last executing test programs:

2m22.510381214s ago: executing program 0 (id=1350):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x2, 0x18, 0x0, 0x2, 0xc, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x80ff}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}]}, 0x60}, 0x1, 0x7}, 0x0)

2m22.510038181s ago: executing program 0 (id=1352):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x24, 0x25, 0x4ee4e6a52ff56541, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0x5, 0x10}, {0x0, 0x1}, {0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x240080ca)

2m22.421247054s ago: executing program 0 (id=1353):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a652e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20546c2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d00", 0x2000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
mount(&(0x7f0000000140)=@md0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='anon_inodefs\x00', 0x1009000, &(0x7f0000000200)='-$+\x00')
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000074000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021380011800a0001006c696d6974000000280002800c00024000000000000000030c00014000000000000001010c0001400000000000000101b81700000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000008c1703800c0000800800034000000002"], 0x1874}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000008)

2m22.369963625s ago: executing program 0 (id=1355):
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'veth0_to_batadv\x00', &(0x7f0000000180)=@ethtool_channels={0x3d, 0x9, 0x9, 0x83, 0xfff, 0x5, 0x3c, 0x3, 0x5}})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab08", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r3, 0x0, 0x2, &(0x7f0000000180)={0xfffc, [0xffffffff, 0x10000]}, 0x10)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$fuse(0x0, 0x0, 0x0, 0x100000, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
r6 = getpgid(r5)
setpgid(0x0, r6)
open$dir(&(0x7f0000000000)='./file1\x00', 0xda080, 0x29)

2m22.156531086s ago: executing program 0 (id=1359):
socket$can_raw(0x1d, 0x3, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001d80)=ANY=[@ANYBLOB="380000003f000b00000000000000000403"], 0x38}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc0c4}, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f00000000c0)={0x1f, 0xffff, 0x3}, 0x6)
r5 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0x11e, 0x400, 0x3, 0x319}, &(0x7f0000000140)=<r6=>0x0, &(0x7f0000000400)=<r7=>0x0)
r8 = socket(0x1d, 0x2, 0x6)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001ec0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r9, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000900)={0x1c, r10, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffff8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000340)=@IORING_OP_ACCEPT={0xd, 0x40, 0x4, r8, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
fspick(0xffffffffffffffff, 0x0, 0x0)
write(r4, &(0x7f0000000000)="3f000000010000", 0x7)
r11 = syz_open_procfs(0x0, &(0x7f0000000580)='net/tcp6\x00')
preadv(r11, &(0x7f0000000780), 0x0, 0x1ef, 0x0)
mmap$dsp(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000008, 0x12, r11, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000c0000000c0005810800010075647000"], 0x20}, 0x1, 0x0, 0x0, 0x2002c841}, 0x0)
r12 = socket$kcm(0x29, 0x7, 0x0)
sendmsg$kcm(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d4bf424a797732806d75d85be21b0f89bba6e549b70a91d916cc2178889e69c31ac741d94dbb48c2ebf9afddbe19", 0x2e}, {&(0x7f00000001c0)="1980087ebf875f05751b0110b5de8788325b3d904ab4ab970d08ac6b08fee0fda36f9653e487988f7622de35a35b6a8e59848788877daaa1c73b76abf9add121eb6bdbff98eba05995413de0e281deeecbda7160f32a0664df29a2468b275eb4a6cbdf98708c56f41bca4ce419c3bf980f5d60c4eac39b23817cb170eae257be205a2c58c4c9ad4583407c37b2af364726e5a8e12349147ee7e5fa2e9247c6f71324b480e843024fe44736abae29529e8ccc55af8a28f653d9e5", 0xba}, {&(0x7f0000000100)="bf4448d84ff18a244cefb138290c41850fc3785f078604e298739e62cc7da84dc25a899ca244dc2bfbb0c131166e864d8167a45534b20d23ba9e2f6d6cdd906d84aaa143a3f48d33390f627ac669c690d5799fb6f150786ad5f76f51143045b4", 0x60}], 0x3, &(0x7f0000004f40)=ANY=[@ANYRES8=r7], 0x3174}, 0xc001)
socket$kcm(0x10, 0x2, 0x0)

2m21.551117418s ago: executing program 0 (id=1365):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000040)={r3}, 0x8)
close(r4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffd}, 0x39)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
pipe(&(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
read$FUSE(r6, &(0x7f0000004380)={0x2020}, 0x2020)
write$P9_RGETLOCK(r7, 0x0, 0x200002e6)

2m21.452742654s ago: executing program 32 (id=1365):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000040)={r3}, 0x8)
close(r4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffd}, 0x39)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
pipe(&(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
read$FUSE(r6, &(0x7f0000004380)={0x2020}, 0x2020)
write$P9_RGETLOCK(r7, 0x0, 0x200002e6)

19.037487946s ago: executing program 3 (id=2385):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r0, &(0x7f0000000080), 0x12)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000340), &(0x7f0000000180))
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000003f80)=""/4086)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r3, &(0x7f0000000d00)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffc}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000400)="b8", 0x1}], 0x1, 0x0, 0x0, 0x5dc}}, {{&(0x7f0000000080)={0xa, 0x4e20, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x45af}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000340)="01", 0x1}], 0x1b6}}], 0x2, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0)
cachestat(r4, &(0x7f0000000180)={0xffffffffffffffff, 0x80000000}, &(0x7f0000000200), 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r5, &(0x7f0000006840)={0x2020, 0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(r5, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r5, &(0x7f0000004200)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0x0, 0x2000, 0x200, 0xfffffffe, 0x5b, 0x0, 0x0, 0x0, 0x3}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000, 0x0, r7, 0x0, 0x440}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x78, 0x30, 0xb, 0x0, 0x0, {}, [{0x64, 0x1, [@m_ct={0x60, 0x1, 0x0, 0x0, {{0x7}, {0x38, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x7}, @TCA_CT_LABELS_MASK={0x14, 0x8, "193fa665cb68f13b9239a3b09cec760f"}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0)
open(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x0)

18.019260921s ago: executing program 3 (id=2389):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x9)
r1 = getpid()
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000680)={0x0, 0xfb, "9b203d395f8c9e93197ec2170bb3a9e49435f528fbd7cb92a09d1da80f10c50ea47e8a621349e16780ebb5bc0f1e90ce779a9092afe18dad066caa890979c52520b42f8c9101fb187a55e0e4ac91c02bfc2ab0341229c5d3b17f9e09b841f60dde961ecb331fe86080b5caabdf4f6d07a65c2f074a81d3b5a863dfe7bc1f935a05899d471bd853a71590cb6819356567d47fadfb3886dfb8d3fa58c8dd3a450f260ea41b7dd0ff1561794f5678f3c060f618c38bd446d0dd7c77a7ed9824c8b7b694720afcfaf6942cef32d45195218f3c0250821b574330e38773436fd46b9a044a95cb5cbb7d2ddb3eb6ffebf30497968d4e699ec68c1d1d84aa"}, &(0x7f0000000600)=0x103)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000280)={0x10, 0x7d, 0x60b})
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1c, 0xa, &(0x7f00000002c0)=@raw=[@jmp={0x5, 0x0, 0xc, 0x4, 0x4, 0x18}, @map_idx={0x18, 0xa, 0x5, 0x0, 0xd}, @tail_call, @btf_id={0x18, 0x2, 0x3, 0x0, 0x5}], &(0x7f0000000100)='GPL\x00', 0x7, 0x3f, &(0x7f0000000240)=""/63, 0x41100, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xaa81, 0xffffffffffffffff, 0x8, &(0x7f0000000340)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000480)=[{0x3, 0x5, 0x1}, {0x5, 0x2, 0xb}, {0x1, 0x3, 0x4, 0x7}, {0x0, 0x4, 0x2, 0x9}, {0x5, 0x1, 0x8, 0x9}, {0x0, 0x3, 0xd, 0xa}, {0x1, 0x2, 0x5, 0xb}, {0x5, 0x2, 0x4, 0x6}], 0x10, 0x80, @void, @value}, 0x94)
r7 = openat$bsg(0xffffff9c, &(0x7f0000000380), 0x200000, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000005c0)={r6, r7}, 0xc)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
ioctl$TCSETSF(r9, 0x5404, &(0x7f00000000c0)={0x12, 0xc2cf, 0xb, 0x4, 0xb, "000000000000000000008000"})
read$FUSE(r9, &(0x7f0000004200)={0x2020}, 0x2020)
openat$cgroup_type(r9, &(0x7f0000000040), 0x2, 0x0)
r10 = dup(r4)
write$UHID_INPUT(r10, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d1bf91b4d090955f70e06d038e7ff7fc6e5539b0d3f0e8b089b3f35076e090890e0878f0e1ac6e7049b3346959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x96d)

16.879723541s ago: executing program 3 (id=2397):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000000})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1c1900, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_DEBUGREGS(r4, 0x4080aea2, &(0x7f0000000040)={[0x7777f001, 0xdddd0000, 0x1000, 0xeeee0000], 0xcd, 0x99, 0x6})
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$sock_SIOCINQ(r5, 0x541b, 0x0)
r6 = dup3(r1, r0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00', 0x802, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140))
socket$inet_tcp(0x2, 0x1, 0x0)
r7 = syz_open_dev$video(&(0x7f00000001c0), 0x8, 0x680)
ioctl$VIDIOC_G_FMT(r7, 0xc0d05604, &(0x7f0000000040)={0xa, @pix={0x4, 0x3, 0x34363248, 0x2, 0x1, 0x0, 0xc, 0x114c, 0x0, 0x3, 0x2, 0x5}})
ioctl$SNAPSHOT_FREE(r6, 0x3305)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
r8 = openat$binderfs(0xffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r8, 0xc00c6211, &(0x7f00000002c0))

16.76073264s ago: executing program 3 (id=2399):
r0 = socket$inet6(0xa, 0x5, 0x200039)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000440), &(0x7f0000000480)=0x31)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x5a)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r2, 0x0)
setpgid(0x0, r2)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000a0, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x40400, 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r4}, './file0\x00'})
setsockopt$inet6_int(r0, 0x29, 0x31, 0x0, 0x0)

16.65050894s ago: executing program 3 (id=2400):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[], 0xa8}}, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000000)={0x202, 0x0, 0x7, 0xffffffff}, 0x10)
syz_open_dev$vivid(&(0x7f0000000040), 0x1, 0x2)
sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)

16.430275455s ago: executing program 3 (id=2402):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
kexec_load(0x10, 0x0, 0x0, 0x2a0000)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r4, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
syz_io_uring_setup(0x88f, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xc12, 0x0, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace(0x10, r7)
ptrace(0x420e, r7)
fcntl$lock(r5, 0x25, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
getsockname$packet(r6, &(0x7f0000000180)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@delchain={0xd14, 0x65, 0x400, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xc}, {0xffff, 0xf}, {0x3, 0x8}}, [@TCA_RATE={0x6, 0x5, {0xa, 0x3}}, @filter_kind_options=@f_basic={{0xa}, {0xcd4, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xe, 0xa}}, @TCA_BASIC_POLICE={0x18, 0x4, [@TCA_POLICE_RESULT={0x8, 0x5, 0xd4}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}]}, @TCA_BASIC_ACT={0x4}, @TCA_BASIC_POLICE={0xcac, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x828, 0x80000001, 0xb, 0x19d, 0xa3000000, 0x4bb3, 0xc, 0x304d39c3, 0x5, 0x9, 0x86, 0xfffffffa, 0x80000001, 0xffff8001, 0x3, 0x3, 0x7, 0x1ff, 0x1, 0xfffffff7, 0x401, 0x8, 0xd8ae, 0x9, 0xffff28ae, 0x6, 0xf, 0x0, 0x2ad, 0xfd, 0x2, 0x2, 0x6, 0xe, 0xd50c, 0xe14400, 0x80000001, 0x4, 0x6, 0x2, 0xffffffff, 0x1, 0x8000, 0x5, 0x6, 0x0, 0x4, 0x5, 0x3, 0x101, 0x10, 0x0, 0x3, 0xfffffffa, 0x5, 0x6, 0x1, 0x7, 0x6, 0x7, 0xfff, 0x9, 0x45, 0x1, 0xe04, 0x1, 0x40, 0x9, 0x800, 0xc0, 0x7, 0x70, 0xfff, 0x4, 0xfffffffb, 0x6, 0x64f, 0x8, 0xffffffff, 0x7, 0x5, 0x38, 0x7, 0x75c, 0xffff, 0x0, 0x2c6, 0x80000001, 0x6, 0x9, 0x4, 0x8, 0x7, 0x4536, 0x5, 0x2, 0x80, 0x4, 0x40, 0x4, 0x5, 0x0, 0x8001, 0x7, 0xfffffe01, 0x9, 0x0, 0x3a, 0x4, 0x2, 0x5494, 0x3, 0x2, 0x2, 0xff73, 0xfffffff9, 0x9, 0x4, 0xc2, 0x54910af0, 0xb8a, 0x81b4, 0x0, 0x7, 0x1000, 0xaf7, 0x4, 0xaf, 0x8, 0x8, 0x800, 0x0, 0x51a85852, 0x7, 0x10, 0x7, 0x7ff, 0x1ff, 0x7fffffff, 0x8, 0x19e, 0x1000, 0x6, 0x7, 0x3, 0x0, 0x401, 0x1, 0x0, 0xe, 0x6f8677, 0xfff, 0x2, 0x5, 0x4, 0x5, 0x2c7d, 0x6, 0x6, 0x1000, 0x2, 0x101, 0xa8000000, 0x80000000, 0x81, 0x3, 0x0, 0x5314, 0x0, 0x5, 0x8, 0xc8, 0x7, 0x6, 0x8, 0x5, 0x8, 0x9, 0x8, 0x20e, 0x0, 0x7f, 0x8, 0x88, 0x0, 0x8, 0x9, 0x3, 0x1, 0x100, 0x7ff, 0x2, 0x2, 0x0, 0x8, 0x3ff, 0xb9, 0x7ff, 0xe50, 0x3, 0x3, 0x2, 0x62, 0x200, 0x1, 0x3, 0x10001, 0x7, 0x9, 0xe, 0x1, 0x9, 0x2, 0x4, 0x4, 0x6, 0x2, 0x8, 0x4, 0x3, 0x9, 0x5, 0xf20, 0xfffffffd, 0x5, 0xe73, 0x1, 0x5, 0x3, 0x1, 0xb, 0x8000, 0x5, 0x0, 0x3, 0x9, 0x1, 0x4, 0x5, 0xfff, 0x6, 0x7, 0xfff, 0xcce, 0x7ff, 0x236c55ef, 0x7, 0x0, 0x3, 0xfff, 0x3, 0x2, 0x7f, 0xa, 0x8623, 0x9]}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x4, 0x200, 0x2, 0x80, 0x9, 0x7ff, 0x19, 0x3ff, 0x6, 0x1, 0x7, 0x290f, 0xef83, 0x2, 0x7, 0x7, 0x9, 0x3, 0x5, 0x2, 0x101, 0x1, 0x7, 0xb, 0x3, 0x4, 0x4, 0x6, 0xfffffffc, 0x280, 0xfb, 0x2, 0xfffffffb, 0x4, 0x6, 0x8, 0x9, 0x3, 0x8, 0x17, 0x823, 0xf1, 0xaa93, 0x9, 0x200, 0x7, 0x4, 0x200000, 0x6, 0x7f, 0xe, 0x6, 0x7fffffff, 0x3, 0x3, 0x1, 0x81, 0x2, 0x3, 0x3, 0xb7df, 0x8000, 0x3ff, 0x2, 0x80000001, 0xfffffffb, 0x4, 0x1000, 0x101, 0x8, 0xfffffffd, 0x5, 0x1, 0x80000000, 0x1, 0xe9c, 0x7, 0x0, 0x5d, 0x3f6, 0x7f, 0x800, 0x9, 0x8, 0x81, 0x9, 0x9, 0x1, 0x5, 0x0, 0x5, 0x100, 0x40, 0x9, 0x7, 0xde, 0x1, 0x1, 0xce34, 0x495, 0x5, 0x6, 0x2, 0x1, 0x5, 0xdb, 0x11, 0x6dd4, 0x5, 0xfffffffd, 0xad20, 0x8, 0x8, 0x80, 0xe, 0x8, 0x3, 0x1ff, 0x7fff, 0x6, 0x9, 0x8, 0x80000000, 0x3, 0xa, 0x3, 0x61, 0x401, 0x7, 0x4, 0x6, 0xb32, 0x1, 0x1, 0xe6, 0x200000, 0x0, 0x5, 0x100, 0x70000000, 0x0, 0x9, 0xffff, 0x9, 0x3894, 0x8, 0x8, 0x0, 0x1, 0x5, 0x9, 0x400, 0x61f, 0x4, 0x3, 0x27, 0x6, 0x8001, 0x6, 0x7f, 0xffffffff, 0x80, 0x3, 0x7ebb, 0x1, 0x800, 0x1, 0x6, 0x90000000, 0x9, 0x8a1d, 0x545, 0x800, 0x85, 0x7ff, 0xfffff001, 0xe, 0x9, 0x8, 0xfffffffc, 0x401, 0x7, 0x2, 0xb2, 0x0, 0x0, 0x3, 0x100000, 0x7fffffff, 0x6, 0x0, 0x4, 0xfffffbff, 0x4, 0x3, 0x3ff, 0x0, 0x80000001, 0x7f, 0x3, 0x7b45, 0x7, 0x8, 0x8, 0x9, 0xf, 0x8, 0x3, 0x4, 0x6, 0x7, 0x8, 0xb, 0x6d5, 0x3, 0x100007, 0x0, 0x40, 0x1, 0xd46c, 0x4, 0xc1, 0x882, 0x2, 0x0, 0x1, 0x1, 0x7, 0x10, 0x5, 0x4, 0xfffffff6, 0xc14, 0x6d, 0xffff8000, 0xfffffffe, 0x7, 0xffffffff, 0x8, 0xd2e, 0x4, 0x0, 0x3ff, 0x1, 0x7, 0x1, 0x9, 0x80, 0x1, 0x17cc, 0x5, 0x5, 0x80000001, 0x1, 0x3]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x52}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x6, 0x9, 0x7ff, 0xb, {0x1, 0x0, 0x4, 0x5, 0x4, 0x10}, {0x4, 0x1, 0x3ff, 0x2ae, 0x1, 0x1}, 0x0, 0x0, 0x2}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x1000}, @TCA_POLICE_RESULT={0x8, 0x5, 0xce}, @TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x4, 0x0, 0xf, 0x9c, {0x5, 0x0, 0x7f, 0xfffd, 0x9, 0x8}, {0xa1, 0x1, 0x93e, 0x101, 0x8, 0x2d1}, 0x6, 0xa9}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x10000, 0x3, 0xee09, 0x4, 0x7, 0x80, 0x4, 0x8000, 0x8, 0x27, 0x8, 0x0, 0x8, 0x6, 0x5, 0x2, 0x9, 0xad, 0x0, 0x4, 0x101, 0x6a9b1220, 0x4, 0xcb, 0x0, 0x4, 0x3, 0x6, 0x2, 0x5, 0x47, 0x0, 0x9, 0x2, 0x1ff, 0x730e, 0x8, 0x3, 0xe, 0x3, 0x0, 0x6e3, 0x4, 0x100, 0x9, 0x6, 0x7, 0x2, 0x3, 0x2, 0x100, 0x46, 0x40000000, 0x5, 0x1, 0xc, 0xffff, 0x400, 0x10000, 0xd8, 0x7, 0xaac, 0x1, 0xfffffffa, 0xf, 0x101, 0x1, 0x5, 0x3, 0x1000, 0x75, 0x29bf, 0x8000, 0xe1f, 0x6253, 0xa, 0x8001, 0xb1, 0x87, 0xfa4, 0x10000, 0x3, 0x6, 0x1, 0x5, 0xe0, 0x6, 0x7, 0x7, 0x5, 0x2, 0xfffffe00, 0x3, 0x26da, 0x7, 0xffff8001, 0x0, 0xe29e, 0x1, 0x8a, 0x4, 0x800, 0x2, 0x3, 0x7, 0x4bfc, 0xb, 0x8000, 0x9, 0x200, 0x2, 0x80, 0x8, 0x5, 0x8, 0x676ebe46, 0x8, 0xffff67c4, 0x1, 0x90, 0x240, 0x8, 0x8, 0x9, 0x9, 0x4, 0x5, 0x0, 0x1ff, 0xf, 0x9, 0x80000001, 0x219, 0x0, 0x5, 0x1d7, 0xffffff58, 0x0, 0x0, 0xc, 0xaf1, 0xffffffdf, 0x0, 0x0, 0x4, 0xe9e, 0x7fff, 0xcb, 0x1baa, 0x7fff, 0x7, 0x3c91, 0x4, 0x6cf, 0x9, 0x8, 0x221, 0x1, 0xb, 0x8, 0x0, 0x1, 0x3, 0xb, 0xfffffff7, 0x4f8930a7, 0x84, 0x9, 0x9, 0xccc7, 0x6f24, 0xfffffffe, 0x2, 0x6, 0xb86, 0x0, 0x101, 0xba11, 0x3, 0xa1d, 0x40, 0x0, 0x2, 0x3ff, 0x4, 0x7, 0x1, 0x3, 0x10001, 0x2, 0xa8e4, 0x7, 0x401, 0x9, 0x26, 0x0, 0x5, 0x80000000, 0x3, 0x3, 0xe, 0x0, 0x0, 0x9, 0xb, 0x66b, 0xffff, 0x4, 0x0, 0x6, 0x8, 0x7, 0x200, 0xa000, 0x6c, 0x3d, 0xffffff01, 0x200, 0x16d, 0x8001, 0x3b, 0x16, 0x80, 0x9, 0x3, 0xd376, 0x6d05, 0xd, 0xffff, 0x1, 0x9, 0x4, 0x7, 0x0, 0x22, 0xd, 0x5, 0x0, 0x1, 0x8, 0x26b, 0x59b6, 0x0, 0x6, 0x7fff, 0x91, 0x3, 0x4, 0x8, 0x8001, 0xe1f, 0x3, 0xb439, 0x1000, 0x5, 0x6]}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x7196}]}, 0xd14}}, 0x4010)
r9 = syz_io_uring_setup(0x7cec, 0x0, &(0x7f0000000180)=<r10=>0x0, &(0x7f0000000880)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r9, 0x708, 0x41e3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, &(0x7f0000000300)="1dc25645f4b230d1d8f005824c78ba746fd985a21b98b3e5e43365af3265c79d6c4ebbe9e141adc8175e5324bf3d689f7135bde2f706ee8025b986b0dcf5092de087fe86", 0x4}, 0x50)
socket$inet6_tcp(0xa, 0x1, 0x0)

16.359848148s ago: executing program 33 (id=2402):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
kexec_load(0x10, 0x0, 0x0, 0x2a0000)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r4, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
syz_io_uring_setup(0x88f, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xc12, 0x0, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace(0x10, r7)
ptrace(0x420e, r7)
fcntl$lock(r5, 0x25, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
getsockname$packet(r6, &(0x7f0000000180)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@delchain={0xd14, 0x65, 0x400, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xc}, {0xffff, 0xf}, {0x3, 0x8}}, [@TCA_RATE={0x6, 0x5, {0xa, 0x3}}, @filter_kind_options=@f_basic={{0xa}, {0xcd4, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xe, 0xa}}, @TCA_BASIC_POLICE={0x18, 0x4, [@TCA_POLICE_RESULT={0x8, 0x5, 0xd4}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}]}, @TCA_BASIC_ACT={0x4}, @TCA_BASIC_POLICE={0xcac, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x828, 0x80000001, 0xb, 0x19d, 0xa3000000, 0x4bb3, 0xc, 0x304d39c3, 0x5, 0x9, 0x86, 0xfffffffa, 0x80000001, 0xffff8001, 0x3, 0x3, 0x7, 0x1ff, 0x1, 0xfffffff7, 0x401, 0x8, 0xd8ae, 0x9, 0xffff28ae, 0x6, 0xf, 0x0, 0x2ad, 0xfd, 0x2, 0x2, 0x6, 0xe, 0xd50c, 0xe14400, 0x80000001, 0x4, 0x6, 0x2, 0xffffffff, 0x1, 0x8000, 0x5, 0x6, 0x0, 0x4, 0x5, 0x3, 0x101, 0x10, 0x0, 0x3, 0xfffffffa, 0x5, 0x6, 0x1, 0x7, 0x6, 0x7, 0xfff, 0x9, 0x45, 0x1, 0xe04, 0x1, 0x40, 0x9, 0x800, 0xc0, 0x7, 0x70, 0xfff, 0x4, 0xfffffffb, 0x6, 0x64f, 0x8, 0xffffffff, 0x7, 0x5, 0x38, 0x7, 0x75c, 0xffff, 0x0, 0x2c6, 0x80000001, 0x6, 0x9, 0x4, 0x8, 0x7, 0x4536, 0x5, 0x2, 0x80, 0x4, 0x40, 0x4, 0x5, 0x0, 0x8001, 0x7, 0xfffffe01, 0x9, 0x0, 0x3a, 0x4, 0x2, 0x5494, 0x3, 0x2, 0x2, 0xff73, 0xfffffff9, 0x9, 0x4, 0xc2, 0x54910af0, 0xb8a, 0x81b4, 0x0, 0x7, 0x1000, 0xaf7, 0x4, 0xaf, 0x8, 0x8, 0x800, 0x0, 0x51a85852, 0x7, 0x10, 0x7, 0x7ff, 0x1ff, 0x7fffffff, 0x8, 0x19e, 0x1000, 0x6, 0x7, 0x3, 0x0, 0x401, 0x1, 0x0, 0xe, 0x6f8677, 0xfff, 0x2, 0x5, 0x4, 0x5, 0x2c7d, 0x6, 0x6, 0x1000, 0x2, 0x101, 0xa8000000, 0x80000000, 0x81, 0x3, 0x0, 0x5314, 0x0, 0x5, 0x8, 0xc8, 0x7, 0x6, 0x8, 0x5, 0x8, 0x9, 0x8, 0x20e, 0x0, 0x7f, 0x8, 0x88, 0x0, 0x8, 0x9, 0x3, 0x1, 0x100, 0x7ff, 0x2, 0x2, 0x0, 0x8, 0x3ff, 0xb9, 0x7ff, 0xe50, 0x3, 0x3, 0x2, 0x62, 0x200, 0x1, 0x3, 0x10001, 0x7, 0x9, 0xe, 0x1, 0x9, 0x2, 0x4, 0x4, 0x6, 0x2, 0x8, 0x4, 0x3, 0x9, 0x5, 0xf20, 0xfffffffd, 0x5, 0xe73, 0x1, 0x5, 0x3, 0x1, 0xb, 0x8000, 0x5, 0x0, 0x3, 0x9, 0x1, 0x4, 0x5, 0xfff, 0x6, 0x7, 0xfff, 0xcce, 0x7ff, 0x236c55ef, 0x7, 0x0, 0x3, 0xfff, 0x3, 0x2, 0x7f, 0xa, 0x8623, 0x9]}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x4, 0x200, 0x2, 0x80, 0x9, 0x7ff, 0x19, 0x3ff, 0x6, 0x1, 0x7, 0x290f, 0xef83, 0x2, 0x7, 0x7, 0x9, 0x3, 0x5, 0x2, 0x101, 0x1, 0x7, 0xb, 0x3, 0x4, 0x4, 0x6, 0xfffffffc, 0x280, 0xfb, 0x2, 0xfffffffb, 0x4, 0x6, 0x8, 0x9, 0x3, 0x8, 0x17, 0x823, 0xf1, 0xaa93, 0x9, 0x200, 0x7, 0x4, 0x200000, 0x6, 0x7f, 0xe, 0x6, 0x7fffffff, 0x3, 0x3, 0x1, 0x81, 0x2, 0x3, 0x3, 0xb7df, 0x8000, 0x3ff, 0x2, 0x80000001, 0xfffffffb, 0x4, 0x1000, 0x101, 0x8, 0xfffffffd, 0x5, 0x1, 0x80000000, 0x1, 0xe9c, 0x7, 0x0, 0x5d, 0x3f6, 0x7f, 0x800, 0x9, 0x8, 0x81, 0x9, 0x9, 0x1, 0x5, 0x0, 0x5, 0x100, 0x40, 0x9, 0x7, 0xde, 0x1, 0x1, 0xce34, 0x495, 0x5, 0x6, 0x2, 0x1, 0x5, 0xdb, 0x11, 0x6dd4, 0x5, 0xfffffffd, 0xad20, 0x8, 0x8, 0x80, 0xe, 0x8, 0x3, 0x1ff, 0x7fff, 0x6, 0x9, 0x8, 0x80000000, 0x3, 0xa, 0x3, 0x61, 0x401, 0x7, 0x4, 0x6, 0xb32, 0x1, 0x1, 0xe6, 0x200000, 0x0, 0x5, 0x100, 0x70000000, 0x0, 0x9, 0xffff, 0x9, 0x3894, 0x8, 0x8, 0x0, 0x1, 0x5, 0x9, 0x400, 0x61f, 0x4, 0x3, 0x27, 0x6, 0x8001, 0x6, 0x7f, 0xffffffff, 0x80, 0x3, 0x7ebb, 0x1, 0x800, 0x1, 0x6, 0x90000000, 0x9, 0x8a1d, 0x545, 0x800, 0x85, 0x7ff, 0xfffff001, 0xe, 0x9, 0x8, 0xfffffffc, 0x401, 0x7, 0x2, 0xb2, 0x0, 0x0, 0x3, 0x100000, 0x7fffffff, 0x6, 0x0, 0x4, 0xfffffbff, 0x4, 0x3, 0x3ff, 0x0, 0x80000001, 0x7f, 0x3, 0x7b45, 0x7, 0x8, 0x8, 0x9, 0xf, 0x8, 0x3, 0x4, 0x6, 0x7, 0x8, 0xb, 0x6d5, 0x3, 0x100007, 0x0, 0x40, 0x1, 0xd46c, 0x4, 0xc1, 0x882, 0x2, 0x0, 0x1, 0x1, 0x7, 0x10, 0x5, 0x4, 0xfffffff6, 0xc14, 0x6d, 0xffff8000, 0xfffffffe, 0x7, 0xffffffff, 0x8, 0xd2e, 0x4, 0x0, 0x3ff, 0x1, 0x7, 0x1, 0x9, 0x80, 0x1, 0x17cc, 0x5, 0x5, 0x80000001, 0x1, 0x3]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x52}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x6, 0x9, 0x7ff, 0xb, {0x1, 0x0, 0x4, 0x5, 0x4, 0x10}, {0x4, 0x1, 0x3ff, 0x2ae, 0x1, 0x1}, 0x0, 0x0, 0x2}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x1000}, @TCA_POLICE_RESULT={0x8, 0x5, 0xce}, @TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x4, 0x0, 0xf, 0x9c, {0x5, 0x0, 0x7f, 0xfffd, 0x9, 0x8}, {0xa1, 0x1, 0x93e, 0x101, 0x8, 0x2d1}, 0x6, 0xa9}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x10000, 0x3, 0xee09, 0x4, 0x7, 0x80, 0x4, 0x8000, 0x8, 0x27, 0x8, 0x0, 0x8, 0x6, 0x5, 0x2, 0x9, 0xad, 0x0, 0x4, 0x101, 0x6a9b1220, 0x4, 0xcb, 0x0, 0x4, 0x3, 0x6, 0x2, 0x5, 0x47, 0x0, 0x9, 0x2, 0x1ff, 0x730e, 0x8, 0x3, 0xe, 0x3, 0x0, 0x6e3, 0x4, 0x100, 0x9, 0x6, 0x7, 0x2, 0x3, 0x2, 0x100, 0x46, 0x40000000, 0x5, 0x1, 0xc, 0xffff, 0x400, 0x10000, 0xd8, 0x7, 0xaac, 0x1, 0xfffffffa, 0xf, 0x101, 0x1, 0x5, 0x3, 0x1000, 0x75, 0x29bf, 0x8000, 0xe1f, 0x6253, 0xa, 0x8001, 0xb1, 0x87, 0xfa4, 0x10000, 0x3, 0x6, 0x1, 0x5, 0xe0, 0x6, 0x7, 0x7, 0x5, 0x2, 0xfffffe00, 0x3, 0x26da, 0x7, 0xffff8001, 0x0, 0xe29e, 0x1, 0x8a, 0x4, 0x800, 0x2, 0x3, 0x7, 0x4bfc, 0xb, 0x8000, 0x9, 0x200, 0x2, 0x80, 0x8, 0x5, 0x8, 0x676ebe46, 0x8, 0xffff67c4, 0x1, 0x90, 0x240, 0x8, 0x8, 0x9, 0x9, 0x4, 0x5, 0x0, 0x1ff, 0xf, 0x9, 0x80000001, 0x219, 0x0, 0x5, 0x1d7, 0xffffff58, 0x0, 0x0, 0xc, 0xaf1, 0xffffffdf, 0x0, 0x0, 0x4, 0xe9e, 0x7fff, 0xcb, 0x1baa, 0x7fff, 0x7, 0x3c91, 0x4, 0x6cf, 0x9, 0x8, 0x221, 0x1, 0xb, 0x8, 0x0, 0x1, 0x3, 0xb, 0xfffffff7, 0x4f8930a7, 0x84, 0x9, 0x9, 0xccc7, 0x6f24, 0xfffffffe, 0x2, 0x6, 0xb86, 0x0, 0x101, 0xba11, 0x3, 0xa1d, 0x40, 0x0, 0x2, 0x3ff, 0x4, 0x7, 0x1, 0x3, 0x10001, 0x2, 0xa8e4, 0x7, 0x401, 0x9, 0x26, 0x0, 0x5, 0x80000000, 0x3, 0x3, 0xe, 0x0, 0x0, 0x9, 0xb, 0x66b, 0xffff, 0x4, 0x0, 0x6, 0x8, 0x7, 0x200, 0xa000, 0x6c, 0x3d, 0xffffff01, 0x200, 0x16d, 0x8001, 0x3b, 0x16, 0x80, 0x9, 0x3, 0xd376, 0x6d05, 0xd, 0xffff, 0x1, 0x9, 0x4, 0x7, 0x0, 0x22, 0xd, 0x5, 0x0, 0x1, 0x8, 0x26b, 0x59b6, 0x0, 0x6, 0x7fff, 0x91, 0x3, 0x4, 0x8, 0x8001, 0xe1f, 0x3, 0xb439, 0x1000, 0x5, 0x6]}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x7196}]}, 0xd14}}, 0x4010)
r9 = syz_io_uring_setup(0x7cec, 0x0, &(0x7f0000000180)=<r10=>0x0, &(0x7f0000000880)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r9, 0x708, 0x41e3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, &(0x7f0000000300)="1dc25645f4b230d1d8f005824c78ba746fd985a21b98b3e5e43365af3265c79d6c4ebbe9e141adc8175e5324bf3d689f7135bde2f706ee8025b986b0dcf5092de087fe86", 0x4}, 0x50)
socket$inet6_tcp(0xa, 0x1, 0x0)

3.268617897s ago: executing program 1 (id=2556):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
fanotify_init(0x20, 0x101001)
r4 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
ioctl$TCFLSH(r4, 0x540b, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
quotactl_fd$Q_QUOTAON(0xffffffffffffffff, 0x80000603, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$can_bcm(0x1d, 0x2, 0x2)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d1bf91b4d090955f70e06d038e7ff7fc6e5539b0d3f0e8b089b3f35076e090890e0878f0e1ac6e7049b3346959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x96d)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x120, 0x0)

2.917579711s ago: executing program 5 (id=2558):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x8000000}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03000000000000000000020000000900020073797a310000000008000340000000010900010073797a30"], 0x34}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0x7}, 0x20)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1f, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007e00009c0095000000000000"], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000134000000140a03000000000000000000020000000900010073797a300000000008000340000000010900010073797a3000000000140000001100010000000000000000000000000a"], 0x98}}, 0x0)
syz_open_dev$vivid(&(0x7f0000000000), 0x0, 0x2)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'nicvf0\x00', 0x10})
write$cgroup_int(r4, &(0x7f00000000c0)=0x10001, 0x12)

2.570354105s ago: executing program 5 (id=2559):
fsopen(&(0x7f0000000000)='ubifs\x00', 0x1)

2.570089745s ago: executing program 5 (id=2560):
openat$binderfs(0xffffff9c, &(0x7f0000000740)='./binderfs/custom0\x00', 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/freeze_filesystems', 0x149882, 0x8)
write$sysctl(r0, &(0x7f0000000040)='6\x00', 0x2)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="40000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="000000000000d6db140012800b00010067656e6576650000040002800b0001"], 0x40}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xe1}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x4008000)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000480)={'sit0\x00', &(0x7f00000005c0)={'gretap0\x00', <r5=>0x0, 0x7800, 0x10, 0x498c, 0x0, {{0x39, 0x4, 0x1, 0x22, 0xe4, 0x68, 0x0, 0x9, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0xd}, @multicast2, {[@timestamp_prespec={0x44, 0x24, 0x2c, 0x3, 0xd, [{@local, 0xffffffff}, {@multicast2, 0xfe}, {@remote, 0x2}, {@rand_addr=0x64010100, 0x3}]}, @end, @timestamp_prespec={0x44, 0x1c, 0x53, 0x3, 0xe, [{@multicast1, 0x7}, {@broadcast, 0x5}, {@empty, 0xd}]}, @cipso={0x86, 0x7b, 0x2, [{0x7, 0x10, "d7c1825abfe6713973f51b072524"}, {0x7, 0x8, "8391e4dcb800"}, {0x7, 0x2}, {0x1, 0x9, "6ea867419e76ec"}, {0x6, 0xf, "7f4de9e4839a283e0d63cc7608"}, {0x7, 0x12, "12250ec784c3d7ce915e4cd77bcdad4f"}, {0x0, 0x10, "7d79813eb96e868a1248ce417688"}, {0x0, 0x11, "d61b6ad81bdf7e5142fb3b92cd5989"}, {0x6, 0x6, "e9888711"}, {0x2, 0xa, "41102938109b27dd"}]}, @timestamp_addr={0x44, 0x14, 0xc7, 0x1, 0x6, [{@multicast1, 0x2}, {@multicast1, 0x6}]}]}}}}})
sendmmsg$inet(r2, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000340)="5cdb03796670ea53f4034bf26e9ce2e11a5bc3f2d0b31806ae603328d7e3067c4bbc7f497b021aec4e322879c400077c6bc5d93c7944ebcd59188249c4517d6130dccec429a96f", 0x47}, {&(0x7f00000003c0)="61976bdd210669a789962b51778ccd8e49208a0ce4b65ad0050e59b9130af7112a44f9b5b475746450d146906cce8eb28fa5e72a0f6530891510deba5da1e52dcaa88bb77a83885e4c164a3b64aaaf3172dafa768cffe8758f726330184b0c76388c5c14e0d54ea63f3ce6771f962027450a48de5697806fa71982577af358f895a0a7ebff2b3cfa19a8285e698b9f4d5358c9c6bcf682f93d30f32f8624ffc3451f37", 0xa3}], 0x2, &(0x7f00000004c0)=[@ip_tos_u8={{0xd, 0x0, 0x1, 0xc}}, @ip_ttl={{0x10, 0x0, 0x2, 0x7ff}}, @ip_tos_int={{0x10, 0x0, 0x1, 0xa3}}, @ip_ttl={{0x10, 0x0, 0x2, 0x10}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x8}}, @ip_tos_int={{0x10, 0x0, 0x1, 0xb}}, @ip_pktinfo={{0x18, 0x0, 0x8, {r5, @private=0xa010101, @multicast2}}}, @ip_tos_int={{0x10}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x11}}], 0x98}}], 0x1, 0x24048040)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRESHEX, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r2, @ANYRESHEX=r3, @ANYBLOB="e1d2546597c72d7e36cb812fef7250fb2dd9b7993d4f77081ba1f38573eda2cd0372239c8c90389792b9a0bee6187c57fd315e5285921cc4da7eccd029e1b56c7199f9daf354fbc7a43d14cb1d9ff2b345a9fc5638fb745eafff93f63f28faba17077d4e706dfe9129e6dd52ec0de067855067f6c803c7df18f3be63df90f9653f4c"], 0x90}, 0x1, 0x0, 0x0, 0x20000880}, 0x40c0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000580), 0x1, 0x100)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r6, 0xc0045520, &(0x7f0000000080)=0xffffbf7f)
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$vhost_msg_v2(r7, &(0x7f00000003c0)={0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x48)
r8 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(r8, 0x2)
r9 = open(&(0x7f0000000180)='.\x00', 0x10000, 0x0)
flock(r9, 0x1)
flock(r9, 0x2)
close(r8)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)

2.378110204s ago: executing program 2 (id=2562):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1b)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000000c0))
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x802, 0x0)
syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x40002)
close(0x3)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20)
syz_clone(0x23845480, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff}, 0x84000)
r3 = openat$vcsu(0xffffff9c, &(0x7f00000001c0), 0x141000, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, r0, {<r5=>0x0, 0xffffffffffffffff}}, './file0\x00'})
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}, {@euid_lt={'euid<', r4}}, {@uid_eq={'uid', 0x3d, r5}}, {@measure}]}})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = syz_io_uring_setup(0x890, &(0x7f00000003c0)={0x0, 0x40aee2, 0x80, 0x2, 0xbfdffff4}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x2040}})
io_uring_enter(r7, 0x47f6, 0x0, 0x2, 0x0, 0x0)

2.377687739s ago: executing program 1 (id=2564):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f00000000c0)=ANY=[@ANYBLOB="0006040000000000fc02000000000000000000000000000000000001"], 0x38)

2.377361954s ago: executing program 1 (id=2565):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(0xffffffffffffffff, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x19b1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000006})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x2, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000340)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r4, 0xc0b45545, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000440), 0x0)
accept4$alg(r5, 0x0, 0x0, 0x80000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000280)='./file0\x00')
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(&(0x7f0000001540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file0\x00')
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

2.299449873s ago: executing program 4 (id=2567):
ioprio_get$pid(0x2, 0x0)

2.299253563s ago: executing program 4 (id=2568):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6c000000020603000000000000000000000000000e0003006269746d61703a697000000005000400000000000900020073797a310000000024000780e100018014000240ff010000000000000000000000000001080008000000002405000500020000000500010006000000"], 0x6c}, 0x1, 0x0, 0x0, 0x4810}, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"})
r3 = syz_open_pts(r2, 0x0)
r4 = dup(r3)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x3)
dup3(r2, r4, 0x0)
getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000140)=0x14)
setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x4, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000000c0), 0x12)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)
socket$netlink(0x10, 0x3, 0x6)

2.205788895s ago: executing program 4 (id=2569):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
dup3(r2, r1, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r3, 0x0)
ppoll(&(0x7f0000000000)=[{r3, 0x200}], 0x1, &(0x7f00000002c0)={0x0, 0x989680}, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000200)=[@acquire, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000380)={0x44, 0x0, &(0x7f00000005c0)=[@reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x4, 0x0, &(0x7f0000000640)="212d9088"})
read$msr(r0, 0x0, 0x0)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2f, &(0x7f0000000340)="1f000000", 0x4)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x224})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})

1.770490012s ago: executing program 4 (id=2570):
r0 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000d00)=[{{&(0x7f0000000480)=@file={0xfd, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f00000005c0)=[@rights={{0x10, 0x1, 0x1, [r1]}}, @cred={{0x18, 0x1, 0x2, {r0}}}], 0x28, 0x4010}}], 0x1, 0x20000000)

1.769969097s ago: executing program 4 (id=2571):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r2=>0x0})
sendmsg$can_j1939(r1, &(0x7f00000002c0)={&(0x7f00000000c0)={0x1d, r2, 0x2, {0x2, 0x1, 0x2}, 0xfd}, 0x18, &(0x7f0000000100)={&(0x7f0000000200)="1510fd08f6905c77f86fe98b4041b37c83613adb17bf7f406af213610780a2dc8134a17ecce21ebacd6d8629bb5e181a52eb158a44fddaf7aa49b79f5a8fa2751afdd96b134bf6fe326c3fecf9da9bf4ccda9b3b7aa398d8471806f40be26b23ff9ec3c7def74365fb02783b24b2f6ff4c0aef027259a58c35e2c20abe13bbe934fd0c00b3adcde4bb6ed2ab4363dc4084bd122ddfa7f6111cf058a627b79e88e3168f23e420c5cd06d32bf85fdea0e6b9d759b7f341", 0xb6}, 0x1, 0x0, 0x0, 0x2000000}, 0x40080)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4, 0x80010, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000004c0)=0x40, 0x4)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000b00)={{{@in=@rand_addr=0x64010102, @in=@multicast2, 0x0, 0x5, 0x0, 0x1, 0x2, 0x20, 0x10, 0x33}, {0x400000000001e, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0x9}, {0x11, 0x0, 0x80, 0xfffffffffffffffc}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in6=@local, 0x4d2, 0x32}, 0x2, @in6=@remote, 0x0, 0x3, 0x2, 0xb7, 0x0, 0x81}}, 0xe8)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x9, 0x0, 0x100000, {}, [{0x90, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffe, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4}}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x8, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000701000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61145000000000001d430000000000007a0a00fe00581c1f61144c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e28488b0522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b669615f2710eb8df39fc8c04d2c9c196fa6facfea613569a35cde6451f2edf55ce25c7d72ec7ea85a92458c0559ca3a94727d495bd4671a55a70bc544d71d8e0257707a31936f1adf224077310a86bf447ec92c650acca8c6b0721020894b06178c32f4472d17174d6eb2b067030c5d2c12583f46d2da7fba42d4083259c7cdc8bf1f4299c248865d3c809356c3ed"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="20000000111401e9ce01f3a038b11fc7c285ef3e5d6f002dbd70000000000008004a006681fb0b4eea0000000008004b00130000009185e9d9f0606ee71558811f5dcd16d473f08eb5f41240d8c24ae6b2aca55a078f7f764a3a3ecd1cdf3fa6ccc81fa85fe512298750826eda8098969867dc7cc7f6fc18a61709377e0c9a6853de06e6272698c3f801f71aa9ab4353394f64ea"], 0x20}, 0x1, 0x0, 0x0, 0x40880}, 0x24040800)
openat$nvme_fabrics(0xffffff9c, &(0x7f00000013c0), 0x402103, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x2, &(0x7f00000000c0)=ANY=[@ANYBLOB="780000050000000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1.472646989s ago: executing program 2 (id=2572):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="5c00000026006bab9a1fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038000a004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb64f69853362ac3407173ec", 0x5b}, {&(0x7f0000000000)="92", 0x1}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x30, r2, 0x1, 0x70bd26, 0x25dfdbff, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", ""]}, 0x30}}, 0x20040000)

1.451070657s ago: executing program 1 (id=2573):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebdbe429d"})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c560a06ffffff7f00000000000003ff58000b480400945f64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

1.448829291s ago: executing program 2 (id=2574):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f00000000c0)=ANY=[@ANYBLOB="0006040000000000fc02000000000000000000000000000000000001"], 0x38)

1.413255755s ago: executing program 2 (id=2575):
socket$inet6_udp(0xa, 0x2, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24004004}, 0x10)
r3 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20088004, 0x0, 0x0)
sendto$inet6(r3, &(0x7f00000009c0), 0x0, 0xc001, 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$dir(0xffffff9c, &(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x1, 0x115)
r4 = socket$nl_route(0x10, 0x3, 0x0)
write(r4, &(0x7f00000001c0)="240000005800410f9c00f4f90085b3025cb1fddf08000100050100000800028001000000", 0x24)

940.512316ms ago: executing program 1 (id=2576):
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
socket(0xa, 0x3, 0x3a)
syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x40000) (async)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff}) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
io_uring_setup(0x18e4, &(0x7f0000000300)={0x0, 0xf483, 0x2000, 0x1, 0x34c, 0x0, r1}) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000006000000040000000000009301000000002e5f615f"], 0x0, 0x2a, 0x0, 0x0, 0x1, 0x0, @void, @value}, 0x28) (async)
socket$alg(0x26, 0x5, 0x0) (async, rerun: 32)
socket$alg(0x26, 0x5, 0x0) (rerun: 32)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r2 = syz_io_uring_setup(0x94f, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x0, 0x156}, &(0x7f0000000100)=<r3=>0x0, &(0x7f00000002c0)=<r4=>0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.stat\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$unix(0x1, 0x5, 0x0)
eventfd2(0x0, 0x80800) (async)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x3, 0x0, r0, 0x0, 0x0, 0x0, 0x140})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) (async)
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

940.065119ms ago: executing program 5 (id=2577):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x1c, 0x41, 0x107, 0xfffffffc, 0x0, {0x2, 0x7c}, [@typed={0x8, 0x12d, 0x0, 0x0, @fd=r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x3, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$sr(0xffffff9c, &(0x7f0000000080), 0x68842, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0xfffffffe, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x304}, "040000000048bd00", "0dd12f0d004fcf0000e8bfff1a8600", "cf0f00", "8657e2b7e63b34e4"}, 0x28)
write$binfmt_script(r4, &(0x7f0000001300), 0x8f)
writev(r4, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f00000013c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000001380)=0x40)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000380)="ac", 0x1}], 0x1)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f00000001c0)={'gretap0\x00', r2, 0x80, 0x7, 0x1, 0x101, {{0x2d, 0x4, 0x2, 0x3, 0xb4, 0x68, 0x0, 0xfe, 0x2f, 0x0, @local, @multicast2, {[@end, @rr={0x7, 0x27, 0xaa, [@multicast2, @remote, @dev={0xac, 0x14, 0x14, 0xf}, @remote, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @local, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @noop, @ssrr={0x89, 0x1f, 0x88, [@loopback, @remote, @empty, @broadcast, @rand_addr=0x64010100, @empty, @loopback]}, @timestamp_addr={0x44, 0x14, 0xc9, 0x1, 0xe, [{@private=0xa010100, 0x8}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x100}]}, @timestamp_addr={0x44, 0x14, 0xe4, 0x1, 0x5, [{@empty, 0x7fffffff}, {@broadcast, 0x5}]}, @noop, @cipso={0x86, 0x1c, 0x1, [{0x7, 0x12, "5edbaf842454176ede720ac8340c94c7"}, {0x5, 0x4, "ac4e"}]}, @timestamp={0x44, 0x8, 0x5c, 0x0, 0x7, [0x1]}, @generic={0x88, 0xa, "0e81a33cecd22917"}]}}}}})

938.385275ms ago: executing program 2 (id=2578):
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'veth0_to_batadv\x00', &(0x7f0000000180)=@ethtool_channels={0x3d, 0x9, 0x9, 0x83, 0xfff, 0x5, 0x3c, 0x3, 0x5}})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab08", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r3, 0x0, 0x2, &(0x7f0000000180)={0xfffc, [0xffffffff, 0x10000]}, 0x10)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$fuse(0x0, 0x0, 0x0, 0x100000, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
setpgid(r5, 0x0)
r6 = getpgid(r5)
setpgid(0x0, r6)
open$dir(&(0x7f0000000000)='./file1\x00', 0xda080, 0x29)

938.071894ms ago: executing program 5 (id=2579):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001500b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
syz_clone(0x11, 0x0, 0xf0, 0x0, 0x0, 0x0)

913.142818ms ago: executing program 1 (id=2580):
r0 = syz_open_dev$vim2m(&(0x7f0000000b00), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000180)={0x29, 0x1, 0x0, "732283ef1acb5aa7abe50000000009be908100"})
socket$kcm(0x10, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0xdf}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0xc4}, 0x10000800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, 0x0, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2d, 0x0, 0x0, 0xcbf, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, 0x700, 0x8, 0x101, 0xd66}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x2, 0x4038a09, 0x4, @loopback={0xe0}, @mcast2={0xff, 0x5}, 0x0, 0x0, 0x0, 0x5}})
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)

850.295302ms ago: executing program 5 (id=2581):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x1)
r4 = socket$unix(0x1, 0x5, 0x0)
close(r1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0xc, 0x2, [@TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0x1, 0x3}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0xfffffffa}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4080}, 0x40)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$bt_BT_SECURITY(r6, 0x112, 0x4, 0x0, 0x0)

848.447923ms ago: executing program 4 (id=2582):
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x0, 0xee00}}, './file0\x00'})
quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000201, 0x0, &(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000280)='./file0\x00', 0x88)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f0000000000)="9f966a69e0c79f8db7726506e15be47e9ff08ffd731111e4070de666e6f8d0280fdb08bea212adaf3c964ecaa3e587ffd39be6ee69696885b468e597a0", &(0x7f0000000040)="666cf60b03b19d5d1f97f60aea9af8e6f270afcc91e4a6acc0010056660a6bcb566710058c45d16b016b625d93618c1abbd9e1161ddba7550df1da4344c298d91fb80797d224b40bea52b7ea50595ab7a6bb6880f852bdc8a1144dc3709eb3f9a787663943ab23ea0f5e347b3326f020e8981da431b68ddc3565ca6394aae7b320cd4f5eb175401ffdc218009f5eab40d432a69d9d2d25e2cf85e1fa5a"}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
io_setup(0x281, &(0x7f0000000100)=<r1=>0x0)
io_pgetevents(r1, 0x1, 0x1, &(0x7f0000000000)=[{}], 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000600)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o84I\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HO\x00\x00\x00\x00R\xfc\xcb%u3\xec\xde%\x9d\xe4\x1d\rD\x82S\x17?\xd6\xb1\x9aF\xe2\xba[\xc7QR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11\x17\xd8\xda@4\x9f\xc5*T\x1e^\xf7o\xff\xff\xff\xffwI\x02\xf3\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\xa5\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\xae\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x92\xaf\xad\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\xf1\x1b\xe6\xb9\xe7\xff\xc5H\x04\x93\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94\xfe2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[z\xb6>\xd3\xe7Y*\xdb\xa7h\nt\xddP\n\xc5\xeb\xb1ux\x94@\x00\x00g\x02D9\x83\xa7\x97\xf4\xb25wL\x97\xfb\xb9\xccj\xb3\x96\xc1@\xee`{\x87\xa8]\x96\x9cjF^+\xcc1l\xcbmA,5\xc4J\xcab\xa6\x91\xa0\xeaU\x92\x01\x1f,\xfa\x10\"+\x01\x00\x91\xe9\x1cz\xd1f\x901\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00o\"\x85Np\xba\x0e<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb8V\xe4\xa1C\x90\x17\xcc{\x9d\xf1\xbd\xb0\xca\x03\x96\x85h}\x8f\x1c)X\xc83rA\x90r\xb6\xba!;\x95\xaf\xe0\xcb\xec\xcd$\x02f\x8c4\x1aH\x8fC\xbfr\xd39\x92\x1fShu\x9e\b\xd4m\xa8\x16\xa6\xd5\xae\xcb\x03oFQ\"\xf7F\xb7\vp\xb6\xe5\x92\xe2O}.\x95A\x9bH\x8d\xa1\x80\x1b\x14u\xfdK\xce\xaf\x94i\xf1s\xf7\xb8Jq\xcb3=M\x84\x7f\x181/\x9bQ|4\xaf\xcf\r\xcfz Z\x19\xad_\x13\x99\xf7\xfdOD\xd3\x9d\x9d\xb8d5g\xf1\x84\xbd\xe5\xa2\xb3\xda\x82\x10n1\xed\xba\xe3\x96\x85\"\xb6\xa6n\xe7\xfd\xd4\a\x97\x85\x810/\xc4o\x11\xc8\x1b\xc0\f\xeec\xa4\x7f|P\x00\x00\x00\x000p\xaf\xfdk\xac\xcc\xac`\xc9\a<\xadIt\x9b\xeb\x8a\xfe\x9b\aO\xa5?h\xe1B\xa8C\x8e;/\xa8\x94\x1bs\xf0\xa9>\x9e\xff\xc9\xd2\x00h\xcb\xfb\xb6Y\xbfp\xd8\x90\x96\xec\x83N\x8bNnx\xb6\x16Y\xf8sU\xae\xa0\b\x8cLq\n\x1f\x99t\xb6\xffozu\xa0B(\xe9?\xcdA\xba\xa8\x13Qc\xda\x16?\xe8z\x8f\x862!\xbf\xa4\xb8\x9bC\xe9Od\xe8\xd32m\x06RX\x7f\xf7\xc2\n\x94\xe5P:l\xd9\xd5\xbd\rH6-\x8a\x12m\xff\xe9\xa0\r\tk\xda\xa4q(\xae\\\xb6\x14I\xf7\xe0z\xf1<cN\xb6p\xd5\rb\xfa\xdf\v\x00X9\xcd\xb2\xfaF\xb9\xaf\x88X\xbc', 0x0)
io_submit(r1, 0x1, &(0x7f0000000a00)=[&(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0}])
timer_create(0x6, &(0x7f0000000380)={0x0, 0x0, 0x0, @thr={&(0x7f0000000240)="48218a4adb8473d2e3e114531ee89cbea6627bc4d635da9fe059846b3b52d8af368d037b3bf2e17199ec92c15d9044f0fcba95f07134a4a7cfe7df898be99c91b2db72429a9c9938dcf987dd675241b7ad7e2bea5851ad8ec3793dcf72c335b55e948266c34824de3781421d4a34f7776a76d182bd34816005ca6eedcd1c92bb67fe6c0262a7b052771b958ff1afcc6373e1bad5dc922200f8609b48", &(0x7f0000000300)="1869cb9ad2887221047065b8a8e503f412f1dde89a96b8655c9f387f360a6875d11fbcff64d917a1808f6b57cb4c0152300f1990a8204469d51b4351f8bf"}}, &(0x7f00000003c0)=<r3=>0x0)
timer_gettime(r3, &(0x7f0000000400))
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xc)
setsockopt$MRT6_INIT(0xffffffffffffffff, 0x29, 0xc8, &(0x7f0000000500), 0x4)
mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r4, 0x112, 0x7, 0x0, &(0x7f0000000a00))
mremap(&(0x7f0000386000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000256000/0x4000)=nil)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r6=>0x0})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0xe4140, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r6, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000600)={{'fd', 0x3d, r9}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@default_permissions}]}})

0s ago: executing program 2 (id=2583):
r0 = syz_open_dev$video4linux(&(0x7f0000000240), 0x148, 0x450400)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x0, 0x3011, 0x7, 0x0, 0x0, 0x0, 0x2}})
r1 = socket$inet6(0xa, 0x3, 0xff)
flock(r1, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000001180)=@filter={'filter\x00', 0x2, 0x4, 0x32c, 0xffffffff, 0x0, 0x190, 0x0, 0xfeffffff, 0xffffffff, 0x264, 0x264, 0x264, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [], 'macsec0\x00', 'bond_slave_0\x00', {}, {}, 0x6, 0x0, 0x1, 0x48}, 0x2f2, 0xa4, 0xc8}, @common=@inet=@SYNPROXY={0x24}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [], [], 'sit0\x00', 'dvmrp0\x00'}, 0x0, 0xa4, 0xc8}, @common=@inet=@TCPMSS={0x24}}, {{@uncond, 0x0, 0xa4, 0xd4}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x1, 0x6, 0x7}, {0x1, 0x3}, 0x10, 0xffff}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x388)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x354, 0x0, 0x11, 0x148, 0x0, 0x0, 0x2c0, 0x2a8, 0x2a8, 0x2c0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1c0, 0x208, 0x4003, {}, [@common=@inet=@hashlimit2={{0x150}, {'ip6_vti0\x00', {0x9, 0x3, 0x13, 0x3ff, 0x8, 0x6, 0x80000001, 0x18, 0x8}, {0x7}}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x5}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00', {0xff}, {}, 0x0, 0x0, 0x1}, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x1, 0x4, {0x100}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x3b0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newtaction={0x68, 0x30, 0x871a15abc695fa3d, 0x0, 0x25dfdbfc, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x5, 0x9, 0x5, 0x9, 0x10001}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x50}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x68}}, 0x0)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f00000000c0)=ANY=[@ANYBLOB="0006040000000000fc02000000000000000000000000000000000001"], 0x38)

kernel console output (not intermixed with test programs):

audit(1748988911.790:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.1.1269" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  216.751389][   T40] audit: type=1326 audit(1748988911.790:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.1.1269" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  216.759118][   T40] audit: type=1326 audit(1748988911.790:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.1.1269" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  216.765956][   T40] audit: type=1326 audit(1748988911.790:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.1.1269" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  217.237007][T10322] @: renamed from vlan0 (while UP)
[  217.877635][T10336] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1277'.
[  218.801376][T10361] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  219.177553][T10372] o2cb: This node has not been configured.
[  219.179925][T10372] o2cb: Cluster check failed. Fix errors before retrying.
[  219.182169][T10372] (syz.3.1286,10372,3):user_dlm_register:674 ERROR: status = -22
[  219.184687][T10372] (syz.3.1286,10372,3):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[  221.119121][T10417] netlink: 'syz.3.1297': attribute type 10 has an invalid length.
[  221.122611][T10417] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1297'.
[  221.165689][T10420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1298'.
[  221.170832][T10422] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1299'.
[  221.218783][T10420] binder: 10419:10420 ioctl c0306201 80000540 returned -14
[  221.816490][   T24] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  221.986481][   T24] usb 8-1: Using ep0 maxpacket: 8
[  221.989663][   T24] usb 8-1: config 179 has an invalid interface number: 65 but max is 0
[  221.992259][   T24] usb 8-1: config 179 has no interface number 0
[  221.994587][   T24] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  222.006484][   T24] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  222.010113][   T24] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9
[  222.013583][   T24] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024
[  222.026480][   T24] usb 8-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  222.030611][   T24] usb 8-1: config 179 interface 65 has no altsetting 0
[  222.032681][   T24] usb 8-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  222.035492][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.063995][   T24] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:179.65/input/input18
[  222.106715][ T5343] input input18: unable to receive magic message: -110
[  222.113638][ T5343] input input18: unable to receive magic message: -32
[  222.123290][ T5343] input input18: unable to receive magic message: -32
[  222.127220][ T5343] input input18: unable to receive magic message: -32
[  222.225684][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1309'.
[  222.245081][T10454] binder: 10453:10454 ioctl c0306201 80000540 returned -14
[  222.271167][T10430] input input18: unable to receive magic message: -32
[  222.281628][T10430] netlink: 'syz.3.1302': attribute type 4 has an invalid length.
[  222.284132][T10430] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1302'.
[  222.295594][   T24] usb 8-1: USB disconnect, device number 4
[  222.295650][    C2] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  222.301597][   T24] xpad 8-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  222.391588][T10465] netlink: 768 bytes leftover after parsing attributes in process `syz.0.1311'.
[  223.105767][T10481] netlink: 'syz.3.1315': attribute type 10 has an invalid length.
[  223.157239][T10481] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1315'.
[  223.182420][T10481] team0: Port device geneve0 added
[  223.324032][T10487] binder_alloc: 10485: pid 10485 spamming oneway? 1 buffers allocated for a total size of 4096
[  223.329318][T10487] binder_alloc: 10485: pid 10485 spamming oneway? 2 buffers allocated for a total size of 5120
[  223.797179][T10504] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1322'.
[  224.514633][T10515] binder: 10514:10515 ioctl c0306201 80000080 returned -22
[  224.557661][T10515] binder: 10514:10515 ioctl 4018620d 0 returned -22
[  224.593816][T10520] binder: 10519:10520 ioctl c0306201 80000080 returned -22
[  224.638256][T10520] binder: 10519:10520 ioctl 4018620d 0 returned -22
[  224.641138][T10520] FAULT_INJECTION: forcing a failure.
[  224.641138][T10520] name failslab, interval 1, probability 0, space 0, times 0
[  224.645285][T10520] CPU: 3 UID: 0 PID: 10520 Comm: syz.0.1326 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  224.645300][T10520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  224.645307][T10520] Call Trace:
[  224.645312][T10520]  <TASK>
[  224.645317][T10520]  dump_stack_lvl+0x16c/0x1f0
[  224.645332][T10520]  should_fail_ex+0x512/0x640
[  224.645347][T10520]  ? fs_reclaim_acquire+0xae/0x150
[  224.645362][T10520]  ? tomoyo_encode2+0x100/0x3e0
[  224.645373][T10520]  should_failslab+0xc2/0x120
[  224.645385][T10520]  __kmalloc_noprof+0xd2/0x510
[  224.645403][T10520]  ? d_absolute_path+0x136/0x1a0
[  224.645418][T10520]  tomoyo_encode2+0x100/0x3e0
[  224.645431][T10520]  tomoyo_encode+0x29/0x50
[  224.645442][T10520]  tomoyo_realpath_from_path+0x18f/0x6e0
[  224.645459][T10520]  tomoyo_path_number_perm+0x245/0x580
[  224.645476][T10520]  ? tomoyo_path_number_perm+0x237/0x580
[  224.645494][T10520]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  224.645526][T10520]  ? find_held_lock+0x2b/0x80
[  224.645537][T10520]  ? hook_file_ioctl_common+0x145/0x410
[  224.645557][T10520]  ? __fget_files+0x20e/0x3c0
[  224.645572][T10520]  ? fput+0x20/0xf0
[  224.645585][T10520]  security_file_ioctl_compat+0x9b/0x240
[  224.645598][T10520]  __ia32_compat_sys_ioctl+0xc3/0x370
[  224.645614][T10520]  __do_fast_syscall_32+0x7c/0x3a0
[  224.645627][T10520]  do_fast_syscall_32+0x32/0x80
[  224.645639][T10520]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  224.645652][T10520] RIP: 0023:0xf7f35579
[  224.645661][T10520] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  224.645672][T10520] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  224.645683][T10520] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000c00c6211
[  224.645690][T10520] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  224.645697][T10520] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  224.645703][T10520] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  224.645709][T10520] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  224.645722][T10520]  </TASK>
[  224.645733][T10520] ERROR: Out of memory at tomoyo_realpath_from_path.
[  225.529578][T10534] Invalid ELF header type: 0 != 1
[  225.684930][   T40] kauditd_printk_skb: 415 callbacks suppressed
[  225.685152][   T40] audit: type=1326 audit(1748988920.750:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  225.736604][   T40] audit: type=1326 audit(1748988920.750:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  225.743720][   T40] audit: type=1326 audit(1748988920.750:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  225.751139][   T40] audit: type=1326 audit(1748988920.760:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  225.757841][   T40] audit: type=1326 audit(1748988920.760:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  225.764579][   T40] audit: type=1326 audit(1748988920.760:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  225.771830][   T40] audit: type=1326 audit(1748988920.760:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  225.779579][   T40] audit: type=1326 audit(1748988920.760:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  225.786163][   T40] audit: type=1326 audit(1748988920.760:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  225.794121][   T40] audit: type=1326 audit(1748988920.760:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10544 comm="syz.0.1332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  226.195835][T10557] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1337'.
[  227.644417][T10595] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1347'.
[  228.288543][ T5949] Bluetooth: hci3: Malformed HCI Event
[  228.911530][T10646] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1364'.
[  228.935726][T10646] binder: 10645:10646 ioctl c0306201 80000540 returned -14
[  229.078083][T10650] 9pnet_virtio: no channels available for device ./file0/file0
[  229.235739][ T5955] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  229.277973][ T5955] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  229.281121][ T5955] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  229.284183][ T5955] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  229.286863][ T5955] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  229.291129][T10654] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1367'.
[  229.347433][T10654] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  229.590717][T10652] chnl_net:caif_netlink_parms(): no params data found
[  229.688750][T10652] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.691155][T10652] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.693581][T10652] bridge_slave_0: entered allmulticast mode
[  229.697933][T10652] bridge_slave_0: entered promiscuous mode
[  229.701164][T10652] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.703497][T10652] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.705779][T10652] bridge_slave_1: entered allmulticast mode
[  229.708525][T10652] bridge_slave_1: entered promiscuous mode
[  229.740465][T10652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  229.745015][T10652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  229.746316][T10675] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1373'.
[  229.785424][T10652] team0: Port device team_slave_0 added
[  229.789183][T10652] team0: Port device team_slave_1 added
[  229.815238][T10678] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1374'.
[  229.827959][T10652] batman_adv: batadv0: Adding interface: batadv_slave_0
[  229.830412][T10652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.839099][T10652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  229.844162][T10652] batman_adv: batadv0: Adding interface: batadv_slave_1
[  229.848197][T10652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.856547][T10652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.902434][T10652] hsr_slave_0: entered promiscuous mode
[  229.904749][T10652] hsr_slave_1: entered promiscuous mode
[  229.906970][T10652] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  229.909333][T10652] Cannot create hsr debugfs directory
[  229.936705][T10675] Bluetooth: MGMT ver 1.23
[  230.099455][T10700] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1382'.
[  230.107974][T10652] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  230.121718][T10652] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  230.135102][T10700] binder: 10697:10700 ioctl c0306201 80000540 returned -14
[  230.138470][T10652] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  230.151575][T10652] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  230.180442][T10652] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.182749][T10652] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.185139][T10652] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.187401][T10652] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.198219][T10707] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1385'.
[  230.222032][T10652] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.238716][T10710] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1387'.
[  230.266925][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.287644][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.335933][T10652] 8021q: adding VLAN 0 to HW filter on device team0
[  230.383809][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.386072][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.409544][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.411593][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.496022][T10721] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.734784][T10721] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.813090][T10652] 8021q: adding VLAN 0 to HW filter on device batadv0
[  230.881830][T10737] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  230.927988][T10721] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.098870][T10721] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.155240][T10652] veth0_vlan: entered promiscuous mode
[  231.163901][T10652] veth1_vlan: entered promiscuous mode
[  231.181512][T10652] veth0_macvtap: entered promiscuous mode
[  231.186861][T10652] veth1_macvtap: entered promiscuous mode
[  231.195666][T10652] batman_adv: batadv0: Interface activated: batadv_slave_0
[  231.201828][T10652] batman_adv: batadv0: Interface activated: batadv_slave_1
[  231.211542][T10721] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.215003][T10652] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.218631][T10652] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.222644][T10652] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.226377][T10652] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.236365][T10721] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.249867][T10721] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.258400][T10721] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.298317][   T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.305380][   T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.328871][ T1248] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.332916][ T1248] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.466770][ T5949] Bluetooth: hci0: command tx timeout
[  231.713350][T10763] xt_CT: You must specify a L4 protocol and not use inversions on it
[  231.728712][T10763] netlink: 'syz.2.1397': attribute type 32 has an invalid length.
[  231.739810][T10763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1397'.
[  231.751402][T10751] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1394'.
[  231.754375][T10751] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1394'.
[  231.754404][T10763] netlink: 'syz.2.1397': attribute type 32 has an invalid length.
[  231.771624][T10760] input: syz0 as /devices/virtual/input/input19
[  231.803731][   T54] Process accounting resumed
[  231.803912][T10751] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1394'.
[  231.809209][T10751] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1394'.
[  231.833015][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  231.833025][   T40] audit: type=1800 audit(1748988926.900:1512): pid=10768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1398" name="bus" dev="tmpfs" ino=1839 res=0 errno=0
[  231.852621][T10751] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1394'.
[  231.855432][T10751] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1394'.
[  231.896372][T10776] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1400'.
[  231.911400][T10764] could not allocate digest TFM handle cbcmac-aes-neon
[  232.550061][T10795] input: syz0 as /devices/virtual/input/input20
[  232.637769][T10798] netlink: 'syz.1.1406': attribute type 1 has an invalid length.
[  233.250742][T10806] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1409'.
[  233.536585][ T5949] Bluetooth: hci0: command tx timeout
[  233.834749][   T40] audit: type=1326 audit(1748988928.900:1513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.1415" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  233.931530][   T40] audit: type=1326 audit(1748988928.910:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.1415" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  233.938641][   T40] audit: type=1326 audit(1748988928.910:1515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.1415" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  233.946141][   T40] audit: type=1326 audit(1748988928.910:1516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.1415" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  233.953024][   T40] audit: type=1326 audit(1748988928.910:1517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.1415" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  233.959772][   T40] audit: type=1326 audit(1748988928.910:1518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.1415" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  233.966312][   T40] audit: type=1326 audit(1748988928.910:1519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.1415" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  233.973429][   T40] audit: type=1326 audit(1748988928.910:1520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.1415" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  233.980458][   T40] audit: type=1326 audit(1748988928.910:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.1415" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  234.879001][T10854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1422'.
[  235.062855][T10866] netlink: 'syz.1.1426': attribute type 12 has an invalid length.
[  235.256622][T10869] input: syz1 as /devices/virtual/input/input21
[  235.258824][T10869] input: failed to attach handler leds to device input21, error: -6
[  235.285807][T10869] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(15)
[  235.288001][T10869] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  235.290849][T10869] vhci_hcd vhci_hcd.0: Device attached
[  235.296004][T10869] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(17)
[  235.298183][T10869] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  235.300705][T10869] vhci_hcd vhci_hcd.0: Device attached
[  235.354807][T10876] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  235.361770][T10876] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(22)
[  235.364142][T10876] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  235.366702][T10876] vhci_hcd vhci_hcd.0: Device attached
[  235.370836][T10876] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(24)
[  235.372974][T10876] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  235.376591][T10876] vhci_hcd vhci_hcd.0: Device attached
[  235.536834][   T24] usb 41-1: new low-speed USB device number 3 using vhci_hcd
[  235.617436][ T5949] Bluetooth: hci0: command tx timeout
[  236.082042][T10879] vhci_hcd: connection closed
[  236.083176][T10877] vhci_hcd: connection closed
[  236.083643][T10872] vhci_hcd: connection closed
[  236.086763][T10870] vhci_hcd: connection reset by peer
[  236.087362][   T70] vhci_hcd: stop threads
[  236.091973][   T70] vhci_hcd: release socket
[  236.097763][   T70] vhci_hcd: disconnect device
[  236.100550][   T70] vhci_hcd: stop threads
[  236.102883][   T70] vhci_hcd: release socket
[  236.105628][   T70] vhci_hcd: disconnect device
[  236.108494][   T70] vhci_hcd: stop threads
[  236.109897][   T70] vhci_hcd: release socket
[  236.111372][   T70] vhci_hcd: disconnect device
[  236.113126][   T70] vhci_hcd: stop threads
[  236.114461][   T70] vhci_hcd: release socket
[  236.115900][   T70] vhci_hcd: disconnect device
[  236.967012][T10902] fuse: Unknown parameter 'group_id00000000000000000000'
[  237.610850][   T40] kauditd_printk_skb: 27 callbacks suppressed
[  237.610863][   T40] audit: type=1326 audit(1748988932.670:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.621747][   T40] audit: type=1326 audit(1748988932.670:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.630418][   T40] audit: type=1326 audit(1748988932.670:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=399 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.639827][   T40] audit: type=1326 audit(1748988932.670:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.647158][   T40] audit: type=1326 audit(1748988932.670:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.655664][   T40] audit: type=1326 audit(1748988932.670:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.656355][T10917] netlink: 'syz.4.1438': attribute type 1 has an invalid length.
[  237.664129][   T40] audit: type=1326 audit(1748988932.670:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.677366][   T40] audit: type=1326 audit(1748988932.670:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.686482][   T40] audit: type=1326 audit(1748988932.680:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.694430][   T40] audit: type=1326 audit(1748988932.680:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.2.1434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  237.696585][ T5949] Bluetooth: hci0: command tx timeout
[  237.856020][T10865] Set syz1 is full, maxelem 65536 reached
[  238.289552][T10935] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967293 > 32)
[  238.387243][T10940] fuse: Bad value for 'user_id'
[  238.388832][T10940] fuse: Bad value for 'user_id'
[  238.986801][T10952] __nla_validate_parse: 6 callbacks suppressed
[  238.986814][T10952] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1449'.
[  239.102313][T10960] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1454'.
[  239.158622][T10963] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1450'.
[  239.190274][T10963] binder: 10962:10963 ioctl c0306201 80000540 returned -14
[  239.284836][T10968] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1456'.
[  239.387600][T10971] lo speed is unknown, defaulting to 1000
[  239.389454][T10971] lo speed is unknown, defaulting to 1000
[  239.392448][T10971] lo speed is unknown, defaulting to 1000
[  239.407302][T10971] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  239.413730][T10971] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  239.431499][T10974] ubi: mtd0 is already attached to ubi31
[  239.470530][T10971] lo speed is unknown, defaulting to 1000
[  239.482021][T10971] lo speed is unknown, defaulting to 1000
[  239.495555][T10971] lo speed is unknown, defaulting to 1000
[  239.498323][T10971] lo speed is unknown, defaulting to 1000
[  239.505128][T10971] lo speed is unknown, defaulting to 1000
[  239.605555][T10978] syz_tun: entered allmulticast mode
[  239.785252][T10977] syz_tun: left allmulticast mode
[  240.666489][   T24] vhci_hcd: vhci_device speed not set
[  241.155234][T11022] trusted_key: encrypted_key: insufficient parameters specified
[  241.165342][T11022] trusted_key: encrypted_key: insufficient parameters specified
[  241.179915][T11022] netlink: 'syz.1.1473': attribute type 10 has an invalid length.
[  241.182350][T11022] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1473'.
[  241.532362][T11027] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1475'.
[  241.640389][T11027] binder: 11026:11027 ioctl c0306201 80000540 returned -14
[  241.957078][   T60] usb usb42-port1: attempt power cycle
[  242.637131][   T60] usb usb42-port1: unable to enumerate USB device
[  242.710836][T11045] Cannot find del_set index 3 as target
[  242.792673][T11048] netlink: 'syz.1.1480': attribute type 23 has an invalid length.
[  243.293389][ T5949] Bluetooth: hci3: unexpected event 0x03 length: 13 > 11
[  243.295236][T11059] netlink: 'syz.2.1483': attribute type 1 has an invalid length.
[  243.340497][T11061] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  243.379074][T11063] netlink: 788 bytes leftover after parsing attributes in process `syz.2.1485'.
[  244.303712][T11086] syzkaller1: entered promiscuous mode
[  244.305616][T11086] syzkaller1: entered allmulticast mode
[  244.443708][T11089] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1494'.
[  244.531817][T11089] binder: 11088:11089 ioctl c0306201 80000540 returned -14
[  244.648201][T11095] pim6reg: entered allmulticast mode
[  244.710035][T11095] pim6reg: left allmulticast mode
[  245.719111][T11111] No control pipe specified
[  246.784901][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  246.784913][   T40] audit: type=1326 audit(1748988941.850:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11126 comm="syz.4.1504" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x0
[  247.080193][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1506'.
[  247.387956][T11146] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  247.531381][T11146] batman_adv: batadv0: Removing interface: batadv_slave_1
[  249.128706][T11190] random: crng reseeded on system resumption
[  249.154199][T11188] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1522'.
[  249.200710][T11195] FAULT_INJECTION: forcing a failure.
[  249.200710][T11195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.205212][T11195] CPU: 3 UID: 0 PID: 11195 Comm: syz.4.1524 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  249.205229][T11195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  249.205241][T11195] Call Trace:
[  249.205245][T11195]  <TASK>
[  249.205250][T11195]  dump_stack_lvl+0x16c/0x1f0
[  249.205265][T11195]  should_fail_ex+0x512/0x640
[  249.205281][T11195]  _copy_from_user+0x2e/0xd0
[  249.205296][T11195]  __sys_bpf+0x21d/0x4d80
[  249.205313][T11195]  ? __pfx___sys_bpf+0x10/0x10
[  249.205329][T11195]  ? ksys_write+0x190/0x250
[  249.205358][T11195]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  249.205389][T11195]  ? fput+0x70/0xf0
[  249.205408][T11195]  ? ksys_write+0x1ac/0x250
[  249.205432][T11195]  ? __pfx_ksys_write+0x10/0x10
[  249.205462][T11195]  __ia32_sys_bpf+0x76/0xe0
[  249.205481][T11195]  __do_fast_syscall_32+0x7c/0x3a0
[  249.205499][T11195]  do_fast_syscall_32+0x32/0x80
[  249.205510][T11195]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  249.205525][T11195] RIP: 0023:0xf7fc6579
[  249.205534][T11195] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  249.205545][T11195] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  249.205555][T11195] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 0000000080000080
[  249.205562][T11195] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[  249.205569][T11195] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  249.205575][T11195] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  249.205581][T11195] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  249.205594][T11195]  </TASK>
[  249.276277][T11197] netlink: 766 bytes leftover after parsing attributes in process `syz.1.1525'.
[  249.344218][T11201] pim6reg: entered allmulticast mode
[  249.349312][T11201] pim6reg: left allmulticast mode
[  249.544289][T11212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1530'.
[  249.548555][T11212] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1530'.
[  249.570345][T11210] block nbd4: shutting down sockets
[  249.704010][   T40] audit: type=1800 audit(1748988944.770:1586): pid=11217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1528" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  250.019374][T11229] No control pipe specified
[  250.927047][T11249] FAULT_INJECTION: forcing a failure.
[  250.927047][T11249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.936636][T11249] CPU: 0 UID: 0 PID: 11249 Comm: syz.3.1539 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  250.936664][T11249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  250.936672][T11249] Call Trace:
[  250.936677][T11249]  <TASK>
[  250.936682][T11249]  dump_stack_lvl+0x16c/0x1f0
[  250.936697][T11249]  should_fail_ex+0x512/0x640
[  250.936714][T11249]  _copy_to_user+0x32/0xd0
[  250.936730][T11249]  simple_read_from_buffer+0xcb/0x170
[  250.936747][T11249]  proc_fail_nth_read+0x197/0x270
[  250.936763][T11249]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  250.936794][T11249]  ? rw_verify_area+0xcf/0x680
[  250.936810][T11249]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  250.936825][T11249]  vfs_read+0x1e1/0xc60
[  250.936841][T11249]  ? fdget_pos+0x2a2/0x370
[  250.936860][T11249]  ? __pfx_vfs_read+0x10/0x10
[  250.936876][T11249]  ? find_held_lock+0x2b/0x80
[  250.936891][T11249]  ? __fget_files+0x20e/0x3c0
[  250.936911][T11249]  ksys_read+0x12a/0x250
[  250.936927][T11249]  ? __pfx_ksys_read+0x10/0x10
[  250.936944][T11249]  ? rcu_is_watching+0x12/0xc0
[  250.936958][T11249]  __do_fast_syscall_32+0x7c/0x3a0
[  250.936972][T11249]  do_fast_syscall_32+0x32/0x80
[  250.936983][T11249]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  250.936998][T11249] RIP: 0023:0xf7f53579
[  250.937017][T11249] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  250.937028][T11249] RSP: 002b:00000000f5076590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  250.937039][T11249] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5076620
[  250.937046][T11249] RDX: 000000000000000f RSI: 00000000f73e2ff4 RDI: 0000000000000000
[  250.937056][T11249] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  250.937062][T11249] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  250.937068][T11249] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  250.937082][T11249]  </TASK>
[  251.006867][    C0] vkms_vblank_simulate: vblank timer overrun
[  251.105031][T11251] mkiss: ax0: crc mode is auto.
[  251.745858][T11267] autofs: Bad value for 'fd'
[  251.868187][T11270] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  253.179137][T11310] autofs: Bad value for 'fd'
[  253.828817][T11320] syz.3.1561: attempt to access beyond end of device
[  253.828817][T11320] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0
[  253.886975][T11320] XFS (nbd3): SB validate failed with error -5.
[  253.954511][T11328] netlink: 'syz.4.1562': attribute type 1 has an invalid length.
[  253.958136][T11328] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.1562'.
[  254.148992][T11342] fuse: Invalid rootmode
[  254.307337][T11355] binder: 11353:11355 ioctl c0306201 80000540 returned -14
[  254.412545][T11363] autofs: Bad value for 'fd'
[  254.429664][T11365] sctp: [Deprecated]: syz.4.1575 (pid 11365) Use of int in max_burst socket option deprecated.
[  254.429664][T11365] Use struct sctp_assoc_value instead
[  254.554554][T11369] fuse: Invalid rootmode
[  255.138542][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  255.215884][T11374] sctp: [Deprecated]: syz.1.1578 (pid 11374) Use of int in max_burst socket option deprecated.
[  255.215884][T11374] Use struct sctp_assoc_value instead
[  255.269544][T11376] sctp: [Deprecated]: syz.2.1579 (pid 11376) Use of int in max_burst socket option deprecated.
[  255.269544][T11376] Use struct sctp_assoc_value instead
[  255.317244][T11380] tipc: Started in network mode
[  255.318897][T11380] tipc: Node identity ac14140f, cluster identity 4711
[  255.321604][T11380] tipc: New replicast peer: 255.255.255.255
[  255.323953][T11380] tipc: Enabled bearer <udp:syz2>, priority 10
[  255.574183][T11391] ieee802154 phy1 wpan1: encryption failed: -22
[  256.308856][T11410] netlink: 'syz.4.1591': attribute type 10 has an invalid length.
[  256.317742][ T2296] tipc: Node number set to 2886997007
[  256.325215][T11410] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  257.524732][T11448] cgroup: Need name or subsystem set
[  257.773803][T11454] lo speed is unknown, defaulting to 1000
[  259.325514][T11489] netlink: 'syz.4.1613': attribute type 4 has an invalid length.
[  259.492548][T11491] bond2: (slave erspan0): Releasing active interface
[  259.503827][T11491] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  259.506449][T11491] bridge0: port 1(netdevsim0) entered disabled state
[  259.800871][T11495] fuse: Unknown parameter 'use00000000000000000000'
[  260.233459][T11521] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1624'.
[  261.075349][T11532] fuse: Unknown parameter 'use00000000000000000000'
[  261.159209][T11534] binder: 11533:11534 ioctl c0306201 80000540 returned -14
[  261.611609][T11544] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1632'.
[  261.623887][T11544] bridge0: port 3(team0) entered disabled state
[  261.626923][T11544] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.629497][T11544] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.727553][T11548] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1634'.
[  261.731616][T11548] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1634'.
[  261.859512][T11555] fuse: Unknown parameter 'use00000000000000000000'
[  261.967144][T11559] binder: 11558:11559 ioctl c0306201 80000540 returned -14
[  262.455256][ T5845] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  262.458024][ T5845] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  262.460325][ T5845] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  262.465603][ T5845] hid-generic 0000:0004:0000.0003: hidraw1: <UNKNOWN> HID v0.08 Device [syz0] on syz0
[  262.822845][T11591] fuse: Unknown parameter 'user_i00000000000000000000'
[  262.893552][T11594] FAULT_INJECTION: forcing a failure.
[  262.893552][T11594] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.897853][T11594] CPU: 0 UID: 0 PID: 11594 Comm: syz.4.1645 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  262.897870][T11594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  262.897877][T11594] Call Trace:
[  262.897881][T11594]  <TASK>
[  262.897885][T11594]  dump_stack_lvl+0x16c/0x1f0
[  262.897900][T11594]  should_fail_ex+0x512/0x640
[  262.897916][T11594]  _copy_from_iter+0x29f/0x16f0
[  262.897936][T11594]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  262.897956][T11594]  ? __pfx__copy_from_iter+0x10/0x10
[  262.897972][T11594]  ? alloc_pages_mpol+0x25a/0x550
[  262.897984][T11594]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  262.897998][T11594]  copy_page_from_iter+0xde/0x180
[  262.898015][T11594]  anon_pipe_write+0xbe7/0x1a70
[  262.898040][T11594]  ? __pfx_anon_pipe_write+0x10/0x10
[  262.898058][T11594]  ? apparmor_file_permission+0x251/0x400
[  262.898077][T11594]  ? bpf_lsm_file_permission+0x9/0x10
[  262.898090][T11594]  ? security_file_permission+0x71/0x210
[  262.898102][T11594]  ? rw_verify_area+0xcf/0x680
[  262.898118][T11594]  vfs_write+0x6c4/0x1150
[  262.898135][T11594]  ? __pfx_anon_pipe_write+0x10/0x10
[  262.898155][T11594]  ? __pfx_vfs_write+0x10/0x10
[  262.898170][T11594]  ? find_held_lock+0x2b/0x80
[  262.898190][T11594]  ksys_write+0x1f8/0x250
[  262.898207][T11594]  ? __pfx_ksys_write+0x10/0x10
[  262.898224][T11594]  ? rcu_is_watching+0x12/0xc0
[  262.898239][T11594]  __do_fast_syscall_32+0x7c/0x3a0
[  262.898252][T11594]  do_fast_syscall_32+0x32/0x80
[  262.898263][T11594]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  262.898277][T11594] RIP: 0023:0xf7fc6579
[  262.898286][T11594] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  262.898297][T11594] RSP: 002b:00000000f50a455c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  262.898308][T11594] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800094c0
[  262.898315][T11594] RDX: 00000000200002e6 RSI: 0000000000000000 RDI: 0000000000000000
[  262.898321][T11594] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  262.898327][T11594] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  262.898334][T11594] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  262.898347][T11594]  </TASK>
[  264.285303][T11618] "syz.3.1653" (11618) uses obsolete ecb(arc4) skcipher
[  264.415848][T11622] fuse: Unknown parameter 'user_i00000000000000000000'
[  265.129882][T11640] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  265.440340][T11646] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1663'.
[  265.539952][T11650] fuse: Unknown parameter 'user_i00000000000000000000'
[  265.676771][   T40] audit: type=1326 audit(1748988960.740:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11651 comm="syz.2.1666" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7fc00000
[  265.939286][T11665] lo speed is unknown, defaulting to 1000
[  266.448654][   T40] audit: type=1326 audit(1748988961.520:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11651 comm="syz.2.1666" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70ce579 code=0x7fc00000
[  266.989301][T11691] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1675'.
[  267.270407][T11704] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  267.272088][T11704] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1679'.
[  267.303795][T11704] netlink: 312 bytes leftover after parsing attributes in process `syz.1.1679'.
[  267.647675][T11723] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1684'.
[  267.650496][T11723] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1684'.
[  267.653349][T11723] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1684'.
[  267.656231][T11723] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1684'.
[  267.666809][T11723] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1684'.
[  267.670688][T11723] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1684'.
[  268.267063][T11742] affs: No valid root block on device nbd3
[  268.646970][T11752] binder: 11747:11752 ioctl 400c620e 0 returned -14
[  268.650174][T11752] netlink: 'syz.3.1693': attribute type 10 has an invalid length.
[  268.658902][T11752] batman_adv: batadv0: Adding interface: team0
[  268.658968][T11752] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  269.390455][ T6008] kernel read not supported for file /dsp (pid: 6008 comm: kworker/3:5)
[  270.356795][T11793] fuse: Unknown parameter 'user_id00000000000000000000'
[  270.457052][ T5997] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  270.688754][ T5997] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  270.691924][ T5997] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  270.694725][ T5997] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  270.697694][ T5997] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.701354][ T5997] usb 8-1: config 0 descriptor??
[  270.704471][ T5997] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  270.706325][ T5997] dvb-usb: bulk message failed: -22 (3/0)
[  270.711863][ T5997] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  270.714819][ T5997] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  270.717078][ T5997] usb 8-1: media controller created
[  270.719630][ T5997] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  270.725183][ T5997] dvb-usb: bulk message failed: -22 (6/0)
[  270.727037][ T5997] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  270.732413][ T5997] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input23
[  270.740343][ T5997] dvb-usb: schedule remote query interval to 150 msecs.
[  270.742484][ T5997] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  270.896740][ T5997] dvb-usb: bulk message failed: -22 (1/0)
[  270.900466][ T5997] dvb-usb: error while querying for an remote control event.
[  271.056563][ T5997] dvb-usb: bulk message failed: -22 (1/0)
[  271.058607][ T5997] dvb-usb: error while querying for an remote control event.
[  271.216655][ T5997] dvb-usb: bulk message failed: -22 (1/0)
[  271.218873][ T5997] dvb-usb: error while querying for an remote control event.
[  271.244005][ T5997] usb 8-1: USB disconnect, device number 5
[  271.257732][ T5997] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  271.836374][T11819] netlink: 'syz.3.1714': attribute type 3 has an invalid length.
[  273.128684][T11850] lo speed is unknown, defaulting to 1000
[  274.761831][T11879] tipc: Resetting bearer <eth:team0>
[  274.817540][T11884] hub 6-0:1.0: USB hub found
[  274.819617][T11879] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  274.824127][T11884] hub 6-0:1.0: 1 port detected
[  274.851090][T11879] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.853679][T11879] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.856199][T11879] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  274.859791][T11879] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.018398][T11884] kernel read not supported for file / 
œ7³ÏüâW)ës“§Ç!Q�öì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|�Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 11884 comm: syz.2.1729)
[  275.023430][   T40] audit: type=1800 audit(1748988970.090:1589): pid=11884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1729" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=49694 res=0 errno=0
[  276.233434][T11910] fuse: Unknown parameter '0x0000000000000003'
[  276.486846][T11921] __nla_validate_parse: 6 callbacks suppressed
[  276.486857][T11921] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1740'.
[  276.491442][T11921] team0: left allmulticast mode
[  276.493019][T11921] team_slave_0: left allmulticast mode
[  276.494698][T11921] team_slave_1: left allmulticast mode
[  276.562105][T11921] geneve0: left allmulticast mode
[  276.563945][T11921] bridge0: port 3(team0) entered disabled state
[  276.568027][T11921] bridge_slave_1: left allmulticast mode
[  276.569804][T11921] bridge_slave_1: left promiscuous mode
[  276.571577][T11921] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.575160][T11921] bridge_slave_0: left allmulticast mode
[  276.577029][T11921] bridge_slave_0: left promiscuous mode
[  276.578846][T11921] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.619421][T11924] x_tables: duplicate underflow at hook 3
[  277.038298][T11932] syzkaller1: entered promiscuous mode
[  277.040108][T11932] syzkaller1: entered allmulticast mode
[  277.123050][T11938] fuse: Unknown parameter '0x0000000000000003'
[  277.388490][T11956] netlink: 'syz.1.1745': attribute type 10 has an invalid length.
[  277.391965][T11956] team0: left promiscuous mode
[  277.394188][T11956] team_slave_0: left promiscuous mode
[  277.397752][T11956] team_slave_1: left promiscuous mode
[  277.401052][T11956] geneve0: left promiscuous mode
[  277.409096][T11956] batman_adv: batadv0: Adding interface: team0
[  277.411880][T11956] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  277.419744][T11956] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  278.106074][T11963] fuse: Unknown parameter '0x0000000000000003'
[  278.147567][T11967] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1757'.
[  278.274727][T11979] bridge0: failed insert local address into bridge forwarding table
[  278.277386][T11980] bridge0: failed insert local address into bridge forwarding table
[  278.730098][T11995] fuse: Unknown parameter '0x0000000000000003'
[  278.896586][ T5955] Bluetooth: hci0: command 0x0c1a tx timeout
[  278.899512][ T5949] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  279.157891][T12001] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1766'.
[  279.943378][T12020] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1770'.
[  280.118675][T12026] overlay: Unknown parameter 'dont_hash'
[  280.394069][T12038] dvmrp9: entered allmulticast mode
[  281.103709][T12058] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1783'.
[  282.320100][T12087] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1791'.
[  282.327845][T12087] mkiss: ax0: crc mode is auto.
[  282.702801][T12098] overlayfs: failed to clone lowerpath
[  283.804449][T12149] random: crng reseeded on system resumption
[  283.819218][T12149] Restarting kernel threads ...
[  283.821287][T12149] Done restarting kernel threads.
[  283.859980][T12151] bridge2: entered promiscuous mode
[  284.108772][T12160] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1816'.
[  284.408736][   T40] audit: type=1326 audit(1748988979.480:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12165 comm="syz.1.1818" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  284.416801][   T40] audit: type=1326 audit(1748988979.480:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12165 comm="syz.1.1818" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  284.423669][   T40] audit: type=1326 audit(1748988979.480:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12165 comm="syz.1.1818" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  284.430627][   T40] audit: type=1326 audit(1748988979.480:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12165 comm="syz.1.1818" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  284.447540][   T40] audit: type=1326 audit(1748988979.480:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12165 comm="syz.1.1818" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000
[  285.042315][ T5997] libceph: connect (1)[c::]:6789 error -101
[  285.045272][ T5997] libceph: mon0 (1)[c::]:6789 connect error
[  285.072594][T12176] ceph: No mds server is up or the cluster is laggy
[  285.406162][T12203] xt_ecn: cannot match TCP bits for non-tcp packets
[  285.510212][   T40] audit: type=1326 audit(1748988980.580:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12204 comm="syz.1.1831" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x0
[  285.796882][ T2296] kernel read not supported for file /dsp (pid: 2296 comm: kworker/1:2)
[  285.912259][T12216] netlink: 'syz.4.1834': attribute type 83 has an invalid length.
[  286.986836][T12249] tmpfs: Unknown parameter 'Noswap'
[  287.404245][T12254] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1847'.
[  287.510253][T12264] overlayfs: failed to clone upperpath
[  287.592506][T12265] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1845'.
[  289.832859][T12330] lo speed is unknown, defaulting to 1000
[  290.251134][ T1139] tipc: Subscription rejected, illegal request
[  290.906550][T12366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1877'.
[  291.372774][T12378] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1883'.
[  291.375740][T12378] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1883'.
[  291.379734][T12378] netlink: 'syz.4.1883': attribute type 20 has an invalid length.
[  291.766762][T12389] FAULT_INJECTION: forcing a failure.
[  291.766762][T12389] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.770760][T12389] CPU: 2 UID: 0 PID: 12389 Comm: syz.3.1886 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  291.770775][T12389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  291.770782][T12389] Call Trace:
[  291.770786][T12389]  <TASK>
[  291.770790][T12389]  dump_stack_lvl+0x16c/0x1f0
[  291.770805][T12389]  should_fail_ex+0x512/0x640
[  291.770822][T12389]  _copy_from_user+0x2e/0xd0
[  291.770838][T12389]  sctp_setsockopt+0x2045/0xb870
[  291.770857][T12389]  ? __pfx_sctp_setsockopt+0x10/0x10
[  291.770873][T12389]  ? __pfx_aa_sk_perm+0x10/0x10
[  291.770893][T12389]  ? sock_common_setsockopt+0x2e/0xf0
[  291.770912][T12389]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  291.770926][T12389]  do_sock_setsockopt+0x221/0x470
[  291.770939][T12389]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  291.770961][T12389]  __sys_setsockopt+0x120/0x1a0
[  291.770981][T12389]  __ia32_sys_setsockopt+0xbc/0x160
[  291.770991][T12389]  ? lockdep_hardirqs_on+0x7c/0x110
[  291.771008][T12389]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  291.771020][T12389]  __do_fast_syscall_32+0x7c/0x3a0
[  291.771033][T12389]  do_fast_syscall_32+0x32/0x80
[  291.771044][T12389]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  291.771058][T12389] RIP: 0023:0xf7f53579
[  291.771067][T12389] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  291.771078][T12389] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  291.771089][T12389] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084
[  291.771096][T12389] RDX: 0000000000000085 RSI: 0000000080000000 RDI: 0000000000000090
[  291.771102][T12389] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  291.771108][T12389] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  291.771115][T12389] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  291.771128][T12389]  </TASK>
[  292.107347][ T6008] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  292.213573][ T5949] Bluetooth: hci3: unexpected event for opcode 0x202a
[  292.262877][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.266331][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.270496][ T6008] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  292.275143][ T6008] usb 8-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[  292.279028][ T6008] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.282764][ T6008] usb 8-1: config 0 descriptor??
[  292.956120][T12413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.961079][T12413] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.150770][ T6008] hid-udraw 0003:20D6:CB17.0004: unknown main item tag 0x0
[  293.205698][ T6008] input: THQ uDraw Game Tablet for PS3 Joypad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:20D6:CB17.0004/input/input24
[  293.403141][ T6008] input: THQ uDraw Game Tablet for PS3 Touchpad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:20D6:CB17.0004/input/input25
[  293.473313][ T6008] input: THQ uDraw Game Tablet for PS3 Pen as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:20D6:CB17.0004/input/input26
[  293.481229][ T6008] input: THQ uDraw Game Tablet for PS3 Accelerometer as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:20D6:CB17.0004/input/input27
[  293.490833][ T6008] hid-udraw 0003:20D6:CB17.0004: hidraw1: USB HID v0.00 Device [HID 20d6:cb17] on usb-dummy_hcd.3-1/input0
[  294.377117][   T60] usb 8-1: reset high-speed USB device number 6 using dummy_hcd
[  295.668421][   T24] usb 8-1: USB disconnect, device number 6
[  295.998974][T12483] 9pnet: Could not find request transport: f0x00000000000000060x0000000000000007
[  296.004232][T12483] netlink: 'syz.2.1911': attribute type 2 has an invalid length.
[  296.081062][T12489] IPv6: Can't replace route, no match found
[  296.537115][T12498] xt_CT: You must specify a L4 protocol and not use inversions on it
[  297.691486][ T1248] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.697567][ T1248] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  297.828040][ T1248] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.831883][ T1248] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  297.993213][ T1248] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.996719][ T1248] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  298.050221][ T1248] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.053520][ T1248] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  298.231675][ T1248] bond1 (unregistering): (slave erspan0): Releasing active interface
[  298.351007][ T1248] bond0 (unregistering): Released all slaves
[  298.421317][ T1248] bond1 (unregistering): Released all slaves
[  298.426571][ T5955] Bluetooth: hci0: command 0x0c1a tx timeout
[  298.498238][ T1248] : left promiscuous mode
[  298.832649][T12552] xt_CT: You must specify a L4 protocol and not use inversions on it
[  299.139505][ T1248] tipc: Disabling bearer <eth:vlan0>
[  299.149255][ T1248] tipc: Left network mode
[  299.157861][T12555] binder: 12550:12555 ioctl c0046209 0 returned -22
[  299.600490][ T1248] hsr_slave_0: left promiscuous mode
[  299.606468][ T1248] hsr_slave_1: left promiscuous mode
[  299.640563][ T1248] veth1_macvtap: left promiscuous mode
[  299.642505][ T1248] veth0_macvtap: left promiscuous mode
[  299.644290][ T1248] veth1_vlan: left promiscuous mode
[  299.645999][ T1248] veth0_vlan: left promiscuous mode
[  300.069650][ T5955] Bluetooth: hci2: unexpected event for opcode 0x1003
[  301.699213][   T24] libceph: connect (1)[c::]:6789 error -97
[  301.701250][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  301.957543][   T24] libceph: connect (1)[c::]:6789 error -97
[  301.959732][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  302.206518][   T24] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  302.356587][   T24] usb 8-1: Using ep0 maxpacket: 8
[  302.359575][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  302.363781][   T24] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  302.366843][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.370623][   T24] usb 8-1: config 0 descriptor??
[  302.466764][   T60] libceph: connect (1)[c::]:6789 error -97
[  302.468789][   T60] libceph: mon0 (1)[c::]:6789 connect error
[  302.522420][T12615] ceph: No mds server is up or the cluster is laggy
[  302.579003][   T24] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  302.839486][   T24] usb 8-1: USB disconnect, device number 7
[  302.964904][T12639] lo speed is unknown, defaulting to 1000
[  302.969625][T12639] lo speed is unknown, defaulting to 1000
[  302.973166][T12639] lo speed is unknown, defaulting to 1000
[  303.210994][T12639] infiniband s
z1: set down
[  303.212650][T12639] infiniband s
z1: added lo
[  303.234637][ T2296] lo speed is unknown, defaulting to 1000
[  303.237863][T12639] RDS/IB: s
z1: added
[  303.239484][T12639] smc: adding ib device s
z1 with port count 1
[  303.241505][T12639] smc:    ib device s
z1 port 1 has pnetid 
[  303.245653][T12639] lo speed is unknown, defaulting to 1000
[  303.326372][T12639] lo speed is unknown, defaulting to 1000
[  303.406192][T12639] lo speed is unknown, defaulting to 1000
[  303.486873][T12639] lo speed is unknown, defaulting to 1000
[  303.576087][ T2296] lo speed is unknown, defaulting to 1000
[  304.099689][ T5955] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  304.099730][ T5955] Bluetooth: hci2: Injecting HCI hardware error event
[  304.102396][ T5955] Bluetooth: hci2: hardware error 0x00
[  305.165178][T12671] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1970'.
[  305.282189][    C2] vcan0: j1939_tp_rxtimer: 0xffff88801333cc00: rx timeout, send abort
[  305.782319][    C2] vcan0: j1939_tp_rxtimer: 0xffff88801333e800: rx timeout, send abort
[  305.785945][    C2] vcan0: j1939_tp_rxtimer: 0xffff88801333cc00: abort rx timeout. Force session deactivation
[  305.849750][T12693] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1975'.
[  306.176547][ T5955] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  306.285872][    C2] vcan0: j1939_tp_rxtimer: 0xffff88801333e800: abort rx timeout. Force session deactivation
[  306.377656][T12709] afs: Unknown parameter 'dyn€|'
[  307.696787][T12743] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  307.699168][T12743] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  307.701891][T12743] vhci_hcd vhci_hcd.0: Device attached
[  307.824640][T12754] lo speed is unknown, defaulting to 1000
[  307.827802][T12754] lo speed is unknown, defaulting to 1000
[  307.947343][ T2296] usb 43-1: new high-speed USB device number 4 using vhci_hcd
[  308.199299][T12745] vhci_hcd: connection reset by peer
[  308.201171][   T46] vhci_hcd: stop threads
[  308.202529][   T46] vhci_hcd: release socket
[  308.203987][   T46] vhci_hcd: disconnect device
[  309.276934][T12790] overlay: ./file0 is not a directory
[  309.510685][T12797] bridge1: entered promiscuous mode
[  310.652680][T12838] FAULT_INJECTION: forcing a failure.
[  310.652680][T12838] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  310.657539][T12838] CPU: 0 UID: 0 PID: 12838 Comm: syz.4.2020 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  310.657560][T12838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  310.657569][T12838] Call Trace:
[  310.657574][T12838]  <TASK>
[  310.657579][T12838]  dump_stack_lvl+0x16c/0x1f0
[  310.657599][T12838]  should_fail_ex+0x512/0x640
[  310.657620][T12838]  _copy_from_user+0x2e/0xd0
[  310.657640][T12838]  get_compat_msghdr+0xa7/0x170
[  310.657657][T12838]  ? __pfx_get_compat_msghdr+0x10/0x10
[  310.657680][T12838]  ___sys_sendmsg+0x1ae/0x1d0
[  310.657695][T12838]  ? __pfx____sys_sendmsg+0x10/0x10
[  310.657720][T12838]  ? find_held_lock+0x2b/0x80
[  310.657748][T12838]  __sys_sendmsg+0x16d/0x220
[  310.657762][T12838]  ? __pfx___sys_sendmsg+0x10/0x10
[  310.657786][T12838]  ? rcu_is_watching+0x12/0xc0
[  310.657803][T12838]  __do_fast_syscall_32+0x7c/0x3a0
[  310.657820][T12838]  do_fast_syscall_32+0x32/0x80
[  310.657835][T12838]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  310.657853][T12838] RIP: 0023:0xf7fc6579
[  310.657864][T12838] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  310.657878][T12838] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  310.657892][T12838] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000780
[  310.657901][T12838] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  310.657909][T12838] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  310.657917][T12838] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  310.657925][T12838] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  310.657944][T12838]  </TASK>
[  310.746100][T12839] lo speed is unknown, defaulting to 1000
[  310.777000][T12839] lo speed is unknown, defaulting to 1000
[  310.877819][T12843] nfsd: Unknown parameter '~Dº¦�2‹³j­M'
[  311.075624][T12853] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2024'.
[  311.229854][T12859] overlayfs: failed to clone upperpath
[  311.270640][T12857] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2026'.
[  311.288510][T12857] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  311.291235][T12857] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  311.293932][T12857] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  311.296886][T12857] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  311.305722][T12857] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  311.308556][T12857] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  311.311277][T12857] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  311.314002][T12857] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  311.553077][T12871] tmpfs: Unknown parameter 'name'
[  311.583446][T12874] netlink: 'syz.3.2031': attribute type 10 has an invalid length.
[  311.588107][T12874] batman_adv: batadv0: Adding interface: wlan0
[  311.590465][T12874] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.599557][T12874] batman_adv: batadv0: Interface activated: wlan0
[  312.208864][T12878] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2032'.
[  312.211706][T12878] bridge_slave_1: left allmulticast mode
[  312.213419][T12878] bridge_slave_1: left promiscuous mode
[  312.215711][T12878] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.229963][T12878] bridge_slave_0: left allmulticast mode
[  312.231754][T12878] bridge_slave_0: left promiscuous mode
[  312.233608][T12878] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.470200][T12877] : entered promiscuous mode
[  313.046680][ T2296] vhci_hcd: vhci_device speed not set
[  313.480961][T12912] 9pnet_fd: Insufficient options for proto=fd
[  313.483348][T12890] 9pnet_fd: Insufficient options for proto=fd
[  313.483668][T12888] overlayfs: failed to clone upperpath
[  313.485630][T12912] overlayfs: failed to clone upperpath
[  314.275244][T12927] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  314.277447][T12926] IPVS: stopping backup sync thread 12927 ...
[  314.692889][T12931] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  314.818732][T12939] binder: 12938:12939 ioctl c0306201 80000280 returned -14
[  315.057654][T12948] kAFS: No cell specified
[  315.601540][T12970] lo speed is unknown, defaulting to 1000
[  315.604066][T12970] lo speed is unknown, defaulting to 1000
[  315.896146][T12978] binder: 12976:12978 ioctl c0046209 0 returned -22
[  316.139027][T12980] batman_adv: batadv0: Removing interface: batadv_slave_1
[  316.578428][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  316.866595][   T24] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  317.019335][   T24] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  317.022962][   T24] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  317.026142][   T24] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  317.030117][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.034475][T13001] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  317.039769][   T24] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  317.239856][ T6008] usb 8-1: USB disconnect, device number 8
[  317.319684][T13019] 9pnet_fd: Insufficient options for proto=fd
[  317.644644][T13029] input: syz1 as /devices/virtual/input/input28
[  317.946772][T13040] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2082'.
[  318.337476][T13040] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  318.340261][T13040] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  318.342949][T13040] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  318.345648][T13040] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  318.376223][T13040] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  318.379070][T13040] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  318.381846][T13040] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  318.384596][T13040] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  319.049124][T13060] autofs: Bad value for 'fd'
[  319.473535][T13080] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  320.335036][T13092] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2096'.
[  321.124002][T13136] netlink: 'syz.3.2108': attribute type 4 has an invalid length.
[  321.759697][T13144] FAULT_INJECTION: forcing a failure.
[  321.759697][T13144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.763795][T13144] CPU: 0 UID: 0 PID: 13144 Comm: syz.4.2116 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  321.763811][T13144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  321.763818][T13144] Call Trace:
[  321.763822][T13144]  <TASK>
[  321.763826][T13144]  dump_stack_lvl+0x16c/0x1f0
[  321.763842][T13144]  should_fail_ex+0x512/0x640
[  321.763858][T13144]  _copy_from_user+0x2e/0xd0
[  321.763874][T13144]  get_compat_msghdr+0xa7/0x170
[  321.763887][T13144]  ? __pfx_get_compat_msghdr+0x10/0x10
[  321.763904][T13144]  ___sys_sendmsg+0x1ae/0x1d0
[  321.763916][T13144]  ? __pfx____sys_sendmsg+0x10/0x10
[  321.763934][T13144]  ? find_held_lock+0x2b/0x80
[  321.763954][T13144]  __sys_sendmsg+0x16d/0x220
[  321.763966][T13144]  ? __pfx___sys_sendmsg+0x10/0x10
[  321.763983][T13144]  ? rcu_is_watching+0x12/0xc0
[  321.763996][T13144]  __do_fast_syscall_32+0x7c/0x3a0
[  321.764009][T13144]  do_fast_syscall_32+0x32/0x80
[  321.764021][T13144]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  321.764035][T13144] RIP: 0023:0xf7fc6579
[  321.764043][T13144] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  321.764054][T13144] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  321.764065][T13144] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  321.764072][T13144] RDX: 0000000020040000 RSI: 0000000000000000 RDI: 0000000000000000
[  321.764079][T13144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  321.764085][T13144] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  321.764090][T13144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  321.764103][T13144]  </TASK>
[  321.779395][T13146] 9pnet_fd: Insufficient options for proto=fd
[  321.837630][T13150] lo speed is unknown, defaulting to 1000
[  321.840162][T13150] lo speed is unknown, defaulting to 1000
[  322.742770][ T5949] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  322.748626][ T5949] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  322.756618][ T5949] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  322.759928][ T5949] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  322.762456][ T5949] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  322.791235][T13183] lo speed is unknown, defaulting to 1000
[  322.797334][T13183] lo speed is unknown, defaulting to 1000
[  322.946548][   T54] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  322.990635][T13183] chnl_net:caif_netlink_parms(): no params data found
[  323.059038][T13183] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.061324][T13183] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.063619][T13183] bridge_slave_0: entered allmulticast mode
[  323.066247][T13183] bridge_slave_0: entered promiscuous mode
[  323.069393][T13183] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.071690][T13183] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.073945][T13183] bridge_slave_1: entered allmulticast mode
[  323.076842][T13183] bridge_slave_1: entered promiscuous mode
[  323.086518][   T54] usb 9-1: device descriptor read/64, error -71
[  323.111277][T13183] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  323.116806][T13183] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  323.157832][T13183] team0: Port device team_slave_0 added
[  323.162002][T13183] team0: Port device team_slave_1 added
[  323.194703][T13183] batman_adv: batadv0: Adding interface: batadv_slave_0
[  323.194715][T13183] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  323.194736][T13183] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  323.195488][T13183] batman_adv: batadv0: Adding interface: batadv_slave_1
[  323.195496][T13183] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  323.195512][T13183] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  323.234550][T13183] hsr_slave_0: entered promiscuous mode
[  323.235111][T13183] hsr_slave_1: entered promiscuous mode
[  323.239102][T13183] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  323.242135][T13183] Cannot create hsr debugfs directory
[  323.359231][   T13] bond1 (unregistering): (slave erspan0): Releasing active interface
[  323.394065][   T13] dvmrp9 (unregistering): left allmulticast mode
[  323.396507][   T54] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  323.418625][   T13] team0: Port device geneve0 removed
[  323.526564][   T54] usb 9-1: device descriptor read/64, error -71
[  323.636639][   T54] usb usb9-port1: attempt power cycle
[  323.640756][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  323.645111][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  323.649549][   T13] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  323.653107][   T13] bond0 (unregistering): Released all slaves
[  323.732167][   T13] bond1 (unregistering): Released all slaves
[  323.992491][T13203] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2132'.
[  323.997517][   T54] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  324.028623][   T54] usb 9-1: device descriptor read/8, error -71
[  324.213089][T13183] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  324.217160][T13183] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  324.221099][T13183] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  324.225029][T13183] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  324.260576][T13183] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.271525][T13183] 8021q: adding VLAN 0 to HW filter on device team0
[  324.278139][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.280400][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.286791][   T54] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  324.289085][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.291403][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.308248][   T54] usb 9-1: device descriptor read/8, error -71
[  324.398066][T13183] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.416947][   T54] usb usb9-port1: unable to enumerate USB device
[  324.420019][T13183] veth0_vlan: entered promiscuous mode
[  324.425078][T13183] veth1_vlan: entered promiscuous mode
[  324.441634][T13183] veth0_macvtap: entered promiscuous mode
[  324.445394][T13183] veth1_macvtap: entered promiscuous mode
[  324.456135][T13183] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.463284][T13183] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.469057][T13183] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.471815][T13183] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.474487][T13183] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.477944][T13183] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.530028][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.533158][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.547375][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.550793][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.594631][T13221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2127'.
[  324.604946][T13221] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2127'.
[  324.609309][T13221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2127'.
[  324.614734][T13221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2127'.
[  324.655275][T13223] vivid-000: disconnect
[  324.658286][T13222] vivid-000: reconnect
[  324.816640][ T5949] Bluetooth: hci4: command tx timeout
[  325.173637][T13241] 9pnet_fd: p9_fd_create_unix (13241): problem connecting socket: ./file0/file0: -2
[  325.193125][T13241] lo speed is unknown, defaulting to 1000
[  325.195670][T13241] lo speed is unknown, defaulting to 1000
[  325.483853][   T13] tipc: Disabling bearer <eth:team0>
[  325.490940][   T13] tipc: Left network mode
[  326.051454][   T13] hsr_slave_0: left promiscuous mode
[  326.054275][   T13] hsr_slave_1: left promiscuous mode
[  326.056245][   T13] batman_adv: batadv0: Removing interface: team0
[  326.059055][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.780416][T13290] netlink: 'syz.4.2158': attribute type 1 has an invalid length.
[  326.791362][T13290] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  326.900738][ T5949] Bluetooth: hci4: command tx timeout
[  326.963030][   T13] team0 (unregistering): Port device team_slave_1 removed
[  327.608333][   T13] team0 (unregistering): Port device team_slave_0 removed
[  328.654300][T13339] input: syz1 as /devices/virtual/input/input30
[  328.670227][T13339] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2169'.
[  328.677773][   T40] audit: type=1326 audit(1748989023.740:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13338 comm="syz.3.2169" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x0
[  328.882471][T13352] 9pnet_fd: Insufficient options for proto=fd
[  328.977406][ T5949] Bluetooth: hci4: command tx timeout
[  329.360657][T13377] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2175'.
[  329.564004][T13387] lo speed is unknown, defaulting to 1000
[  329.566713][T13387] lo speed is unknown, defaulting to 1000
[  330.028577][T13393] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2179'.
[  331.056593][ T5949] Bluetooth: hci4: command tx timeout
[  331.137922][T13436] loop6: detected capacity change from 0 to 524287999
[  331.576394][T13444] IPv6: sit1: Disabled Multicast RS
[  331.579151][T13444] sit1: entered allmulticast mode
[  331.695202][T13454] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2197'.
[  331.724525][T13475] netlink: 'syz.2.2198': attribute type 3 has an invalid length.
[  331.729834][T13475] netlink: 'syz.2.2198': attribute type 3 has an invalid length.
[  331.735016][T13475] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2198'.
[  332.559813][T13528] netlink: 'syz.3.2203': attribute type 2 has an invalid length.
[  332.559841][T13528] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2203'.
[  332.559852][T13528] nbd: must specify a device to reconfigure
[  332.560864][T13528] binder: 13527:13528 ioctl c0306201 0 returned -14
[  332.865987][T13538] gretap0: entered promiscuous mode
[  333.234730][T13545] fuse: Unknown parameter '00000000000000000010'
[  333.237702][T13545] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2208'.
[  333.757270][T13537] gretap0: left promiscuous mode
[  334.144819][T13567] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2217'.
[  334.152133][T13567] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2217'.
[  334.428204][T13572] overlayfs: missing 'lowerdir'
[  334.538966][T13573] lo speed is unknown, defaulting to 1000
[  334.541608][T13573] lo speed is unknown, defaulting to 1000
[  334.677124][T13574] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  334.728486][T13580] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  334.796128][T13589] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2224'.
[  334.799788][T13574] /dev/sr0: Can't open blockdev
[  334.887132][T13580] /dev/sr0: Can't open blockdev
[  335.289862][T13607] netlink: 'syz.2.2229': attribute type 20 has an invalid length.
[  335.371658][T13615] netlink: 'syz.1.2233': attribute type 1 has an invalid length.
[  335.468473][T13615] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2233'.
[  335.765405][T13637] overlayfs: missing 'lowerdir'
[  336.033262][T13638] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  336.157244][T13638] /dev/sr0: Can't open blockdev
[  336.262172][T13642] netlink: 'syz.3.2242': attribute type 10 has an invalid length.
[  336.309073][T13641] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  336.314435][T13642] overlayfs: overlapping lowerdir path
[  336.318272][T13641] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  336.321163][T13641] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  336.324870][T13641] overlayfs: conflicting options: userxattr,verity=on
[  336.449593][T13650] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2245'.
[  336.810234][ T1330] kernel read not supported for file /1674/net/igmp (pid: 1330 comm: kworker/2:2)
[  337.506123][T13684] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.2258'.
[  338.663899][T13734] FAULT_INJECTION: forcing a failure.
[  338.663899][T13734] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  338.669049][T13734] CPU: 0 UID: 0 PID: 13734 Comm: syz.1.2278 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  338.669066][T13734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  338.669073][T13734] Call Trace:
[  338.669077][T13734]  <TASK>
[  338.669082][T13734]  dump_stack_lvl+0x16c/0x1f0
[  338.669099][T13734]  should_fail_ex+0x512/0x640
[  338.669115][T13734]  should_fail_alloc_page+0xe7/0x130
[  338.669129][T13734]  prepare_alloc_pages+0x3c2/0x610
[  338.669143][T13734]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  338.669162][T13734]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  338.669180][T13734]  ? kernel_text_address+0x8d/0x100
[  338.669199][T13734]  ? __kernel_text_address+0xd/0x40
[  338.669217][T13734]  ? unwind_get_return_address+0x59/0xa0
[  338.669234][T13734]  ? arch_stack_walk+0xa6/0x100
[  338.669254][T13734]  ? __lock_acquire+0x622/0x1c90
[  338.669269][T13734]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  338.669287][T13734]  ? _parse_integer_limit+0x17f/0x1d0
[  338.669306][T13734]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  338.669324][T13734]  ? policy_nodemask+0xea/0x4e0
[  338.669337][T13734]  alloc_pages_mpol+0x1fb/0x550
[  338.669349][T13734]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  338.669361][T13734]  ? look_up_lock_class+0x59/0x150
[  338.669374][T13734]  alloc_pages_noprof+0x131/0x390
[  338.669386][T13734]  pte_alloc_one+0x1c/0x3a0
[  338.669403][T13734]  __do_fault+0x320/0x490
[  338.669413][T13734]  ? __pfx_filemap_map_pages+0x10/0x10
[  338.669433][T13734]  __handle_mm_fault+0x374c/0x5490
[  338.669457][T13734]  ? __pfx___handle_mm_fault+0x10/0x10
[  338.669472][T13734]  ? lock_vma_under_rcu+0x47d/0x970
[  338.669487][T13734]  ? lock_vma_under_rcu+0x47d/0x970
[  338.669513][T13734]  handle_mm_fault+0x589/0xd10
[  338.669529][T13734]  ? __pkru_allows_pkey+0x21/0xb0
[  338.669545][T13734]  do_user_addr_fault+0x60c/0x1370
[  338.669561][T13734]  ? rcu_is_watching+0x12/0xc0
[  338.669575][T13734]  exc_page_fault+0x5c/0xb0
[  338.669592][T13734]  asm_exc_page_fault+0x26/0x30
[  338.669603][T13734] RIP: 0023:0xf7178766
[  338.669612][T13734] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
[  338.669623][T13734] RSP: 002b:00000000f5026548 EFLAGS: 00010246
[  338.669636][T13734] RAX: 0000000000000000 RBX: 00000000f7392ff4 RCX: 0000000000000012
[  338.669643][T13734] RDX: 0000000000000000 RSI: 0000000080000180 RDI: 0000000080ffb020
[  338.669649][T13734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  338.669655][T13734] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  338.669661][T13734] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  338.669674][T13734]  </TASK>
[  338.669823][T13734] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  338.837112][ T6008] libceph: connect (1)[c::]:6789 error -101
[  338.839254][ T6008] libceph: mon0 (1)[c::]:6789 connect error
[  338.991836][T13739] ceph: No mds server is up or the cluster is laggy
[  339.116567][   T40] audit: type=1326 audit(1748989034.170:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  339.124726][   T40] audit: type=1326 audit(1748989034.170:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  339.135733][   T40] audit: type=1326 audit(1748989034.170:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  339.148384][   T40] audit: type=1326 audit(1748989034.170:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  339.155381][   T40] audit: type=1326 audit(1748989034.170:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  339.162309][   T40] audit: type=1326 audit(1748989034.170:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  339.170544][   T40] audit: type=1326 audit(1748989034.170:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  339.178126][   T40] audit: type=1326 audit(1748989034.170:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  339.185036][   T40] audit: type=1326 audit(1748989034.170:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  339.194525][   T40] audit: type=1326 audit(1748989034.170:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13753 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  340.164037][T13772] 8021q: adding VLAN 0 to HW filter on device bond0
[  340.168196][T13772] bond0: (slave rose0): Enslaving as an active interface with an up link
[  340.551781][T13809] ubi: mtd0 is already attached to ubi31
[  341.106333][T13857] lo speed is unknown, defaulting to 1000
[  341.147993][T13862] batadv_slave_0: entered promiscuous mode
[  341.356509][   T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  341.507929][   T24] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  341.510692][   T24] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  341.514009][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  341.517112][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  341.520537][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  341.525201][   T24] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  341.528135][   T24] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  341.530624][   T24] usb 6-1: Product: syz
[  341.531997][   T24] usb 6-1: Manufacturer: syz
[  341.536297][   T24] cdc_wdm 6-1:1.0: skipping garbage
[  341.538124][   T24] cdc_wdm 6-1:1.0: skipping garbage
[  341.540602][   T24] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  341.542507][   T24] cdc_wdm 6-1:1.0: Unknown control protocol
[  341.913506][   T54] usb 6-1: USB disconnect, device number 3
[  341.919225][T13853] batadv_slave_0: left promiscuous mode
[  342.075787][T13880] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2322'.
[  342.079965][T13880] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2322'.
[  342.741124][T13901] netlink: 'syz.4.2329': attribute type 11 has an invalid length.
[  342.823697][T13904] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2330'.
[  342.826748][T13904] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2330'.
[  342.899065][T13908] tmpfs: Unknown parameter 'usÙ¦uota'
[  342.901920][T13908] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2332'.
[  342.904841][T13908] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2332'.
[  343.438706][T13933] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2339'.
[  344.165232][T13945] netlink: 'syz.3.2342': attribute type 1 has an invalid length.
[  344.184928][T13947] random: crng reseeded on system resumption
[  345.053532][T13967] netlink: 'syz.2.2351': attribute type 7 has an invalid length.
[  345.056344][T13967] netlink: 'syz.2.2351': attribute type 8 has an invalid length.
[  345.062537][T13966] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.666499][ T1330] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  345.828572][ T1330] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  345.833291][ T1330] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  345.838043][ T1330] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  345.843512][ T1330] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  345.847390][ T1330] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.855608][ T1330] usb 9-1: config 0 descriptor??
[  346.009314][T13982] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2356'.
[  346.321459][T13985] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2358'.
[  346.331805][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  346.337183][ T5955] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  346.340805][ T5955] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  346.347311][ T5955] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  346.351095][ T5955] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  346.381397][T13986] lo speed is unknown, defaulting to 1000
[  346.457191][ T1330] usbhid 9-1:0.0: can't add hid device: -71
[  346.600671][T13986] chnl_net:caif_netlink_parms(): no params data found
[  346.683568][T13986] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.686017][T13986] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.691220][T13986] bridge_slave_0: entered allmulticast mode
[  346.694090][T13986] bridge_slave_0: entered promiscuous mode
[  346.697328][T13986] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.699726][T13986] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.702012][T13986] bridge_slave_1: entered allmulticast mode
[  346.704742][T13986] bridge_slave_1: entered promiscuous mode
[  346.738244][T13986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  346.742741][T13986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  346.780968][ T1330] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  346.784799][ T1330] usb 9-1: USB disconnect, device number 6
[  346.784940][T13986] team0: Port device team_slave_0 added
[  346.792191][T13986] team0: Port device team_slave_1 added
[  346.832646][T13986] batman_adv: batadv0: Adding interface: batadv_slave_0
[  346.835005][T13986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.844947][T13986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  346.849573][T13986] batman_adv: batadv0: Adding interface: batadv_slave_1
[  346.851889][T13986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.860607][T13986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  346.904888][T13986] hsr_slave_0: entered promiscuous mode
[  346.907430][T13986] hsr_slave_1: entered promiscuous mode
[  346.909610][T13986] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  346.913013][T13986] Cannot create hsr debugfs directory
[  347.082535][T13986] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.160675][T13986] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.229990][T13986] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.287184][T13986] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.405232][T13986] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  347.419885][T13986] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  347.425692][T13986] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  347.430025][T13986] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  347.470141][T13986] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.482002][T13986] 8021q: adding VLAN 0 to HW filter on device team0
[  347.487757][T13507] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.490137][T13507] bridge0: port 1(bridge_slave_0) entered forwarding state
[  347.498839][T13469] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.501200][T13469] bridge0: port 2(bridge_slave_1) entered forwarding state
[  347.624490][T13986] 8021q: adding VLAN 0 to HW filter on device batadv0
[  347.652013][T13986] veth0_vlan: entered promiscuous mode
[  347.658425][T13986] veth1_vlan: entered promiscuous mode
[  347.678791][T13986] veth0_macvtap: entered promiscuous mode
[  347.684355][T13986] veth1_macvtap: entered promiscuous mode
[  347.694727][T13986] batman_adv: batadv0: Interface activated: batadv_slave_0
[  347.699767][T13986] batman_adv: batadv0: Interface activated: batadv_slave_1
[  347.710397][T13986] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  347.714216][T13986] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  347.720529][T13986] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  347.724296][T13986] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  347.788492][T13509] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  347.791783][T13509] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  347.804866][T13503] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  347.814402][T13503] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.396537][    T9] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  348.416602][ T5949] Bluetooth: hci1: command tx timeout
[  348.554460][    T9] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  348.564324][    T9] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  348.567567][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.570325][    T9] usb 9-1: Product: syz
[  348.571664][    T9] usb 9-1: Manufacturer: syz
[  348.573260][    T9] usb 9-1: SerialNumber: syz
[  348.786863][    T9] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  348.972886][T14050] FAULT_INJECTION: forcing a failure.
[  348.972886][T14050] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.978480][T14050] CPU: 2 UID: 0 PID: 14050 Comm: syz.2.2373 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  348.978507][T14050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  348.978518][T14050] Call Trace:
[  348.978524][T14050]  <TASK>
[  348.978531][T14050]  dump_stack_lvl+0x16c/0x1f0
[  348.978554][T14050]  should_fail_ex+0x512/0x640
[  348.978581][T14050]  strncpy_from_user+0x3b/0x2e0
[  348.978604][T14050]  getname_flags.part.0+0x8f/0x550
[  348.978629][T14050]  __ia32_sys_unlink+0xaf/0x110
[  348.978646][T14050]  __do_fast_syscall_32+0x7c/0x3a0
[  348.978669][T14050]  do_fast_syscall_32+0x32/0x80
[  348.978688][T14050]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  348.978711][T14050] RIP: 0023:0xf7fc6579
[  348.978725][T14050] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  348.978742][T14050] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 000000000000000a
[  348.978761][T14050] RAX: ffffffffffffffda RBX: 0000000080000280 RCX: 0000000000000000
[  348.978773][T14050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  348.978783][T14050] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  348.978794][T14050] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  348.978805][T14050] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  348.978828][T14050]  </TASK>
[  348.990217][T14033] block nbd4: not configured, cannot reconfigure
[  349.135782][ T6981] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[  349.137177][   T34] usb 9-1: USB disconnect, device number 7
[  349.142689][   T34] usblp0: removed
[  349.310451][ T6981] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  349.313325][ T6981] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  349.316809][ T6981] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  349.321154][ T6981] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  349.324973][ T6981] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  349.332650][ T6981] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  349.335411][ T6981] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  349.339568][ T6981] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  349.344239][ T6981] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  349.347990][ T6981] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  349.354386][ T6981] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  349.357179][ T6981] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  349.360545][ T6981] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  349.364904][ T6981] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  349.368914][ T6981] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  349.377418][ T6981] usb 6-1: string descriptor 0 read error: -22
[  349.380144][ T6981] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  349.383683][ T6981] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  349.407823][ T6981] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  349.887910][T14065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  349.890678][T14065] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  350.506619][ T5949] Bluetooth: hci1: command tx timeout
[  352.158774][   T54] usb 6-1: USB disconnect, device number 4
[  352.253928][T14108] lo speed is unknown, defaulting to 1000
[  352.256531][T13504] wlan1: Trigger new scan to find an IBSS to join
[  352.343335][   T40] kauditd_printk_skb: 111 callbacks suppressed
[  352.343387][   T40] audit: type=1326 audit(1748989047.407:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14103 comm="syz.4.2387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  352.577648][ T5949] Bluetooth: hci1: command tx timeout
[  353.042091][   T40] audit: type=1326 audit(1748989048.107:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14103 comm="syz.4.2387" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  353.262696][T14139] netlink: 'syz.4.2393': attribute type 39 has an invalid length.
[  353.603021][T14159] binder: 14158:14159 ioctl c0306201 80000080 returned -22
[  353.613835][T14159] binder: 14158:14159 ioctl 3305 0 returned -22
[  353.616005][T14159] binder: 14158:14159 ioctl 4018620d 0 returned -22
[  353.760619][T14164] lo speed is unknown, defaulting to 1000
[  354.005334][T10724] bond0: (slave syz_tun): Releasing backup interface
[  354.209718][T14174] binder: 14173:14174 ioctl 80489439 0 returned -22
[  354.219757][T14174] Bluetooth: MGMT ver 1.23
[  354.228274][T14174] netlink: 180 bytes leftover after parsing attributes in process `syz.4.2404'.
[  354.272243][ T5955] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  354.276233][ T5955] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  354.279699][ T5955] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  354.284618][ T5955] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  354.289363][ T5955] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  354.366938][T14175] lo speed is unknown, defaulting to 1000
[  354.420843][T14181] input: syz1 as /devices/virtual/input/input31
[  354.483823][T14184] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2407'.
[  354.543548][T14175] chnl_net:caif_netlink_parms(): no params data found
[  354.620172][T14175] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.620248][T14175] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.620339][T14175] bridge_slave_0: entered allmulticast mode
[  354.621130][T14175] bridge_slave_0: entered promiscuous mode
[  354.629984][T14175] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.630055][T14175] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.630129][T14175] bridge_slave_1: entered allmulticast mode
[  354.630890][T14175] bridge_slave_1: entered promiscuous mode
[  354.662528][T14175] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  354.666561][ T5949] Bluetooth: hci1: command tx timeout
[  354.669411][T14175] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.732185][T14175] team0: Port device team_slave_0 added
[  354.737370][T14175] team0: Port device team_slave_1 added
[  354.767728][T14175] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.767739][T14175] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.767762][T14175] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.768753][T14175] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.784578][T14175] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.784624][T14175] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.824400][T14175] hsr_slave_0: entered promiscuous mode
[  354.824860][T14175] hsr_slave_1: entered promiscuous mode
[  354.825172][T14175] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  354.825184][T14175] Cannot create hsr debugfs directory
[  354.967314][T14175] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  354.971381][T14175] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  354.978283][T14175] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  354.982769][T14175] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  354.995800][T14175] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.998185][T14175] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.000527][T14175] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.002774][T14175] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.047374][T13509] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.050863][T13509] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.088031][T14175] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.098365][T14175] 8021q: adding VLAN 0 to HW filter on device team0
[  355.104317][T13506] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.107783][T13506] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.118131][T13506] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.120480][T13506] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.194798][T14198] lo speed is unknown, defaulting to 1000
[  355.253374][T14175] 8021q: adding VLAN 0 to HW filter on device batadv0
[  355.286176][   T40] audit: type=1326 audit(1748989050.347:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14203 comm="syz.4.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  355.299316][   T40] audit: type=1326 audit(1748989050.357:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14203 comm="syz.4.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=46 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  355.315955][   T40] audit: type=1326 audit(1748989050.357:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14203 comm="syz.4.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  355.324296][   T40] audit: type=1326 audit(1748989050.357:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14203 comm="syz.4.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  355.331147][   T40] audit: type=1326 audit(1748989050.357:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14203 comm="syz.4.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  355.337911][   T40] audit: type=1326 audit(1748989050.357:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14203 comm="syz.4.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  355.344617][   T40] audit: type=1326 audit(1748989050.357:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14203 comm="syz.4.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  355.352545][   T40] audit: type=1326 audit(1748989050.357:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14203 comm="syz.4.2411" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  355.463626][T14175] veth0_vlan: entered promiscuous mode
[  355.471280][T14175] veth1_vlan: entered promiscuous mode
[  355.498460][T14175] veth0_macvtap: entered promiscuous mode
[  355.507814][T14175] veth1_macvtap: entered promiscuous mode
[  355.516576][T14175] batman_adv: batadv0: Interface activated: batadv_slave_0
[  355.522936][T14175] batman_adv: batadv0: Interface activated: batadv_slave_1
[  355.531104][T14175] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  355.533876][T14175] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  355.536926][T14175] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.539773][T14175] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  355.629190][T13504] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.634743][T13504] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.654991][T13506] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.658009][T13506] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.733168][T14224] netlink: 'syz.1.2415': attribute type 29 has an invalid length.
[  356.096526][T14248] FAULT_INJECTION: forcing a failure.
[  356.096526][T14248] name failslab, interval 1, probability 0, space 0, times 0
[  356.106702][T14248] CPU: 3 UID: 0 PID: 14248 Comm: syz.1.2421 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  356.106722][T14248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  356.106730][T14248] Call Trace:
[  356.106734][T14248]  <TASK>
[  356.106739][T14248]  dump_stack_lvl+0x16c/0x1f0
[  356.106754][T14248]  should_fail_ex+0x512/0x640
[  356.106768][T14248]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  356.106789][T14248]  should_failslab+0xc2/0x120
[  356.106800][T14248]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  356.106818][T14248]  ? __alloc_skb+0x2b2/0x380
[  356.106831][T14248]  __alloc_skb+0x2b2/0x380
[  356.106840][T14248]  ? __pfx___alloc_skb+0x10/0x10
[  356.106852][T14248]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  356.106868][T14248]  netlink_alloc_large_skb+0x69/0x130
[  356.106883][T14248]  netlink_sendmsg+0x6a1/0xdd0
[  356.106899][T14248]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.106914][T14248]  ? __import_iovec+0x1dd/0x650
[  356.106932][T14248]  ____sys_sendmsg+0xa98/0xc70
[  356.106947][T14248]  ? __pfx_____sys_sendmsg+0x10/0x10
[  356.106961][T14248]  ? get_compat_msghdr+0x11a/0x170
[  356.106979][T14248]  ___sys_sendmsg+0x134/0x1d0
[  356.106992][T14248]  ? __pfx____sys_sendmsg+0x10/0x10
[  356.107009][T14248]  ? find_held_lock+0x2b/0x80
[  356.107029][T14248]  __sys_sendmsg+0x16d/0x220
[  356.107047][T14248]  ? __pfx___sys_sendmsg+0x10/0x10
[  356.107064][T14248]  ? rcu_is_watching+0x12/0xc0
[  356.107077][T14248]  __do_fast_syscall_32+0x7c/0x3a0
[  356.107091][T14248]  do_fast_syscall_32+0x32/0x80
[  356.107102][T14248]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  356.107116][T14248] RIP: 0023:0xf7f08579
[  356.107125][T14248] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  356.107135][T14248] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  356.107146][T14248] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001540
[  356.107153][T14248] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  356.107159][T14248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  356.107165][T14248] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  356.107172][T14248] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  356.107184][T14248]  </TASK>
[  356.279909][T14257] 9pnet_virtio: no channels available for device ./file0/file0
[  356.336976][ T5949] Bluetooth: hci2: command tx timeout
[  356.348465][T14261] lo speed is unknown, defaulting to 1000
[  356.797439][T14283] binder: 14282:14283 ioctl c0306201 80000180 returned -14
[  357.222953][T14306] netlink: 'syz.1.2438': attribute type 7 has an invalid length.
[  357.223712][T14309] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2437'.
[  357.231441][T14306] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2438'.
[  357.272026][T14311] binder_alloc: 14310: binder_alloc_buf, no vma
[  357.282251][T14311] binder: 14310:14311 ioctl 4400ae8f 80000780 returned -22
[  357.296685][T13503] wlan1: Trigger new scan to find an IBSS to join
[  357.562820][T14323] netlink: 88 bytes leftover after parsing attributes in process `syz.4.2443'.
[  357.923243][   T40] kauditd_printk_skb: 83 callbacks suppressed
[  357.923257][   T40] audit: type=1326 audit(1748989052.987:1811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14329 comm="syz.4.2447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  357.969789][T14342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2448'.
[  357.984878][T14344] 9pnet_virtio: no channels available for device ./file0/file0
[  358.141937][T14349] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2449'.
[  358.348161][T14351] evm: overlay not supported
[  358.426667][ T5949] Bluetooth: hci2: command tx timeout
[  358.503073][   T40] audit: type=1326 audit(1748989053.567:1812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14329 comm="syz.4.2447" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  358.518664][   T40] audit: type=1326 audit(1748989053.567:1813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14329 comm="syz.4.2447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  358.638110][T14370] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  358.768220][T14374] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[  358.772300][T14374] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  359.689318][T13504] wlan1: Creating new IBSS network, BSSID 22:39:1c:d3:ce:6b
[  359.731724][T14408] overlay: filesystem on ./bus not supported
[  359.892022][T14422] netlink: 'syz.1.2479': attribute type 7 has an invalid length.
[  359.894525][T14422] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2479'.
[  360.283568][T14434] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  360.496533][ T5949] Bluetooth: hci2: command tx timeout
[  360.851339][T14443] lo speed is unknown, defaulting to 1000
[  361.385246][T14460] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2490'.
[  361.388769][T14460] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2490'.
[  361.441706][   T54] Process accounting resumed
[  361.681032][T14460] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2490'.
[  361.684855][T14460] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2490'.
[  361.719578][T14467] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.2492'.
[  361.778940][T14460] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2490'.
[  361.782102][T14460] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2490'.
[  361.973665][T14467] Trying to write to read-only block-device nullb0
[  362.015118][T14475] 9pnet_virtio: no channels available for device ./file0/file0
[  362.274214][T14486] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2494'.
[  362.326375][T14484] lo speed is unknown, defaulting to 1000
[  362.576589][ T5949] Bluetooth: hci2: command tx timeout
[  362.775066][T14499] syzkaller1: entered promiscuous mode
[  362.776923][T14499] syzkaller1: entered allmulticast mode
[  362.907533][T14501] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2501'.
[  362.910860][   T40] audit: type=1326 audit(1748989057.977:1814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.243515][T14513] sctp: [Deprecated]: syz.1.2505 (pid 14513) Use of int in max_burst socket option deprecated.
[  363.243515][T14513] Use struct sctp_assoc_value instead
[  363.480340][T14523] lo speed is unknown, defaulting to 1000
[  363.571160][   T40] audit: type=1326 audit(1748989058.637:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.595875][   T40] audit: type=1326 audit(1748989058.637:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.616565][   T40] audit: type=1326 audit(1748989058.637:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.623165][   T40] audit: type=1326 audit(1748989058.637:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.637476][   T40] audit: type=1326 audit(1748989058.637:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.645602][   T40] audit: type=1326 audit(1748989058.637:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.656376][   T40] audit: type=1326 audit(1748989058.637:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.665308][   T40] audit: type=1326 audit(1748989058.637:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.677426][   T40] audit: type=1326 audit(1748989058.637:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.684053][   T40] audit: type=1326 audit(1748989058.637:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.2500" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000
[  363.814900][T14539] lo speed is unknown, defaulting to 1000
[  364.338179][ T5949] Bluetooth: hci2: Malformed LE Event: 0x0b
[  364.421917][ T6007] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[  364.424283][ T6007] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[  364.435380][ T6007] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[  364.439998][ T6007] hid-generic 0000:0004:0000.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  365.113617][T14578] lo speed is unknown, defaulting to 1000
[  365.115103][ T6008] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[  365.118745][ T6008] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[  365.122663][ T6008] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[  365.130347][ T6008] hid-generic 0000:0004:0000.0006: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  365.359211][T14591] __nla_validate_parse: 5 callbacks suppressed
[  365.359227][T14591] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2527'.
[  365.502570][T14602] program syz.2.2532 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  365.592211][T14607] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[  365.744804][T14613] netlink: 'syz.4.2536': attribute type 1 has an invalid length.
[  366.837582][T14648] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2548'.
[  367.053410][T14658] FAULT_INJECTION: forcing a failure.
[  367.053410][T14658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.057870][T14658] CPU: 1 UID: 0 PID: 14658 Comm: syz.2.2552 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  367.057886][T14658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  367.057893][T14658] Call Trace:
[  367.057897][T14658]  <TASK>
[  367.057901][T14658]  dump_stack_lvl+0x16c/0x1f0
[  367.057917][T14658]  should_fail_ex+0x512/0x640
[  367.057932][T14658]  _copy_from_user+0x2e/0xd0
[  367.057948][T14658]  get_compat_msghdr+0xa7/0x170
[  367.057960][T14658]  ? __pfx_get_compat_msghdr+0x10/0x10
[  367.057977][T14658]  ___sys_sendmsg+0x1ae/0x1d0
[  367.057990][T14658]  ? __pfx____sys_sendmsg+0x10/0x10
[  367.058007][T14658]  ? find_held_lock+0x2b/0x80
[  367.058028][T14658]  __sys_sendmsg+0x16d/0x220
[  367.058039][T14658]  ? __pfx___sys_sendmsg+0x10/0x10
[  367.058056][T14658]  ? rcu_is_watching+0x12/0xc0
[  367.058070][T14658]  __do_fast_syscall_32+0x7c/0x3a0
[  367.058083][T14658]  do_fast_syscall_32+0x32/0x80
[  367.058094][T14658]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  367.058108][T14658] RIP: 0023:0xf7fc6579
[  367.058117][T14658] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  367.058128][T14658] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  367.058138][T14658] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[  367.058145][T14658] RDX: 00000000240080ca RSI: 0000000000000000 RDI: 0000000000000000
[  367.058151][T14658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  367.058158][T14658] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  367.058164][T14658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  367.058177][T14658]  </TASK>
[  367.158157][T14660] 9pnet_virtio: no channels available for device ./file0/file0
[  367.610722][T14669] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2554'.
[  367.627605][T14669] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  367.870628][T14676] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2558'.
[  368.213543][T14698] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2568'.
[  368.226661][ T6008] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  368.364143][T14704] "syz.1.2565" (14704) uses obsolete ecb(arc4) skcipher
[  368.408485][ T6008] usb 10-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  368.412442][ T6008] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.415901][ T6008] usb 10-1: Product: syz
[  368.418336][ T6008] usb 10-1: Manufacturer: syz
[  368.420354][ T6008] usb 10-1: SerialNumber: syz
[  368.433489][ T6008] usb 10-1: config 0 descriptor??
[  368.781366][T14680] netlink: 112 bytes leftover after parsing attributes in process `syz.5.2560'.
[  368.990143][ T1469] usb 10-1: USB disconnect, device number 2
[  369.036215][T14713] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2571'.
[  369.539842][T14730] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2577'.
[  369.739623][T14744] netlink: 'syz.4.2582': attribute type 13 has an invalid length.
[  370.204920][T14744] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.207471][T14744] bridge0: port 1(bridge_slave_0) entered disabled state
[  371.779913][T14744] 
[  371.781061][T14744] =============================
[  371.782976][T14744] WARNING: suspicious RCU usage
[  371.784978][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  371.788817][T14744] -----------------------------
[  371.791086][T14744] net/ipv6/ip6_fib.c:2076 suspicious rcu_dereference_protected() usage!
[  371.794505][T14744] 
[  371.794505][T14744] other info that might help us debug this:
[  371.794505][T14744] 
[  371.797952][T14744] 
[  371.797952][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  371.800550][T14744] 3 locks held by syz.4.2582/14744:
[  371.802230][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  371.805235][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  371.808323][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  371.811486][T14744] 
[  371.811486][T14744] stack backtrace:
[  371.813357][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  371.813372][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  371.813379][T14744] Call Trace:
[  371.813383][T14744]  <TASK>
[  371.813388][T14744]  dump_stack_lvl+0x16c/0x1f0
[  371.813413][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  371.813431][T14744]  fib6_del+0xcf2/0x1770
SYZFAIL: failed to recv rpc
[  371.813445][T14744]  ? psi_task_switch+0x201/0x8e0
[  371.813459][T14744]  ? lock_acquire+0x179/0x350
[  371.813473][T14744]  ? __pfx_fib6_del+0x10/0x10
[  371.813486][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  371.813504][T14744]  ? fib6_ifdown+0xcd/0x8f0
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  371.813520][T14744]  fib6_clean_node+0x424/0x5b0
[  371.813534][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  371.813546][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  371.813565][T14744]  fib6_walk_continue+0x44f/0x8d0
[  371.813579][T14744]  fib6_walk+0x182/0x370
[  371.813591][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  371.813603][T14744]  fib6_clean_tree+0xd4/0x110
[  371.813614][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  371.813628][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  371.813641][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  371.813653][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  371.813671][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  371.813683][T14744]  __fib6_clean_all+0x107/0x2d0
[  371.813698][T14744]  rt6_disable_ip+0x2ec/0x990
[  371.813715][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  371.813731][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  371.813747][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  371.813764][T14744]  ? rcu_is_watching+0x12/0xc0
[  371.813779][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  371.813795][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  371.813808][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  371.813827][T14744]  addrconf_notify+0x220/0x19e0
[  371.813843][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  371.813861][T14744]  notifier_call_chain+0xbc/0x410
[  371.813874][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  371.813892][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  371.813910][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  371.813921][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  371.813931][T14744]  ? __dev_change_flags+0x3d5/0x720
[  371.813943][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  371.813955][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  371.813972][T14744]  netif_change_flags+0x108/0x160
[  371.813985][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  371.813999][T14744]  ? preempt_schedule_common+0x44/0xc0
[  371.814018][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  371.814030][T14744]  ? preempt_count_add+0x76/0x150
[  371.814046][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  371.814065][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  371.814084][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  371.814099][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  371.814115][T14744]  ? __pfx___might_resched+0x10/0x10
[  371.814127][T14744]  ? rcu_is_watching+0x12/0xc0
[  371.814138][T14744]  ? trace_contention_end+0xdd/0x130
[  371.814153][T14744]  ? __mutex_lock+0x1ca/0xb90
[  371.814164][T14744]  ? rcu_is_watching+0x12/0xc0
[  371.814175][T14744]  ? rtnl_newlink+0x600/0x2000
[  371.814186][T14744]  ? trace_cap_capable+0x18d/0x200
[  371.814202][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  371.814212][T14744]  ? apparmor_capable+0x114/0x1d0
[  371.814233][T14744]  ? netlink_ns_capable+0xfa/0x130
[  371.814247][T14744]  rtnl_newlink+0x18e0/0x2000
[  371.814263][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  371.814273][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  371.814291][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  371.814310][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  371.814327][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  371.814346][T14744]  ? __lock_acquire+0x622/0x1c90
[  371.814361][T14744]  ? rcu_is_watching+0x12/0xc0
[  371.814372][T14744]  ? trace_cap_capable+0x18d/0x200
[  371.814390][T14744]  ? find_held_lock+0x2b/0x80
[  371.814400][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  371.814411][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  371.814422][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  371.814434][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  371.814446][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  371.814459][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  371.814475][T14744]  ? ref_tracker_free+0x37c/0x830
[  371.814491][T14744]  netlink_rcv_skb+0x158/0x420
[  371.814505][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  371.814518][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  371.814536][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  371.814551][T14744]  netlink_unicast+0x53a/0x7f0
[  371.814566][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  371.814584][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  371.814600][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.814614][T14744]  ? __import_iovec+0x1dd/0x650
[  371.814632][T14744]  ____sys_sendmsg+0xa98/0xc70
[  371.814646][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  371.814661][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  371.814675][T14744]  ? get_compat_msghdr+0x11a/0x170
[  371.814690][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  371.814708][T14744]  ___sys_sendmsg+0x134/0x1d0
[  371.814719][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  371.814737][T14744]  ? find_held_lock+0x2b/0x80
[  371.814756][T14744]  __sys_sendmsg+0x16d/0x220
[  371.814767][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  371.814778][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  371.814797][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  371.814815][T14744]  ? rcu_is_watching+0x12/0xc0
[  371.814827][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  371.814840][T14744]  do_fast_syscall_32+0x32/0x80
[  371.814852][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  371.814866][T14744] RIP: 0023:0xf7fc6579
[  371.814875][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  371.814886][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  371.814896][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  371.814903][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  371.814910][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  371.814916][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  371.814922][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  371.814935][T14744]  </TASK>
[  371.814950][T14744] 
[  372.014483][T14744] =============================
[  372.016014][T14744] WARNING: suspicious RCU usage
[  372.017575][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  372.019661][T14744] -----------------------------
[  372.021191][T14744] net/ipv6/ip6_fib.c:2088 suspicious rcu_dereference_protected() usage!
[  372.023750][T14744] 
[  372.023750][T14744] other info that might help us debug this:
[  372.023750][T14744] 
[  372.026933][T14744] 
[  372.026933][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  372.029430][T14744] 3 locks held by syz.4.2582/14744:
[  372.031053][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  372.033874][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  372.036862][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  372.039788][T14744] 
[  372.039788][T14744] stack backtrace:
[  372.041652][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  372.041667][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  372.041674][T14744] Call Trace:
[  372.041679][T14744]  <TASK>
[  372.041684][T14744]  dump_stack_lvl+0x16c/0x1f0
[  372.041697][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  372.041714][T14744]  fib6_del+0x2ef/0x1770
[  372.041728][T14744]  ? psi_task_switch+0x201/0x8e0
[  372.041744][T14744]  ? __pfx_fib6_del+0x10/0x10
[  372.041756][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  372.041774][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  372.041790][T14744]  fib6_clean_node+0x424/0x5b0
[  372.041804][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.041816][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.041835][T14744]  fib6_walk_continue+0x44f/0x8d0
[  372.041850][T14744]  fib6_walk+0x182/0x370
[  372.041861][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.041873][T14744]  fib6_clean_tree+0xd4/0x110
[  372.041884][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  372.041898][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.041911][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.041923][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  372.041940][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.041952][T14744]  __fib6_clean_all+0x107/0x2d0
[  372.041970][T14744]  rt6_disable_ip+0x2ec/0x990
[  372.041987][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.042003][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.042019][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  372.042037][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.042051][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  372.042066][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  372.042080][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  372.042099][T14744]  addrconf_notify+0x220/0x19e0
[  372.042114][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  372.042133][T14744]  notifier_call_chain+0xbc/0x410
[  372.042146][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  372.042163][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  372.042180][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  372.042192][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  372.042202][T14744]  ? __dev_change_flags+0x3d5/0x720
[  372.042213][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  372.042226][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  372.042239][T14744]  netif_change_flags+0x108/0x160
[  372.042252][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  372.042266][T14744]  ? preempt_schedule_common+0x44/0xc0
[  372.042285][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  372.042297][T14744]  ? preempt_count_add+0x76/0x150
[  372.042314][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  372.042335][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.042353][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.042369][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.042385][T14744]  ? __pfx___might_resched+0x10/0x10
[  372.042397][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.042408][T14744]  ? trace_contention_end+0xdd/0x130
[  372.042423][T14744]  ? __mutex_lock+0x1ca/0xb90
[  372.042434][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.042444][T14744]  ? rtnl_newlink+0x600/0x2000
[  372.042455][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.042472][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  372.042483][T14744]  ? apparmor_capable+0x114/0x1d0
[  372.042504][T14744]  ? netlink_ns_capable+0xfa/0x130
[  372.042519][T14744]  rtnl_newlink+0x18e0/0x2000
[  372.042535][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.042546][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  372.042562][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  372.042582][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  372.042599][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  372.042618][T14744]  ? __lock_acquire+0x622/0x1c90
[  372.042633][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.042644][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.042663][T14744]  ? find_held_lock+0x2b/0x80
[  372.042673][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.042684][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.042694][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  372.042707][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.042719][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  372.042732][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.042748][T14744]  ? ref_tracker_free+0x37c/0x830
[  372.042765][T14744]  netlink_rcv_skb+0x158/0x420
[  372.042778][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.042792][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  372.042810][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  372.042825][T14744]  netlink_unicast+0x53a/0x7f0
[  372.042841][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  372.042858][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  372.042874][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  372.042889][T14744]  ? __import_iovec+0x1dd/0x650
[  372.042907][T14744]  ____sys_sendmsg+0xa98/0xc70
[  372.042921][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  372.042936][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  372.042950][T14744]  ? get_compat_msghdr+0x11a/0x170
[  372.042969][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  372.042987][T14744]  ___sys_sendmsg+0x134/0x1d0
[  372.043000][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  372.043017][T14744]  ? find_held_lock+0x2b/0x80
[  372.043036][T14744]  __sys_sendmsg+0x16d/0x220
[  372.043047][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  372.043058][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  372.043078][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  372.043096][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.043109][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  372.043122][T14744]  do_fast_syscall_32+0x32/0x80
[  372.043133][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  372.043148][T14744] RIP: 0023:0xf7fc6579
[  372.043157][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  372.043168][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  372.043178][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  372.043185][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  372.043192][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  372.043198][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.043204][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  372.043217][T14744]  </TASK>
[  372.043222][T14744] 
[  372.233623][T14744] =============================
[  372.235145][T14744] WARNING: suspicious RCU usage
[  372.236721][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  372.238847][T14744] -----------------------------
[  372.240383][T14744] net/ipv6/ip6_fib.c:1974 suspicious rcu_dereference_protected() usage!
[  372.242969][T14744] 
[  372.242969][T14744] other info that might help us debug this:
[  372.242969][T14744] 
[  372.246454][T14744] 
[  372.246454][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  372.248958][T14744] 3 locks held by syz.4.2582/14744:
[  372.250586][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  372.253435][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  372.256373][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  372.259321][T14744] 
[  372.259321][T14744] stack backtrace:
[  372.261259][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  372.261274][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  372.261281][T14744] Call Trace:
[  372.261287][T14744]  <TASK>
[  372.261293][T14744]  dump_stack_lvl+0x16c/0x1f0
[  372.261306][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  372.261323][T14744]  fib6_del+0x1084/0x1770
[  372.261337][T14744]  ? psi_task_switch+0x201/0x8e0
[  372.261352][T14744]  ? __pfx_fib6_del+0x10/0x10
[  372.261365][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  372.261384][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  372.261399][T14744]  fib6_clean_node+0x424/0x5b0
[  372.261414][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.261426][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.261445][T14744]  fib6_walk_continue+0x44f/0x8d0
[  372.261460][T14744]  fib6_walk+0x182/0x370
[  372.261471][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.261483][T14744]  fib6_clean_tree+0xd4/0x110
[  372.261494][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  372.261508][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.261521][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.261534][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  372.261550][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.261563][T14744]  __fib6_clean_all+0x107/0x2d0
[  372.261577][T14744]  rt6_disable_ip+0x2ec/0x990
[  372.261594][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.261610][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.261626][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  372.261644][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.261659][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  372.261675][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  372.261690][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  372.261709][T14744]  addrconf_notify+0x220/0x19e0
[  372.261724][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  372.261743][T14744]  notifier_call_chain+0xbc/0x410
[  372.261756][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  372.261773][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  372.261790][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  372.261802][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  372.261812][T14744]  ? __dev_change_flags+0x3d5/0x720
[  372.261824][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  372.261836][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  372.261849][T14744]  netif_change_flags+0x108/0x160
[  372.261862][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  372.261876][T14744]  ? preempt_schedule_common+0x44/0xc0
[  372.261894][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  372.261907][T14744]  ? preempt_count_add+0x76/0x150
[  372.261923][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  372.261943][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.261966][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.261982][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.261997][T14744]  ? __pfx___might_resched+0x10/0x10
[  372.262010][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.262021][T14744]  ? trace_contention_end+0xdd/0x130
[  372.262036][T14744]  ? __mutex_lock+0x1ca/0xb90
[  372.262047][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.262057][T14744]  ? rtnl_newlink+0x600/0x2000
[  372.262068][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.262084][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  372.262095][T14744]  ? apparmor_capable+0x114/0x1d0
[  372.262116][T14744]  ? netlink_ns_capable+0xfa/0x130
[  372.262130][T14744]  rtnl_newlink+0x18e0/0x2000
[  372.262146][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.262156][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  372.262173][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  372.262193][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  372.262210][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  372.262229][T14744]  ? __lock_acquire+0x622/0x1c90
[  372.262244][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.262255][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.262274][T14744]  ? find_held_lock+0x2b/0x80
[  372.262283][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.262295][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.262305][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  372.262317][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.262329][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  372.262342][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.262358][T14744]  ? ref_tracker_free+0x37c/0x830
[  372.262375][T14744]  netlink_rcv_skb+0x158/0x420
[  372.262388][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.262401][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  372.262420][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  372.262435][T14744]  netlink_unicast+0x53a/0x7f0
[  372.262450][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  372.262468][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  372.262484][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  372.262499][T14744]  ? __import_iovec+0x1dd/0x650
[  372.262517][T14744]  ____sys_sendmsg+0xa98/0xc70
[  372.262530][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  372.262546][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  372.262559][T14744]  ? get_compat_msghdr+0x11a/0x170
[  372.262575][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  372.262592][T14744]  ___sys_sendmsg+0x134/0x1d0
[  372.262605][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  372.262622][T14744]  ? find_held_lock+0x2b/0x80
[  372.262641][T14744]  __sys_sendmsg+0x16d/0x220
[  372.262652][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  372.262663][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  372.262682][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  372.262701][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.262714][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  372.262727][T14744]  do_fast_syscall_32+0x32/0x80
[  372.262738][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  372.262752][T14744] RIP: 0023:0xf7fc6579
[  372.262762][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  372.262773][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  372.262783][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  372.262789][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  372.262796][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  372.262802][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.262808][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  372.262821][T14744]  </TASK>
[  372.262827][T14744] 
[  372.452523][T14744] =============================
[  372.454027][T14744] WARNING: suspicious RCU usage
[  372.455550][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  372.457686][T14744] -----------------------------
[  372.459195][T14744] net/ipv6/ip6_fib.c:1983 suspicious rcu_dereference_protected() usage!
[  372.461760][T14744] 
[  372.461760][T14744] other info that might help us debug this:
[  372.461760][T14744] 
[  372.464710][T14744] 
[  372.464710][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  372.467187][T14744] 3 locks held by syz.4.2582/14744:
[  372.468821][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  372.471586][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  372.474426][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  372.477350][T14744] 
[  372.477350][T14744] stack backtrace:
[  372.479185][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  372.479199][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  372.479206][T14744] Call Trace:
[  372.479211][T14744]  <TASK>
[  372.479215][T14744]  dump_stack_lvl+0x16c/0x1f0
[  372.479229][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  372.479246][T14744]  fib6_del+0xfef/0x1770
[  372.479259][T14744]  ? psi_task_switch+0x201/0x8e0
[  372.479275][T14744]  ? __pfx_fib6_del+0x10/0x10
[  372.479287][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  372.479305][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  372.479321][T14744]  fib6_clean_node+0x424/0x5b0
[  372.479335][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.479347][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.479366][T14744]  fib6_walk_continue+0x44f/0x8d0
[  372.479380][T14744]  fib6_walk+0x182/0x370
[  372.479392][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.479404][T14744]  fib6_clean_tree+0xd4/0x110
[  372.479415][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  372.479429][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.479442][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.479455][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  372.479471][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.479484][T14744]  __fib6_clean_all+0x107/0x2d0
[  372.479499][T14744]  rt6_disable_ip+0x2ec/0x990
[  372.479515][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.479532][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.479548][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  372.479565][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.479580][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  372.479596][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  372.479610][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  372.479629][T14744]  addrconf_notify+0x220/0x19e0
[  372.479644][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  372.479680][T14744]  notifier_call_chain+0xbc/0x410
[  372.479694][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  372.479712][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  372.479729][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  372.479741][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  372.479751][T14744]  ? __dev_change_flags+0x3d5/0x720
[  372.479763][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  372.479775][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  372.479788][T14744]  netif_change_flags+0x108/0x160
[  372.479801][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  372.479815][T14744]  ? preempt_schedule_common+0x44/0xc0
[  372.479834][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  372.479846][T14744]  ? preempt_count_add+0x76/0x150
[  372.479864][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  372.479884][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.479903][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.479918][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.479938][T14744]  ? __pfx___might_resched+0x10/0x10
[  372.479950][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.479964][T14744]  ? trace_contention_end+0xdd/0x130
[  372.479980][T14744]  ? __mutex_lock+0x1ca/0xb90
[  372.479991][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.480001][T14744]  ? rtnl_newlink+0x600/0x2000
[  372.480012][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.480028][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  372.480039][T14744]  ? apparmor_capable+0x114/0x1d0
[  372.480059][T14744]  ? netlink_ns_capable+0xfa/0x130
[  372.480073][T14744]  rtnl_newlink+0x18e0/0x2000
[  372.480090][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.480100][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  372.480117][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  372.480136][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  372.480153][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  372.480173][T14744]  ? __lock_acquire+0x622/0x1c90
[  372.480188][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.480199][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.480217][T14744]  ? find_held_lock+0x2b/0x80
[  372.480227][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.480238][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.480248][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  372.480261][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.480273][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  372.480286][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.480302][T14744]  ? ref_tracker_free+0x37c/0x830
[  372.480318][T14744]  netlink_rcv_skb+0x158/0x420
[  372.480332][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.480345][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  372.480363][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  372.480379][T14744]  netlink_unicast+0x53a/0x7f0
[  372.480394][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  372.480411][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  372.480428][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  372.480442][T14744]  ? __import_iovec+0x1dd/0x650
[  372.480460][T14744]  ____sys_sendmsg+0xa98/0xc70
[  372.480473][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  372.480489][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  372.480503][T14744]  ? get_compat_msghdr+0x11a/0x170
[  372.480518][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  372.480536][T14744]  ___sys_sendmsg+0x134/0x1d0
[  372.480549][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  372.480566][T14744]  ? find_held_lock+0x2b/0x80
[  372.480585][T14744]  __sys_sendmsg+0x16d/0x220
[  372.480596][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  372.480607][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  372.480626][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  372.480645][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.480658][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  372.480671][T14744]  do_fast_syscall_32+0x32/0x80
[  372.480682][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  372.480696][T14744] RIP: 0023:0xf7fc6579
[  372.480706][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  372.480717][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  372.480727][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  372.480734][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  372.480741][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  372.480747][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.480753][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  372.480766][T14744]  </TASK>
[  372.480772][T14744] 
[  372.672464][T14744] =============================
[  372.673998][T14744] WARNING: suspicious RCU usage
[  372.675526][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  372.677676][T14744] -----------------------------
[  372.679206][T14744] net/ipv6/ip6_fib.c:2028 suspicious rcu_dereference_protected() usage!
[  372.681788][T14744] 
[  372.681788][T14744] other info that might help us debug this:
[  372.681788][T14744] 
[  372.684951][T14744] 
[  372.684951][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  372.687482][T14744] 4 locks held by syz.4.2582/14744:
[  372.689131][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  372.691957][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  372.694891][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  372.697873][T14744]  #3: ffff88805cdeae38 (&net->ipv6.fib6_walker_lock){++.-}-{3:3}, at: fib6_del+0x880/0x1770
[  372.701027][T14744] 
[  372.701027][T14744] stack backtrace:
[  372.702886][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  372.702901][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  372.702908][T14744] Call Trace:
[  372.702913][T14744]  <TASK>
[  372.702922][T14744]  dump_stack_lvl+0x16c/0x1f0
[  372.702934][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  372.702951][T14744]  fib6_del+0x1281/0x1770
[  372.702969][T14744]  ? __pfx_fib6_del+0x10/0x10
[  372.702981][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  372.703000][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  372.703015][T14744]  fib6_clean_node+0x424/0x5b0
[  372.703030][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.703042][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.703061][T14744]  fib6_walk_continue+0x44f/0x8d0
[  372.703075][T14744]  fib6_walk+0x182/0x370
[  372.703087][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.703099][T14744]  fib6_clean_tree+0xd4/0x110
[  372.703110][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  372.703124][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.703137][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.703150][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  372.703167][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.703179][T14744]  __fib6_clean_all+0x107/0x2d0
[  372.703194][T14744]  rt6_disable_ip+0x2ec/0x990
[  372.703211][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.703227][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.703243][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  372.703260][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.703275][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  372.703291][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  372.703305][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  372.703324][T14744]  addrconf_notify+0x220/0x19e0
[  372.703339][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  372.703358][T14744]  notifier_call_chain+0xbc/0x410
[  372.703371][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  372.703389][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  372.703405][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  372.703417][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  372.703427][T14744]  ? __dev_change_flags+0x3d5/0x720
[  372.703438][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  372.703451][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  372.703464][T14744]  netif_change_flags+0x108/0x160
[  372.703476][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  372.703491][T14744]  ? preempt_schedule_common+0x44/0xc0
[  372.703509][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  372.703522][T14744]  ? preempt_count_add+0x76/0x150
[  372.703539][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  372.703558][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.703577][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.703592][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.703608][T14744]  ? __pfx___might_resched+0x10/0x10
[  372.703620][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.703631][T14744]  ? trace_contention_end+0xdd/0x130
[  372.703646][T14744]  ? __mutex_lock+0x1ca/0xb90
[  372.703657][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.703684][T14744]  ? rtnl_newlink+0x600/0x2000
[  372.703695][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.703711][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  372.703721][T14744]  ? apparmor_capable+0x114/0x1d0
[  372.703742][T14744]  ? netlink_ns_capable+0xfa/0x130
[  372.703756][T14744]  rtnl_newlink+0x18e0/0x2000
[  372.703772][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.703783][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  372.703800][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  372.703820][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  372.703837][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  372.703857][T14744]  ? __lock_acquire+0x622/0x1c90
[  372.703872][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.703883][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.703901][T14744]  ? find_held_lock+0x2b/0x80
[  372.703911][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.703925][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.703936][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  372.703949][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.703961][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  372.703974][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.703990][T14744]  ? ref_tracker_free+0x37c/0x830
[  372.704006][T14744]  netlink_rcv_skb+0x158/0x420
[  372.704020][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.704033][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  372.704052][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  372.704067][T14744]  netlink_unicast+0x53a/0x7f0
[  372.704082][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  372.704100][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  372.704116][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  372.704130][T14744]  ? __import_iovec+0x1dd/0x650
[  372.704149][T14744]  ____sys_sendmsg+0xa98/0xc70
[  372.704163][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  372.704178][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  372.704192][T14744]  ? get_compat_msghdr+0x11a/0x170
[  372.704208][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  372.704225][T14744]  ___sys_sendmsg+0x134/0x1d0
[  372.704238][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  372.704255][T14744]  ? find_held_lock+0x2b/0x80
[  372.704274][T14744]  __sys_sendmsg+0x16d/0x220
[  372.704286][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  372.704296][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  372.704315][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  372.704334][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.704346][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  372.704360][T14744]  do_fast_syscall_32+0x32/0x80
[  372.704371][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  372.704385][T14744] RIP: 0023:0xf7fc6579
[  372.704395][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  372.704406][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  372.704417][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  372.704424][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  372.704430][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  372.704436][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.704442][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  372.704455][T14744]  </TASK>
[  372.704461][T14744] 
[  372.894402][T14744] =============================
[  372.895950][T14744] WARNING: suspicious RCU usage
[  372.897471][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  372.899465][T14744] -----------------------------
[  372.900948][T14744] net/ipv6/ip6_fib.c:1858 suspicious rcu_dereference_protected() usage!
[  372.903491][T14744] 
[  372.903491][T14744] other info that might help us debug this:
[  372.903491][T14744] 
[  372.906675][T14744] 
[  372.906675][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  372.909188][T14744] 3 locks held by syz.4.2582/14744:
[  372.910824][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  372.913680][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  372.916673][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  372.919613][T14744] 
[  372.919613][T14744] stack backtrace:
[  372.921512][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  372.921527][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  372.921534][T14744] Call Trace:
[  372.921539][T14744]  <TASK>
[  372.921544][T14744]  dump_stack_lvl+0x16c/0x1f0
[  372.921557][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  372.921574][T14744]  fib6_repair_tree.part.0+0x5f2/0x1270
[  372.921588][T14744]  ? fib6_del+0xa18/0x1770
[  372.921604][T14744]  fib6_del+0x133d/0x1770
[  372.921620][T14744]  ? __pfx_fib6_del+0x10/0x10
[  372.921633][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  372.921651][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  372.921666][T14744]  fib6_clean_node+0x424/0x5b0
[  372.921681][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.921693][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.921712][T14744]  fib6_walk_continue+0x44f/0x8d0
[  372.921726][T14744]  fib6_walk+0x182/0x370
[  372.921737][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.921749][T14744]  fib6_clean_tree+0xd4/0x110
[  372.921760][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  372.921774][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  372.921787][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.921800][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  372.921816][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  372.921829][T14744]  __fib6_clean_all+0x107/0x2d0
[  372.921843][T14744]  rt6_disable_ip+0x2ec/0x990
[  372.921860][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.921876][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.921892][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  372.921909][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.921928][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  372.921944][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  372.921958][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  372.921977][T14744]  addrconf_notify+0x220/0x19e0
[  372.921992][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  372.922011][T14744]  notifier_call_chain+0xbc/0x410
[  372.922023][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  372.922041][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  372.922058][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  372.922070][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  372.922079][T14744]  ? __dev_change_flags+0x3d5/0x720
[  372.922091][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  372.922104][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  372.922117][T14744]  netif_change_flags+0x108/0x160
[  372.922130][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  372.922144][T14744]  ? preempt_schedule_common+0x44/0xc0
[  372.922162][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  372.922174][T14744]  ? preempt_count_add+0x76/0x150
[  372.922191][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  372.922211][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  372.922230][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  372.922245][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  372.922261][T14744]  ? __pfx___might_resched+0x10/0x10
[  372.922273][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.922284][T14744]  ? trace_contention_end+0xdd/0x130
[  372.922299][T14744]  ? __mutex_lock+0x1ca/0xb90
[  372.922310][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.922321][T14744]  ? rtnl_newlink+0x600/0x2000
[  372.922331][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.922347][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  372.922358][T14744]  ? apparmor_capable+0x114/0x1d0
[  372.922379][T14744]  ? netlink_ns_capable+0xfa/0x130
[  372.922393][T14744]  rtnl_newlink+0x18e0/0x2000
[  372.922409][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.922420][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  372.922438][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  372.922457][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  372.922474][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  372.922493][T14744]  ? __lock_acquire+0x622/0x1c90
[  372.922509][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.922520][T14744]  ? trace_cap_capable+0x18d/0x200
[  372.922538][T14744]  ? find_held_lock+0x2b/0x80
[  372.922548][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.922559][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.922569][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  372.922581][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  372.922594][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  372.922607][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.922623][T14744]  ? ref_tracker_free+0x37c/0x830
[  372.922639][T14744]  netlink_rcv_skb+0x158/0x420
[  372.922652][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  372.922666][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  372.922684][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  372.922699][T14744]  netlink_unicast+0x53a/0x7f0
[  372.922714][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  372.922732][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  372.922748][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  372.922762][T14744]  ? __import_iovec+0x1dd/0x650
[  372.922781][T14744]  ____sys_sendmsg+0xa98/0xc70
[  372.922795][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  372.922811][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  372.922825][T14744]  ? get_compat_msghdr+0x11a/0x170
[  372.922840][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  372.922858][T14744]  ___sys_sendmsg+0x134/0x1d0
[  372.922871][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  372.922888][T14744]  ? find_held_lock+0x2b/0x80
[  372.922908][T14744]  __sys_sendmsg+0x16d/0x220
[  372.922923][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  372.922933][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  372.922952][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  372.922972][T14744]  ? rcu_is_watching+0x12/0xc0
[  372.922984][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  372.922998][T14744]  do_fast_syscall_32+0x32/0x80
[  372.923009][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  372.923023][T14744] RIP: 0023:0xf7fc6579
[  372.923032][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  372.923043][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  372.923053][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  372.923060][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  372.923066][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  372.923072][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.923078][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  372.923091][T14744]  </TASK>
[  372.923096][T14744] 
[  373.117015][T14744] =============================
[  373.118544][T14744] WARNING: suspicious RCU usage
[  373.120086][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  373.122206][T14744] -----------------------------
[  373.123740][T14744] net/ipv6/ip6_fib.c:1860 suspicious rcu_dereference_protected() usage!
[  373.126299][T14744] 
[  373.126299][T14744] other info that might help us debug this:
[  373.126299][T14744] 
[  373.129513][T14744] 
[  373.129513][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  373.132048][T14744] 3 locks held by syz.4.2582/14744:
[  373.133709][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  373.136602][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  373.139563][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  373.142556][T14744] 
[  373.142556][T14744] stack backtrace:
[  373.144423][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  373.144437][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  373.144444][T14744] Call Trace:
[  373.144449][T14744]  <TASK>
[  373.144453][T14744]  dump_stack_lvl+0x16c/0x1f0
[  373.144467][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  373.144484][T14744]  fib6_repair_tree.part.0+0x564/0x1270
[  373.144499][T14744]  ? fib6_del+0xa18/0x1770
[  373.144514][T14744]  fib6_del+0x133d/0x1770
[  373.144531][T14744]  ? __pfx_fib6_del+0x10/0x10
[  373.144544][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  373.144562][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  373.144577][T14744]  fib6_clean_node+0x424/0x5b0
[  373.144591][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  373.144603][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  373.144622][T14744]  fib6_walk_continue+0x44f/0x8d0
[  373.144636][T14744]  fib6_walk+0x182/0x370
[  373.144648][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.144659][T14744]  fib6_clean_tree+0xd4/0x110
[  373.144670][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  373.144684][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  373.144697][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.144710][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  373.144727][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.144739][T14744]  __fib6_clean_all+0x107/0x2d0
[  373.144754][T14744]  rt6_disable_ip+0x2ec/0x990
[  373.144770][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  373.144786][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  373.144802][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  373.144819][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.144834][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  373.144850][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  373.144864][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  373.144883][T14744]  addrconf_notify+0x220/0x19e0
[  373.144899][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  373.144920][T14744]  notifier_call_chain+0xbc/0x410
[  373.144945][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  373.144963][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  373.144980][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  373.144991][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  373.145001][T14744]  ? __dev_change_flags+0x3d5/0x720
[  373.145013][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  373.145025][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  373.145039][T14744]  netif_change_flags+0x108/0x160
[  373.145052][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  373.145066][T14744]  ? preempt_schedule_common+0x44/0xc0
[  373.145084][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  373.145096][T14744]  ? preempt_count_add+0x76/0x150
[  373.145113][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  373.145132][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  373.145150][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  373.145166][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  373.145181][T14744]  ? __pfx___might_resched+0x10/0x10
[  373.145194][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.145204][T14744]  ? trace_contention_end+0xdd/0x130
[  373.145219][T14744]  ? __mutex_lock+0x1ca/0xb90
[  373.145231][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.145241][T14744]  ? rtnl_newlink+0x600/0x2000
[  373.145252][T14744]  ? trace_cap_capable+0x18d/0x200
[  373.145268][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  373.145278][T14744]  ? apparmor_capable+0x114/0x1d0
[  373.145298][T14744]  ? netlink_ns_capable+0xfa/0x130
[  373.145312][T14744]  rtnl_newlink+0x18e0/0x2000
[  373.145328][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.145339][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  373.145356][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  373.145375][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  373.145392][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  373.145412][T14744]  ? __lock_acquire+0x622/0x1c90
[  373.145427][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.145437][T14744]  ? trace_cap_capable+0x18d/0x200
[  373.145456][T14744]  ? find_held_lock+0x2b/0x80
[  373.145465][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.145476][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.145487][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  373.145499][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.145511][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  373.145524][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  373.145540][T14744]  ? ref_tracker_free+0x37c/0x830
[  373.145556][T14744]  netlink_rcv_skb+0x158/0x420
[  373.145570][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  373.145583][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  373.145602][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  373.145617][T14744]  netlink_unicast+0x53a/0x7f0
[  373.145632][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  373.145650][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  373.145665][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  373.145680][T14744]  ? __import_iovec+0x1dd/0x650
[  373.145698][T14744]  ____sys_sendmsg+0xa98/0xc70
[  373.145712][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  373.145727][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  373.145741][T14744]  ? get_compat_msghdr+0x11a/0x170
[  373.145757][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  373.145775][T14744]  ___sys_sendmsg+0x134/0x1d0
[  373.145788][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  373.145805][T14744]  ? find_held_lock+0x2b/0x80
[  373.145824][T14744]  __sys_sendmsg+0x16d/0x220
[  373.145835][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  373.145846][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  373.145865][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  373.145884][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.145897][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  373.145910][T14744]  do_fast_syscall_32+0x32/0x80
[  373.145925][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  373.145939][T14744] RIP: 0023:0xf7fc6579
[  373.145948][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  373.145959][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  373.145969][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  373.145976][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  373.145982][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  373.145989][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  373.145995][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  373.146008][T14744]  </TASK>
[  373.146024][T14744] 
[  373.339150][T14744] =============================
[  373.340703][T14744] WARNING: suspicious RCU usage
[  373.342236][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  373.344329][T14744] -----------------------------
[  373.345851][T14744] net/ipv6/ip6_fib.c:1862 suspicious rcu_dereference_protected() usage!
[  373.348492][T14744] 
[  373.348492][T14744] other info that might help us debug this:
[  373.348492][T14744] 
[  373.351642][T14744] 
[  373.351642][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  373.354107][T14744] 3 locks held by syz.4.2582/14744:
[  373.355705][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  373.358451][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  373.361372][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  373.364303][T14744] 
[  373.364303][T14744] stack backtrace:
[  373.366197][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  373.366211][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  373.366219][T14744] Call Trace:
[  373.366224][T14744]  <TASK>
[  373.366229][T14744]  dump_stack_lvl+0x16c/0x1f0
[  373.366242][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  373.366259][T14744]  fib6_repair_tree.part.0+0x4d6/0x1270
[  373.366274][T14744]  ? fib6_del+0xa18/0x1770
[  373.366289][T14744]  fib6_del+0x133d/0x1770
[  373.366305][T14744]  ? __pfx_fib6_del+0x10/0x10
[  373.366318][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  373.366336][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  373.366352][T14744]  fib6_clean_node+0x424/0x5b0
[  373.366366][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  373.366378][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  373.366407][T14744]  fib6_walk_continue+0x44f/0x8d0
[  373.366423][T14744]  fib6_walk+0x182/0x370
[  373.366434][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.366446][T14744]  fib6_clean_tree+0xd4/0x110
[  373.366457][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  373.366471][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  373.366484][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.366497][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  373.366513][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.366525][T14744]  __fib6_clean_all+0x107/0x2d0
[  373.366540][T14744]  rt6_disable_ip+0x2ec/0x990
[  373.366557][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  373.366573][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  373.366589][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  373.366606][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.366620][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  373.366636][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  373.366650][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  373.366669][T14744]  addrconf_notify+0x220/0x19e0
[  373.366684][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  373.366702][T14744]  notifier_call_chain+0xbc/0x410
[  373.366715][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  373.366736][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  373.366753][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  373.366765][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  373.366775][T14744]  ? __dev_change_flags+0x3d5/0x720
[  373.366787][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  373.366799][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  373.366813][T14744]  netif_change_flags+0x108/0x160
[  373.366825][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  373.366840][T14744]  ? preempt_schedule_common+0x44/0xc0
[  373.366858][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  373.366870][T14744]  ? preempt_count_add+0x76/0x150
[  373.366887][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  373.366906][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  373.366929][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  373.366944][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  373.366960][T14744]  ? __pfx___might_resched+0x10/0x10
[  373.366973][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.366983][T14744]  ? trace_contention_end+0xdd/0x130
[  373.366999][T14744]  ? __mutex_lock+0x1ca/0xb90
[  373.367010][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.367020][T14744]  ? rtnl_newlink+0x600/0x2000
[  373.367031][T14744]  ? trace_cap_capable+0x18d/0x200
[  373.367047][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  373.367058][T14744]  ? apparmor_capable+0x114/0x1d0
[  373.367078][T14744]  ? netlink_ns_capable+0xfa/0x130
[  373.367092][T14744]  rtnl_newlink+0x18e0/0x2000
[  373.367108][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.367119][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  373.367136][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  373.367155][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  373.367173][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  373.367192][T14744]  ? __lock_acquire+0x622/0x1c90
[  373.367207][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.367218][T14744]  ? trace_cap_capable+0x18d/0x200
[  373.367236][T14744]  ? find_held_lock+0x2b/0x80
[  373.367246][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.367257][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.367268][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  373.367280][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.367292][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  373.367305][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  373.367321][T14744]  ? ref_tracker_free+0x37c/0x830
[  373.367337][T14744]  netlink_rcv_skb+0x158/0x420
[  373.367351][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  373.367364][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  373.367383][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  373.367398][T14744]  netlink_unicast+0x53a/0x7f0
[  373.367413][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  373.367430][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  373.367446][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  373.367461][T14744]  ? __import_iovec+0x1dd/0x650
[  373.367479][T14744]  ____sys_sendmsg+0xa98/0xc70
[  373.367493][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  373.367508][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  373.367522][T14744]  ? get_compat_msghdr+0x11a/0x170
[  373.367538][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  373.367556][T14744]  ___sys_sendmsg+0x134/0x1d0
[  373.367568][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  373.367586][T14744]  ? find_held_lock+0x2b/0x80
[  373.367605][T14744]  __sys_sendmsg+0x16d/0x220
[  373.367616][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  373.367629][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  373.367648][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  373.367683][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.367695][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  373.367708][T14744]  do_fast_syscall_32+0x32/0x80
[  373.367720][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  373.367736][T14744] RIP: 0023:0xf7fc6579
[  373.367746][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  373.367756][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  373.367766][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  373.367773][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  373.367779][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  373.367786][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  373.367792][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  373.367805][T14744]  </TASK>
[  373.558502][T14744] 
[  373.559291][T14744] =============================
[  373.561037][T14744] WARNING: suspicious RCU usage
[  373.563006][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  373.565383][T14744] -----------------------------
[  373.567039][T14744] net/ipv6/ip6_fib.c:1864 suspicious rcu_dereference_protected() usage!
[  373.570129][T14744] 
[  373.570129][T14744] other info that might help us debug this:
[  373.570129][T14744] 
[  373.573299][T14744] 
[  373.573299][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  373.575789][T14744] 3 locks held by syz.4.2582/14744:
[  373.577433][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  373.580182][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  373.583031][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  373.585933][T14744] 
[  373.585933][T14744] stack backtrace:
[  373.587814][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  373.587829][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  373.587836][T14744] Call Trace:
[  373.587841][T14744]  <TASK>
[  373.587846][T14744]  dump_stack_lvl+0x16c/0x1f0
[  373.587859][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  373.587877][T14744]  fib6_repair_tree.part.0+0x447/0x1270
[  373.587891][T14744]  ? fib6_del+0xa18/0x1770
[  373.587910][T14744]  fib6_del+0x133d/0x1770
[  373.587928][T14744]  ? __pfx_fib6_del+0x10/0x10
[  373.587940][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  373.587958][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  373.587974][T14744]  fib6_clean_node+0x424/0x5b0
[  373.587988][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  373.588000][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  373.588019][T14744]  fib6_walk_continue+0x44f/0x8d0
[  373.588033][T14744]  fib6_walk+0x182/0x370
[  373.588045][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.588057][T14744]  fib6_clean_tree+0xd4/0x110
[  373.588068][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  373.588081][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  373.588094][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.588107][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  373.588124][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.588137][T14744]  __fib6_clean_all+0x107/0x2d0
[  373.588151][T14744]  rt6_disable_ip+0x2ec/0x990
[  373.588168][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  373.588184][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  373.588200][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  373.588217][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.588232][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  373.588248][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  373.588261][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  373.588280][T14744]  addrconf_notify+0x220/0x19e0
[  373.588296][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  373.588314][T14744]  notifier_call_chain+0xbc/0x410
[  373.588328][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  373.588346][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  373.588363][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  373.588377][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  373.588387][T14744]  ? __dev_change_flags+0x3d5/0x720
[  373.588399][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  373.588411][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  373.588424][T14744]  netif_change_flags+0x108/0x160
[  373.588437][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  373.588452][T14744]  ? preempt_schedule_common+0x44/0xc0
[  373.588470][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  373.588482][T14744]  ? preempt_count_add+0x76/0x150
[  373.588499][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  373.588518][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  373.588537][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  373.588552][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  373.588568][T14744]  ? __pfx___might_resched+0x10/0x10
[  373.588580][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.588591][T14744]  ? trace_contention_end+0xdd/0x130
[  373.588606][T14744]  ? __mutex_lock+0x1ca/0xb90
[  373.588618][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.588628][T14744]  ? rtnl_newlink+0x600/0x2000
[  373.588639][T14744]  ? trace_cap_capable+0x18d/0x200
[  373.588655][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  373.588665][T14744]  ? apparmor_capable+0x114/0x1d0
[  373.588686][T14744]  ? netlink_ns_capable+0xfa/0x130
[  373.588700][T14744]  rtnl_newlink+0x18e0/0x2000
[  373.588726][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.588737][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  373.588754][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  373.588774][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  373.588791][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  373.588810][T14744]  ? __lock_acquire+0x622/0x1c90
[  373.588825][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.588836][T14744]  ? trace_cap_capable+0x18d/0x200
[  373.588854][T14744]  ? find_held_lock+0x2b/0x80
[  373.588864][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.588875][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.588886][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  373.588898][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.588914][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  373.588928][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  373.588944][T14744]  ? ref_tracker_free+0x37c/0x830
[  373.588960][T14744]  netlink_rcv_skb+0x158/0x420
[  373.588974][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  373.588987][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  373.589005][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  373.589020][T14744]  netlink_unicast+0x53a/0x7f0
[  373.589035][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  373.589053][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  373.589068][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  373.589083][T14744]  ? __import_iovec+0x1dd/0x650
[  373.589101][T14744]  ____sys_sendmsg+0xa98/0xc70
[  373.589115][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  373.589130][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  373.589144][T14744]  ? get_compat_msghdr+0x11a/0x170
[  373.589159][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  373.589177][T14744]  ___sys_sendmsg+0x134/0x1d0
[  373.589189][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  373.589207][T14744]  ? find_held_lock+0x2b/0x80
[  373.589225][T14744]  __sys_sendmsg+0x16d/0x220
[  373.589236][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  373.589247][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  373.589266][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  373.589285][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.589297][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  373.589310][T14744]  do_fast_syscall_32+0x32/0x80
[  373.589322][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  373.589336][T14744] RIP: 0023:0xf7fc6579
[  373.589346][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  373.589357][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  373.589367][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  373.589374][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  373.589380][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  373.589386][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  373.589392][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  373.589405][T14744]  </TASK>
[  373.589410][T14744] 
[  373.781838][T14744] =============================
[  373.783366][T14744] WARNING: suspicious RCU usage
[  373.784897][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  373.787037][T14744] -----------------------------
[  373.788576][T14744] net/ipv6/ip6_fib.c:1866 suspicious rcu_dereference_protected() usage!
[  373.791202][T14744] 
[  373.791202][T14744] other info that might help us debug this:
[  373.791202][T14744] 
[  373.794363][T14744] 
[  373.794363][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  373.796915][T14744] 3 locks held by syz.4.2582/14744:
[  373.798544][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  373.801375][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  373.804330][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  373.807359][T14744] 
[  373.807359][T14744] stack backtrace:
[  373.809142][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  373.809157][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  373.809164][T14744] Call Trace:
[  373.809169][T14744]  <TASK>
[  373.809173][T14744]  dump_stack_lvl+0x16c/0x1f0
[  373.809186][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  373.809203][T14744]  fib6_repair_tree.part.0+0x710/0x1270
[  373.809218][T14744]  ? fib6_del+0xa18/0x1770
[  373.809234][T14744]  fib6_del+0x133d/0x1770
[  373.809250][T14744]  ? __pfx_fib6_del+0x10/0x10
[  373.809263][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  373.809281][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  373.809297][T14744]  fib6_clean_node+0x424/0x5b0
[  373.809311][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  373.809324][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  373.809342][T14744]  fib6_walk_continue+0x44f/0x8d0
[  373.809356][T14744]  fib6_walk+0x182/0x370
[  373.809368][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.809379][T14744]  fib6_clean_tree+0xd4/0x110
[  373.809391][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  373.809404][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  373.809417][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.809430][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  373.809446][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  373.809459][T14744]  __fib6_clean_all+0x107/0x2d0
[  373.809473][T14744]  rt6_disable_ip+0x2ec/0x990
[  373.809490][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  373.809506][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  373.809522][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  373.809539][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.809553][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  373.809569][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  373.809583][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  373.809602][T14744]  addrconf_notify+0x220/0x19e0
[  373.809617][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  373.809636][T14744]  notifier_call_chain+0xbc/0x410
[  373.809648][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  373.809666][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  373.809683][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  373.809695][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  373.809704][T14744]  ? __dev_change_flags+0x3d5/0x720
[  373.809716][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  373.809728][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  373.809741][T14744]  netif_change_flags+0x108/0x160
[  373.809754][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  373.809769][T14744]  ? preempt_schedule_common+0x44/0xc0
[  373.809787][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  373.809799][T14744]  ? preempt_count_add+0x76/0x150
[  373.809816][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  373.809835][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  373.809853][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  373.809869][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  373.809885][T14744]  ? __pfx___might_resched+0x10/0x10
[  373.809897][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.809912][T14744]  ? trace_contention_end+0xdd/0x130
[  373.809929][T14744]  ? __mutex_lock+0x1ca/0xb90
[  373.809940][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.809951][T14744]  ? rtnl_newlink+0x600/0x2000
[  373.809961][T14744]  ? trace_cap_capable+0x18d/0x200
[  373.809977][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  373.809988][T14744]  ? apparmor_capable+0x114/0x1d0
[  373.810008][T14744]  ? netlink_ns_capable+0xfa/0x130
[  373.810023][T14744]  rtnl_newlink+0x18e0/0x2000
[  373.810038][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.810049][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  373.810065][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  373.810085][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  373.810102][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  373.810120][T14744]  ? __lock_acquire+0x622/0x1c90
[  373.810136][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.810147][T14744]  ? trace_cap_capable+0x18d/0x200
[  373.810165][T14744]  ? find_held_lock+0x2b/0x80
[  373.810175][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.810186][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.810196][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  373.810208][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  373.810220][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  373.810233][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  373.810249][T14744]  ? ref_tracker_free+0x37c/0x830
[  373.810265][T14744]  netlink_rcv_skb+0x158/0x420
[  373.810279][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  373.810292][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  373.810310][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  373.810325][T14744]  netlink_unicast+0x53a/0x7f0
[  373.810340][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  373.810357][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  373.810373][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  373.810388][T14744]  ? __import_iovec+0x1dd/0x650
[  373.810406][T14744]  ____sys_sendmsg+0xa98/0xc70
[  373.810420][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  373.810436][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  373.810449][T14744]  ? get_compat_msghdr+0x11a/0x170
[  373.810465][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  373.810483][T14744]  ___sys_sendmsg+0x134/0x1d0
[  373.810495][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  373.810512][T14744]  ? find_held_lock+0x2b/0x80
[  373.810531][T14744]  __sys_sendmsg+0x16d/0x220
[  373.810542][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  373.810552][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  373.810572][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  373.810590][T14744]  ? rcu_is_watching+0x12/0xc0
[  373.810602][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  373.810615][T14744]  do_fast_syscall_32+0x32/0x80
[  373.810627][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  373.810640][T14744] RIP: 0023:0xf7fc6579
[  373.810649][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  373.810660][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  373.810670][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  373.810676][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  373.810683][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  373.810689][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  373.810695][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  373.810708][T14744]  </TASK>
[  373.810712][T14744] 
[  374.004486][T14744] =============================
[  374.006016][T14744] WARNING: suspicious RCU usage
[  374.007576][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  374.009710][T14744] -----------------------------
[  374.011238][T14744] net/ipv6/ip6_fib.c:1868 suspicious rcu_dereference_protected() usage!
[  374.013788][T14744] 
[  374.013788][T14744] other info that might help us debug this:
[  374.013788][T14744] 
[  374.016947][T14744] 
[  374.016947][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  374.019422][T14744] 3 locks held by syz.4.2582/14744:
[  374.021061][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  374.023864][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  374.026833][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  374.029783][T14744] 
[  374.029783][T14744] stack backtrace:
[  374.031640][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  374.031670][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  374.031677][T14744] Call Trace:
[  374.031682][T14744]  <TASK>
[  374.031687][T14744]  dump_stack_lvl+0x16c/0x1f0
[  374.031700][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  374.031716][T14744]  fib6_repair_tree.part.0+0x681/0x1270
[  374.031735][T14744]  fib6_del+0x133d/0x1770
[  374.031752][T14744]  ? __pfx_fib6_del+0x10/0x10
[  374.031764][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  374.031783][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  374.031798][T14744]  fib6_clean_node+0x424/0x5b0
[  374.031812][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.031825][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.031849][T14744]  fib6_walk_continue+0x44f/0x8d0
[  374.031863][T14744]  fib6_walk+0x182/0x370
[  374.031875][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.031887][T14744]  fib6_clean_tree+0xd4/0x110
[  374.031898][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  374.031912][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.031925][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.031937][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  374.031954][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.031967][T14744]  __fib6_clean_all+0x107/0x2d0
[  374.031981][T14744]  rt6_disable_ip+0x2ec/0x990
[  374.031998][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.032014][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.032030][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  374.032047][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.032062][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  374.032077][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  374.032091][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  374.032110][T14744]  addrconf_notify+0x220/0x19e0
[  374.032125][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  374.032144][T14744]  notifier_call_chain+0xbc/0x410
[  374.032156][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  374.032174][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  374.032192][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  374.032203][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  374.032213][T14744]  ? __dev_change_flags+0x3d5/0x720
[  374.032225][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  374.032237][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  374.032250][T14744]  netif_change_flags+0x108/0x160
[  374.032263][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  374.032277][T14744]  ? preempt_schedule_common+0x44/0xc0
[  374.032296][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  374.032308][T14744]  ? preempt_count_add+0x76/0x150
[  374.032325][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  374.032344][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.032362][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.032378][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.032394][T14744]  ? __pfx___might_resched+0x10/0x10
[  374.032407][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.032418][T14744]  ? trace_contention_end+0xdd/0x130
[  374.032433][T14744]  ? __mutex_lock+0x1ca/0xb90
[  374.032444][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.032455][T14744]  ? rtnl_newlink+0x600/0x2000
[  374.032465][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.032481][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  374.032492][T14744]  ? apparmor_capable+0x114/0x1d0
[  374.032512][T14744]  ? netlink_ns_capable+0xfa/0x130
[  374.032526][T14744]  rtnl_newlink+0x18e0/0x2000
[  374.032542][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.032553][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  374.032570][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  374.032590][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  374.032607][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  374.032626][T14744]  ? __lock_acquire+0x622/0x1c90
[  374.032641][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.032652][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.032670][T14744]  ? find_held_lock+0x2b/0x80
[  374.032680][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.032691][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.032702][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  374.032714][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.032726][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  374.032739][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.032755][T14744]  ? ref_tracker_free+0x37c/0x830
[  374.032771][T14744]  netlink_rcv_skb+0x158/0x420
[  374.032785][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.032799][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  374.032817][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  374.032832][T14744]  netlink_unicast+0x53a/0x7f0
[  374.032851][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  374.032869][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  374.032884][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.032899][T14744]  ? __import_iovec+0x1dd/0x650
[  374.032918][T14744]  ____sys_sendmsg+0xa98/0xc70
[  374.032931][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  374.032948][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.032961][T14744]  ? get_compat_msghdr+0x11a/0x170
[  374.032977][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  374.032995][T14744]  ___sys_sendmsg+0x134/0x1d0
[  374.033007][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  374.033025][T14744]  ? find_held_lock+0x2b/0x80
[  374.033043][T14744]  __sys_sendmsg+0x16d/0x220
[  374.033055][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  374.033065][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  374.033084][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  374.033103][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.033116][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  374.033128][T14744]  do_fast_syscall_32+0x32/0x80
[  374.033140][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  374.033154][T14744] RIP: 0023:0xf7fc6579
[  374.033163][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  374.033174][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  374.033185][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  374.033192][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  374.033198][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  374.033204][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.033210][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  374.033223][T14744]  </TASK>
[  374.033229][T14744] 
[  374.224632][T14744] =============================
[  374.226162][T14744] WARNING: suspicious RCU usage
[  374.227727][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  374.229861][T14744] -----------------------------
[  374.231410][T14744] net/ipv6/ip6_fib.c:1870 suspicious rcu_dereference_protected() usage!
[  374.233972][T14744] 
[  374.233972][T14744] other info that might help us debug this:
[  374.233972][T14744] 
[  374.237137][T14744] 
[  374.237137][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  374.239595][T14744] 3 locks held by syz.4.2582/14744:
[  374.241229][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  374.244041][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  374.247003][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  374.249940][T14744] 
[  374.249940][T14744] stack backtrace:
[  374.251814][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  374.251829][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  374.251840][T14744] Call Trace:
[  374.251845][T14744]  <TASK>
[  374.251850][T14744]  dump_stack_lvl+0x16c/0x1f0
[  374.251863][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  374.251880][T14744]  fib6_repair_tree.part.0+0x79f/0x1270
[  374.251899][T14744]  fib6_del+0x133d/0x1770
[  374.251916][T14744]  ? __pfx_fib6_del+0x10/0x10
[  374.251929][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  374.251947][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  374.251963][T14744]  fib6_clean_node+0x424/0x5b0
[  374.251977][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.251990][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.252009][T14744]  fib6_walk_continue+0x44f/0x8d0
[  374.252023][T14744]  fib6_walk+0x182/0x370
[  374.252035][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.252046][T14744]  fib6_clean_tree+0xd4/0x110
[  374.252057][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  374.252071][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.252084][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.252097][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  374.252114][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.252126][T14744]  __fib6_clean_all+0x107/0x2d0
[  374.252141][T14744]  rt6_disable_ip+0x2ec/0x990
[  374.252158][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.252174][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.252190][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  374.252207][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.252222][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  374.252237][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  374.252251][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  374.252270][T14744]  addrconf_notify+0x220/0x19e0
[  374.252285][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  374.252304][T14744]  notifier_call_chain+0xbc/0x410
[  374.252317][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  374.252335][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  374.252351][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  374.252363][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  374.252373][T14744]  ? __dev_change_flags+0x3d5/0x720
[  374.252384][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  374.252397][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  374.252410][T14744]  netif_change_flags+0x108/0x160
[  374.252423][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  374.252437][T14744]  ? preempt_schedule_common+0x44/0xc0
[  374.252456][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  374.252468][T14744]  ? preempt_count_add+0x76/0x150
[  374.252484][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  374.252504][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.252523][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.252538][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.252554][T14744]  ? __pfx___might_resched+0x10/0x10
[  374.252567][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.252578][T14744]  ? trace_contention_end+0xdd/0x130
[  374.252593][T14744]  ? __mutex_lock+0x1ca/0xb90
[  374.252604][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.252615][T14744]  ? rtnl_newlink+0x600/0x2000
[  374.252626][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.252642][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  374.252653][T14744]  ? apparmor_capable+0x114/0x1d0
[  374.252674][T14744]  ? netlink_ns_capable+0xfa/0x130
[  374.252689][T14744]  rtnl_newlink+0x18e0/0x2000
[  374.252704][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.252715][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  374.252733][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  374.252752][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  374.252770][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  374.252789][T14744]  ? __lock_acquire+0x622/0x1c90
[  374.252804][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.252815][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.252833][T14744]  ? find_held_lock+0x2b/0x80
[  374.252846][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.252857][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.252868][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  374.252881][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.252893][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  374.252906][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.252922][T14744]  ? ref_tracker_free+0x37c/0x830
[  374.252939][T14744]  netlink_rcv_skb+0x158/0x420
[  374.252952][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.252965][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  374.252984][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  374.253000][T14744]  netlink_unicast+0x53a/0x7f0
[  374.253015][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  374.253033][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  374.253049][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.253063][T14744]  ? __import_iovec+0x1dd/0x650
[  374.253081][T14744]  ____sys_sendmsg+0xa98/0xc70
[  374.253095][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  374.253111][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.253124][T14744]  ? get_compat_msghdr+0x11a/0x170
[  374.253140][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  374.253158][T14744]  ___sys_sendmsg+0x134/0x1d0
[  374.253170][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  374.253188][T14744]  ? find_held_lock+0x2b/0x80
[  374.253207][T14744]  __sys_sendmsg+0x16d/0x220
[  374.253219][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  374.253229][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  374.253249][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  374.253268][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.253280][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  374.253294][T14744]  do_fast_syscall_32+0x32/0x80
[  374.253305][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  374.253320][T14744] RIP: 0023:0xf7fc6579
[  374.253329][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  374.253340][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  374.253350][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  374.253357][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  374.253363][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  374.253369][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.253375][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  374.253388][T14744]  </TASK>
[  374.253421][T14744] 
[  374.444223][T14744] =============================
[  374.445741][T14744] WARNING: suspicious RCU usage
[  374.447307][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  374.449396][T14744] -----------------------------
[  374.450915][T14744] net/ipv6/ip6_fib.c:1819 suspicious rcu_dereference_protected() usage!
[  374.453471][T14744] 
[  374.453471][T14744] other info that might help us debug this:
[  374.453471][T14744] 
[  374.456620][T14744] 
[  374.456620][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  374.459080][T14744] 3 locks held by syz.4.2582/14744:
[  374.460704][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  374.463490][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  374.466464][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  374.469391][T14744] 
[  374.469391][T14744] stack backtrace:
[  374.471231][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  374.471246][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  374.471253][T14744] Call Trace:
[  374.471259][T14744]  <TASK>
[  374.471264][T14744]  dump_stack_lvl+0x16c/0x1f0
[  374.471277][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  374.471294][T14744]  fib6_find_prefix.part.0+0x1ee/0x3e0
[  374.471307][T14744]  fib6_repair_tree.part.0+0x2c9/0x1270
[  374.471325][T14744]  fib6_del+0x133d/0x1770
[  374.471342][T14744]  ? __pfx_fib6_del+0x10/0x10
[  374.471354][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  374.471373][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  374.471389][T14744]  fib6_clean_node+0x424/0x5b0
[  374.471403][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.471415][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.471434][T14744]  fib6_walk_continue+0x44f/0x8d0
[  374.471447][T14744]  fib6_walk+0x182/0x370
[  374.471459][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.471470][T14744]  fib6_clean_tree+0xd4/0x110
[  374.471482][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  374.471495][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.471508][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.471520][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  374.471538][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.471550][T14744]  __fib6_clean_all+0x107/0x2d0
[  374.471564][T14744]  rt6_disable_ip+0x2ec/0x990
[  374.471581][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.471597][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.471613][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  374.471631][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.471645][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  374.471677][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  374.471691][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  374.471709][T14744]  addrconf_notify+0x220/0x19e0
[  374.471724][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  374.471743][T14744]  notifier_call_chain+0xbc/0x410
[  374.471756][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  374.471773][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  374.471790][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  374.471802][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  374.471812][T14744]  ? __dev_change_flags+0x3d5/0x720
[  374.471823][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  374.471836][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  374.471853][T14744]  netif_change_flags+0x108/0x160
[  374.471866][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  374.471880][T14744]  ? preempt_schedule_common+0x44/0xc0
[  374.471899][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  374.471911][T14744]  ? preempt_count_add+0x76/0x150
[  374.471927][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  374.471946][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.471965][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.471980][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.471996][T14744]  ? __pfx___might_resched+0x10/0x10
[  374.472008][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.472019][T14744]  ? trace_contention_end+0xdd/0x130
[  374.472034][T14744]  ? __mutex_lock+0x1ca/0xb90
[  374.472045][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.472056][T14744]  ? rtnl_newlink+0x600/0x2000
[  374.472066][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.472082][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  374.472093][T14744]  ? apparmor_capable+0x114/0x1d0
[  374.472113][T14744]  ? netlink_ns_capable+0xfa/0x130
[  374.472127][T14744]  rtnl_newlink+0x18e0/0x2000
[  374.472143][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.472154][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  374.472171][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  374.472191][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  374.472208][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  374.472227][T14744]  ? __lock_acquire+0x622/0x1c90
[  374.472242][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.472253][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.472271][T14744]  ? find_held_lock+0x2b/0x80
[  374.472281][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.472292][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.472303][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  374.472315][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.472327][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  374.472341][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.472356][T14744]  ? ref_tracker_free+0x37c/0x830
[  374.472373][T14744]  netlink_rcv_skb+0x158/0x420
[  374.472386][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.472399][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  374.472418][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  374.472433][T14744]  netlink_unicast+0x53a/0x7f0
[  374.472448][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  374.472466][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  374.472481][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.472496][T14744]  ? __import_iovec+0x1dd/0x650
[  374.472514][T14744]  ____sys_sendmsg+0xa98/0xc70
[  374.472528][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  374.472543][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.472556][T14744]  ? get_compat_msghdr+0x11a/0x170
[  374.472572][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  374.472590][T14744]  ___sys_sendmsg+0x134/0x1d0
[  374.472602][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  374.472620][T14744]  ? find_held_lock+0x2b/0x80
[  374.472638][T14744]  __sys_sendmsg+0x16d/0x220
[  374.472650][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  374.472660][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  374.472679][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  374.472698][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.472711][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  374.472724][T14744]  do_fast_syscall_32+0x32/0x80
[  374.472735][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  374.472751][T14744] RIP: 0023:0xf7fc6579
[  374.472760][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  374.472771][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  374.472781][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  374.472788][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  374.472795][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  374.472801][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.472807][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  374.472820][T14744]  </TASK>
[  374.472826][T14744] 
[  374.665503][T14744] =============================
[  374.667093][T14744] WARNING: suspicious RCU usage
[  374.668626][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  374.670711][T14744] -----------------------------
[  374.672268][T14744] net/ipv6/ip6_fib.c:1821 suspicious rcu_dereference_protected() usage!
[  374.674797][T14744] 
[  374.674797][T14744] other info that might help us debug this:
[  374.674797][T14744] 
[  374.677924][T14744] 
[  374.677924][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  374.680373][T14744] 3 locks held by syz.4.2582/14744:
[  374.682021][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  374.684816][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  374.687785][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  374.690703][T14744] 
[  374.690703][T14744] stack backtrace:
[  374.692568][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  374.692583][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  374.692590][T14744] Call Trace:
[  374.692596][T14744]  <TASK>
[  374.692601][T14744]  dump_stack_lvl+0x16c/0x1f0
[  374.692614][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  374.692631][T14744]  fib6_find_prefix.part.0+0x164/0x3e0
[  374.692643][T14744]  fib6_repair_tree.part.0+0x2c9/0x1270
[  374.692662][T14744]  fib6_del+0x133d/0x1770
[  374.692679][T14744]  ? __pfx_fib6_del+0x10/0x10
[  374.692691][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  374.692709][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  374.692725][T14744]  fib6_clean_node+0x424/0x5b0
[  374.692739][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.692752][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.692770][T14744]  fib6_walk_continue+0x44f/0x8d0
[  374.692784][T14744]  fib6_walk+0x182/0x370
[  374.692796][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.692808][T14744]  fib6_clean_tree+0xd4/0x110
[  374.692819][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  374.692833][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.692850][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.692863][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  374.692879][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.692892][T14744]  __fib6_clean_all+0x107/0x2d0
[  374.692906][T14744]  rt6_disable_ip+0x2ec/0x990
[  374.692923][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.692939][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.692955][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  374.692973][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.692987][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  374.693003][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  374.693017][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  374.693036][T14744]  addrconf_notify+0x220/0x19e0
[  374.693052][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  374.693070][T14744]  notifier_call_chain+0xbc/0x410
[  374.693083][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  374.693101][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  374.693118][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  374.693130][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  374.693139][T14744]  ? __dev_change_flags+0x3d5/0x720
[  374.693151][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  374.693164][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  374.693177][T14744]  netif_change_flags+0x108/0x160
[  374.693190][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  374.693204][T14744]  ? preempt_schedule_common+0x44/0xc0
[  374.693222][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  374.693235][T14744]  ? preempt_count_add+0x76/0x150
[  374.693251][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  374.693270][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.693289][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.693305][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.693320][T14744]  ? __pfx___might_resched+0x10/0x10
[  374.693332][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.693343][T14744]  ? trace_contention_end+0xdd/0x130
[  374.693358][T14744]  ? __mutex_lock+0x1ca/0xb90
[  374.693370][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.693380][T14744]  ? rtnl_newlink+0x600/0x2000
[  374.693390][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.693406][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  374.693417][T14744]  ? apparmor_capable+0x114/0x1d0
[  374.693437][T14744]  ? netlink_ns_capable+0xfa/0x130
[  374.693451][T14744]  rtnl_newlink+0x18e0/0x2000
[  374.693467][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.693478][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  374.693495][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  374.693514][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  374.693531][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  374.693550][T14744]  ? __lock_acquire+0x622/0x1c90
[  374.693565][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.693576][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.693595][T14744]  ? find_held_lock+0x2b/0x80
[  374.693604][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.693615][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.693626][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  374.693638][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.693650][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  374.693663][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.693679][T14744]  ? ref_tracker_free+0x37c/0x830
[  374.693696][T14744]  netlink_rcv_skb+0x158/0x420
[  374.693709][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.693722][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  374.693740][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  374.693755][T14744]  netlink_unicast+0x53a/0x7f0
[  374.693770][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  374.693788][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  374.693803][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.693818][T14744]  ? __import_iovec+0x1dd/0x650
[  374.693836][T14744]  ____sys_sendmsg+0xa98/0xc70
[  374.693853][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  374.693868][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.693882][T14744]  ? get_compat_msghdr+0x11a/0x170
[  374.693897][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  374.693915][T14744]  ___sys_sendmsg+0x134/0x1d0
[  374.693927][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  374.693945][T14744]  ? find_held_lock+0x2b/0x80
[  374.693963][T14744]  __sys_sendmsg+0x16d/0x220
[  374.693975][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  374.693985][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  374.694004][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  374.694023][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.694035][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  374.694049][T14744]  do_fast_syscall_32+0x32/0x80
[  374.694060][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  374.694074][T14744] RIP: 0023:0xf7fc6579
[  374.694084][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  374.694095][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  374.694105][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  374.694111][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  374.694118][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  374.694124][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.694130][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  374.694143][T14744]  </TASK>
[  374.694148][T14744] 
[  374.883842][T14744] =============================
[  374.885350][T14744] WARNING: suspicious RCU usage
[  374.886907][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  374.888957][T14744] -----------------------------
[  374.890485][T14744] net/ipv6/ip6_fib.c:1824 suspicious rcu_dereference_protected() usage!
[  374.893060][T14744] 
[  374.893060][T14744] other info that might help us debug this:
[  374.893060][T14744] 
[  374.896189][T14744] 
[  374.896189][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  374.898690][T14744] 3 locks held by syz.4.2582/14744:
[  374.900317][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  374.903141][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  374.906062][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  374.909020][T14744] 
[  374.909020][T14744] stack backtrace:
[  374.910855][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  374.910869][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  374.910877][T14744] Call Trace:
[  374.910881][T14744]  <TASK>
[  374.910886][T14744]  dump_stack_lvl+0x16c/0x1f0
[  374.910898][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  374.910915][T14744]  fib6_find_prefix.part.0+0x31b/0x3e0
[  374.910928][T14744]  fib6_repair_tree.part.0+0x2c9/0x1270
[  374.910946][T14744]  fib6_del+0x133d/0x1770
[  374.910963][T14744]  ? __pfx_fib6_del+0x10/0x10
[  374.910975][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  374.910993][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  374.911008][T14744]  fib6_clean_node+0x424/0x5b0
[  374.911023][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.911035][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.911054][T14744]  fib6_walk_continue+0x44f/0x8d0
[  374.911067][T14744]  fib6_walk+0x182/0x370
[  374.911079][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.911091][T14744]  fib6_clean_tree+0xd4/0x110
[  374.911102][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  374.911115][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  374.911128][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.911141][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  374.911157][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  374.911170][T14744]  __fib6_clean_all+0x107/0x2d0
[  374.911184][T14744]  rt6_disable_ip+0x2ec/0x990
[  374.911201][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.911217][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.911233][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  374.911251][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.911265][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  374.911280][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  374.911294][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  374.911313][T14744]  addrconf_notify+0x220/0x19e0
[  374.911328][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  374.911347][T14744]  notifier_call_chain+0xbc/0x410
[  374.911359][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  374.911377][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  374.911393][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  374.911405][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  374.911414][T14744]  ? __dev_change_flags+0x3d5/0x720
[  374.911426][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  374.911438][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  374.911452][T14744]  netif_change_flags+0x108/0x160
[  374.911465][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  374.911479][T14744]  ? preempt_schedule_common+0x44/0xc0
[  374.911498][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  374.911510][T14744]  ? preempt_count_add+0x76/0x150
[  374.911526][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  374.911546][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  374.911564][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  374.911580][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  374.911596][T14744]  ? __pfx___might_resched+0x10/0x10
[  374.911608][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.911618][T14744]  ? trace_contention_end+0xdd/0x130
[  374.911634][T14744]  ? __mutex_lock+0x1ca/0xb90
[  374.911659][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.911671][T14744]  ? rtnl_newlink+0x600/0x2000
[  374.911682][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.911698][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  374.911708][T14744]  ? apparmor_capable+0x114/0x1d0
[  374.911729][T14744]  ? netlink_ns_capable+0xfa/0x130
[  374.911743][T14744]  rtnl_newlink+0x18e0/0x2000
[  374.911759][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.911769][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  374.911786][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  374.911806][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  374.911823][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  374.911844][T14744]  ? __lock_acquire+0x622/0x1c90
[  374.911860][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.911871][T14744]  ? trace_cap_capable+0x18d/0x200
[  374.911889][T14744]  ? find_held_lock+0x2b/0x80
[  374.911899][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.911910][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.911921][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  374.911933][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  374.911945][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  374.911958][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.911974][T14744]  ? ref_tracker_free+0x37c/0x830
[  374.911990][T14744]  netlink_rcv_skb+0x158/0x420
[  374.912004][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  374.912017][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  374.912035][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  374.912050][T14744]  netlink_unicast+0x53a/0x7f0
[  374.912066][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  374.912083][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  374.912099][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.912114][T14744]  ? __import_iovec+0x1dd/0x650
[  374.912132][T14744]  ____sys_sendmsg+0xa98/0xc70
[  374.912146][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  374.912161][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.912175][T14744]  ? get_compat_msghdr+0x11a/0x170
[  374.912191][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  374.912208][T14744]  ___sys_sendmsg+0x134/0x1d0
[  374.912221][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  374.912238][T14744]  ? find_held_lock+0x2b/0x80
[  374.912257][T14744]  __sys_sendmsg+0x16d/0x220
[  374.912268][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  374.912279][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  374.912298][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  374.912316][T14744]  ? rcu_is_watching+0x12/0xc0
[  374.912329][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  374.912342][T14744]  do_fast_syscall_32+0x32/0x80
[  374.912353][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  374.912368][T14744] RIP: 0023:0xf7fc6579
[  374.912377][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  374.912387][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  374.912397][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  374.912404][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  374.912411][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  374.912417][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.912423][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  374.912435][T14744]  </TASK>
[  374.912444][T14744] 
[  375.105996][T14744] =============================
[  375.107563][T14744] WARNING: suspicious RCU usage
[  375.109100][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  375.111189][T14744] -----------------------------
[  375.112719][T14744] net/ipv6/ip6_fib.c:1067 suspicious rcu_dereference_protected() usage!
[  375.115262][T14744] 
[  375.115262][T14744] other info that might help us debug this:
[  375.115262][T14744] 
[  375.118428][T14744] 
[  375.118428][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  375.120917][T14744] 3 locks held by syz.4.2582/14744:
[  375.122538][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  375.125338][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  375.128287][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  375.131231][T14744] 
[  375.131231][T14744] stack backtrace:
[  375.133085][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  375.133100][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  375.133108][T14744] Call Trace:
[  375.133113][T14744]  <TASK>
[  375.133118][T14744]  dump_stack_lvl+0x16c/0x1f0
[  375.133131][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  375.133148][T14744]  fib6_purge_rt+0x542/0xbf0
[  375.133162][T14744]  ? __pfx_fib6_purge_rt+0x10/0x10
[  375.133178][T14744]  fib6_del+0xa5e/0x1770
[  375.133195][T14744]  ? __pfx_fib6_del+0x10/0x10
[  375.133207][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  375.133226][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  375.133241][T14744]  fib6_clean_node+0x424/0x5b0
[  375.133256][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  375.133268][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  375.133287][T14744]  fib6_walk_continue+0x44f/0x8d0
[  375.133300][T14744]  fib6_walk+0x182/0x370
[  375.133312][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  375.133324][T14744]  fib6_clean_tree+0xd4/0x110
[  375.133335][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  375.133348][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  375.133361][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  375.133374][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  375.133391][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  375.133404][T14744]  __fib6_clean_all+0x107/0x2d0
[  375.133418][T14744]  rt6_disable_ip+0x2ec/0x990
[  375.133434][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  375.133450][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  375.133466][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  375.133484][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.133498][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  375.133514][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  375.133528][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  375.133547][T14744]  addrconf_notify+0x220/0x19e0
[  375.133562][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  375.133581][T14744]  notifier_call_chain+0xbc/0x410
[  375.133594][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  375.133612][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  375.133628][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  375.133641][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  375.133651][T14744]  ? __dev_change_flags+0x3d5/0x720
[  375.133662][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  375.133675][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  375.133688][T14744]  netif_change_flags+0x108/0x160
[  375.133700][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  375.133715][T14744]  ? preempt_schedule_common+0x44/0xc0
[  375.133733][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  375.133746][T14744]  ? preempt_count_add+0x76/0x150
[  375.133762][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  375.133781][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  375.133800][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  375.133816][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  375.133831][T14744]  ? __pfx___might_resched+0x10/0x10
[  375.133847][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.133858][T14744]  ? trace_contention_end+0xdd/0x130
[  375.133873][T14744]  ? __mutex_lock+0x1ca/0xb90
[  375.133884][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.133895][T14744]  ? rtnl_newlink+0x600/0x2000
[  375.133905][T14744]  ? trace_cap_capable+0x18d/0x200
[  375.133921][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  375.133932][T14744]  ? apparmor_capable+0x114/0x1d0
[  375.133952][T14744]  ? netlink_ns_capable+0xfa/0x130
[  375.133967][T14744]  rtnl_newlink+0x18e0/0x2000
[  375.133983][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.133993][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  375.134011][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  375.134030][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  375.134047][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  375.134066][T14744]  ? __lock_acquire+0x622/0x1c90
[  375.134081][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.134092][T14744]  ? trace_cap_capable+0x18d/0x200
[  375.134110][T14744]  ? find_held_lock+0x2b/0x80
[  375.134120][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.134131][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.134142][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  375.134154][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.134166][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  375.134179][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  375.134195][T14744]  ? ref_tracker_free+0x37c/0x830
[  375.134211][T14744]  netlink_rcv_skb+0x158/0x420
[  375.134224][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  375.134237][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  375.134255][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  375.134270][T14744]  netlink_unicast+0x53a/0x7f0
[  375.134286][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  375.134303][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  375.134319][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.134334][T14744]  ? __import_iovec+0x1dd/0x650
[  375.134351][T14744]  ____sys_sendmsg+0xa98/0xc70
[  375.134365][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  375.134381][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  375.134394][T14744]  ? get_compat_msghdr+0x11a/0x170
[  375.134410][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  375.134428][T14744]  ___sys_sendmsg+0x134/0x1d0
[  375.134440][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  375.134457][T14744]  ? find_held_lock+0x2b/0x80
[  375.134476][T14744]  __sys_sendmsg+0x16d/0x220
[  375.134487][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  375.134498][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  375.134517][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  375.134536][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.134548][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  375.134561][T14744]  do_fast_syscall_32+0x32/0x80
[  375.134573][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.134587][T14744] RIP: 0023:0xf7fc6579
[  375.134596][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  375.134607][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  375.134617][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  375.134624][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  375.134630][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  375.134637][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  375.134643][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.134656][T14744]  </TASK>
[  375.134661][T14744] 
[  375.326482][T14744] =============================
[  375.328020][T14744] WARNING: suspicious RCU usage
[  375.329551][T14744] 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 Not tainted
[  375.331670][T14744] -----------------------------
[  375.333189][T14744] net/ipv6/ip6_fib.c:1077 suspicious rcu_dereference_protected() usage!
[  375.335734][T14744] 
[  375.335734][T14744] other info that might help us debug this:
[  375.335734][T14744] 
[  375.338881][T14744] 
[  375.338881][T14744] rcu_scheduler_active = 2, debug_locks = 1
[  375.341368][T14744] 3 locks held by syz.4.2582/14744:
[  375.342982][T14744]  #0: ffffffff90149428 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  375.345786][T14744]  #1: ffffffff8e3c4cc0 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  375.348775][T14744]  #2: ffff88802737cc30 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  375.351712][T14744] 
[  375.351712][T14744] stack backtrace:
[  375.353537][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  375.353552][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  375.353559][T14744] Call Trace:
[  375.353564][T14744]  <TASK>
[  375.353569][T14744]  dump_stack_lvl+0x16c/0x1f0
[  375.353581][T14744]  lockdep_rcu_suspicious+0x166/0x260
[  375.353598][T14744]  fib6_purge_rt+0x5d7/0xbf0
[  375.353612][T14744]  ? __pfx_fib6_purge_rt+0x10/0x10
[  375.353628][T14744]  fib6_del+0xa5e/0x1770
[  375.353644][T14744]  ? __pfx_fib6_del+0x10/0x10
[  375.353657][T14744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  375.353675][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  375.353691][T14744]  fib6_clean_node+0x424/0x5b0
[  375.353705][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  375.353717][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  375.353736][T14744]  fib6_walk_continue+0x44f/0x8d0
[  375.353750][T14744]  fib6_walk+0x182/0x370
[  375.353762][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  375.353774][T14744]  fib6_clean_tree+0xd4/0x110
[  375.353785][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  375.353798][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  375.353811][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  375.353824][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  375.353845][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  375.353858][T14744]  __fib6_clean_all+0x107/0x2d0
[  375.353872][T14744]  rt6_disable_ip+0x2ec/0x990
[  375.353888][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  375.353904][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  375.353920][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  375.353938][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.353952][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  375.353968][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  375.353982][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  375.354000][T14744]  addrconf_notify+0x220/0x19e0
[  375.354015][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  375.354034][T14744]  notifier_call_chain+0xbc/0x410
[  375.354047][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  375.354065][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  375.354081][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  375.354093][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  375.354103][T14744]  ? __dev_change_flags+0x3d5/0x720
[  375.354115][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  375.354127][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  375.354141][T14744]  netif_change_flags+0x108/0x160
[  375.354154][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  375.354168][T14744]  ? preempt_schedule_common+0x44/0xc0
[  375.354187][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  375.354199][T14744]  ? preempt_count_add+0x76/0x150
[  375.354216][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  375.354235][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  375.354253][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  375.354269][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  375.354285][T14744]  ? __pfx___might_resched+0x10/0x10
[  375.354297][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.354308][T14744]  ? trace_contention_end+0xdd/0x130
[  375.354323][T14744]  ? __mutex_lock+0x1ca/0xb90
[  375.354334][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.354345][T14744]  ? rtnl_newlink+0x600/0x2000
[  375.354355][T14744]  ? trace_cap_capable+0x18d/0x200
[  375.354371][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  375.354382][T14744]  ? apparmor_capable+0x114/0x1d0
[  375.354403][T14744]  ? netlink_ns_capable+0xfa/0x130
[  375.354417][T14744]  rtnl_newlink+0x18e0/0x2000
[  375.354433][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.354443][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  375.354460][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  375.354480][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  375.354497][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  375.354516][T14744]  ? __lock_acquire+0x622/0x1c90
[  375.354531][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.354542][T14744]  ? trace_cap_capable+0x18d/0x200
[  375.354560][T14744]  ? find_held_lock+0x2b/0x80
[  375.354570][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.354581][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.354592][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  375.354604][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.354616][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  375.354629][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  375.354645][T14744]  ? ref_tracker_free+0x37c/0x830
[  375.354661][T14744]  netlink_rcv_skb+0x158/0x420
[  375.354675][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  375.354688][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  375.354706][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  375.354721][T14744]  netlink_unicast+0x53a/0x7f0
[  375.354736][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  375.354754][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  375.354770][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.354784][T14744]  ? __import_iovec+0x1dd/0x650
[  375.354802][T14744]  ____sys_sendmsg+0xa98/0xc70
[  375.354816][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  375.354831][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  375.354848][T14744]  ? get_compat_msghdr+0x11a/0x170
[  375.354865][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  375.354882][T14744]  ___sys_sendmsg+0x134/0x1d0
[  375.354895][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  375.354912][T14744]  ? find_held_lock+0x2b/0x80
[  375.354931][T14744]  __sys_sendmsg+0x16d/0x220
[  375.354942][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  375.354953][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  375.354973][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  375.354991][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.355004][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  375.355017][T14744]  do_fast_syscall_32+0x32/0x80
[  375.355029][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.355043][T14744] RIP: 0023:0xf7fc6579
[  375.355052][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  375.355063][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  375.355073][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  375.355080][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  375.355086][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  375.355093][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  375.355099][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.355112][T14744]  </TASK>
[  375.355136][T14744] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000025: 0000 [#1] SMP KASAN NOPTI
[  375.548082][T14744] KASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]
[  375.550646][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.4.2582 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[  375.554203][T14744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  375.557479][T14744] RIP: 0010:fib6_del+0xe78/0x1770
[  375.558987][T14744] Code: a0 00 00 00 80 3c 02 00 0f 85 f8 06 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b 1c 24 48 8d bb 2c 01 00 00 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 09 84 d2 74 05 e8
[  375.564886][T14744] RSP: 0018:ffffc90003ff6840 EFLAGS: 00010203
[  375.566752][T14744] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90006011000
[  375.569196][T14744] RDX: 0000000000000025 RSI: ffffffff8a2b8415 RDI: 000000000000012c
[  375.571656][T14744] RBP: ffffc90003ff6960 R08: 0000000000000001 R09: 0000000000000000
[  375.574081][T14744] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880604d0400
[  375.576494][T14744] R13: ffffc90003ff69c4 R14: 0000000000000001 R15: ffff88805cdeae10
[  375.578925][T14744] FS:  0000000000000000(0000) GS:ffff888097873000(0063) knlGS:00000000f50e6b40
[  375.581682][T14744] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  375.583712][T14744] CR2: 00000000f50c5da4 CR3: 0000000079818000 CR4: 0000000000352ef0
[  375.586154][T14744] DR0: 000000000000000d DR1: 00000000000000ff DR2: fffffffffffffff7
[  375.588570][T14744] DR3: 3e00000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  375.590992][T14744] Call Trace:
[  375.592071][T14744]  <TASK>
[  375.592938][T14744]  ? __pfx_fib6_del+0x10/0x10
[  375.594294][T14744]  ? fib6_ifdown+0xcd/0x8f0
[  375.595719][T14744]  fib6_clean_node+0x424/0x5b0
[  375.597206][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  375.598802][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  375.600240][T14744]  fib6_walk_continue+0x44f/0x8d0
[  375.601824][T14744]  fib6_walk+0x182/0x370
[  375.603149][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  375.604693][T14744]  fib6_clean_tree+0xd4/0x110
[  375.606140][T14744]  ? __pfx_fib6_clean_tree+0x10/0x10
[  375.607727][T14744]  ? __pfx_fib6_clean_node+0x10/0x10
[  375.609379][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  375.610948][T14744]  ? preempt_schedule_thunk+0x16/0x30
[  375.612646][T14744]  ? __pfx_fib6_ifdown+0x10/0x10
[  375.614195][T14744]  __fib6_clean_all+0x107/0x2d0
[  375.615719][T14744]  rt6_disable_ip+0x2ec/0x990
[  375.617195][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  375.618894][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  375.620736][T14744]  ? __pfx_rt6_disable_ip+0x10/0x10
[  375.622385][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.623875][T14744]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  375.625568][T14744]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  375.627315][T14744]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  375.629165][T14744]  addrconf_notify+0x220/0x19e0
[  375.630684][T14744]  ? ip6mr_device_event+0x1bc/0x230
[  375.632324][T14744]  notifier_call_chain+0xbc/0x410
[  375.633892][T14744]  ? __pfx_addrconf_notify+0x10/0x10
[  375.635534][T14744]  call_netdevice_notifiers_info+0xbe/0x140
[  375.637375][T14744]  __dev_notify_flags+0x1f7/0x2e0
[  375.638982][T14744]  ? __pfx___dev_notify_flags+0x10/0x10
[  375.640708][T14744]  ? __dev_change_flags+0x3d5/0x720
[  375.642333][T14744]  ? __pfx___dev_change_flags+0x10/0x10
[  375.644061][T14744]  ? __pfx_validate_linkmsg+0x10/0x10
[  375.645726][T14744]  netif_change_flags+0x108/0x160
[  375.647285][T14744]  do_setlink.constprop.0+0xb53/0x4380
[  375.648998][T14744]  ? preempt_schedule_common+0x44/0xc0
[  375.650694][T14744]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  375.652536][T14744]  ? preempt_count_add+0x76/0x150
[  375.654110][T14744]  ? __wake_up_klogd.part.0+0x99/0xf0
[  375.655792][T14744]  ? __lock_acquire+0xb8a/0x1c90
[  375.657291][T14744]  ? __mutex_trylock_common+0xe9/0x250
[  375.658964][T14744]  ? __pfx___mutex_trylock_common+0x10/0x10
[  375.660787][T14744]  ? __pfx___might_resched+0x10/0x10
[  375.662431][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.663933][T14744]  ? trace_contention_end+0xdd/0x130
[  375.665574][T14744]  ? __mutex_lock+0x1ca/0xb90
[  375.667045][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.668548][T14744]  ? rtnl_newlink+0x600/0x2000
[  375.670056][T14744]  ? trace_cap_capable+0x18d/0x200
[  375.671698][T14744]  ? __pfx___mutex_lock+0x10/0x10
[  375.673267][T14744]  ? apparmor_capable+0x114/0x1d0
[  375.674840][T14744]  ? netlink_ns_capable+0xfa/0x130
[  375.676437][T14744]  rtnl_newlink+0x18e0/0x2000
[  375.677912][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.679478][T14744]  ? kasan_quarantine_put+0x10a/0x240
[  375.681199][T14744]  ? lockdep_hardirqs_on+0x7c/0x110
[  375.682819][T14744]  ? kmem_cache_free+0x2d1/0x4d0
[  375.684380][T14744]  ? kfree_skbmem+0x1a4/0x1f0
[  375.685856][T14744]  ? __lock_acquire+0x622/0x1c90
[  375.687404][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.688916][T14744]  ? trace_cap_capable+0x18d/0x200
[  375.690512][T14744]  ? find_held_lock+0x2b/0x80
[  375.692015][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.693578][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.695142][T14744]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  375.696742][T14744]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.698311][T14744]  rtnetlink_rcv_msg+0x95b/0xe90
[  375.699870][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  375.701584][T14744]  ? ref_tracker_free+0x37c/0x830
[  375.703158][T14744]  netlink_rcv_skb+0x158/0x420
[  375.704663][T14744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  375.706356][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  375.707995][T14744]  ? netlink_deliver_tap+0x1ae/0xd30
[  375.709642][T14744]  netlink_unicast+0x53a/0x7f0
[  375.711153][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  375.712802][T14744]  netlink_sendmsg+0x8d1/0xdd0
[  375.714300][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.715942][T14744]  ? __import_iovec+0x1dd/0x650
[  375.717464][T14744]  ____sys_sendmsg+0xa98/0xc70
[  375.718961][T14744]  ? ea_dealloc_unstuffed+0x630/0xa60
[  375.720630][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  375.722294][T14744]  ? get_compat_msghdr+0x11a/0x170
[  375.723899][T14744]  ? __pfx_futex_wake_mark+0x10/0x10
[  375.725539][T14744]  ___sys_sendmsg+0x134/0x1d0
[  375.726998][T14744]  ? __pfx____sys_sendmsg+0x10/0x10
[  375.728626][T14744]  ? find_held_lock+0x2b/0x80
[  375.730106][T14744]  __sys_sendmsg+0x16d/0x220
[  375.731577][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  375.733148][T14744]  ? __pfx_bpf_trace_run2+0x10/0x10
[  375.734693][T14744]  ? syscall_trace_enter+0x1cb/0x260
[  375.736349][T14744]  ? rcu_is_watching+0x12/0xc0
[  375.737828][T14744]  __do_fast_syscall_32+0x7c/0x3a0
[  375.739425][T14744]  do_fast_syscall_32+0x32/0x80
[  375.740958][T14744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.742906][T14744] RIP: 0023:0xf7fc6579
[  375.744158][T14744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  375.749935][T14744] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  375.752521][T14744] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000180
[  375.754927][T14744] RDX: 0000000004000c00 RSI: 0000000000000000 RDI: 0000000000000000
[  375.757314][T14744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  375.759747][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  375.762199][T14744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.764631][T14744]  </TASK>
[  375.765612][T14744] Modules linked in:
[  375.766899][T14744] ---[ end trace 0000000000000000 ]---
[  375.768605][T14744] RIP: 0010:fib6_del+0xe78/0x1770
[  375.770218][T14744] Code: a0 00 00 00 80 3c 02 00 0f 85 f8 06 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b 1c 24 48 8d bb 2c 01 00 00 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 09 84 d2 74 05 e8
[  375.776070][T14744] RSP: 0018:ffffc90003ff6840 EFLAGS: 00010203
[  375.777929][T14744] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90006011000
[  375.780333][T14744] RDX: 0000000000000025 RSI: ffffffff8a2b8415 RDI: 000000000000012c
[  375.782760][T14744] RBP: ffffc90003ff6960 R08: 0000000000000001 R09: 0000000000000000
[  375.785135][T14744] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880604d0400
[  375.787592][T14744] R13: ffffc90003ff69c4 R14: 0000000000000001 R15: ffff88805cdeae10
[  375.790046][T14744] FS:  0000000000000000(0000) GS:ffff888097873000(0063) knlGS:00000000f50e6b40
[  375.792771][T14744] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  375.794823][T14744] CR2: 00000000f50c5da4 CR3: 0000000079818000 CR4: 0000000000352ef0
[  375.797334][T14744] DR0: 000000000000000d DR1: 00000000000000ff DR2: fffffffffffffff7
[  375.799815][T14744] DR3: 3e00000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  375.802287][T14744] Kernel panic - not syncing: Fatal exception in interrupt
[  375.805224][T14744] Kernel Offset: disabled
[  375.806584][T14744] Rebooting in 86400 seconds..

VM DIAGNOSIS:
22:17:47  Registers:
info registers vcpu 0

CPU#0
RAX=ffff88806ca27a80 RBX=0000000000000003 RCX=ffffffff8198511c RDX=1ffff1100d944f50
RSI=0000000000000000 RDI=ffff888072f11c20 RBP=ffffc90000007d80 RSP=ffffc90000007c50
R8 =0000000000000001 R9 =fffff52000000f78 R10=0000000000000003 R11=0000000000000001
R12=dffffc0000000000 R13=ffff888050f7dfa0 R14=ffff88806ca27a80 R15=ffff888050f7e8b0
RIP=ffffffff84dc922d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f028d5eb300 ffffffff 00c00000
GS =0000 ffff888097773000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000056401c99d3b0 CR3=000000004c7ca000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8886a920 ffffffff83303869 0000000400000004 0000000600040008
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff872d1641 ffffffff8232e211 ffffffff8886a920 ffffffff83303869
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000400000004 0000000600040008 000602000000000c 0000000800040009
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65646e69622f2e01 ffffffffffffffff d70801800300020d c200080001000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0806010800060104 cc0fffffffff0208 81c3889a08000100 0000080606010fe8
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c08000608002008 0006016ff2000400 0008000fffffffff 0201c70800080047
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300080007a80300 080007a003020800 0798030388080006 8803010000020206
ZMM25=e9b95550e9b95550 e9b95550e9b95550 e9b95550e9b95550 e9b95550e9b95550 e9b95550e9b95550 e9b95550e9b95550 e9b95550e9b95550 e9b95550e9b95550
ZMM26=e6394b83e6394b83 e6394b83e6394b83 e6394b83e6394b83 e6394b83e6394b83 e6394b83e6394b83 e6394b83e6394b83 e6394b83e6394b83 e6394b83e6394b83
ZMM27=29177da329177da3 29177da329177da3 29177da329177da3 29177da329177da3 29177da329177da3 29177da329177da3 29177da329177da3 29177da329177da3
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=da100000da100000 da100000da100000 da100000da100000 da100000da100000 da100000da100000 da100000da100000 da100000da100000 da100000da100000
info registers vcpu 1

CPU#1
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85561a05 RDI=ffffffff9ae5ba00 RBP=ffffffff9ae5b9c0 RSP=ffffc90003ff6368
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000061 R14=ffffffff9ae5b9c0 R15=ffffffff855619a0
RIP=ffffffff85561a2f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097873000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50c5da4 CR3=0000000079818000 CR4=00352ef0
DR0=000000000000000d DR1=00000000000000ff DR2=fffffffffffffff7 DR3=3e00000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000000 RBX=ffffc9000103ef40 RCX=ffffffff820c4cde RDX=1ffff1100c893a1e
RSI=ffffffff820c3d19 RDI=ffffc9000103ef70 RBP=ffff88806449d0f0 RSP=ffffc9000103ed38
R8 =0000000000000006 R9 =000000006449d047 R10=000000006449d047 R11=0000000000000001
R12=0000000000000001 R13=0000000000000001 R14=00007f5f0821f000 R15=ffffc9000103ef40
RIP=ffffffff820c3d51 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097973000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031720008 CR3=000000005438b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016400000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=ffffc90000415110 RBX=0000000000000000 RCX=1ffff11008a01186 RDX=0000000000000008
RSI=ffffc90000415100 RDI=ffff888045008c30 RBP=ffff888045009000 RSP=ffffc900005e8e58
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=dffffc0000000000 R13=0000000000000001 R14=ffffed1008a0120a R15=ffff888026d60000
RIP=ffffffff865d4d7d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097a73000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ff840ff8 CR3=0000000079818000 CR4=00352ef0
DR0=000000000000000d DR1=00000000000000ff DR2=fffffffffffffff7 DR3=3e00000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016400000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000