaves
[  654.483882][ T1239] bond3 (unregistering): Released all slaves
[  654.561221][ T1239] tipc: Disabling bearer <eth:team0>
[  654.568090][ T1239] tipc: Left network mode
[  654.860243][ T1239] hsr_slave_0: left promiscuous mode
[  654.863129][ T1239] hsr_slave_1: left promiscuous mode
[  654.867943][ T1239] veth0_macvtap: left promiscuous mode
[  654.870621][ T1239] veth1_vlan: left promiscuous mode
[  655.579093][   T64] smc: removing ib device s
z1
[  655.581198][ T6007] lo speed is unknown, defaulting to 1000
[  655.583356][ T6007] s
z1: Port: 1 Link DOWN

VM DIAGNOSIS:
15:22:48  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000062 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854c2075 RDI=ffffffff9addfbc0 RBP=ffffffff9addfb80 RSP=ffffc9000407ea98
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e35312e36
R12=0000000000000000 R13=0000000000000062 R14=ffffffff9addfb80 R15=ffffffff854c2010
RIP=ffffffff854c209f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977ec000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3065fd CR3=000000004d132000 CR4=00352ef0
DR0=0000000000000000 DR1=000000000000000a DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000008 RCX=ffffffff84d41ef4 RDX=ffff888021bc4880
RSI=ffffffff84d41f03 RDI=0000000000000001 RBP=ffffc9000230f328 RSP=ffffc9000230f0c0
R8 =0000000000000001 R9 =0000000000000040 R10=0000000000000009 R11=0000000000000012
R12=0000000000000009 R13=ffffc9000230f178 R14=ffff88807fe0999c R15=0000000000000008
RIP=ffffffff81baad11 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f0f8d87d300 ffffffff 00c00000
GS =0000 ffff8880978ec000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055e2cca52000 CR3=000000004ecf8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=000000000000f0c7 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000003000000012 0004000000080024 0000000000280034
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000112f 0000001400000000 0000000000000000 000000000000001c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0180808080808080 8082080004080006 006fae12000002e3 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 020fffffffff020f ffffffff02060108 d40c800800040800 22080006016ff220
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800028002010000 000806060101ba02 d40200028e032802 00028c0328020002
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8a0302d802000288 0302b8c604840002 8403040400028003 0808000380020180
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8080808080808408 000c080001000000 08060a016dc801f4 0800038003000800
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1006060172ee0000 0000000000000000 0000000000000000 000001ffffffffff
ZMM25=99a4e68d99a4e68d 99a4e68d99a4e68d 99a4e68d99a4e68d 99a4e68d99a4e68d 99a4e68d99a4e68d 99a4e68d99a4e68d 99a4e68d99a4e68d 99a4e68d99a4e68d
ZMM26=61d8d69d61d8d69d 61d8d69d61d8d69d 61d8d69d61d8d69d 61d8d69d61d8d69d 61d8d69d61d8d69d 61d8d69d61d8d69d 61d8d69d61d8d69d 61d8d69d61d8d69d
ZMM27=8b213fb78b213fb7 8b213fb78b213fb7 8b213fb78b213fb7 8b213fb78b213fb7 8b213fb78b213fb7 8b213fb78b213fb7 8b213fb78b213fb7 8b213fb78b213fb7
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=6e1900006e190000 6e1900006e190000 6e1900006e190000 6e1900006e190000 6e1900006e190000 6e1900006e190000 6e1900006e190000 6e1900006e190000
info registers vcpu 2

CPU#2
RAX=000000000093971c RBX=0000000000000002 RCX=ffffffff8b6953e9 RDX=ffffed10056865be
RSI=ffffffff8bf46be0 RDI=ffffffff81913241 RBP=ffffed1003b57910 RSP=ffffc9000047fdf8
R8 =0000000000000000 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000000001
R12=0000000000000002 R13=ffff88801dabc880 R14=ffffffff90852310 R15=0000000000000000
RIP=ffffffff8b693c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979ec000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7446188 CR3=000000005c599000 CR4=00352ef0
DR0=0000000000000000 DR1=000000000000000a DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000000 RBX=ffffffff8e416900 RCX=ffff888021d924d0 RDX=1ffff11008158ca7
RSI=0000000000000000 RDI=ffff888040ac6538 RBP=0000000000000000 RSP=ffffc9000478f8b0
R8 =0000000000000000 R9 =0000000000000000 R10=1ffff110043b249f R11=0000000000000003
R12=0000000000000004 R13=0000000000000003 R14=ffff888040ac64b0 R15=ffff88802b539f00
RIP=ffffffff81963beb RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097aec000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080018000 CR3=0000000026674000 CR4=00352ef0
DR0=0000000000000000 DR1=000000000000000a DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000