last executing test programs:

1m21.649418832s ago: executing program 0 (id=266):
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0xc0686611, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x1c, r3, 0x1, 0x70bd27, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="e0000000", @ANYRES16=r7, @ANYBLOB="010023bd7000000020003b00000008000300", @ANYRES32=r6, @ANYBLOB="2b00330030b0f800ffffffffffff080211000000505050505050050010008f0110000d0001000103c8ecb60092003300802009000802110000010802110000005050505050509f0003000000000000006400001003010597054e4091e6e2ec4cef54c9a294df075c2e4b966575a70d860e2f4fa504a10b114a6fc96468b2283b4b439c9f4a3983742e32299e6d3fc6acdf030b25030007072a01042d1a768616020000000000000006004700110000000104"], 0xe0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x1c, r3, 0x50d, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4010)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xffff0000}, 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
unshare(0x62040200)

1m20.598300442s ago: executing program 0 (id=275):
r0 = socket(0x18, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, 0x0, &(0x7f0000000000))

1m20.596906859s ago: executing program 0 (id=276):
r0 = socket$inet6_udp(0xa, 0x2, 0xfffffffe)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f4, 0x0, 0x168, 0x9, 0x134, 0xb, 0x22c, 0x250, 0x250, 0x22c, 0x250, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00', [], [], 'ip6tnl0\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0xf4, 0x134, 0x0, {0x0, 0x28e}, [@inet=@rpfilter={{0x24}}, @common=@inet=@ipcomp={{0x2c}, {[], 0x12}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "48c01c5140d722edd3fb24545886bbd1be494201b400"}}}, {{@uncond, 0x0, 0xc8, 0xf8, 0x0, {}, [@common=@inet=@set2={{0x24}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x3, 0x7, 0x8}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x350)

1m20.530677908s ago: executing program 0 (id=277):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
recvmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000003780)=[{&(0x7f0000003740)=""/4, 0x4}], 0x1}}], 0x1, 0x122, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e24, 0x3, @private1, 0x8001}}, [0x81, 0x0, 0x6, 0x9, 0x2, 0x7, 0x9, 0x2, 0x5, 0x4, 0x5, 0x4, 0x4000000000000, 0x6, 0x4]}, &(0x7f0000000080)=0xfc)
r1 = mq_open(&(0x7f0000000100)='&\x00', 0x40, 0x100, 0x0)
mq_notify(r1, &(0x7f0000000000)={0x110c230000, 0x3, 0x2, @thr={0x0, 0x0}})
mq_notify(r1, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r2, &(0x7f0000000340)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24)
listen(r2, 0x4)
listen(r2, 0x8)
r3 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
syz_clone(0x20180, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r5, &(0x7f00000023c0)={0x2020}, 0x2020)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x7, 0x8, 0x80000000, 0xfffffff7, {{0xc, 0x4, 0x2, 0x3d, 0x30, 0x64, 0x0, 0x81, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@timestamp={0x44, 0xc, 0x77, 0x0, 0x0, [0xcd, 0xa]}, @noop, @noop, @timestamp_prespec={0x44, 0xc, 0x12, 0x3, 0x8, [{@multicast1, 0x7fff}]}]}}}}})
sendmsg$nl_xfrm(r6, &(0x7f00000027c0)={0x0, 0x0, &(0x7f0000002780)={&(0x7f0000000000)=@getsa={0x28, 0x12, 0x1, 0x70bd28, 0x25dfdbfd, {@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, 0x4d3, 0x7782067f0e9a5789, 0x6c}}, 0x28}, 0x1, 0x0, 0x0, 0x8011}, 0x4000008)
ioctl$BLKRRPART(r3, 0x125f, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
pwrite64(r3, &(0x7f0000000000)="a5", 0xfffffe8c, 0x2)
umount2(&(0x7f0000000040)='./file0\x00', 0x5)

1m20.530356327s ago: executing program 0 (id=278):
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0xc0686611, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x1c, r3, 0x1, 0x70bd27, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="e0000000", @ANYRES16=r7, @ANYBLOB="010023bd7000000020003b00000008000300", @ANYRES32=r6, @ANYBLOB="2b00330030b0f800ffffffffffff080211000000505050505050050010008f0110000d0001000103c8ecb60092003300802009000802110000010802110000005050505050509f0003000000000000006400001003010597054e4091e6e2ec4cef54c9a294df075c2e4b966575a70d860e2f4fa504a10b114a6fc96468b2283b4b439c9f4a3983742e32299e6d3fc6acdf030b25030007072a01042d1a768616020000000000000006004700110000000104"], 0xe0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x1c, r3, 0x50d, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4010)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xffff0000}, 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
unshare(0x62040200)

1m20.189742404s ago: executing program 0 (id=280):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x802, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2fe, 0x10)
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x2)
fcntl$setsig(r4, 0xa, 0x21)
ioperm(0x0, 0x7, 0xffffffff)
fcntl$setlease(r4, 0x400, 0x1)
creat(&(0x7f0000000280)='./file0\x00', 0x3e)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, {{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x20000004}}], 0x2, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x75fa, 0xe475, 0x0, 0x0, 0x0)

1m20.13713675s ago: executing program 32 (id=280):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x802, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2fe, 0x10)
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x2)
fcntl$setsig(r4, 0xa, 0x21)
ioperm(0x0, 0x7, 0xffffffff)
fcntl$setlease(r4, 0x400, 0x1)
creat(&(0x7f0000000280)='./file0\x00', 0x3e)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000025c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, {{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x20000004}}], 0x2, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x75fa, 0xe475, 0x0, 0x0, 0x0)

42.374387951s ago: executing program 1 (id=516):
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000580)={0x8, {"4e046f8d67a83f332d0cd2b0d581b7b4565fa5b216b00265136a75572c46c00253016d560183e0a1cb1530fcaac12f15b91d26fbfed65099f46c2073ab1d14f97f0987e8650507982ad0e9bbc932b67d1a46c0f241827cbcdbe6976a4e8fb5cbd50f3d7df932d1d2d7d35b97887f85ebb230661917ea7231a3c4bbf2240d7ca09292dc0c5fb9a9a7fc3c0f76fb03037b872fb2c65960a7a70512a1aaf2eeb573f9e75015ba8d30aacc82dcfa501e813eea2150b5864eefdffbf00fe43d0a4737eeda65d29cbe5f613a0ddca8872e1fb35d813acbdb8b76922f4a9cbe3900ba40f940f5f8c54bf8e4a19320a14c1055df7bf7e9bfaff4f0a3f101759b9cdb0e9c3d76f0fc0ca44e25d5a7b701f1daea46d95c7dc25bb3b11227102bdc31b7d29f74cc093433099de47c0b18c8c31005af5ecd8a248608b312e94906e34e749a3814473136436a25f88535ddd6da07a5f519eb8d175f60270c7e13655c3b48e66a09cb553d9b7dcebf94419fc2531d790409058b65afbdb6eaa39fa18fded628b57f113cd1b6b1d0621f52847d01b4b806b6e6eeca11b660dcef1a48406fffe6108d0836b99f40f457a905815d93f8e776a2f909241d04d107a0eda7b0fc7ac9fbe541720f9998e6f66384f926b52c9c35f001fcad922a3a1022de6a477dd47fb2ae0a80ace868412919db7616de3d195a64b227e8de852e8e647815a31a42c5149abec939a193117d287cc120cd1932c1b26458b9d0ad592055ca02fff3ec6f1aafa2e7800d59fef24d72f371abc14b68f99c1113ee22772033865c8fe45f87c1167e3ff97cc500133d99fb26057ab3743d97c6b9b9717de6b70c5e82850408f3f98978f4c09e94551951c43bdef2fd3dc9af7e6ced9de2e1290a99cc09141fcc06765c8ce9905f81ffd39c4c500eece1d2a60d3ba8074ac5ce3fc6309a15ae38103dce53cf184e8aacd9d51173257c00574efb783b1cfdd03d4170cfed48c3bd85df760357eed6a9dafb84302f82657b2b4b5a8af90cc989bb1e761d3331cc2fc7cd0e5b663cd2364c3155654b804f06e261d1da0c9010473cbb85690493b11341b4c8e1760f2ffb10417365c19b80af36eb73508891730d6d3860fe2a1451209b1836f4772f0e932e31738a2e13a0cc9bea6ec30b84eb2e3de9312c72650144a9ef94d75fe60618b45328a9a0393e03b8003eefee6d68f114b23598021316f0eb2e94d25d0797528e6e0e4f5d6f4be150764cd4a871b1bb65442df6f3b0927109d3e4b1758a815fed41d35cdc0ec47e99909be2959ca249cb05b7eac0ea46012903dc51a5cdffd0faac16a0383f0ac8249d552eb4f725cc9e123610595a8f86ccad8b96f50adb9211dd04c3ed664dccc2104426c10dd879487c8a63075737e48d681d113bca6ee8dc3f9b78d2ec388215b5972011c618c2519472c4653191dc0f191a701b01e7ba4dbd191861ec09530c4ad8e5e64716cfe8b8f16fdf8b9766f0a8fa0de86f88d691675f152ac749422297c5c91eb24031729879f05eadc54ed61c96572b4cad0509b300106a8cc065f7d0d8725c8e756b91c9f642eb654ed9c1823adf83ffea916ed6d302b234d5c85543e86580b728ec1d906d013ccc8afa8337f7592da763fe2e59b6d8b73e198c0e1be6d3d4edabb4e649d1b7bc64d0dafcd98a17a896b0e0e2c72cbc65745e8499efbd95c222b4b6dc592e9ba4403304529d9215cd484c3e1d634d1403569759364a197834d8ec059caaa90ed80d3353431e9d2db6208ed74de4c8da71f4390a8a9ba3c518858f3d27a270368e802549c0e40867385f51c49b26a6e6eae232e92a0a91568d18d125fbbd8d066125a98e32834d2fd3bcf0f0ca6de920f14507c2b14b32f41ab1f843f508859347f6f7100f31f32c05f1e98c63c8fdc470aeb3a8afa7f6a3e73c94e9c08f1c05a31c9f011abfb24e818b8986ad042fb8de6c1584c435d2c271f70c58c9ced5fe16045570e18c385f948f4a561e901b9c15dc9826e4f1fb02dd19d6a1e85f86283eb982c37ba2f246b9db0560080ef372f1fb6789db3ac978851088c593175f2fd07c6549b32ec21b9d59754225eba98b0bf021837a9e713b877e04b2824b5940c596c8a12c1bfb8f03b637d9476f07861d9d8ccde4de0133ca596a5add05cf89c5b8f5630e67ed499318558aea3e42a875994949e61612bc5e5d2cf0d7d23700417a68fe96b6a1876169aae30200817b6caef26c9f77a90f3cab36396d55d0f077292a952bcf5c6dbe899ad5839180587f7f790dc5a65104f21db33a21d68c63f6028ac3c1ca1811a4cef6e1a7d9a77ef1ad6fab4cf2a49896985a713e9e740f4375d2062dbf43ba31f9cd9ebf29e4ffc660467808a6555712d4c0bdee97807949da2b6f427b48264f8b1edf54e870f1b4ff1e7a9354154ed42f479729fe50ded73fd4290b151a4d776fa1f69b661a1263a545ba8d9b9342d2c54693d393ede65795eaa5bb72f89fe2eb7d320b3824117fdf22d6bc13eed07dae6b1d231927c4eaed7788a66ef6a9c97a394c210ac234fe243d8f53cbfdaf6c47cf32e418dae7e9a99d9be6792cdf05ab9b4a5324e63a57d9d49f48b02fd55f4d6f478eac0e5a89a002358a3ca45f2fcb83831e363042e5b133b530cf9575f24ec6c277f3c70ed8a5c83af1ce0e8a6444e24f60c8bc774529ebb5cd5320a52a76f3f29e34e009a39a3ba12e9a217754878925df28be65544a3884515fb35e6c2a3cc2a644bc2bf6bd7156a9fcd25b48fb612385ec5cf127fc83db16391e3063e474de6e71ed130d5300383945a297da5db5f49b59b62f4aecc4995fded78b4484c76bc471643116b9162647c5fb27d21c1c6423ee2f02c3f0bccf97b675d6b8b98c6692926063ca02a29e79ae5aa8ab830e732c168b19bf527753c370e77bba5140cc64813992b0646df0bd15e69b09e289f41d8ea4e5d70a2c183a58b5b35e095d1e95ad65abd11f7a00ba4440328c9727b7b796322bf7156de6148c6f6fb899256189edbff5fadb14411c1d18288d48d9b000ba9c3ca822efaf50048a6ce89134ba2197c9fef1ae28826c6fda820fd459f6f220b04db89606db19d8a95e238ac0f67ab019368f7edf6353aecd72e70600c054279d3cab70cb37fdfb01c579fb3583f9114f53f3b2c045a62f4bc3fe59c51bb816efdfc07cff4d2bdede382f34cff4920f68faa41df3f158a398098511228694a9712b915d311fcc9c1c0dfc92d90afba46878ddef5fff4ae0ddc461d698e14f02831562e97c35f28efd2ed7f21a38727df56358947b8368debd5eeb5b47dc337e939d38f61ffb8b5058b8614f755d880a74fc7bc2b0e88a32f7989fdc3c6956babee48af3f63714a814bde1f8b54bd0de5a1d196e9e14550a3639eaf2e6466b4b22be19376a670d1acd846f5d7abdc9daa285e545bdd5297ce48f1884db88de07d220d7c54d71329b4439cf7e1ce7a2017a39edbacb9117bd37d92aa70edf2cabf2fee8c2331032e823c0c1adc877b41b3676e174aabc050b8566095c4a954cb689947cdf688d98c7d57539f24b64509920937afc1e2ee74d5532bfb859af1c5175bc45dca144510c010534c1d4c9cb51d567e902b4db1b9ff864085eb65ff65895907560ca7638691040a9d6b507523d1690696322b57b9526d78c8ce6b59229ac40501d2edb61406901e3b2c70c4d98afaa564f1c66c087782ad57db3984bb80c38ed3791479eff09b0512c42cffbb71d88e62d926fe66e51c040f06ce1615cf71a6f90c161843c86f08a2abe4bc8a5ded3228728277df4b5d667f852984b6ebf7a90125df72ede30439975a2713544b3a34052c608b673cdd1d1f735d37dd52c714e5aa1df1e872df0734f0997cceca0edd9fc04502e4b10b1089a5ec9325058de98d023fac190786df73e166b2d15b47b43a562d4fc7249e44a93e83e8400e6d82980d7370691ac79bd80afd45f3588043b2540f5f31e7ee80b348228f1688d80d8b439b1d61c6471603ee2b07145ab894336a571a5842d0f9a6ef16e1e421cd70d68b04d9359cd560c5c8079c5fa23515d430f877efa49ee1306395cb5bec34108886ee802dd9475bdaf87af3cb431e9274c37dc277cc46a87e90d91d17fcd7f71626384fee39d28b35a29de5e57c050afeb142a40429b714cd207f1c95b4216c94183b477d6ac1626dc56daa3c06a3b3c40fae82a2676d01fd5dff82bf4283e973789dbb1ca30afc9864206b2d8f246e0ec6ff6ea54c017e2599674e2efaaba254364126bfbd0800e835727a3d4d63e2455a64d77a61f90f1d2c7f573ff368c409116957041ac1962677a8a40fe39d393f512eff53e6ad621cb5fdb7f513370c76f3572dd17de4096d4ac364427de6ef482713fbd5c826ecdaad32e67fada2869acc33d387afa6701e6d242073ed696d32b97989ae98c8d0f650b9ccb3bb7692eff8860937f007db0e8cf05ad8b26ac44bc638a87fb429dd3740e7d07d244a74af2c3704638bc6d413cf160cee80f36e29318de1925bb2ab49910bb080b97116eddc6756aaa447e2314df548979069866e5a7433bf0018294da74a193b0f85773ce8899e733d6c7fc62a4dbb0497d0f6b29a66f4a028b719f3667a463aaf261d7a24ef33270454b42a1a45f19c1c3cd424e6ae20621d23779611ca396634e6650814dd52ba8e9b9069344fd3926a377de0799cc083d137e10983af85f6c6f872e34d53176222edd262a632cc7203f0d6dccbf64bdeec8e7daf49dde879c06773f187c32cf36c97aade41601441b751ecdcb80c0b0815e45fae9255742ed170017ab639d294663490ebe3a6ad1533ff28e6ef47c7e12680bb13311c06e3a0bfe607d6e3aa6ec6da2dbb6247fc3b35c87ddf06368f4734757dc32ab10a3ebbf1c9f93e1ac38e77bc7863413d6b62c5cf5547d654570b39958845c7095134dbb0e21d4ceaa21d065be311b8ab155c4991fa4aaabaf15ac9e5db109f4765a7dc8ee71ceaea553e82a3eccc915c6fc23fba24debcc8e36cde1921d49936ebb5cd88c0ec502e2b8b337f913cf3bbf63009e8ba74b6977fba279098fe68c6ff161643aae67e34a9739eddd04539fedd052b34f749d2abf86373a1137bc9f461b72db6550d2de2a608e6ed76b321c41b35dda2acce665f4d8efc6bb4d74d989017aa7b6afe360f0025d9ac1ac747465557bc1aaf62a9a58dc931d84156e99b9bc05c40661c4e1d2935d52fee05d6955e84da9ff80d1bd2c96295a3b4dafe48b799ddbc533a12e9be3efda483dae74b24f79819248362b7c96c4758a2d91d1de116d958af4ddddf8c57031494054621d203af9ffcb855e56a5636d3933409991849a6be411671af1e8d219df9aa36ac35e69b4ab828aadc7ca0e12dfd8dd841dd293346980146036387a4c05a6fd9e1de8c1f53e72b6093dd2ba35cbd38870ce6f5b5812592fe451aad26a756c33c13db86e70d06355d72d4c22aa8c136cf80297c3b48af1c2915d2fcb827db2dc1bb907df3f1db3bbb4e44b33c5e83887d5b2a402c42aac19bb909dc2a8cd4f917112b0a4f186bd48b0682e16dbab5ae66dd4d2c503f0dfcb5b117b0a7143ae799a61dafc1232d221289fc15c452cf37e3cf0f1efc4e817fd048c6260a3071f63b028a7efbca891b462de1c4234d4326205b7a0667a993dabd454c3f90e844867fca332515f24f9e9595c0b2d7ce37d5215d0572b395a7d3abf0543130649ef57bf5c44e12248d474d00f652f29f51146b30daf1e86533f6436e5af45d69814ebb33a492f8989e6e559d1", 0x1000}}, 0x1006)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @multicast2, 0x4}, 0x10)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x28, r5, 0xc4fc9e906872378b, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc}}}}, 0x28}}, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000001c0)=""/13)
r8 = dup3(r7, r6, 0x0)
mkdirat(r8, &(0x7f0000000280)='./file0\x00', 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x16, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000440)=[<r9=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea5, 0x0, 0x0, r9})

40.682818323s ago: executing program 1 (id=529):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x64, 0x0, 0x8, 0x801, 0x0, 0x0, {0x1, 0x0, 0x1}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x17}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_TIMEWAIT={0x8, 0x7, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_DCCP_TIMEWAIT={0x8, 0x7, 0x1, 0x0, 0xfffffff9}, @CTA_TIMEOUT_DCCP_TIMEWAIT={0x8, 0x7, 0x1, 0x0, 0xfffffff7}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}]}, 0x64}, 0x1, 0x0, 0x0, 0x2048002}, 0x80)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4)
r5 = dup(r4)
ioctl$sock_inet_sctp_SIOCINQ(r5, 0x541b, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_CHANNEL_POLICY(r7, 0x112, 0xa, &(0x7f00000003c0)=0x2, 0x4)
close(r6)

39.984032219s ago: executing program 1 (id=531):
fanotify_init(0x4000, 0x0)

39.983621816s ago: executing program 1 (id=532):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r3 = memfd_create(&(0x7f0000000280)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r2, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r4, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0)
socket(0x28, 0x1, 0x0)
r5 = syz_clone(0x84893011, 0x0, 0xf3, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
bpf$MAP_CREATE(0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="02000000040000000700000005"], 0x50)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r7=>0x0})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$inet6_dccp(0xa, 0x6, 0x0)
connect$inet6(r10, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r8, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

39.770387521s ago: executing program 1 (id=535):
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0xc0686611, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x30, r3, 0x1, 0x70bd27, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8, 0x17, 0x2}, @NL80211_MESHCONF_HT_OPMODE={0x6, 0x16, 0x14}]}]}, 0x30}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r6=>0x0})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x1c, r3, 0x50d, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4010)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xffff0000}, 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
unshare(0x62040200)

38.84346968s ago: executing program 1 (id=548):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00001ea000/0x1000)=nil, 0x1000, 0x8003, &(0x7f0000000200)=0x5, 0x9, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x28, 0x3, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x20000840)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
writev(r2, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x1)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x0, 0x4}, &(0x7f0000000440))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x2000, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)

23.462590093s ago: executing program 33 (id=548):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00001ea000/0x1000)=nil, 0x1000, 0x8003, &(0x7f0000000200)=0x5, 0x9, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x28, 0x3, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x20000840)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
writev(r2, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x1)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x0, 0x4}, &(0x7f0000000440))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x2000, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)

3.496182547s ago: executing program 2 (id=761):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg2\x00', 0x4)
syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x60882)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x5, &(0x7f0000000040)=[{0x5, 0xd, 0x7, 0xff}, {0xc000, 0x6, 0xb, 0x4}, {0x619, 0xf9, 0x82, 0x9}, {0x3, 0x5, 0x6, 0xff}, {0x9, 0x40, 0x6, 0x7}]}, 0x8)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
add_key$keyring(&(0x7f0000000100), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x4, 0x0, 0x0)

3.370242768s ago: executing program 2 (id=763):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioperm(0x0, 0x8, 0x5)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='1', 0xfffffffffffffc91)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x80d0}, 0x2000c0a0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000080000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppl2tp(r4, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x1, @remote}, 0xa}}, 0x26)
sendmmsg$inet(r4, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

3.229921041s ago: executing program 3 (id=765):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$cuse(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1})
openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x8800, 0x35)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

3.229531655s ago: executing program 5 (id=766):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
openat$sw_sync_info(0xffffff9c, &(0x7f0000000100), 0x10800, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_coalesce={0xf, 0x40, 0x0, 0x0, 0x0, 0xfa, 0x0, 0x0, 0x0, 0x69, 0x0, 0x1684, 0x0, 0x0, 0x4d, 0x9, 0x3, 0x0, 0x2}})
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x3}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7050000000000006110440000000000dc0500002000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9808837203000000000000c2d182c7a3221481f5009edaf5f5ac058299e10e790a198f42a715b99fb3d2a73dd025848710155ad1efd7d991408000000000000085a0db0401fa29e075b7ab0408a0d8cfceeb23465bb027ee1151c02af21d8f9aa57e673a6724441d08087aff070eda8abef22b3a806c8226f5a2886c93bd29b37252ba4a6e9cc5f69e75680c431aa855e487ae513abd6c4ee973fce29a26018ed5e0780f8778a602a3533a3dac7da4fe491edf3abfa7bf871c58848ac46ada6776bd9b85df01e626026a59ddfa7a9c879acbfb0bf426785dec7d8611dc850df49ed8633bdb83dd505fb20649f53841a0e200c91f5bf1bb186ed87efc7b6f8859d029c8376ca19265e281fea0a6fd2222f8850c8445758503ede0ce1b3f73ecd8989e8c53c5e679b13802bddf80f3b1d07d6d68bfa12ab34697d40ac1150a842f8bb381344b994c19642a10eb30845a993daaa8bd4aebc595475feb3475d8"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xc3, &(0x7f0000000300)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x0, 0x80000000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$alg(r5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
recvmsg$unix(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000880)=""/27, 0x1b}], 0x1}, 0x0)
r6 = socket(0x15, 0x5, 0x0)
getsockopt(r6, 0x200000000114, 0x271a, 0x0, &(0x7f00000000c0))
fcntl$dupfd(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
epoll_create1(0x80000)
r7 = fanotify_init(0x20, 0x0)
close(r7)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x5, 0x6}, 0x1c)
recvmmsg$unix(r3, &(0x7f0000003100)=[{{&(0x7f0000000000), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1, 0x0, 0x28}}], 0x1, 0x0, 0x0)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60)

2.939996953s ago: executing program 3 (id=767):
syz_emit_vhci(&(0x7f0000000380)=ANY=[], 0x2e)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket(0x40000000015, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
openat$null(0xffffff9c, &(0x7f0000000280), 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r5, 0xc0184800, &(0x7f0000000100)={0x4, <r6=>r4})
ioctl$FIONREAD(r6, 0x541b, 0x0)
listen(0xffffffffffffffff, 0x9)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmmsg$inet6(r3, &(0x7f0000005740)=[{{0x0, 0x0, &(0x7f0000002a80)}}], 0x1, 0x20008000)

2.469975103s ago: executing program 2 (id=769):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x40000000015, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r0, {0x4, 0xd}}, './file0\x00'})
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r2)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x8, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xc}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x13, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r1, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)

2.370124292s ago: executing program 5 (id=770):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40000121, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74)
r3 = syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0x400, 0x1, 0x1000001, 0xf7fffffc}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x28, 0x2007, @fd=r6, 0x0, 0x0, 0x0, 0x4, 0x1, {0x0, r7}})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x24204400, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}}, 0xb4}}, 0x0)
r10 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r10, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r10, 0x1, 0x3e, &(0x7f0000000100)=r11, 0x4)
sendmsg$inet(r10, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000002c0)='8', 0x1}], 0x1}, 0x811)
sendmsg$inet(r10, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x52cc)
prctl$PR_SCHED_CORE(0x24, 0x1, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000100)={0x4, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
connect$vsock_stream(r11, &(0x7f00000001c0)={0x28, 0x0, 0x2710}, 0x10)

2.030108353s ago: executing program 3 (id=771):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r3, 0x3)
setsockopt$inet6_int(r3, 0x29, 0xb, &(0x7f0000000100)=0x400, 0x4)
r4 = socket(0x10, 0x3, 0x0)
syz_open_dev$evdev(&(0x7f00000023c0), 0x6, 0x14480)
recvmmsg(r4, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
write(r4, &(0x7f00000000c0)="24fff0001e005f0214fffffffffffff8070000001d00000000000000050009000d000000", 0x24)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0x20002078)

1.956297622s ago: executing program 5 (id=772):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r2, 0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x802, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
epoll_create(0x101)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x200)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r7, 0x4068aea3, &(0x7f0000000080)={0xbe, 0x0, 0x40000000000001})
r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
ioctl$FIDEDUPERANGE(r8, 0xc0189436, &(0x7f0000000040)=ANY=[@ANYBLOB="020000000000000000000000000000000100000000000000", @ANYRES32=r8])
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
ioctl$KVM_GET_MSRS(r7, 0xc008ae88, &(0x7f0000000040))
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES16=r0, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00001210001ffffcffff0000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010067726574617000000400028008000a00", @ANYRES32=r9, @ANYBLOB], 0x3c}}, 0x0)

1.606633758s ago: executing program 2 (id=774):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000001240)="8f", 0x1, 0x0, &(0x7f0000001200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)='h', 0x1}], 0x1}, 0x4000000)
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000340)='G', 0x1}], 0x1)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x20008000)
syz_emit_ethernet(0x4a, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd608a37f200142c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000ff", @ANYRES32=0x41424344, @ANYBLOB], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0x18, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r6, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r6, &(0x7f00000000c0), 0x2)
write$USERIO_CMD_SET_PORT_TYPE(r6, &(0x7f0000000100)={0x1, 0x1}, 0x2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000003c0)={0x97, 0x10001, 0x1, 'queue1\x00', 0x101})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

1.549993997s ago: executing program 5 (id=775):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, 0x0)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000100)={0x1, 0xfffffffe, 0x6, 0xd, 0x1cd, &(0x7f0000000bc0)})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x100000000000600d, 0x1)
mount(&(0x7f0000000080)=@filename='./file0\x00', &(0x7f0000000b80)='./file0\x00', &(0x7f00000000c0)='befs\x00', 0x0, 0x0) (async)
mount(&(0x7f0000000080)=@filename='./file0\x00', &(0x7f0000000b80)='./file0\x00', &(0x7f00000000c0)='befs\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x553b, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x553b, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$alg(0x26, 0x5, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bind$alg(r4, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x1406, 0x39}, 0x10}}, 0x0)
sendmsg$kcm(r5, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001a00)="e8a472", 0x3}, {&(0x7f00000000c0)="bcc9b1557de1fad1f955144629ed4dcf3c33679ea22502e3cff8923bf5d43921bc111a262f295a8eb540", 0x2a}, {&(0x7f0000001680)="094fb143daa9baa36aaa2c", 0xb}], 0x3}, 0x0) (async)
sendmsg$kcm(r5, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001a00)="e8a472", 0x3}, {&(0x7f00000000c0)="bcc9b1557de1fad1f955144629ed4dcf3c33679ea22502e3cff8923bf5d43921bc111a262f295a8eb540", 0x2a}, {&(0x7f0000001680)="094fb143daa9baa36aaa2c", 0xb}], 0x3}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r7, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.37980271s ago: executing program 5 (id=776):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo\x00')
fchdir(r0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r1, &(0x7f0000000040)=0x5, 0x12)
r2 = gettid()
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000680), 0x1, 0x0)
pwrite64(r3, &(0x7f00000006c0)="33e95232e829c6cc0eaaca", 0xb, 0x4)
sigaltstack(&(0x7f0000000000)={0xffffffffffffffff, 0x0, 0xfffffffffffffefa}, &(0x7f0000000080)={&(0x7f0000000040)})
tkill(r2, 0x21)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0xc8200, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x7d)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x158, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}, @TCA_STAB={0x10c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, {0xc, 0x2, [0x0, 0x0, 0x0, 0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x2, [0x0, 0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, {0x12, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}, {0x16, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, {{0x12, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}}, {0x18, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}]}]}, 0x158}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r8 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r8, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)

1.130239326s ago: executing program 3 (id=777):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioperm(0x0, 0x8, 0x5)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='1', 0xfffffffffffffc91)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x80d0}, 0x2000c0a0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000080000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppl2tp(r4, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x1, @remote}, 0xa}}, 0x26)
sendmmsg$inet(r4, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

1.049912509s ago: executing program 3 (id=778):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58) (async)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
sendmsg$xdp(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000200)='c0', 0x2}], 0x1, 0x0, 0x0, 0x4000044}, 0x2000c010) (async)
sendmsg$xdp(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000200)='c0', 0x2}], 0x1, 0x0, 0x0, 0x4000044}, 0x2000c010)
prctl$PR_SCHED_CORE(0x3e, 0x11, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x8001400200bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
r3 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
futex(&(0x7f0000000140), 0x8c, 0x1, 0x0, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8582, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8582, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x275a, 0x0) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000240)={'#! ', '', [{0x20, '/`ev\x93:\xf6z\x00\x003\xb8\x18Z\xd5'}, {0x20, '%@&'}, {0x20, '&'}, {0x20, '%'}]}, 0x1c)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r11 = dup(r10)
write$UHID_INPUT(r11, &(0x7f0000001980)={0xc, {"a2e3ad214fc752f91b25060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b305d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x5c1}}, 0x505)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4400ae8f, 0x0) (async)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4400ae8f, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0) (async)
close_range(r4, 0xffffffffffffffff, 0x0)

1.04954524s ago: executing program 3 (id=779):
socket$inet6(0xa, 0x8000000000080001, 0xfffffff7)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
iopl(0x3)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x101a02, 0x0)
r0 = syz_io_uring_setup(0x222f, &(0x7f0000000280)={0x0, 0x8cdb, 0x10100, 0x400000}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x6000, @fd_index=0x3, 0x800000, 0x0, 0x0, 0x13})
io_uring_enter(r0, 0x53d1, 0x0, 0x4, 0x0, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001980)={0xc, {"a2e3ad214fc752f91b25060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b305d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x5c1}}, 0x505)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r5, &(0x7f0000000000)=""/188, 0xbc)
read$char_usb(r5, &(0x7f0000000100)=""/74, 0x4a)
r6 = syz_io_uring_complete(0x0)
ioctl$SNDCTL_SYNTH_ID(r6, 0xc08c5114, &(0x7f00000001c0)={"dba48dd08c5c65053ee06cf3f665ae95da0efb46d1d8faaa0b481be6810a", 0x4, 0x0, 0x1, 0x7f, 0x80000000, 0x80000001, 0x9, 0x4, [0x6, 0x0, 0xf, 0x7, 0x49a3, 0x3, 0x3, 0x870, 0x4, 0xa92a, 0x9, 0xfffffff8, 0x6, 0x0, 0xfff, 0x402, 0x7, 0x2b8d5821, 0x44]})
mkdir(0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000180)={0x7, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020100090a000000007fffffff0000000200100000e9000000e9000000000000030005000000000002000000ac1414000000000000000000030006000000000002"], 0x50}}, 0x0)

866.210759ms ago: executing program 4 (id=783):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x6, &(0x7f0000000000)=[{0x7, 0x5, 0x1, 0x6f5b}, {0x0, 0x33, 0x7c, 0x8}, {0x7fff, 0x2b, 0xa, 0x7ff}, {0x7, 0x9, 0x10, 0x9}, {0x6, 0x7c, 0x4, 0x2}, {0x3, 0x4, 0x0, 0x3}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000180))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x10, 0x6, 0x8, '\x00', 0x1})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000000015000072000040"])

719.929622ms ago: executing program 4 (id=784):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r0 = syz_io_uring_setup(0xc63, &(0x7f0000000140)={0x0, 0x10c4, 0x10, 0x0, 0x580000}, &(0x7f00000005c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r3, r3, 0x37, 0x0, 0x0, @void, @value}, 0x20)
io_uring_enter(r0, 0x3512, 0x9d5c, 0x4, 0x0, 0x0)

600.077897ms ago: executing program 2 (id=785):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x5a20dc2da4e3e73c)
rt_sigaction(0x19, &(0x7f00000000c0)={&(0x7f0000000080)="366465f029144d00000081f30fc27f5e06ae0d0fd82e2e460f01d626f00994aff7000000c4c1796f960600000040cd00c4e2f1453c99f340a56544ca0c00", 0x84000004, 0x0}, 0x0, 0x8, &(0x7f0000000000))
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x10, &(0x7f0000000100)=0xf3e, 0x4)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x1a, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r3, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0x4000000004002, 0x0)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r5, 0x0)
r6 = fsopen(&(0x7f0000000240)='xfs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r6, 0x2, &(0x7f0000000080)='discard', &(0x7f0000000200), 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
r7 = syz_clone(0x85240000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(0x0, 0xd)
ptrace(0x10, r7)
mmap$IORING_OFF_SQ_RING(&(0x7f000062a000/0x1000)=nil, 0x1000, 0x1000000, 0x12, r5, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = dup(r8)
sendmsg$IPSET_CMD_CREATE(r9, 0x0, 0x0)
ftruncate(r0, 0x3292e291)

599.909934ms ago: executing program 4 (id=786):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioperm(0x0, 0x8, 0x5)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write(r0, &(0x7f0000000000)="3f0000000100f4", 0x7)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='1', 0xfffffffffffffc91)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x80d0}, 0x2000c0a0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000080000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppl2tp(r4, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x1, @remote}, 0xa}}, 0x26)
sendmmsg$inet(r4, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

431.307619ms ago: executing program 5 (id=787):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r1, &(0x7f00000020c0)=[{{&(0x7f00000001c0)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x6}, 0x1c, &(0x7f0000000200)=[{&(0x7f00000000c0)='O', 0x1}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e20, 0xffff, @private1={0xfc, 0x1, '\x00', 0x1}, 0xa0}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000180)="c4", 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r1, 0x1)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000280)={0x0, 0x2}, 0x8)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x2b, 0x800000000004, @tid=r2}, &(0x7f0000000000))
iopl(0x3)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r3 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{0x0}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)

124.759261ms ago: executing program 2 (id=788):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$media(&(0x7f0000000200), 0x80000000, 0xc8200)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000040)={'\x00', 0x7ff, 0x200006, 0x2, 0x4964, 0x9})
ioctl$SG_BLKTRACETEARDOWN(r0, 0x1276, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0cc5605, &(0x7f0000000400)={0x2, @win={{0x0, 0x0, 0x47524247}, 0x0, 0x0, 0x0, 0x0, 0x0}})
connect$inet6(r2, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x34}, 0x4}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x6, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffffffff}, 0x1c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x20000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
request_key(0x0, 0x0, 0x0, 0xfffffffffffffffb)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x0, 0x73, 0x0, @dev, @local}}}}, 0x0)
writev(r4, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast2, @in6=@dev={0xfe, 0x80, '\x00', 0x2b}, 0x0, 0x4, 0x0, 0x1c3, 0xa, 0x0, 0x0, 0x3b, 0x0, 0xee01}, {}, {0x0, 0x0, 0x0, 0xfffffffffffffffa}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x100000, 0x33}, 0x0, @in=@private=0xa010100, 0xfffffffc, 0x3, 0x0, 0xb7, 0x0, 0x10000}}, 0x13a)
r6 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000900)=0x15)
io_setup(0xb0, &(0x7f0000000200)=<r7=>0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r7, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}])
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0x4}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x10, 0x3}, @TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x1f}, @TCA_FQ_FLOW_REFILL_DELAY={0x8, 0x9, 0x5}]}}]}, 0x48}}, 0x400c810)
syz_clone(0x20210000, &(0x7f0000000080)="b1d98e5f80b2593c75bf253c2e5e0535c64b7cbdf6589421158b52f81fbfe2c8a495786c3d1300e54712e6b10162930fc88b2595131d9d219c8a68bfe05352918f162f9aa98e365b71aee8550770d2838e7f773d21fa17d8fb8aba0423fe3172038162a469e1575dc99bb7e668514a4bed5765d37f32723250d6f646a79a7830857df2c70051502f8465", 0x8a, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="72f1ec9509aad0310c29001def")

59.303716ms ago: executing program 4 (id=789):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000100000027bf000000050000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000800000000000000040000000000000"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRESOCT=r0, @ANYRES64=r0], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
getxattr(0x0, 0x0, 0x0, 0x0)
r3 = openat$cdrom(0xffffff9c, &(0x7f00000000c0), 0x100, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x38)
mprotect(&(0x7f00005be000/0x2000)=nil, 0x2000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x8000, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'default'}}}]})
ioctl$CDROMREADAUDIO(r3, 0x530e, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r5, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
sendto$inet(r5, &(0x7f0000000080)="c282835ccae46c7d966a97939691fb5a75a3d778ab0012b0a847ab5538", 0x1d, 0x4000, &(0x7f0000000140)={0x2, 0x4e21, @remote}, 0x10)
setrlimit(0x7, &(0x7f0000000640))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, r0, 0x0)

59.001989ms ago: executing program 4 (id=790):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[], 0x10d0}}, 0x4000)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x101}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}]}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x400c041}, 0x0)

0s ago: executing program 4 (id=791):
recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc040ff0b, &(0x7f0000000180))
r2 = msgget$private(0x0, 0x128)
msgsnd(r2, &(0x7f0000010140)=ANY=[@ANYBLOB="0100"], 0x401, 0x800)
r3 = socket$inet6(0xa, 0x80002, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
r7 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_G_TUNER(r7, 0xc054561d, &(0x7f0000000140)={0x0, "13f20afd86c17f9dfa507069d57c6684154bc7ec29052b9ec48e707a4f251dd9"})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0x4}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x20000004)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, <r9=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r9)
lsetxattr$security_capability(&(0x7f0000002440)='./file0\x00', &(0x7f0000002480), &(0x7f00000024c0)=@v3={0x3000000, [{0x3, 0x7fffffff}, {0xd3}], r9}, 0x18, 0x1)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001300)=@newtfilter={0x8b4, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r8, {0x5, 0x7}, {}, {0x0, 0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x884, 0x2, [@TCA_BASIC_POLICE={0x430, 0x4, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x400}, @TCA_POLICE_RESULT={0x8, 0x5, 0x40}, @TCA_POLICE_RESULT={0x8, 0x5, 0xfffffff8}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x5, 0x10001, 0x6, 0x2, 0x9, 0x9d4, 0x7, 0x1, 0x9, 0x7ff, 0x3, 0x7fff, 0x8, 0x80000000, 0x10001, 0x7ee, 0xd, 0x5, 0xd, 0x9, 0xb5, 0x80000000, 0x6, 0xe, 0x9c, 0x80000000, 0x7688, 0x9, 0x5, 0x10000, 0xf, 0xc5, 0x400, 0xfff, 0x0, 0x7ff, 0xfffffffd, 0x7, 0x138, 0xa, 0x6, 0x2, 0x6e, 0x200, 0x9, 0x2, 0x0, 0x2, 0x0, 0x401, 0x7ff, 0x4, 0x8, 0x60, 0x200, 0xfffffff9, 0x8, 0x7f, 0x496e, 0x0, 0x9, 0x3, 0xbc0, 0x9, 0x4, 0x101, 0x7, 0x10001, 0xd, 0x405, 0x9, 0x57ba, 0x9, 0x1, 0x5, 0x3, 0xac0, 0x0, 0x3, 0x9, 0x81, 0x5, 0x3, 0xef, 0xffff, 0x3, 0x2, 0xffff, 0x9fff, 0x5, 0x10, 0x60, 0x59e, 0x7, 0x2, 0x7, 0xfca2, 0x80000001, 0x4, 0x8, 0x6, 0x527d, 0x5, 0xffffffff, 0x0, 0xffffcb31, 0xa18, 0x9, 0x62de, 0x6, 0x101, 0xe1a4, 0x7, 0x7, 0x8, 0x0, 0x7, 0xfffffffe, 0x8a, 0x8000, 0x2, 0x9, 0x7, 0x6, 0x1, 0x5, 0x3ff, 0x1, 0x59, 0x0, 0x3, 0x1000, 0x942, 0x9, 0x6, 0x6, 0x6, 0xfffffff7, 0x52b, 0xfffffffe, 0x7, 0x5, 0x9, 0x0, 0x5, 0x0, 0x2, 0xffff, 0x3, 0x7ff, 0xab8, 0x7, 0x80000, 0x2, 0x7f, 0x9, 0x7, 0x18, 0x8, 0x4, 0x6, 0x10001, 0x5, 0x9, 0x9, 0x30000, 0x1ff, 0xfffefffc, 0xfffffffc, 0x10, 0x4, 0xa, 0x2, 0x4, 0xf38, 0x1, 0x0, 0x2, 0x7ff, 0x401, 0xffffffff, 0x3, 0x3fe, 0x9, 0x0, 0x7, 0x7, 0x7, 0x5, 0xffffffc0, 0x800, 0x8c6, 0x9, 0x5, 0x5, 0xfffff000, 0x4, 0x80000001, 0x8, 0x5, 0x6, 0x9, 0x8, 0x2, 0x5, 0xfffffff8, 0x3, 0x80000000, 0x98, 0xd, 0xffffff97, 0x7f, 0x4, 0x2, 0xe, 0xcf400000, 0x3, 0x2, 0x0, 0x9, 0x4, 0x9c, 0xe, 0x2, 0x2, 0xfc, 0x400, 0xca78, 0x0, 0xa71, 0x4, 0x2, 0x4, 0x5353, 0x4, 0xcc3, 0x7ff0, 0x7fff, 0x50cf, 0xc68, 0x8, 0xfffffff3, 0x4, 0xfffffffc, 0x0, 0x8, 0x7, 0x82f, 0x0, 0x3, 0x7, 0xd, 0x2, 0x2d45, 0x7f, 0xd]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8}]}, @TCA_BASIC_POLICE={0x450, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x5b186c05, 0x1, 0x1d6, 0xdfd4, 0xfffffff7, 0x10001, 0x0, 0x0, 0x10000, 0x3, 0x8, 0x1003, 0x7, 0xb, 0x3ff, 0x8, 0x0, 0xff, 0x7, 0x8, 0x2, 0x1, 0x80000001, 0x3eb, 0xe, 0x1ff, 0x5, 0x9, 0x0, 0x401, 0x627a, 0x4, 0x4, 0x7, 0x6cd8, 0x8, 0x3ff, 0x73, 0x9, 0x7, 0xfff, 0x0, 0x100, 0x800, 0x99, 0x5, 0x40, 0x5686, 0xd, 0x10000, 0x282, 0x4, 0x3, 0xe, 0xf, 0x9, 0x80000000, 0xd2, 0x5, 0x8, 0xfffffffa, 0x80000001, 0x8, 0x7, 0x1, 0x65e2, 0x8, 0x6, 0x3, 0x6, 0x1970, 0x7, 0x10001, 0xfffffffe, 0x0, 0x2a6c, 0x6a921dfb, 0x10001, 0x7, 0xe07c, 0xffffffff, 0x8, 0x0, 0x1ead, 0x1, 0x5, 0x4a6, 0xe18, 0x3, 0x9, 0x2eb927c1, 0x0, 0x7, 0xa, 0x1ff, 0xd48, 0x9, 0x4, 0x177e, 0x4, 0x4, 0x9, 0xd5, 0x7fff, 0x1, 0x0, 0x4e, 0xc, 0x0, 0x5, 0x4, 0x6, 0x5, 0x5, 0x800, 0x3, 0x20d2, 0x800, 0xb, 0x4, 0x400, 0x0, 0x8, 0x1, 0xfffffffe, 0x4, 0x3, 0xfffffffc, 0x3, 0x5, 0x80000000, 0x40, 0x7, 0xffffff1b, 0x2, 0x2, 0xb, 0x1ff, 0x4, 0x2aa8, 0x3, 0x9f3c, 0x400, 0x7f, 0x8, 0x0, 0x4, 0x1, 0x556, 0x80, 0x7, 0x8fd, 0x3, 0x7, 0x3, 0x3, 0x27, 0xc, 0x9, 0x4, 0x2, 0x1, 0x1, 0x7, 0x7ff, 0x7, 0xfffff801, 0x1, 0x5, 0x2, 0x12, 0x9, 0xdd1e, 0x6, 0x1, 0xd, 0x5, 0x9, 0x5, 0x3ff, 0x6a, 0x7, 0x8000, 0x0, 0x9, 0x4, 0x1, 0x1000, 0x2, 0x4, 0x0, 0xf90, 0x401, 0x8, 0x9, 0x4, 0x8, 0x80, 0x6, 0x7, 0x0, 0x2, 0x5, 0x8, 0xfff, 0x7, 0x81, 0x6, 0xa773, 0x2, 0x401, 0xffffffff, 0x3, 0x5, 0x0, 0x0, 0x1, 0x80000000, 0x6, 0x6, 0x6, 0x671, 0x3, 0x9, 0x5d0, 0xf41, 0x2000000, 0x7, 0x2, 0xfffffff7, 0x0, 0x9, 0xfffffff9, 0x0, 0x3a, 0x3, 0x8000, 0x7, 0x89, 0x5, 0x4, 0x3, 0x5, 0x1, 0x51, 0x80000040, 0x1, 0xfff, 0xf2, 0x5, 0x86c, 0x5, 0xae, 0x101, 0x9, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x6, 0xc, 0x7, 0x0, {0x8, 0x0, 0x7, 0x1ff, 0x773, 0x4e}, {0x0, 0x2, 0x2, 0x9, 0x1ff}, 0x5, 0xffffffff, 0x3}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x6}]}]}}]}, 0x8b4}, 0x1, 0x0, 0x0, 0x220040b9}, 0x20000004)
connect$inet6(r3, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x2}, 0x1c)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002340)={0x18, 0x29, &(0x7f0000002040)=ANY=[@ANYBLOB="1800000005000000000000000500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000104000085000000060000007d040800fcffffffc516f4ff01000000950000000000000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000008200000d0827f8ff0000000018120000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000001280)='syzkaller\x00', 0x9, 0xa7, &(0x7f00000021c0)=""/167, 0x41000, 0x20, '\x00', r8, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000002280)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000022c0)={0x4, 0x8, 0xd, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000002300)=[0xffffffffffffffff, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xfffffff7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002400)={&(0x7f0000000200)='netfs_read\x00', r10, 0x0, 0x10000}, 0x18)
r11 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r11, 0xc0145608, &(0x7f00000000c0)={0x10002, 0x1, 0x1})
r12 = gettid()
ioctl$vim2m_VIDIOC_STREAMOFF(r11, 0x40045612, &(0x7f0000000440)=0x2)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r12}, &(0x7f0000bbdffc)=<r13=>0x0)
timer_settime(r13, 0x1, &(0x7f0000000340)={{}, {0x0, 0x989680}}, 0x0)
write$uinput_user_dev(r6, &(0x7f0000001bc0)={'syz1\x00', {0x9, 0x2, 0x5, 0xa2}, 0x4f, [0x5, 0x7bf4, 0x6, 0xfffffff7, 0x6, 0x2, 0x9, 0x3, 0x0, 0x1, 0xada, 0x39, 0xa0e, 0x0, 0x6, 0x4a4, 0x100, 0x0, 0x4, 0xa, 0x9, 0x4, 0x3, 0xc00, 0x5, 0x98ce, 0x6, 0x1, 0x1, 0x10, 0x9, 0x2, 0x9, 0x2e, 0x2, 0x0, 0x9, 0xfffffffe, 0x100, 0xcf, 0x7, 0x1, 0xc0000000, 0x10000, 0xffffffff, 0x9, 0x7, 0x3ff, 0x8, 0x9, 0x5, 0x1, 0x9, 0x7, 0x8001, 0x5, 0x4, 0x100, 0x1, 0x5, 0x9, 0x7, 0x2, 0x401], [0x1, 0x7, 0x2, 0x40, 0x9, 0x800, 0x3, 0x4, 0xcf5, 0x0, 0x0, 0x7, 0x6, 0x3, 0xf, 0x3, 0x3c00, 0x8, 0x1000, 0x1ff, 0x0, 0x74f5, 0x10, 0x2, 0xa7, 0x6, 0xb, 0x3, 0x4, 0xfffffffb, 0x800, 0x10, 0x7ff, 0x8001, 0xa, 0x5, 0x29, 0xb54, 0x39d74257, 0xf8b4, 0x3, 0x800, 0xd, 0x401, 0x10000, 0x8, 0x9, 0x1, 0x5, 0x1, 0xb, 0xcdc, 0x7f, 0x9479, 0x9, 0x3, 0x2, 0x800, 0x1, 0x8a, 0x9, 0x4, 0x9, 0x800], [0x0, 0xf522, 0x800, 0x8, 0x8, 0xffff, 0x5, 0x7, 0x9, 0xffff, 0x8, 0xa1b0, 0x8, 0x7, 0x10, 0x1, 0x9, 0xf, 0x3, 0xe77a8d1d, 0x0, 0x5, 0x1c00000, 0x7f, 0xfff, 0x5, 0x7, 0x2, 0xffffffff, 0x3, 0x9, 0x7fff, 0x5, 0x7f, 0x7, 0x9, 0xaad9, 0x1, 0x7fff, 0x8685, 0x9, 0xc55, 0x3d608dd4, 0x4, 0x6339e355, 0x7, 0xeb97, 0x200000, 0x1, 0xffffffff, 0xb, 0xffff, 0x7, 0x3, 0x3, 0x2, 0x7, 0xfffffe00, 0x0, 0x9, 0x3, 0x34b, 0x7, 0xfffffff1], [0xd8b, 0x9, 0x101, 0xffff, 0x1000, 0x4a, 0x6, 0xa, 0x3, 0x0, 0x0, 0x6a95, 0x2, 0xd553, 0x1, 0x8, 0x6, 0x80000001, 0x92, 0x1, 0x0, 0x1, 0x5, 0x1, 0x1, 0xffffb521, 0x20, 0x3ff, 0x100, 0x9, 0x9, 0x9, 0x8, 0x9, 0x4, 0x6d4db490, 0x81, 0x6, 0x9, 0x100, 0x7, 0x4, 0xfc, 0x734, 0x3, 0x8, 0xa, 0x30, 0x3ff, 0xfff, 0x800200, 0x6, 0x7, 0x6, 0xd, 0x10000, 0xfffffff7, 0x9, 0x3, 0x2, 0x8, 0x8, 0x101, 0x2]}, 0x45c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

kernel console output (not intermixed with test programs):

tadv_slave_1
[  102.222694][ T7126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.233427][ T7126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.310095][ T7126] hsr_slave_0: entered promiscuous mode
[  102.312482][ T7126] hsr_slave_1: entered promiscuous mode
[  102.314686][ T7126] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  102.318146][ T7126] Cannot create hsr debugfs directory
[  102.926787][ T7126] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  102.938792][ T7126] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  102.946079][ T7126] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  102.956092][ T7126] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  103.014653][ T7126] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.029427][ T7126] 8021q: adding VLAN 0 to HW filter on device team0
[  103.035091][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.037961][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.050296][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.052583][ T1042] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.300087][ T5961] Bluetooth: hci1: command tx timeout
[  103.318514][ T7126] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.456225][ T7126] veth0_vlan: entered promiscuous mode
[  103.465050][ T7126] veth1_vlan: entered promiscuous mode
[  103.484962][ T7126] veth0_macvtap: entered promiscuous mode
[  103.492952][ T7126] veth1_macvtap: entered promiscuous mode
[  103.504694][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.508946][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.512596][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.516029][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.521454][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.525315][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.529228][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.533260][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.543993][ T7126] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.556076][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.567850][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.572058][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.575317][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.578575][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.581941][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.584960][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.588152][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.596487][ T7126] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.603693][ T7126] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.607284][ T7126] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.610345][ T7126] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.613032][ T7126] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.658101][ T1226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.666892][ T1226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.682581][ T1226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.686383][ T1226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.116397][ T7199] netlink: 'syz.4.299': attribute type 7 has an invalid length.
[  104.139706][ T7199] syz.4.299: attempt to access beyond end of device
[  104.139706][ T7199] nbd4: rw=0, sector=16, nr_sectors = 1 limit=0
[  104.144332][ T7199] qnx6: unable to read the first superblock
[  104.146888][ T7199] syz.4.299: attempt to access beyond end of device
[  104.146888][ T7199] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  104.152351][ T7199] qnx6: unable to read the first superblock
[  104.154398][ T7199] qnx6: unable to read the first superblock
[  104.206065][ T7202] netlink: 4 bytes leftover after parsing attributes in process `syz.4.300'.
[  105.617716][ T7208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.302'.
[  105.635482][ T7227] FAULT_INJECTION: forcing a failure.
[  105.635482][ T7227] name failslab, interval 1, probability 0, space 0, times 0
[  105.640218][ T7227] CPU: 2 UID: 0 PID: 7227 Comm: syz.4.307 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  105.640232][ T7227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  105.640239][ T7227] Call Trace:
[  105.640243][ T7227]  <TASK>
[  105.640247][ T7227]  dump_stack_lvl+0x16c/0x1f0
[  105.640265][ T7227]  should_fail_ex+0x512/0x640
[  105.640278][ T7227]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  105.640291][ T7227]  should_failslab+0xc2/0x120
[  105.640305][ T7227]  __kmalloc_cache_noprof+0x6a/0x3e0
[  105.640315][ T7227]  ? __genradix_ptr_alloc+0x340/0x5f0
[  105.640329][ T7227]  ? sctp_auth_shkey_create+0x9e/0x210
[  105.640347][ T7227]  sctp_auth_shkey_create+0x9e/0x210
[  105.640364][ T7227]  sctp_auth_asoc_copy_shkeys+0x1f2/0x360
[  105.640383][ T7227]  sctp_association_new+0x19ad/0x2a00
[  105.640398][ T7227]  sctp_connect_new_asoc+0x1b6/0x790
[  105.640410][ T7227]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  105.640425][ T7227]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  105.640437][ T7227]  sctp_sendmsg+0x15f9/0x1ee0
[  105.640452][ T7227]  ? __pfx_sctp_sendmsg+0x10/0x10
[  105.640469][ T7227]  ? __might_fault+0xe3/0x190
[  105.640489][ T7227]  ? __pfx_aa_sk_perm+0x10/0x10
[  105.640503][ T7227]  ? __pfx_sctp_sendmsg+0x10/0x10
[  105.640515][ T7227]  inet_sendmsg+0x119/0x140
[  105.640526][ T7227]  __sys_sendto+0x431/0x510
[  105.640539][ T7227]  ? __pfx___sys_sendto+0x10/0x10
[  105.640562][ T7227]  ? ksys_write+0x1b9/0x240
[  105.640573][ T7227]  ? __pfx_ksys_write+0x10/0x10
[  105.640585][ T7227]  __ia32_sys_sendto+0xdd/0x1b0
[  105.640598][ T7227]  ? lockdep_hardirqs_on+0x7c/0x110
[  105.640612][ T7227]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  105.640627][ T7227]  __do_fast_syscall_32+0x73/0x120
[  105.640643][ T7227]  do_fast_syscall_32+0x32/0x80
[  105.640658][ T7227]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  105.640671][ T7227] RIP: 0023:0xf706e579
[  105.640679][ T7227] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  105.640689][ T7227] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  105.640699][ T7227] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  105.640705][ T7227] RDX: 0000000000000001 RSI: 0000000000000040 RDI: 00000000800000c0
[  105.640711][ T7227] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  105.640716][ T7227] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  105.640722][ T7227] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  105.640735][ T7227]  </TASK>
[  105.730905][    C2] hpet_rtc_timer_reinit: 4 callbacks suppressed
[  105.730915][    C2] hpet: Lost 5 RTC interrupts
[  105.786007][ T7184] kernel write not supported for file /input/event2 (pid: 7184 comm: kworker/2:4)
[  105.788620][ T7231] netlink: 'syz.4.308': attribute type 7 has an invalid length.
[  105.801402][ T7230] netlink: 20 bytes leftover after parsing attributes in process `syz.1.309'.
[  105.818934][ T7230] netlink: 'syz.1.309': attribute type 8 has an invalid length.
[  105.818983][ T7231] syz.4.308: attempt to access beyond end of device
[  105.818983][ T7231] nbd4: rw=0, sector=16, nr_sectors = 1 limit=0
[  105.826670][ T7231] qnx6: unable to read the first superblock
[  105.832662][ T7231] syz.4.308: attempt to access beyond end of device
[  105.832662][ T7231] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  105.839874][ T7231] qnx6: unable to read the first superblock
[  105.842371][ T7231] qnx6: unable to read the first superblock
[  105.868624][ T5961] Bluetooth: hci1: command tx timeout
[  105.936905][ T7239] netlink: zone id is out of range
[  105.941491][ T7239] netlink: zone id is out of range
[  105.943430][ T7239] netlink: zone id is out of range
[  105.952546][ T7239] netlink: set zone limit has 8 unknown bytes
[  106.006597][ T7247] FAULT_INJECTION: forcing a failure.
[  106.006597][ T7247] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  106.021799][ T7247] CPU: 3 UID: 0 PID: 7247 Comm: syz.4.315 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  106.021815][ T7247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.021822][ T7247] Call Trace:
[  106.021825][ T7247]  <TASK>
[  106.021829][ T7247]  dump_stack_lvl+0x16c/0x1f0
[  106.021849][ T7247]  should_fail_ex+0x512/0x640
[  106.021864][ T7247]  _copy_from_iter+0x2a4/0x15b0
[  106.021880][ T7247]  ? __pfx__copy_from_iter+0x10/0x10
[  106.021893][ T7247]  ? find_held_lock+0x2b/0x80
[  106.021905][ T7247]  ? dev_get_by_index+0x17c/0x380
[  106.021924][ T7247]  packet_sendmsg+0x1c8e/0x56f0
[  106.021942][ T7247]  ? __pfx___might_resched+0x10/0x10
[  106.021955][ T7247]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  106.021973][ T7247]  ? __pfx_packet_sendmsg+0x10/0x10
[  106.021982][ T7247]  ? __might_fault+0xe3/0x190
[  106.021996][ T7247]  ? aa_label_strn_parse+0x810/0x11d0
[  106.022013][ T7247]  __sys_sendto+0x495/0x510
[  106.022026][ T7247]  ? __pfx___sys_sendto+0x10/0x10
[  106.022048][ T7247]  ? ksys_write+0x1b9/0x240
[  106.022059][ T7247]  ? __pfx_ksys_write+0x10/0x10
[  106.022071][ T7247]  __ia32_sys_sendto+0xdd/0x1b0
[  106.022083][ T7247]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.022097][ T7247]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  106.022112][ T7247]  __do_fast_syscall_32+0x73/0x120
[  106.022128][ T7247]  do_fast_syscall_32+0x32/0x80
[  106.022143][ T7247]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  106.022156][ T7247] RIP: 0023:0xf706e579
[  106.022164][ T7247] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  106.022174][ T7247] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  106.022184][ T7247] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  106.022191][ T7247] RDX: 000000000001000a RSI: 0000000000000000 RDI: 0000000080000140
[  106.022196][ T7247] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  106.022202][ T7247] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  106.022213][ T7247] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  106.022225][ T7247]  </TASK>
[  106.151842][ T7251] netlink: 8 bytes leftover after parsing attributes in process `syz.1.317'.
[  106.155035][ T7251] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  106.638866][ T7261] netlink: 'syz.1.319': attribute type 7 has an invalid length.
[  106.694374][ T7261] syz.1.319: attempt to access beyond end of device
[  106.694374][ T7261] nbd1: rw=0, sector=16, nr_sectors = 1 limit=0
[  106.700294][ T7261] qnx6: unable to read the first superblock
[  106.702279][ T7261] syz.1.319: attempt to access beyond end of device
[  106.702279][ T7261] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  106.706186][ T7261] qnx6: unable to read the first superblock
[  106.708059][ T7261] qnx6: unable to read the first superblock
[  107.082304][ T7274] warning: `syz.4.323' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  107.099053][    T9] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  107.203901][ T7279] FAULT_INJECTION: forcing a failure.
[  107.203901][ T7279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.207961][ T7279] CPU: 1 UID: 0 PID: 7279 Comm: syz.4.326 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  107.207977][ T7279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.207983][ T7279] Call Trace:
[  107.207988][ T7279]  <TASK>
[  107.207992][ T7279]  dump_stack_lvl+0x16c/0x1f0
[  107.208011][ T7279]  should_fail_ex+0x512/0x640
[  107.208025][ T7279]  _copy_from_user+0x2e/0xd0
[  107.208040][ T7279]  memdup_user+0x6b/0xe0
[  107.208055][ T7279]  strndup_user+0x78/0xe0
[  107.208069][ T7279]  __ia32_sys_mount+0x137/0x310
[  107.208082][ T7279]  ? __pfx___ia32_sys_mount+0x10/0x10
[  107.208093][ T7279]  ? rcu_is_watching+0x12/0xc0
[  107.208105][ T7279]  ? rcu_is_watching+0x12/0xc0
[  107.208117][ T7279]  __do_fast_syscall_32+0x73/0x120
[  107.208133][ T7279]  do_fast_syscall_32+0x32/0x80
[  107.208148][ T7279]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  107.208161][ T7279] RIP: 0023:0xf706e579
[  107.208169][ T7279] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  107.208179][ T7279] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  107.208188][ T7279] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000340
[  107.208195][ T7279] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000080000140
[  107.208201][ T7279] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  107.208206][ T7279] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  107.208212][ T7279] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  107.208224][ T7279]  </TASK>
[  107.288651][ T7269] netlink: 4 bytes leftover after parsing attributes in process `syz.2.321'.
[  107.290076][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  107.291069][ T7285] netlink: 'syz.3.328': attribute type 7 has an invalid length.
[  107.299510][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  107.302413][    T9] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  107.307487][ T7283] libceph: resolve '0' (ret=-3): failed
[  107.312055][ T7285] syz.3.328: attempt to access beyond end of device
[  107.312055][ T7285] nbd3: rw=0, sector=16, nr_sectors = 1 limit=0
[  107.316109][ T7285] qnx6: unable to read the first superblock
[  107.317465][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.318108][ T7285] syz.3.328: attempt to access beyond end of device
[  107.318108][ T7285] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  107.328201][ T7285] qnx6: unable to read the first superblock
[  107.331155][ T7285] qnx6: unable to read the first superblock
[  107.331168][    T9] usb 6-1: config 0 descriptor??
[  107.338003][    T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  107.340740][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  107.345585][    T9] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  107.349844][    T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  107.353599][    T9] usb 6-1: media controller created
[  107.356964][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  107.363432][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  107.365435][    T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  107.370684][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input10
[  107.376086][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  107.378354][    T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  107.428050][    T9] libceph: connect (1)[c::]:6789 error -101
[  107.430355][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  107.539845][    T9] dvb-usb: bulk message failed: -22 (1/0)
[  107.541935][    T9] dvb-usb: error while querying for an remote control event.
[  107.547511][ T6237] usb 6-1: USB disconnect, device number 3
[  107.565316][ T6237] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  107.689654][    T9] libceph: connect (1)[c::]:6789 error -101
[  107.691694][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  107.939778][ T5961] Bluetooth: hci1: command tx timeout
[  108.154179][ T7315] netlink: 'syz.1.337': attribute type 7 has an invalid length.
[  108.174158][ T7315] syz.1.337: attempt to access beyond end of device
[  108.174158][ T7315] nbd1: rw=0, sector=16, nr_sectors = 1 limit=0
[  108.178581][ T7315] qnx6: unable to read the first superblock
[  108.180650][ T7315] syz.1.337: attempt to access beyond end of device
[  108.180650][ T7315] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  108.184691][ T7315] qnx6: unable to read the first superblock
[  108.186649][ T7315] qnx6: unable to read the first superblock
[  108.198693][    T9] libceph: connect (1)[c::]:6789 error -101
[  108.200685][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  108.210451][ T7288] ceph: No mds server is up or the cluster is laggy
[  108.485421][ T7325] FAULT_INJECTION: forcing a failure.
[  108.485421][ T7325] name failslab, interval 1, probability 0, space 0, times 0
[  108.489523][ T7325] CPU: 3 UID: 0 PID: 7325 Comm: syz.1.341 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  108.489539][ T7325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.489546][ T7325] Call Trace:
[  108.489567][ T7325]  <TASK>
[  108.489572][ T7325]  dump_stack_lvl+0x16c/0x1f0
[  108.489591][ T7325]  should_fail_ex+0x512/0x640
[  108.489604][ T7325]  ? __kvmalloc_node_noprof+0x122/0x600
[  108.489618][ T7325]  should_failslab+0xc2/0x120
[  108.489632][ T7325]  __kvmalloc_node_noprof+0x135/0x600
[  108.489644][ T7325]  ? xfrm_user_rcv_msg_compat+0x36d/0x1390
[  108.489658][ T7325]  ? xfrm_user_rcv_msg_compat+0x36d/0x1390
[  108.489668][ T7325]  xfrm_user_rcv_msg_compat+0x36d/0x1390
[  108.489681][ T7325]  ? __pfx_xfrm_user_rcv_msg_compat+0x10/0x10
[  108.489691][ T7325]  ? kasan_save_stack+0x33/0x60
[  108.489701][ T7325]  ? kasan_save_track+0x14/0x30
[  108.489712][ T7325]  ? kasan_save_free_info+0x3b/0x60
[  108.489726][ T7325]  ? __kasan_slab_free+0x51/0x70
[  108.489737][ T7325]  ? kmem_cache_free+0x2d4/0x4d0
[  108.489748][ T7325]  ? kfree_skbmem+0x1a4/0x1f0
[  108.489758][ T7325]  ? consume_skb+0xcc/0x100
[  108.489786][ T7325]  ? find_held_lock+0x2b/0x80
[  108.489798][ T7325]  ? xfrm_get_translator+0xeb/0x290
[  108.489814][ T7325]  ? __pfx_xfrm_user_rcv_msg_compat+0x10/0x10
[  108.489825][ T7325]  xfrm_user_rcv_msg+0x280/0xb60
[  108.489842][ T7325]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  108.489858][ T7325]  ? kfree_skbmem+0x1a4/0x1f0
[  108.489868][ T7325]  ? consume_skb+0xcc/0x100
[  108.489897][ T7325]  ? __mutex_trylock_common+0xe9/0x250
[  108.489912][ T7325]  ? __pfx___mutex_trylock_common+0x10/0x10
[  108.489929][ T7325]  netlink_rcv_skb+0x16a/0x440
[  108.489944][ T7325]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  108.489960][ T7325]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  108.489983][ T7325]  ? netlink_deliver_tap+0x1ae/0xd30
[  108.490002][ T7325]  xfrm_netlink_rcv+0x71/0x90
[  108.490015][ T7325]  netlink_unicast+0x53a/0x7f0
[  108.490031][ T7325]  ? __pfx_netlink_unicast+0x10/0x10
[  108.490050][ T7325]  netlink_sendmsg+0x8d1/0xdd0
[  108.490067][ T7325]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.490082][ T7325]  ? __import_iovec+0x1c8/0x660
[  108.490099][ T7325]  ____sys_sendmsg+0xa95/0xc70
[  108.490110][ T7325]  ? __pfx_____sys_sendmsg+0x10/0x10
[  108.490119][ T7325]  ? get_compat_msghdr+0x11a/0x170
[  108.490139][ T7325]  ___sys_sendmsg+0x134/0x1d0
[  108.490154][ T7325]  ? __pfx____sys_sendmsg+0x10/0x10
[  108.490184][ T7325]  __sys_sendmsg+0x16d/0x220
[  108.490206][ T7325]  ? __pfx___sys_sendmsg+0x10/0x10
[  108.490226][ T7325]  ? rcu_is_watching+0x12/0xc0
[  108.490239][ T7325]  __do_fast_syscall_32+0x73/0x120
[  108.490255][ T7325]  do_fast_syscall_32+0x32/0x80
[  108.490270][ T7325]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  108.490283][ T7325] RIP: 0023:0xf705e579
[  108.490292][ T7325] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  108.490302][ T7325] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  108.490312][ T7325] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  108.490318][ T7325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  108.490324][ T7325] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  108.490329][ T7325] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  108.490335][ T7325] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  108.490348][ T7325]  </TASK>
[  108.775537][ T7335] FAULT_INJECTION: forcing a failure.
[  108.775537][ T7335] name failslab, interval 1, probability 0, space 0, times 0
[  108.785859][ T7335] CPU: 3 UID: 0 PID: 7335 Comm: syz.3.344 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  108.785875][ T7335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.785882][ T7335] Call Trace:
[  108.785896][ T7335]  <TASK>
[  108.785902][ T7335]  dump_stack_lvl+0x16c/0x1f0
[  108.785920][ T7335]  should_fail_ex+0x512/0x640
[  108.785934][ T7335]  ? __kmalloc_noprof+0xbf/0x510
[  108.785948][ T7335]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  108.785967][ T7335]  should_failslab+0xc2/0x120
[  108.785980][ T7335]  __kmalloc_noprof+0xd2/0x510
[  108.785992][ T7335]  ? __pfx___mutex_trylock_common+0x10/0x10
[  108.786010][ T7335]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  108.786031][ T7335]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  108.786051][ T7335]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  108.786068][ T7335]  ? trace_cap_capable+0x18d/0x200
[  108.786082][ T7335]  ? bpf_lsm_capable+0x9/0x10
[  108.786093][ T7335]  ? security_capable+0x7e/0x260
[  108.786104][ T7335]  ? ns_capable+0xd7/0x110
[  108.786117][ T7335]  genl_rcv_msg+0x55c/0x800
[  108.786128][ T7335]  ? __pfx_genl_rcv_msg+0x10/0x10
[  108.786137][ T7335]  ? __pfx___dev_queue_xmit+0x10/0x10
[  108.786149][ T7335]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  108.786164][ T7335]  ? __lock_acquire+0xaa4/0x1ba0
[  108.786180][ T7335]  netlink_rcv_skb+0x16a/0x440
[  108.786195][ T7335]  ? __pfx_genl_rcv_msg+0x10/0x10
[  108.786205][ T7335]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  108.786231][ T7335]  ? __pfx_down_read+0x10/0x10
[  108.786241][ T7335]  ? netlink_deliver_tap+0x1ae/0xd30
[  108.786257][ T7335]  genl_rcv+0x28/0x40
[  108.786271][ T7335]  netlink_unicast+0x53a/0x7f0
[  108.786288][ T7335]  ? __pfx_netlink_unicast+0x10/0x10
[  108.786306][ T7335]  netlink_sendmsg+0x8d1/0xdd0
[  108.786323][ T7335]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.786339][ T7335]  ? __import_iovec+0x1c8/0x660
[  108.786355][ T7335]  ____sys_sendmsg+0xa95/0xc70
[  108.786367][ T7335]  ? __pfx_____sys_sendmsg+0x10/0x10
[  108.786376][ T7335]  ? get_compat_msghdr+0x11a/0x170
[  108.786396][ T7335]  ___sys_sendmsg+0x134/0x1d0
[  108.786410][ T7335]  ? __pfx____sys_sendmsg+0x10/0x10
[  108.786441][ T7335]  __sys_sendmsg+0x16d/0x220
[  108.786455][ T7335]  ? __pfx___sys_sendmsg+0x10/0x10
[  108.786474][ T7335]  ? rcu_is_watching+0x12/0xc0
[  108.786487][ T7335]  __do_fast_syscall_32+0x73/0x120
[  108.786503][ T7335]  do_fast_syscall_32+0x32/0x80
[  108.786518][ T7335]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  108.786531][ T7335] RIP: 0023:0xf705e579
[  108.786539][ T7335] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  108.786548][ T7335] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  108.786558][ T7335] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  108.786565][ T7335] RDX: 0000000000000084 RSI: 0000000000000000 RDI: 0000000000000000
[  108.786570][ T7335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  108.786576][ T7335] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  108.786581][ T7335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  108.786594][ T7335]  </TASK>
[  108.858739][ T7332] netlink: 4 bytes leftover after parsing attributes in process `syz.4.340'.
[  109.041506][ T7343] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3781544950 (3781544950 ns) > initial count (699260337 ns). Using initial count to start timer.
[  109.798787][ T7353] netlink: 'syz.4.348': attribute type 7 has an invalid length.
[  109.851984][ T7353] syz.4.348: attempt to access beyond end of device
[  109.851984][ T7353] nbd4: rw=0, sector=16, nr_sectors = 1 limit=0
[  109.856924][ T7353] qnx6: unable to read the first superblock
[  109.861452][ T7353] syz.4.348: attempt to access beyond end of device
[  109.861452][ T7353] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  109.865627][ T7353] qnx6: unable to read the first superblock
[  109.867801][ T7353] qnx6: unable to read the first superblock
[  109.927495][ T7358] netlink: 4 bytes leftover after parsing attributes in process `syz.3.350'.
[  110.108774][ T7184] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  110.409492][ T7371] bridge_slave_0: left allmulticast mode
[  110.411384][ T7371] bridge_slave_0: left promiscuous mode
[  110.413318][ T7371] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.420703][ T7371] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  110.530762][ T7184] usb 6-1: Using ep0 maxpacket: 8
[  110.535367][ T7184] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  110.548017][ T7184] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  110.559154][ T7184] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  110.563389][ T7184] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  110.567583][ T7184] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  110.583678][ T7184] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  110.587661][ T7184] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.833838][ T7356] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.017947][ T7184] usb 6-1: usb_control_msg returned -32
[  111.022515][ T7184] usbtmc 6-1:16.0: can't read capabilities
[  111.364329][ T7392] netlink: 'syz.4.360': attribute type 7 has an invalid length.
[  111.400396][ T7392] syz.4.360: attempt to access beyond end of device
[  111.400396][ T7392] nbd4: rw=0, sector=16, nr_sectors = 1 limit=0
[  111.406773][ T7392] qnx6: unable to read the first superblock
[  111.410407][ T7392] syz.4.360: attempt to access beyond end of device
[  111.410407][ T7392] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  111.414860][ T7392] qnx6: unable to read the first superblock
[  111.416794][ T7392] qnx6: unable to read the first superblock
[  111.568503][ T7401] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.362'.
[  111.877336][ T7413] netlink: 64 bytes leftover after parsing attributes in process `syz.2.365'.
[  111.911248][ T7414] netlink: 4 bytes leftover after parsing attributes in process `syz.3.366'.
[  111.913195][ T7416] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  111.978037][ T7422] syzkaller1: entered promiscuous mode
[  111.982061][ T7422] syzkaller1: entered allmulticast mode
[  111.992965][ T7422] netlink: 4 bytes leftover after parsing attributes in process `syz.3.366'.
[  112.450589][ T6024] libceph: connect (1)[c::]:6789 error -101
[  112.458134][ T6024] libceph: mon0 (1)[c::]:6789 connect error
[  112.481021][ T7424] ceph: No mds server is up or the cluster is laggy
[  112.575195][ T7431] loop6: detected capacity change from 0 to 63
[  112.733337][ T7437] netlink: 'syz.2.372': attribute type 7 has an invalid length.
[  112.764512][ T7437] syz.2.372: attempt to access beyond end of device
[  112.764512][ T7437] nbd2: rw=0, sector=16, nr_sectors = 1 limit=0
[  112.773131][ T7437] qnx6: unable to read the first superblock
[  112.775760][ T7437] syz.2.372: attempt to access beyond end of device
[  112.775760][ T7437] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  112.782478][ T7437] qnx6: unable to read the first superblock
[  112.785174][ T7437] qnx6: unable to read the first superblock
[  112.856127][   T64] usb 6-1: USB disconnect, device number 4
[  112.974293][ T7449] netlink: 4 bytes leftover after parsing attributes in process `syz.1.377'.
[  113.031930][ T7454] netlink: 4 bytes leftover after parsing attributes in process `syz.2.378'.
[  113.591891][ T7464] raw_sendmsg: syz.3.380 forgot to set AF_INET. Fix it!
[  113.612407][ T7464] netlink: 'syz.3.380': attribute type 1 has an invalid length.
[  113.614803][ T7464] netlink: 'syz.3.380': attribute type 1 has an invalid length.
[  113.617230][ T7464] netlink: 'syz.3.380': attribute type 2 has an invalid length.
[  113.620172][ T7464] netlink: 'syz.3.380': attribute type 2 has an invalid length.
[  113.766748][ T7473] netlink: 'syz.3.383': attribute type 7 has an invalid length.
[  113.787593][ T7473] syz.3.383: attempt to access beyond end of device
[  113.787593][ T7473] nbd3: rw=0, sector=16, nr_sectors = 1 limit=0
[  113.792376][ T7473] qnx6: unable to read the first superblock
[  113.794478][ T7473] syz.3.383: attempt to access beyond end of device
[  113.794478][ T7473] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  113.799313][ T7473] qnx6: unable to read the first superblock
[  113.801202][ T7473] qnx6: unable to read the first superblock
[  113.912863][ T7482] netlink: 'syz.2.386': attribute type 2 has an invalid length.
[  114.463283][ T7504] netlink: 4 bytes leftover after parsing attributes in process `syz.3.393'.
[  114.994363][ T7522] FAULT_INJECTION: forcing a failure.
[  114.994363][ T7522] name failslab, interval 1, probability 0, space 0, times 0
[  114.999847][ T7522] CPU: 2 UID: 0 PID: 7522 Comm: syz.2.398 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  114.999871][ T7522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.999882][ T7522] Call Trace:
[  114.999888][ T7522]  <TASK>
[  114.999895][ T7522]  dump_stack_lvl+0x16c/0x1f0
[  114.999924][ T7522]  should_fail_ex+0x512/0x640
[  114.999944][ T7522]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  114.999968][ T7522]  should_failslab+0xc2/0x120
[  114.999991][ T7522]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  115.000011][ T7522]  ? __alloc_skb+0x2b2/0x380
[  115.000035][ T7522]  __alloc_skb+0x2b2/0x380
[  115.000054][ T7522]  ? __pfx___alloc_skb+0x10/0x10
[  115.000077][ T7522]  ? lock_acquire+0x179/0x350
[  115.000106][ T7522]  alloc_skb_with_frags+0xe0/0x860
[  115.000134][ T7522]  sock_alloc_send_pskb+0x7fb/0x990
[  115.000155][ T7522]  ? __page_table_check_ptes_set+0x1ae/0x420
[  115.000179][ T7522]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  115.000196][ T7522]  ? find_held_lock+0x2b/0x80
[  115.000213][ T7522]  ? dccp_sendmsg+0x2da/0xd10
[  115.000232][ T7522]  ? rcu_is_watching+0x12/0xc0
[  115.000246][ T7522]  ? __local_bh_enable_ip+0xa4/0x120
[  115.000268][ T7522]  dccp_sendmsg+0x2f8/0xd10
[  115.000290][ T7522]  ? aa_sk_perm+0x2f4/0xb10
[  115.000310][ T7522]  ? __pfx_dccp_sendmsg+0x10/0x10
[  115.000335][ T7522]  ? __import_iovec+0x1c8/0x660
[  115.000354][ T7522]  ? __pfx_dccp_sendmsg+0x10/0x10
[  115.000374][ T7522]  inet_sendmsg+0x119/0x140
[  115.000389][ T7522]  ____sys_sendmsg+0x973/0xc70
[  115.000410][ T7522]  ? __pfx_____sys_sendmsg+0x10/0x10
[  115.000423][ T7522]  ? get_compat_msghdr+0x11a/0x170
[  115.000445][ T7522]  ? find_held_lock+0x2b/0x80
[  115.000462][ T7522]  ___sys_sendmsg+0x134/0x1d0
[  115.000482][ T7522]  ? __pfx____sys_sendmsg+0x10/0x10
[  115.000519][ T7522]  ? __pfx___might_resched+0x10/0x10
[  115.000538][ T7522]  ? __sys_sendmmsg+0x30d/0x420
[  115.000561][ T7522]  __sys_sendmmsg+0x2f9/0x420
[  115.000582][ T7522]  ? __pfx___sys_sendmmsg+0x10/0x10
[  115.000612][ T7522]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  115.000645][ T7522]  ? fput+0x70/0xf0
[  115.000664][ T7522]  ? ksys_write+0x1b9/0x240
[  115.000680][ T7522]  ? __pfx_ksys_write+0x10/0x10
[  115.000699][ T7522]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  115.000721][ T7522]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  115.000741][ T7522]  __do_fast_syscall_32+0x73/0x120
[  115.000763][ T7522]  do_fast_syscall_32+0x32/0x80
[  115.000785][ T7522]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  115.000805][ T7522] RIP: 0023:0xf70be579
[  115.000818][ T7522] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  115.000834][ T7522] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  115.000848][ T7522] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080002980
[  115.000857][ T7522] RDX: 0000000000000239 RSI: 0000000000000000 RDI: 0000000000000000
[  115.000865][ T7522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  115.000875][ T7522] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  115.000884][ T7522] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  115.000904][ T7522]  </TASK>
[  115.017841][ T7515] netlink: 4 bytes leftover after parsing attributes in process `syz.4.394'.
[  115.931918][ T7547] SET target dimension over the limit!
[  116.381212][ T7558] netlink: 4 bytes leftover after parsing attributes in process `syz.2.408'.
[  116.395009][ T7559] fuse: Bad value for 'fd'
[  116.467011][ T7562] FAULT_INJECTION: forcing a failure.
[  116.467011][ T7562] name failslab, interval 1, probability 0, space 0, times 0
[  116.471726][ T7562] CPU: 1 UID: 0 PID: 7562 Comm: syz.3.410 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  116.471741][ T7562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.471748][ T7562] Call Trace:
[  116.471752][ T7562]  <TASK>
[  116.471758][ T7562]  dump_stack_lvl+0x16c/0x1f0
[  116.471803][ T7562]  should_fail_ex+0x512/0x640
[  116.471823][ T7562]  ? fs_reclaim_acquire+0xae/0x150
[  116.471847][ T7562]  ? tomoyo_encode2+0x100/0x3e0
[  116.471862][ T7562]  should_failslab+0xc2/0x120
[  116.471878][ T7562]  __kmalloc_noprof+0xd2/0x510
[  116.471894][ T7562]  tomoyo_encode2+0x100/0x3e0
[  116.471911][ T7562]  tomoyo_encode+0x29/0x50
[  116.471925][ T7562]  tomoyo_realpath_from_path+0x18f/0x6e0
[  116.471942][ T7562]  ? tomoyo_profile+0x47/0x60
[  116.471961][ T7562]  tomoyo_path_number_perm+0x245/0x580
[  116.471973][ T7562]  ? tomoyo_path_number_perm+0x237/0x580
[  116.471987][ T7562]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  116.472015][ T7562]  ? find_held_lock+0x2b/0x80
[  116.472026][ T7562]  ? hook_file_ioctl_common+0x145/0x410
[  116.472039][ T7562]  ? __fget_files+0x204/0x3c0
[  116.472064][ T7562]  ? __fget_files+0x20e/0x3c0
[  116.472079][ T7562]  security_file_ioctl_compat+0x9b/0x240
[  116.472094][ T7562]  __ia32_compat_sys_ioctl+0xc3/0x360
[  116.472113][ T7562]  __do_fast_syscall_32+0x73/0x120
[  116.472130][ T7562]  do_fast_syscall_32+0x32/0x80
[  116.472151][ T7562]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  116.472165][ T7562] RIP: 0023:0xf705e579
[  116.472174][ T7562] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  116.472184][ T7562] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  116.472194][ T7562] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000008188aea6
[  116.472201][ T7562] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[  116.472207][ T7562] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  116.472213][ T7562] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  116.472219][ T7562] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  116.472232][ T7562]  </TASK>
[  116.472894][ T7562] ERROR: Out of memory at tomoyo_realpath_from_path.
[  116.662064][ T7564] netlink: 4 bytes leftover after parsing attributes in process `syz.2.411'.
[  117.564281][ T7580] FAULT_INJECTION: forcing a failure.
[  117.564281][ T7580] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.569085][ T7580] CPU: 3 UID: 0 PID: 7580 Comm: syz.2.414 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  117.569103][ T7580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.569111][ T7580] Call Trace:
[  117.569116][ T7580]  <TASK>
[  117.569121][ T7580]  dump_stack_lvl+0x16c/0x1f0
[  117.569144][ T7580]  should_fail_ex+0x512/0x640
[  117.569162][ T7580]  _copy_from_iter+0x2a4/0x15b0
[  117.569180][ T7580]  ? __alloc_skb+0x200/0x380
[  117.569204][ T7580]  ? __pfx__copy_from_iter+0x10/0x10
[  117.569221][ T7580]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  117.569246][ T7580]  netlink_sendmsg+0x829/0xdd0
[  117.569267][ T7580]  ? __pfx_netlink_sendmsg+0x10/0x10
[  117.569291][ T7580]  ? __import_iovec+0x1c8/0x660
[  117.569314][ T7580]  ____sys_sendmsg+0xa95/0xc70
[  117.569325][ T7580]  ? gfs2_lookupi+0x60/0x6e0
[  117.569338][ T7580]  ? __pfx_____sys_sendmsg+0x10/0x10
[  117.569347][ T7580]  ? get_compat_msghdr+0x11a/0x170
[  117.569367][ T7580]  ___sys_sendmsg+0x134/0x1d0
[  117.569381][ T7580]  ? __pfx____sys_sendmsg+0x10/0x10
[  117.569410][ T7580]  __sys_sendmsg+0x16d/0x220
[  117.569424][ T7580]  ? __pfx___sys_sendmsg+0x10/0x10
[  117.569443][ T7580]  ? rcu_is_watching+0x12/0xc0
[  117.569455][ T7580]  __do_fast_syscall_32+0x73/0x120
[  117.569471][ T7580]  do_fast_syscall_32+0x32/0x80
[  117.569486][ T7580]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  117.569498][ T7580] RIP: 0023:0xf70be579
[  117.569507][ T7580] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  117.569516][ T7580] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  117.569526][ T7580] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  117.569532][ T7580] RDX: 0000000004000040 RSI: 0000000000000000 RDI: 0000000000000000
[  117.569538][ T7580] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  117.569544][ T7580] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  117.569549][ T7580] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  117.569561][ T7580]  </TASK>
[  117.990598][ T7597] FAULT_INJECTION: forcing a failure.
[  117.990598][ T7597] name failslab, interval 1, probability 0, space 0, times 0
[  117.994595][ T7597] CPU: 0 UID: 0 PID: 7597 Comm: syz.4.421 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  117.994610][ T7597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.994617][ T7597] Call Trace:
[  117.994620][ T7597]  <TASK>
[  117.994624][ T7597]  dump_stack_lvl+0x16c/0x1f0
[  117.994643][ T7597]  should_fail_ex+0x512/0x640
[  117.994655][ T7597]  ? __kmalloc_noprof+0xbf/0x510
[  117.994669][ T7597]  ? fib_trie_table+0xf3/0x2a0
[  117.994682][ T7597]  should_failslab+0xc2/0x120
[  117.994696][ T7597]  __kmalloc_noprof+0xd2/0x510
[  117.994707][ T7597]  ? __mutex_trylock_common+0xe9/0x250
[  117.994723][ T7597]  ? __pfx___mutex_trylock_common+0x10/0x10
[  117.994739][ T7597]  fib_trie_table+0xf3/0x2a0
[  117.994752][ T7597]  fib_trie_unmerge+0xb6/0xcb0
[  117.994765][ T7597]  ? __mutex_lock+0x1ca/0xb90
[  117.994779][ T7597]  ? rcu_is_watching+0x12/0xc0
[  117.994790][ T7597]  ? __pfx_fib_trie_unmerge+0x10/0x10
[  117.994802][ T7597]  ? fib_newrule+0x1113/0x1e60
[  117.994818][ T7597]  ? __pfx___mutex_lock+0x10/0x10
[  117.994835][ T7597]  fib_unmerge+0xf8/0x520
[  117.994849][ T7597]  ? __pfx_fib_nl2rule.constprop.0+0x10/0x10
[  117.994865][ T7597]  fib4_rule_configure+0x383/0x10c0
[  117.994878][ T7597]  fib_newrule+0x34c/0x1e60
[  117.994896][ T7597]  ? __pfx_fib_newrule+0x10/0x10
[  117.994911][ T7597]  ? kmem_cache_free+0x2d4/0x4d0
[  117.994933][ T7597]  ? find_held_lock+0x2b/0x80
[  117.994943][ T7597]  ? __pfx_fib_nl_newrule+0x10/0x10
[  117.994956][ T7597]  ? __pfx_fib_nl_newrule+0x10/0x10
[  117.994969][ T7597]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  117.994985][ T7597]  ? __pfx_fib_nl_newrule+0x10/0x10
[  117.995013][ T7597]  rtnetlink_rcv_msg+0x95b/0xe90
[  117.995029][ T7597]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  117.995050][ T7597]  netlink_rcv_skb+0x16a/0x440
[  117.995065][ T7597]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  117.995080][ T7597]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  117.995103][ T7597]  ? netlink_deliver_tap+0x1ae/0xd30
[  117.995124][ T7597]  netlink_unicast+0x53a/0x7f0
[  117.995140][ T7597]  ? __pfx_netlink_unicast+0x10/0x10
[  117.995159][ T7597]  netlink_sendmsg+0x8d1/0xdd0
[  117.995175][ T7597]  ? __pfx_netlink_sendmsg+0x10/0x10
[  117.995195][ T7597]  sock_write_iter+0x4fc/0x5b0
[  117.995206][ T7597]  ? __pfx_sock_write_iter+0x10/0x10
[  117.995221][ T7597]  ? __lock_acquire+0x5ca/0x1ba0
[  117.995238][ T7597]  do_iter_readv_writev+0x654/0x950
[  117.995255][ T7597]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  117.995274][ T7597]  ? bpf_lsm_file_permission+0x9/0x10
[  117.995285][ T7597]  ? security_file_permission+0x71/0x210
[  117.995299][ T7597]  ? rw_verify_area+0xcf/0x680
[  117.995316][ T7597]  vfs_writev+0x353/0xdc0
[  117.995329][ T7597]  ? __pfx_vfs_writev+0x10/0x10
[  117.995349][ T7597]  ? __fget_files+0x20e/0x3c0
[  117.995358][ T7597]  ? __fget_files+0x1f0/0x3c0
[  117.995370][ T7597]  ? do_writev+0x295/0x330
[  117.995379][ T7597]  do_writev+0x295/0x330
[  117.995388][ T7597]  ? __pfx_do_writev+0x10/0x10
[  117.995399][ T7597]  ? rcu_is_watching+0x12/0xc0
[  117.995411][ T7597]  __do_fast_syscall_32+0x73/0x120
[  117.995437][ T7597]  do_fast_syscall_32+0x32/0x80
[  117.995455][ T7597]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  117.995467][ T7597] RIP: 0023:0xf706e579
[  117.995476][ T7597] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  117.995487][ T7597] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  117.995497][ T7597] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  117.995503][ T7597] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  117.995509][ T7597] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  117.995515][ T7597] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  117.995520][ T7597] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  117.995533][ T7597]  </TASK>
[  118.118774][    C0] vkms_vblank_simulate: vblank timer overrun
[  118.149087][ T7601] netlink: 4 bytes leftover after parsing attributes in process `syz.3.419'.
[  119.082486][ T7619] FAULT_INJECTION: forcing a failure.
[  119.082486][ T7619] name failslab, interval 1, probability 0, space 0, times 0
[  119.086663][ T7619] CPU: 3 UID: 0 PID: 7619 Comm: syz.4.427 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  119.086678][ T7619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.086684][ T7619] Call Trace:
[  119.086688][ T7619]  <TASK>
[  119.086692][ T7619]  dump_stack_lvl+0x16c/0x1f0
[  119.086712][ T7619]  should_fail_ex+0x512/0x640
[  119.086728][ T7619]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  119.086742][ T7619]  should_failslab+0xc2/0x120
[  119.086756][ T7619]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  119.086769][ T7619]  ? alloc_pid+0xc7/0xbc0
[  119.086787][ T7619]  alloc_pid+0xc7/0xbc0
[  119.086805][ T7619]  copy_process+0x3872/0x91a0
[  119.086819][ T7619]  ? kasan_save_track+0x14/0x30
[  119.086830][ T7619]  ? __kasan_kmalloc+0xaa/0xb0
[  119.086840][ T7619]  ? vhost_task_create+0xe5/0x2e0
[  119.086855][ T7619]  ? kvm_mmu_post_init_vm+0x1b7/0x370
[  119.086865][ T7619]  ? kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  119.086881][ T7619]  ? kvm_vcpu_ioctl+0x5e9/0x1680
[  119.086897][ T7619]  ? __ia32_compat_sys_ioctl+0x24c/0x360
[  119.086912][ T7619]  ? __do_fast_syscall_32+0x73/0x120
[  119.086926][ T7619]  ? do_fast_syscall_32+0x32/0x80
[  119.086947][ T7619]  ? __pfx_copy_process+0x10/0x10
[  119.086968][ T7619]  ? lockdep_init_map_type+0x5c/0x280
[  119.086984][ T7619]  ? lockdep_init_map_type+0x5c/0x280
[  119.086998][ T7619]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  119.087011][ T7619]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  119.087026][ T7619]  vhost_task_create+0x1d2/0x2e0
[  119.087041][ T7619]  ? __pfx_vhost_task_create+0x10/0x10
[  119.087056][ T7619]  ? register_lock_class+0x41/0x4c0
[  119.087074][ T7619]  ? __pfx_vhost_task_fn+0x10/0x10
[  119.087090][ T7619]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  119.087109][ T7619]  kvm_mmu_post_init_vm+0x1b7/0x370
[  119.087126][ T7619]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  119.087142][ T7619]  ? kvm_vcpu_ioctl+0x14c2/0x1680
[  119.087160][ T7619]  kvm_vcpu_ioctl+0x5e9/0x1680
[  119.087177][ T7619]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  119.087193][ T7619]  ? tomoyo_path_number_perm+0x18d/0x580
[  119.087208][ T7619]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  119.087220][ T7619]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  119.087236][ T7619]  ? do_vfs_ioctl+0x512/0x1990
[  119.087251][ T7619]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  119.087277][ T7619]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  119.087293][ T7619]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  119.087310][ T7619]  ? __fget_files+0x20e/0x3c0
[  119.087319][ T7619]  ? __fput_deferred+0x300/0x370
[  119.087334][ T7619]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  119.087351][ T7619]  __ia32_compat_sys_ioctl+0x24c/0x360
[  119.087368][ T7619]  __do_fast_syscall_32+0x73/0x120
[  119.087383][ T7619]  do_fast_syscall_32+0x32/0x80
[  119.087398][ T7619]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  119.087411][ T7619] RIP: 0023:0xf706e579
[  119.087420][ T7619] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  119.087430][ T7619] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  119.087440][ T7619] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  119.087446][ T7619] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  119.087452][ T7619] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  119.087457][ T7619] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  119.087463][ T7619] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.087476][ T7619]  </TASK>
[  119.905026][ T7639] netlink: 4 bytes leftover after parsing attributes in process `syz.2.431'.
[  120.100400][ T7642] netlink: 12 bytes leftover after parsing attributes in process `syz.2.433'.
[  120.106226][ T7642] bridge0: port 1(vlan2) entered blocking state
[  120.109062][ T7642] bridge0: port 1(vlan2) entered disabled state
[  120.111544][ T7642] vlan2: entered allmulticast mode
[  120.113153][ T7642] bridge0: entered allmulticast mode
[  120.116027][ T7642] vlan2: left allmulticast mode
[  120.117535][ T7642] bridge0: left allmulticast mode
[  120.261763][ T7652] FAULT_INJECTION: forcing a failure.
[  120.261763][ T7652] name failslab, interval 1, probability 0, space 0, times 0
[  120.279181][ T7652] CPU: 2 UID: 0 PID: 7652 Comm: syz.1.437 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  120.279222][ T7652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  120.279233][ T7652] Call Trace:
[  120.279239][ T7652]  <TASK>
[  120.279246][ T7652]  dump_stack_lvl+0x16c/0x1f0
[  120.279274][ T7652]  should_fail_ex+0x512/0x640
[  120.279294][ T7652]  ? __kmalloc_node_noprof+0xc5/0x500
[  120.279317][ T7652]  should_failslab+0xc2/0x120
[  120.279339][ T7652]  __kmalloc_node_noprof+0xd8/0x500
[  120.279358][ T7652]  ? find_held_lock+0x2b/0x80
[  120.279374][ T7652]  ? qdisc_alloc+0xbb/0xc50
[  120.279398][ T7652]  qdisc_alloc+0xbb/0xc50
[  120.279419][ T7652]  ? _raw_read_unlock+0x28/0x50
[  120.279442][ T7652]  qdisc_create+0x71/0xfa0
[  120.279462][ T7652]  tc_modify_qdisc+0x1287/0x2100
[  120.279485][ T7652]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  120.279523][ T7652]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  120.279540][ T7652]  rtnetlink_rcv_msg+0x3c6/0xe90
[  120.279565][ T7652]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  120.279600][ T7652]  netlink_rcv_skb+0x16a/0x440
[  120.279623][ T7652]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  120.279647][ T7652]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  120.279684][ T7652]  ? netlink_deliver_tap+0x1ae/0xd30
[  120.279710][ T7652]  netlink_unicast+0x53a/0x7f0
[  120.279736][ T7652]  ? __pfx_netlink_unicast+0x10/0x10
[  120.279801][ T7652]  netlink_sendmsg+0x8d1/0xdd0
[  120.279830][ T7652]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.279854][ T7652]  ? __import_iovec+0x1c8/0x660
[  120.279881][ T7652]  ____sys_sendmsg+0xa95/0xc70
[  120.279900][ T7652]  ? __pfx_____sys_sendmsg+0x10/0x10
[  120.279915][ T7652]  ? get_compat_msghdr+0x11a/0x170
[  120.279947][ T7652]  ___sys_sendmsg+0x134/0x1d0
[  120.279970][ T7652]  ? __pfx____sys_sendmsg+0x10/0x10
[  120.280022][ T7652]  __sys_sendmsg+0x16d/0x220
[  120.280044][ T7652]  ? __pfx___sys_sendmsg+0x10/0x10
[  120.280075][ T7652]  ? rcu_is_watching+0x12/0xc0
[  120.280100][ T7652]  __do_fast_syscall_32+0x73/0x120
[  120.280123][ T7652]  do_fast_syscall_32+0x32/0x80
[  120.280145][ T7652]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  120.280164][ T7652] RIP: 0023:0xf705e579
[  120.280176][ T7652] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  120.280191][ T7652] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  120.280206][ T7652] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000080
[  120.280216][ T7652] RDX: 0000000000040840 RSI: 0000000000000000 RDI: 0000000000000000
[  120.280226][ T7652] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  120.280234][ T7652] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  120.280243][ T7652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  120.280264][ T7652]  </TASK>
[  120.362490][ T7654] FAULT_INJECTION: forcing a failure.
[  120.362490][ T7654] name failslab, interval 1, probability 0, space 0, times 0
[  120.389633][ T7654] CPU: 3 UID: 0 PID: 7654 Comm: syz.2.438 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  120.389655][ T7654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  120.389662][ T7654] Call Trace:
[  120.389665][ T7654]  <TASK>
[  120.389670][ T7654]  dump_stack_lvl+0x16c/0x1f0
[  120.389689][ T7654]  should_fail_ex+0x512/0x640
[  120.389702][ T7654]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  120.389717][ T7654]  should_failslab+0xc2/0x120
[  120.389730][ T7654]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  120.389742][ T7654]  ? find_inode+0x19a/0x5e0
[  120.389754][ T7654]  ? fuse_alloc_inode+0x2c/0x350
[  120.389769][ T7654]  ? __pfx_fuse_inode_set+0x10/0x10
[  120.389780][ T7654]  fuse_alloc_inode+0x2c/0x350
[  120.389793][ T7654]  ? __pfx_fuse_alloc_inode+0x10/0x10
[  120.389805][ T7654]  alloc_inode+0x61/0x240
[  120.389818][ T7654]  iget5_locked+0x338/0x3d0
[  120.389831][ T7654]  ? __pfx_fuse_inode_eq+0x10/0x10
[  120.389843][ T7654]  ? __pfx_fuse_inode_set+0x10/0x10
[  120.389855][ T7654]  ? __pfx_iget5_locked+0x10/0x10
[  120.389870][ T7654]  ? kasan_quarantine_put+0x10a/0x240
[  120.389881][ T7654]  ? lockdep_hardirqs_on+0x7c/0x110
[  120.389898][ T7654]  fuse_iget+0x165/0x8e0
[  120.389914][ T7654]  ? __pfx_fuse_iget+0x10/0x10
[  120.389928][ T7654]  ? __fuse_simple_request+0x462/0xcb0
[  120.389941][ T7654]  fuse_lookup_name+0x481/0x780
[  120.389956][ T7654]  ? __pfx_fuse_lookup_name+0x10/0x10
[  120.389969][ T7654]  ? fuse_lock_inode+0xd2/0x110
[  120.389982][ T7654]  ? cgroup_rstat_updated+0x2a/0xb20
[  120.390000][ T7654]  ? mod_objcg_state+0x5eb/0xa50
[  120.390015][ T7654]  fuse_lookup+0x1af/0x420
[  120.390028][ T7654]  ? __pfx_fuse_lookup+0x10/0x10
[  120.390048][ T7654]  ? do_raw_spin_unlock+0x172/0x230
[  120.390059][ T7654]  ? _raw_spin_unlock+0x28/0x50
[  120.390074][ T7654]  lookup_one_qstr_excl_raw.part.0+0xec/0x160
[  120.390088][ T7654]  ? lookup_dcache+0x66/0x170
[  120.390102][ T7654]  lookup_one_qstr_excl+0x3e/0x120
[  120.390123][ T7654]  do_rmdir+0x245/0x3c0
[  120.390135][ T7654]  ? __pfx_do_rmdir+0x10/0x10
[  120.390150][ T7654]  ? getname_flags.part.0+0x1c5/0x550
[  120.390168][ T7654]  __ia32_sys_rmdir+0xc4/0x110
[  120.390184][ T7654]  __do_fast_syscall_32+0x73/0x120
[  120.390205][ T7654]  do_fast_syscall_32+0x32/0x80
[  120.390225][ T7654]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  120.390243][ T7654] RIP: 0023:0xf70be579
[  120.390252][ T7654] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  120.390263][ T7654] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000028
[  120.390273][ T7654] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000000000000
[  120.390279][ T7654] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  120.390285][ T7654] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  120.390291][ T7654] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  120.390297][ T7654] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  120.390310][ T7654]  </TASK>
[  120.397269][ T7658] netlink: 76 bytes leftover after parsing attributes in process `syz.1.439'.
[  121.019880][ T7670] netlink: 4 bytes leftover after parsing attributes in process `syz.2.441'.
[  121.189371][ T7658] bridge_slave_0: left allmulticast mode
[  121.191789][ T7658] bridge_slave_0: left promiscuous mode
[  121.193997][ T7658] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.208736][ T7658] bridge_slave_1: left promiscuous mode
[  121.210587][ T7658] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.222189][ T7658] bond0: (slave bond_slave_0): Releasing backup interface
[  121.240216][ T7658] bond0: (slave bond_slave_1): Releasing backup interface
[  121.251437][ T7658] team0: Port device team_slave_0 removed
[  121.257006][ T7658] team0: Port device team_slave_1 removed
[  121.259200][ T7658] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.261527][ T7658] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.264995][ T7658] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.267304][ T7658] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.403269][ T7676] Bluetooth: MGMT ver 1.23
[  121.710998][ T7685] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  121.712998][ T7685] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  121.719501][ T7685] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  121.729857][ T7685] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  121.732088][ T7685] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  121.743809][ T7685] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  121.756818][ T7685] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  121.758975][ T7685] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  121.765139][ T7685] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  121.765344][ T5961] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  121.792518][ T7685] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  121.801472][ T7685] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  121.810875][ T7685] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  121.821253][ T7691] FAULT_INJECTION: forcing a failure.
[  121.821253][ T7691] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.825507][ T7691] CPU: 1 UID: 0 PID: 7691 Comm: syz.4.445 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  121.825522][ T7691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  121.825529][ T7691] Call Trace:
[  121.825533][ T7691]  <TASK>
[  121.825538][ T7691]  dump_stack_lvl+0x16c/0x1f0
[  121.825557][ T7691]  should_fail_ex+0x512/0x640
[  121.825571][ T7691]  _copy_to_user+0x32/0xd0
[  121.825586][ T7691]  snd_seq_ioctl+0x332/0x410
[  121.825604][ T7691]  ? __pfx_snd_seq_ioctl+0x10/0x10
[  121.825628][ T7691]  ? __fget_files+0x20e/0x3c0
[  121.825637][ T7691]  ? __fput_deferred+0x300/0x370
[  121.825652][ T7691]  snd_seq_ioctl_compat+0xea/0x310
[  121.825668][ T7691]  ? __pfx_snd_seq_ioctl_compat+0x10/0x10
[  121.825684][ T7691]  __ia32_compat_sys_ioctl+0x24c/0x360
[  121.825701][ T7691]  __do_fast_syscall_32+0x73/0x120
[  121.825717][ T7691]  do_fast_syscall_32+0x32/0x80
[  121.825732][ T7691]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  121.825746][ T7691] RIP: 0023:0xf706e579
[  121.825754][ T7691] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  121.825764][ T7691] RSP: 002b:00000000f501c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  121.825774][ T7691] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080045300
[  121.825780][ T7691] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  121.825786][ T7691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  121.825792][ T7691] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  121.825797][ T7691] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  121.825809][ T7691]  </TASK>
[  122.424963][ T7706] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  122.427878][ T7706] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  122.432681][ T7710] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(13)
[  122.435568][ T7710] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  122.441261][ T7706] vhci_hcd vhci_hcd.0: Device attached
[  122.444139][ T7710] vhci_hcd vhci_hcd.0: Device attached
[  122.452227][ T7706] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  122.462061][ T7706] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(16)
[  122.464154][ T7706] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  122.466586][ T7706] vhci_hcd vhci_hcd.0: Device attached
[  122.473698][ T7706] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(19)
[  122.475979][ T7706] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  122.482825][ T7706] vhci_hcd vhci_hcd.0: Device attached
[  122.485116][ T7706] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  122.488023][ T7706] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  122.495864][ T7706] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  122.500643][ T7706] vhci_hcd vhci_hcd.0: port 0 already used
[  122.511426][ T7715] vhci_hcd: connection closed
[  122.512113][ T7711] vhci_hcd: connection closed
[  122.512804][ T7708] vhci_hcd: connection closed
[  122.513632][ T1042] vhci_hcd: stop threads
[  122.513896][ T1042] vhci_hcd: release socket
[  122.514124][ T7713] vhci_hcd: connection closed
[  122.521807][ T1042] vhci_hcd: disconnect device
[  122.526133][ T1042] vhci_hcd: stop threads
[  122.527621][ T1042] vhci_hcd: release socket
[  122.530489][ T1042] vhci_hcd: disconnect device
[  122.532712][ T1042] vhci_hcd: stop threads
[  122.534229][ T1042] vhci_hcd: release socket
[  122.536147][ T1042] vhci_hcd: disconnect device
[  122.538043][ T1042] vhci_hcd: stop threads
[  122.539581][ T1042] vhci_hcd: release socket
[  122.540993][ T1042] vhci_hcd: disconnect device
[  122.798511][ T6024] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  122.876825][ T7726] netlink: 216 bytes leftover after parsing attributes in process `syz.4.455'.
[  122.881453][ T7726] netlink: 216 bytes leftover after parsing attributes in process `syz.4.455'.
[  122.960260][ T6024] usb 6-1: unable to get BOS descriptor or descriptor too short
[  122.964741][ T6024] usb 6-1: config 6 has an invalid interface number: 200 but max is 0
[  122.967469][ T6024] usb 6-1: config 6 has no interface number 0
[  122.970816][ T6024] usb 6-1: config 6 interface 200 has no altsetting 0
[  122.975947][ T6024] usb 6-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  122.981156][ T6024] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.984167][ T6024] usb 6-1: Product: syz
[  122.985706][ T6024] usb 6-1: Manufacturer: syz
[  122.987380][ T6024] usb 6-1: SerialNumber: syz
[  123.058913][ T7184] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  123.243396][ T7741] netlink: 4 bytes leftover after parsing attributes in process `syz.3.456'.
[  123.431990][ T6024] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state.
[  123.642305][ T6024] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  123.646536][ T6024] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T)
[  123.668539][ T6024] usb 6-1: media controller created
[  123.756266][ T6024] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  123.778561][ T5308] Bluetooth: hci3: command 0x0c1a tx timeout
[  123.778713][ T5961] Bluetooth: hci2: command 0x0c1a tx timeout
[  123.780514][ T5308] Bluetooth: hci0: command 0x0c1a tx timeout
[  123.858508][ T5308] Bluetooth: hci1: command 0x0c1a tx timeout
[  124.237267][   T40] audit: type=1326 audit(1745423536.238:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.243833][   T40] audit: type=1326 audit(1745423536.238:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.250728][   T40] audit: type=1326 audit(1745423536.238:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=163 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.257593][   T40] audit: type=1326 audit(1745423536.248:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.264700][   T40] audit: type=1326 audit(1745423536.248:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.272090][   T40] audit: type=1326 audit(1745423536.258:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=241 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.279598][   T40] audit: type=1326 audit(1745423536.258:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.287510][   T40] audit: type=1326 audit(1745423536.258:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.294535][   T40] audit: type=1326 audit(1745423536.268:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.302658][   T40] audit: type=1326 audit(1745423536.268:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.4.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  124.812273][ T6024] dvb-usb: bulk message failed: -71 (6/0)
[  124.816834][ T6024] dvb-usb: bulk message failed: -71 (6/0)
[  124.818814][ T6024] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T'
[  124.823138][ T6024] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input12
[  124.829611][ T6024] dvb-usb: schedule remote query interval to 150 msecs.
[  124.831927][ T6024] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected.
[  124.836616][ T6024] usb 6-1: USB disconnect, device number 5
[  124.886098][ T6024] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected.
[  125.859083][ T5308] Bluetooth: hci2: command 0x0c1a tx timeout
[  125.859395][ T5971] Bluetooth: hci0: command 0x0c1a tx timeout
[  125.861051][ T5308] Bluetooth: hci3: command 0x0c1a tx timeout
[  125.938562][ T5971] Bluetooth: hci1: command 0x0c1a tx timeout
[  127.938631][ T5971] Bluetooth: hci3: command 0x0c1a tx timeout
[  127.938675][ T5961] Bluetooth: hci2: command 0x0c1a tx timeout
[  127.940717][ T5971] Bluetooth: hci0: command 0x0c1a tx timeout
[  128.018650][ T5971] Bluetooth: hci1: command 0x0c1a tx timeout
[  130.793185][ T7787] overlayfs: failed to resolve './file1': -2
[  130.825131][ T7788] netlink: 8 bytes leftover after parsing attributes in process `syz.2.467'.
[  130.829707][ T7788] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  130.910876][ T7795] overlayfs: conflicting options: userxattr,redirect_dir=on
[  131.358521][ T7807] netlink: 4 bytes leftover after parsing attributes in process `syz.4.468'.
[  131.440009][ T7808] syzkaller1: entered promiscuous mode
[  131.442602][ T7808] syzkaller1: entered allmulticast mode
[  131.463781][ T7808] netlink: 4 bytes leftover after parsing attributes in process `syz.4.468'.
[  131.504424][ T7802] netlink: 4 bytes leftover after parsing attributes in process `syz.3.466'.
[  132.030107][ T7819] netlink: 4 bytes leftover after parsing attributes in process `syz.2.470'.
[  132.033015][ T7818] netlink: 12 bytes leftover after parsing attributes in process `syz.3.471'.
[  132.038947][ T7818] bridge0: port 3(vlan3) entered blocking state
[  132.041118][ T7818] bridge0: port 3(vlan3) entered disabled state
[  132.043229][ T7818] vlan3: entered allmulticast mode
[  132.044957][ T7818] bridge0: entered allmulticast mode
[  132.049004][ T7818] vlan3: left allmulticast mode
[  132.051259][ T7818] bridge0: left allmulticast mode
[  132.351592][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  132.354371][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  132.663128][ T7833] netlink: 4 bytes leftover after parsing attributes in process `syz.2.474'.
[  134.103104][ T7841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.476'.
[  134.343156][ T7867] netlink: 12 bytes leftover after parsing attributes in process `syz.4.483'.
[  135.034279][ T7872] netlink: 4 bytes leftover after parsing attributes in process `syz.4.484'.
[  135.761613][ T7861] Set syz1 is full, maxelem 65536 reached
[  135.789796][ T7890] netlink: 'syz.2.490': attribute type 7 has an invalid length.
[  135.831655][ T7895] capability: warning: `syz.3.491' uses deprecated v2 capabilities in a way that may be insecure
[  135.841648][ T7890] syz.2.490: attempt to access beyond end of device
[  135.841648][ T7890] nbd2: rw=0, sector=16, nr_sectors = 1 limit=0
[  135.846003][ T7890] qnx6: unable to read the first superblock
[  135.848303][ T7890] syz.2.490: attempt to access beyond end of device
[  135.848303][ T7890] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  135.852697][ T7890] qnx6: unable to read the first superblock
[  135.854576][ T7890] qnx6: unable to read the first superblock
[  135.886058][   T40] kauditd_printk_skb: 17 callbacks suppressed
[  135.886069][   T40] audit: type=1326 audit(1745423547.888:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.896271][   T40] audit: type=1326 audit(1745423547.888:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.909688][   T40] audit: type=1326 audit(1745423547.898:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.917297][   T40] audit: type=1326 audit(1745423547.898:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.942982][   T40] audit: type=1326 audit(1745423547.898:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.949896][   T40] audit: type=1326 audit(1745423547.908:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.987799][   T40] audit: type=1326 audit(1745423547.988:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.994873][   T40] audit: type=1326 audit(1745423547.988:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  136.001964][   T40] audit: type=1326 audit(1745423547.998:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf705e579 code=0x7ffc0000
[  136.009239][   T40] audit: type=1326 audit(1745423547.998:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  136.048596][ T7184] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  136.174454][ T7907] netlink: 64 bytes leftover after parsing attributes in process `syz.3.496'.
[  136.205544][ T7184] usb 6-1: config 9 has an invalid interface number: 68 but max is 3
[  136.208236][ T7184] usb 6-1: config 9 has an invalid interface number: 104 but max is 3
[  136.213107][ T7184] usb 6-1: config 9 has an invalid interface number: 111 but max is 3
[  136.215587][ T7184] usb 6-1: config 9 has an invalid interface number: 81 but max is 3
[  136.218016][ T7184] usb 6-1: config 9 has no interface number 0
[  136.221255][ T7907] xt_ipcomp: unknown flags 12
[  136.229449][ T7184] usb 6-1: config 9 has no interface number 1
[  136.233686][ T7184] usb 6-1: config 9 has no interface number 2
[  136.239042][ T7184] usb 6-1: config 9 has no interface number 3
[  136.249756][ T7184] usb 6-1: config 9 interface 68 altsetting 64 endpoint 0xB has invalid wMaxPacketSize 0
[  136.252850][ T7184] usb 6-1: config 9 interface 68 altsetting 64 endpoint 0xF has invalid maxpacket 1023, setting to 64
[  136.256983][ T7184] usb 6-1: config 9 interface 104 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  136.261689][ T7184] usb 6-1: config 9 interface 104 altsetting 0 has a duplicate endpoint with address 0xF, skipping
[  136.265700][ T7184] usb 6-1: config 9 interface 104 altsetting 0 endpoint 0xE has invalid maxpacket 1024, setting to 64
[  136.270126][ T7184] usb 6-1: config 9 interface 111 altsetting 2 has a duplicate endpoint with address 0x9, skipping
[  136.273524][ T7184] usb 6-1: config 9 interface 111 altsetting 2 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  136.276927][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  136.286172][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  136.290954][ T7184] usb 6-1: config 9 interface 81 altsetting 0 endpoint 0x81 has an invalid bInterval 194, changing to 7
[  136.294550][ T7184] usb 6-1: config 9 interface 81 altsetting 0 endpoint 0x81 has invalid maxpacket 34739, setting to 1024
[  136.298058][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has a duplicate endpoint with address 0x6, skipping
[  136.302792][ T7184] usb 6-1: config 9 interface 81 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 64
[  136.306336][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  136.309992][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has a duplicate endpoint with address 0x1, skipping
[  136.313285][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2
[  136.316995][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  136.321733][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has a duplicate endpoint with address 0xC, skipping
[  136.325100][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  136.328743][ T7184] usb 6-1: config 9 interface 81 altsetting 0 has 13 endpoint descriptors, different from the interface descriptor's value: 12
[  136.332891][ T7184] usb 6-1: config 9 interface 68 has no altsetting 0
[  136.335050][ T7184] usb 6-1: config 9 interface 111 has no altsetting 0
[  136.346969][ T7184] usb 6-1: New USB device found, idVendor=086a, idProduct=0100, bcdDevice=f9.75
[  136.350003][ T7184] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.352500][ T7184] usb 6-1: Product: �ǃ⽅蠀洜﫹ᖎ䯬狫篹ᯗꮕ൮䎇㧯뙣�늱橿鲳軾蜑�홧夡�兜��蹩�꾆扇彞껈ಈ㺃铇る꽚瓱�뽋��㴟장̚厧�⳩핉ꘒꯑ봲ⴷ⠉Ș⩤黹Ɖ�潲䄎�䚼ṙ㔉囪鉗瓿䓹ն楺�讵᲼ዬꄇ譯値�䈶�諾윭湀锓�䟋㖨ꡂ랯ẋ㌂습
[  136.364323][ T7184] usb 6-1: Manufacturer: à §
[  136.365932][ T7184] usb 6-1: SerialNumber: 〺
[  136.787360][ T7922] netlink: 4 bytes leftover after parsing attributes in process `syz.4.500'.
[  136.959198][ T5971] Bluetooth: hci3: unexpected event for opcode 0x0c7b
[  137.626139][ T7926] netlink: 4 bytes leftover after parsing attributes in process `syz.2.501'.
[  137.808094][ T7948] netlink: 'syz.3.508': attribute type 7 has an invalid length.
[  137.827223][ T7948] syz.3.508: attempt to access beyond end of device
[  137.827223][ T7948] nbd3: rw=0, sector=16, nr_sectors = 1 limit=0
[  137.831630][ T7948] qnx6: unable to read the first superblock
[  137.833657][ T7948] syz.3.508: attempt to access beyond end of device
[  137.833657][ T7948] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  137.837728][ T7948] qnx6: unable to read the first superblock
[  137.840269][ T7948] qnx6: unable to read the first superblock
[  137.901878][ T7953] FAULT_INJECTION: forcing a failure.
[  137.901878][ T7953] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.906130][ T7953] CPU: 2 UID: 0 PID: 7953 Comm: syz.3.510 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  137.906146][ T7953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.906153][ T7953] Call Trace:
[  137.906157][ T7953]  <TASK>
[  137.906161][ T7953]  dump_stack_lvl+0x16c/0x1f0
[  137.906180][ T7953]  should_fail_ex+0x512/0x640
[  137.906195][ T7953]  _copy_from_user+0x2e/0xd0
[  137.906225][ T7953]  cmsghdr_from_user_compat_to_kern+0x355/0x7d0
[  137.906250][ T7953]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  137.906274][ T7953]  ____sys_sendmsg+0x488/0xc70
[  137.906290][ T7953]  ? __pfx_____sys_sendmsg+0x10/0x10
[  137.906304][ T7953]  ? get_compat_msghdr+0x11a/0x170
[  137.906327][ T7953]  ___sys_sendmsg+0x134/0x1d0
[  137.906342][ T7953]  ? __pfx____sys_sendmsg+0x10/0x10
[  137.906362][ T7953]  ? find_held_lock+0x2b/0x80
[  137.906382][ T7953]  __sys_sendmmsg+0x2f9/0x420
[  137.906397][ T7953]  ? __pfx___sys_sendmmsg+0x10/0x10
[  137.906421][ T7953]  ? irqentry_exit+0x3b/0x90
[  137.906438][ T7953]  ? xfd_validate_state+0x5d/0x180
[  137.906451][ T7953]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  137.906466][ T7953]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  137.906481][ T7953]  __do_fast_syscall_32+0x73/0x120
[  137.906497][ T7953]  do_fast_syscall_32+0x32/0x80
[  137.906512][ T7953]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.906526][ T7953] RIP: 0023:0xf705e579
[  137.906534][ T7953] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  137.906544][ T7953] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  137.906554][ T7953] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000ec0
[  137.906561][ T7953] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  137.906567][ T7953] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  137.906572][ T7953] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  137.906578][ T7953] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  137.906591][ T7953]  </TASK>
[  137.974926][    C2] vkms_vblank_simulate: vblank timer overrun
[  138.549896][ T7969] netlink: 4 bytes leftover after parsing attributes in process `syz.3.512'.
[  138.753702][ T7968] netlink: 4 bytes leftover after parsing attributes in process `syz.4.515'.
[  138.818223][ T7184] emi26 - firmware loader 6-1:9.68: emi26_probe start
[  139.178582][ T7983] netlink: 'syz.2.519': attribute type 7 has an invalid length.
[  139.230572][ T7983] syz.2.519: attempt to access beyond end of device
[  139.230572][ T7983] nbd2: rw=0, sector=16, nr_sectors = 1 limit=0
[  139.234328][ T7983] qnx6: unable to read the first superblock
[  139.236528][ T7983] syz.2.519: attempt to access beyond end of device
[  139.236528][ T7983] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  139.311310][ T7983] qnx6: unable to read the first superblock
[  139.313295][ T7983] qnx6: unable to read the first superblock
[  139.938885][ T7984] netlink: 4 bytes leftover after parsing attributes in process `syz.4.517'.
[  140.137177][ T8005] FAULT_INJECTION: forcing a failure.
[  140.137177][ T8005] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.188605][ T8005] CPU: 0 UID: 0 PID: 8005 Comm: syz.3.524 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  140.188623][ T8005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.188630][ T8005] Call Trace:
[  140.188635][ T8005]  <TASK>
[  140.188639][ T8005]  dump_stack_lvl+0x16c/0x1f0
[  140.188659][ T8005]  should_fail_ex+0x512/0x640
[  140.188674][ T8005]  _copy_to_user+0x32/0xd0
[  140.188689][ T8005]  simple_read_from_buffer+0xcb/0x170
[  140.188707][ T8005]  proc_fail_nth_read+0x197/0x270
[  140.188723][ T8005]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  140.188739][ T8005]  ? rw_verify_area+0xcf/0x680
[  140.188755][ T8005]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  140.188770][ T8005]  vfs_read+0x1de/0xc70
[  140.188782][ T8005]  ? __pfx___mutex_lock+0x10/0x10
[  140.188797][ T8005]  ? __pfx_vfs_read+0x10/0x10
[  140.188811][ T8005]  ? __fget_files+0x20e/0x3c0
[  140.188825][ T8005]  ksys_read+0x12a/0x240
[  140.188835][ T8005]  ? __pfx_ksys_read+0x10/0x10
[  140.188844][ T8005]  ? rcu_is_watching+0x12/0xc0
[  140.188856][ T8005]  ? rcu_is_watching+0x12/0xc0
[  140.188868][ T8005]  __do_fast_syscall_32+0x73/0x120
[  140.188885][ T8005]  do_fast_syscall_32+0x32/0x80
[  140.188900][ T8005]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.188913][ T8005] RIP: 0023:0xf705e579
[  140.188922][ T8005] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  140.188933][ T8005] RSP: 002b:00000000f504e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  140.188943][ T8005] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f504e620
[  140.188949][ T8005] RDX: 000000000000000f RSI: 00000000f73c2ff4 RDI: 0000000000000000
[  140.188955][ T8005] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  140.188961][ T8005] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  140.188967][ T8005] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.188980][ T8005]  </TASK>
[  140.332292][ T8007] FAULT_INJECTION: forcing a failure.
[  140.332292][ T8007] name failslab, interval 1, probability 0, space 0, times 0
[  140.338853][ T8007] CPU: 1 UID: 0 PID: 8007 Comm: syz.3.525 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  140.338870][ T8007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.338877][ T8007] Call Trace:
[  140.338881][ T8007]  <TASK>
[  140.338886][ T8007]  dump_stack_lvl+0x16c/0x1f0
[  140.338906][ T8007]  should_fail_ex+0x512/0x640
[  140.338919][ T8007]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  140.338933][ T8007]  should_failslab+0xc2/0x120
[  140.338948][ T8007]  __kmalloc_cache_noprof+0x6a/0x3e0
[  140.338958][ T8007]  ? __do_sys_fanotify_init+0x4ca/0xb80
[  140.338973][ T8007]  ? kasan_save_track+0x14/0x30
[  140.338986][ T8007]  __do_sys_fanotify_init+0x4ca/0xb80
[  140.339001][ T8007]  __do_fast_syscall_32+0x73/0x120
[  140.339018][ T8007]  do_fast_syscall_32+0x32/0x80
[  140.339033][ T8007]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.339046][ T8007] RIP: 0023:0xf705e579
[  140.339055][ T8007] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  140.339065][ T8007] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000152
[  140.339075][ T8007] RAX: ffffffffffffffda RBX: 0000000000004000 RCX: 0000000000000000
[  140.339082][ T8007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  140.339087][ T8007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.339093][ T8007] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  140.339099][ T8007] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.339111][ T8007]  </TASK>
[  141.064827][ T8023] netlink: 4 bytes leftover after parsing attributes in process `syz.2.527'.
[  141.314209][ T8066] netlink: 156 bytes leftover after parsing attributes in process `syz.1.532'.
[  141.401898][ T8070] FAULT_INJECTION: forcing a failure.
[  141.401898][ T8070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.405946][ T8070] CPU: 3 UID: 0 PID: 8070 Comm: syz.2.534 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  141.405962][ T8070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  141.405969][ T8070] Call Trace:
[  141.405973][ T8070]  <TASK>
[  141.405978][ T8070]  dump_stack_lvl+0x16c/0x1f0
[  141.405997][ T8070]  should_fail_ex+0x512/0x640
[  141.406013][ T8070]  _copy_from_user+0x2e/0xd0
[  141.406027][ T8070]  get_user_ifreq+0x116/0x1c0
[  141.406044][ T8070]  sock_ioctl+0x586/0x6b0
[  141.406055][ T8070]  ? __pfx_sock_ioctl+0x10/0x10
[  141.406073][ T8070]  compat_sock_ioctl+0x58b/0x730
[  141.406084][ T8070]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  141.406097][ T8070]  ? __fget_files+0x20e/0x3c0
[  141.406107][ T8070]  ? __fput_deferred+0x300/0x370
[  141.406124][ T8070]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  141.406137][ T8070]  __ia32_compat_sys_ioctl+0x24c/0x360
[  141.406155][ T8070]  __do_fast_syscall_32+0x73/0x120
[  141.406171][ T8070]  do_fast_syscall_32+0x32/0x80
[  141.406186][ T8070]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  141.406200][ T8070] RIP: 0023:0xf70be579
[  141.406209][ T8070] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  141.406219][ T8070] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  141.406229][ T8070] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000089f1
[  141.406235][ T8070] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  141.406241][ T8070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  141.406247][ T8070] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  141.406253][ T8070] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  141.406265][ T8070]  </TASK>
[  141.824077][ T8088] netlink: 4 bytes leftover after parsing attributes in process `syz.2.538'.
[  141.883391][ T8089] netlink: 56 bytes leftover after parsing attributes in process `syz.4.539'.
[  142.191841][ T8106] netlink: 8 bytes leftover after parsing attributes in process `syz.4.541'.
[  142.248083][  T834] IPVS: starting estimator thread 0...
[  142.269989][ T8115] FAULT_INJECTION: forcing a failure.
[  142.269989][ T8115] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.275083][ T8115] CPU: 3 UID: 0 PID: 8115 Comm: syz.2.545 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  142.275105][ T8115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.275115][ T8115] Call Trace:
[  142.275121][ T8115]  <TASK>
[  142.275127][ T8115]  dump_stack_lvl+0x16c/0x1f0
[  142.275159][ T8115]  should_fail_ex+0x512/0x640
[  142.275181][ T8115]  save_fsave_header+0x17b/0x2e0
[  142.275206][ T8115]  ? __pfx_save_fsave_header+0x10/0x10
[  142.275238][ T8115]  ? copy_fpstate_to_sigframe+0x2ca/0xb10
[  142.275261][ T8115]  ? rcu_is_watching+0x12/0xc0
[  142.275277][ T8115]  ? __local_bh_enable_ip+0xa4/0x120
[  142.275300][ T8115]  copy_fpstate_to_sigframe+0x7a0/0xb10
[  142.275327][ T8115]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  142.275355][ T8115]  ? __sigqueue_free+0xba/0x2a0
[  142.275378][ T8115]  ? collect_signal+0x263/0x540
[  142.275405][ T8115]  get_sigframe+0x4a8/0x9c0
[  142.275430][ T8115]  ? __pfx_get_sigframe+0x10/0x10
[  142.275453][ T8115]  ? _raw_spin_unlock_irq+0x23/0x50
[  142.275473][ T8115]  ? siginfo_layout+0x1d2/0x290
[  142.275493][ T8115]  ia32_setup_rt_frame+0xe3/0xb30
[  142.275514][ T8115]  ? getname_flags.part.0+0x1c5/0x550
[  142.275536][ T8115]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  142.275575][ T8115]  ? __do_compat_sys_newstat+0xd4/0x140
[  142.275599][ T8115]  arch_do_signal_or_restart+0x47b/0x7a0
[  142.275622][ T8115]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  142.275652][ T8115]  ? __pfx_ksys_write+0x10/0x10
[  142.275673][ T8115]  syscall_exit_to_user_mode+0x150/0x2a0
[  142.275696][ T8115]  __do_fast_syscall_32+0x80/0x120
[  142.275720][ T8115]  do_fast_syscall_32+0x32/0x80
[  142.275742][ T8115]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  142.275761][ T8115] RIP: 0023:0xf70be579
[  142.275773][ T8115] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  142.275788][ T8115] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 000000000000006a
[  142.275803][ T8115] RAX: fffffffffffffff2 RBX: 0000000000000000 RCX: 0000000000000000
[  142.275812][ T8115] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  142.275821][ T8115] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  142.275830][ T8115] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  142.275839][ T8115] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  142.275858][ T8115]  </TASK>
[  142.338608][ T8111] IPVS: using max 46 ests per chain, 110400 per kthread
[  143.167173][ T8113] geneve2: entered promiscuous mode
[  143.180008][ T8113] geneve2: entered allmulticast mode
[  143.650736][ T8134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.550'.
[  144.136352][ T8147] netlink: 4 bytes leftover after parsing attributes in process `syz.3.554'.
[  144.178610][ T5961] Bluetooth: hci1: command 0x0c1a tx timeout
[  144.578588][  T834] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  144.732292][  T834] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.735707][  T834] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.739044][  T834] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  144.744260][  T834] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  144.748308][  T834] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.752518][  T834] usb 9-1: config 0 descriptor??
[  145.158705][  T834] plantronics 0003:047F:FFFF.0002: reserved main item tag 0xd
[  145.161325][  T834] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  145.165876][  T834] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  145.178683][  T834] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  145.495742][ T8165] =======================================================
[  145.495742][ T8165] WARNING: The mand mount option has been deprecated and
[  145.495742][ T8165]          and is ignored by this kernel. Remove the mand
[  145.495742][ T8165]          option from the mount to silence this warning.
[  145.495742][ T8165] =======================================================
[  145.509827][ T8165] fuse: Bad value for 'fd'
[  145.529643][  T834] usb 9-1: USB disconnect, device number 2
[  145.714086][ T8171] geneve3: entered promiscuous mode
[  145.715845][ T8171] geneve3: entered allmulticast mode
[  145.794925][ T8175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.560'.
[  146.092911][ T8183] netlink: 'syz.4.563': attribute type 1 has an invalid length.
[  146.323573][ T8187] netlink: 156 bytes leftover after parsing attributes in process `syz.4.565'.
[  146.388081][ T8186] netlink: 156 bytes leftover after parsing attributes in process `syz.3.564'.
[  146.729071][ T8194] netlink: 4 bytes leftover after parsing attributes in process `syz.3.566'.
[  146.902175][ T8206] FAULT_INJECTION: forcing a failure.
[  146.902175][ T8206] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.906305][ T8206] CPU: 0 UID: 0 PID: 8206 Comm: syz.2.569 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  146.906321][ T8206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.906327][ T8206] Call Trace:
[  146.906332][ T8206]  <TASK>
[  146.906336][ T8206]  dump_stack_lvl+0x16c/0x1f0
[  146.906355][ T8206]  should_fail_ex+0x512/0x640
[  146.906370][ T8206]  _copy_to_user+0x32/0xd0
[  146.906385][ T8206]  simple_read_from_buffer+0xcb/0x170
[  146.906403][ T8206]  proc_fail_nth_read+0x197/0x270
[  146.906418][ T8206]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.906434][ T8206]  ? rw_verify_area+0xcf/0x680
[  146.906450][ T8206]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.906465][ T8206]  vfs_read+0x1de/0xc70
[  146.906477][ T8206]  ? __pfx___mutex_lock+0x10/0x10
[  146.906492][ T8206]  ? __pfx_vfs_read+0x10/0x10
[  146.906506][ T8206]  ? __fget_files+0x20e/0x3c0
[  146.906520][ T8206]  ksys_read+0x12a/0x240
[  146.906530][ T8206]  ? __pfx_ksys_read+0x10/0x10
[  146.906541][ T8206]  ? rcu_is_watching+0x12/0xc0
[  146.906554][ T8206]  __do_fast_syscall_32+0x73/0x120
[  146.906570][ T8206]  do_fast_syscall_32+0x32/0x80
[  146.906585][ T8206]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  146.906598][ T8206] RIP: 0023:0xf70be579
[  146.906607][ T8206] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  146.906617][ T8206] RSP: 002b:00000000f50ae590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  146.906626][ T8206] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50ae620
[  146.906633][ T8206] RDX: 000000000000000f RSI: 00000000f7422ff4 RDI: 0000000000000000
[  146.906638][ T8206] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  146.906644][ T8206] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  146.906650][ T8206] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  146.906663][ T8206]  </TASK>
[  147.096317][ T8213] netlink: 16 bytes leftover after parsing attributes in process `syz.4.568'.
[  147.616668][ T8222] netlink: 'syz.3.574': attribute type 7 has an invalid length.
[  147.636027][ T8222] syz.3.574: attempt to access beyond end of device
[  147.636027][ T8222] nbd3: rw=0, sector=16, nr_sectors = 1 limit=0
[  147.640192][ T8222] qnx6: unable to read the first superblock
[  147.642220][ T8222] syz.3.574: attempt to access beyond end of device
[  147.642220][ T8222] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  147.646395][ T8222] qnx6: unable to read the first superblock
[  147.648524][ T8222] qnx6: unable to read the first superblock
[  147.726967][ T8225] netlink: 156 bytes leftover after parsing attributes in process `syz.3.575'.
[  148.261710][ T8244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.576'.
[  148.324227][  T834] IPVS: starting estimator thread 0...
[  148.367055][ T8246] netlink: 4 bytes leftover after parsing attributes in process `syz.2.579'.
[  148.408529][ T8248] IPVS: using max 46 ests per chain, 110400 per kthread
[  149.020306][ T8259] netlink: 'syz.4.583': attribute type 7 has an invalid length.
[  149.079204][ T8259] syz.4.583: attempt to access beyond end of device
[  149.079204][ T8259] nbd4: rw=0, sector=16, nr_sectors = 1 limit=0
[  149.083372][ T8259] qnx6: unable to read the first superblock
[  149.085608][ T8259] syz.4.583: attempt to access beyond end of device
[  149.085608][ T8259] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  149.093479][ T8259] qnx6: unable to read the first superblock
[  149.095514][ T8259] qnx6: unable to read the first superblock
[  149.844199][ T8272] netlink: 156 bytes leftover after parsing attributes in process `syz.3.585'.
[  150.101250][ T8285] xt_hashlimit: max too large, truncated to 1048576
[  150.506051][   T29] libceph: connect (1)[c::]:6789 error -101
[  150.508202][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  150.706651][ T8294] ceph: No mds server is up or the cluster is laggy
[  150.764316][ T8291] netlink: 'syz.4.590': attribute type 1 has an invalid length.
[  150.768934][   T29] libceph: connect (1)[c::]:6789 error -101
[  150.770837][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  150.785559][ T8291] 8021q: adding VLAN 0 to HW filter on device bond1
[  150.797456][ T8291] bond1: (slave gretap1): making interface the new active one
[  150.802440][ T8291] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  151.165908][ T8302] tmpfs: Unknown parameter 'usrquota0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.165908][ T8302] 0
[  151.225769][ T8307] netlink: 'syz.2.592': attribute type 7 has an invalid length.
[  151.245917][ T8307] syz.2.592: attempt to access beyond end of device
[  151.245917][ T8307] nbd2: rw=0, sector=16, nr_sectors = 1 limit=0
[  151.250577][ T8307] qnx6: unable to read the first superblock
[  151.253127][ T8307] syz.2.592: attempt to access beyond end of device
[  151.253127][ T8307] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  151.258158][ T8307] qnx6: unable to read the first superblock
[  151.260660][ T8307] qnx6: unable to read the first superblock
[  152.307713][ T8332] netlink: 'syz.2.602': attribute type 7 has an invalid length.
[  152.347948][ T8332] syz.2.602: attempt to access beyond end of device
[  152.347948][ T8332] nbd2: rw=0, sector=16, nr_sectors = 1 limit=0
[  152.354289][ T8332] qnx6: unable to read the first superblock
[  152.357693][ T8332] syz.2.602: attempt to access beyond end of device
[  152.357693][ T8332] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  152.363098][ T8332] qnx6: unable to read the first superblock
[  152.372206][ T8332] qnx6: unable to read the first superblock
[  152.840150][ T8340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.604'.
[  153.660101][ T8362] netlink: 'syz.3.608': attribute type 8 has an invalid length.
[  153.668368][ T8362] netlink: 8 bytes leftover after parsing attributes in process `syz.3.608'.
[  153.699202][ T8370] netlink: 'syz.3.611': attribute type 7 has an invalid length.
[  153.716718][ T8370] syz.3.611: attempt to access beyond end of device
[  153.716718][ T8370] nbd3: rw=0, sector=16, nr_sectors = 1 limit=0
[  153.720869][ T8370] qnx6: unable to read the first superblock
[  153.722765][ T8370] syz.3.611: attempt to access beyond end of device
[  153.722765][ T8370] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  153.726624][ T8370] qnx6: unable to read the first superblock
[  153.728929][ T8370] qnx6: unable to read the first superblock
[  154.288544][   T10] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  154.361697][ T8385] netlink: 4 bytes leftover after parsing attributes in process `syz.3.614'.
[  154.444361][   T10] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  154.449095][   T10] usb 9-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  154.452906][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.458636][   T10] usb 9-1: config 0 descriptor??
[  154.463734][   T10] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[  154.567638][ T8391] FAULT_INJECTION: forcing a failure.
[  154.567638][ T8391] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.574299][ T8391] CPU: 3 UID: 0 PID: 8391 Comm: syz.3.615 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  154.574315][ T8391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.574323][ T8391] Call Trace:
[  154.574327][ T8391]  <TASK>
[  154.574331][ T8391]  dump_stack_lvl+0x16c/0x1f0
[  154.574351][ T8391]  should_fail_ex+0x512/0x640
[  154.574366][ T8391]  _copy_from_user+0x2e/0xd0
[  154.574380][ T8391]  bpf_ctx_init+0x14b/0x1e0
[  154.574394][ T8391]  bpf_prog_test_run_sk_lookup+0x2a5/0xd00
[  154.574413][ T8391]  ? find_held_lock+0x2b/0x80
[  154.574425][ T8391]  ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10
[  154.574439][ T8391]  ? __fget_files+0x204/0x3c0
[  154.574452][ T8391]  ? __fget_files+0x20e/0x3c0
[  154.574460][ T8391]  ? __might_fault+0x30/0x190
[  154.574476][ T8391]  ? fput+0x70/0xf0
[  154.574490][ T8391]  ? __bpf_prog_get+0xa0/0x290
[  154.574503][ T8391]  ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10
[  154.574523][ T8391]  __sys_bpf+0x1485/0x4d80
[  154.574548][ T8391]  ? __pfx___sys_bpf+0x10/0x10
[  154.574573][ T8391]  ? ksys_write+0x190/0x240
[  154.574592][ T8391]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  154.574629][ T8391]  ? fput+0x70/0xf0
[  154.574647][ T8391]  ? ksys_write+0x1b9/0x240
[  154.574658][ T8391]  ? __pfx_ksys_write+0x10/0x10
[  154.574671][ T8391]  __ia32_sys_bpf+0x76/0xe0
[  154.574681][ T8391]  __do_fast_syscall_32+0x73/0x120
[  154.574698][ T8391]  do_fast_syscall_32+0x32/0x80
[  154.574713][ T8391]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  154.574727][ T8391] RIP: 0023:0xf705e579
[  154.574735][ T8391] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  154.574746][ T8391] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  154.574757][ T8391] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000440
[  154.574763][ T8391] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  154.574769][ T8391] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  154.574782][ T8391] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  154.574788][ T8391] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  154.574801][ T8391]  </TASK>
[  154.589396][ T8393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.616'.
[  154.662794][ T8395] capability: warning: `syz.2.617' uses 32-bit capabilities (legacy support in use)
[  157.052324][ T6237] usb 9-1: USB disconnect, device number 3
[  157.142096][ T8409] netlink: 'syz.2.619': attribute type 4 has an invalid length.
[  157.977257][ T1469] usb 7-1: emi26_load_firmware - request_firmware() failed
[  157.980415][ T7184] usb 6-1: emi26_load_firmware - request_firmware() failed
[  157.983022][ T7184] usb 6-1: emi26_load_firmware - error loading firmware: error = -2
[  157.985864][ T7184] emi26 - firmware loader 6-1:9.68: probe with driver emi26 - firmware loader failed with error -5
[  157.989763][ T1469] usb 7-1: emi26_load_firmware - error loading firmware: error = -110
[  157.992790][ T1469] emi26 - firmware loader 7-1:9.68: probe with driver emi26 - firmware loader failed with error -5
[  158.000969][ T7184] emi26 - firmware loader 6-1:9.104: emi26_probe start
[  158.017592][ T1469] emi26 - firmware loader 7-1:9.104: emi26_probe start
[  158.020592][ T1469] usb 7-1: Direct firmware load for emi26/loader.fw failed with error -2
[  158.023201][ T1469] usb 7-1: Falling back to sysfs fallback for: emi26/loader.fw
[  158.031172][ T5961] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  158.035699][ T5961] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  158.037060][ T5308] Bluetooth: hci0: unexpected event for opcode 0x041c
[  158.040380][ T5961] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  158.043513][ T5961] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  158.046056][ T5961] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  158.163034][ T8416] chnl_net:caif_netlink_parms(): no params data found
[  158.230785][ T8416] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.233042][ T8416] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.235575][ T8416] bridge_slave_0: entered allmulticast mode
[  158.238083][ T8416] bridge_slave_0: entered promiscuous mode
[  158.242733][ T8416] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.245868][ T8416] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.248239][ T8416] bridge_slave_1: entered allmulticast mode
[  158.250830][ T8416] bridge_slave_1: entered promiscuous mode
[  158.289006][ T8416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  158.293370][ T8416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  158.327481][ T8416] team0: Port device team_slave_0 added
[  158.331754][ T8416] team0: Port device team_slave_1 added
[  158.371366][ T8416] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.373518][ T8416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.381648][ T8416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.385916][ T8416] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.388002][ T8416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.396774][ T8416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.440633][ T8416] hsr_slave_0: entered promiscuous mode
[  158.443051][ T8416] hsr_slave_1: entered promiscuous mode
[  158.445356][ T8416] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  158.447654][ T8416] Cannot create hsr debugfs directory
[  158.567957][ T8416] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  158.583581][ T8416] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  158.589676][ T8416] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  158.595690][ T8416] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  158.612548][ T8416] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.614899][ T8416] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.617474][ T8416] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.619808][ T8416] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.652125][ T8416] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.731437][ T1139] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.750794][ T1139] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.793504][ T8416] 8021q: adding VLAN 0 to HW filter on device team0
[  158.812956][ T1189] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.815225][ T1189] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.832738][ T1189] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.834777][ T1189] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.980402][ T8429] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  158.982459][ T8429] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  159.001144][ T8429] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  159.008696][ T8429] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  159.048717][ T8429] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  159.050621][ T8429] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  159.069843][ T8416] 8021q: adding VLAN 0 to HW filter on device batadv0
[  159.096676][ T8429] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  159.288697][ T8433] netlink: 4 bytes leftover after parsing attributes in process `syz.2.625'.
[  159.348072][ T8416] veth0_vlan: entered promiscuous mode
[  159.356355][ T8416] veth1_vlan: entered promiscuous mode
[  159.376683][ T8416] veth0_macvtap: entered promiscuous mode
[  159.382668][ T8416] veth1_macvtap: entered promiscuous mode
[  159.393734][ T8416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.397354][ T8416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.403490][ T8416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.407035][ T8416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.412277][ T8416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.418067][ T8416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.421478][ T8416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.425322][ T8416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.430344][ T8416] batman_adv: batadv0: Interface activated: batadv_slave_0
[  159.436488][ T8416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.440377][ T8416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.443626][ T8416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.447522][ T8416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.451209][ T8416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.454596][ T8416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.457864][ T8416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.461391][ T8416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.466160][ T8416] batman_adv: batadv0: Interface activated: batadv_slave_1
[  159.475808][ T8416] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  159.479545][ T8416] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.482623][ T8416] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  159.485907][ T8416] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  159.514878][ T8460] netlink: 4 bytes leftover after parsing attributes in process `syz.4.630'.
[  159.522402][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.526620][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.541490][   T99] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.544011][   T99] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.915695][ T8475] netlink: 4 bytes leftover after parsing attributes in process `syz.4.636'.
[  160.009610][ T8478] netlink: 196 bytes leftover after parsing attributes in process `syz.2.637'.
[  160.308693][   T57] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  160.460956][   T57] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.464294][   T57] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  160.467232][   T57] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  160.470980][   T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.479321][   T57] usb 8-1: config 0 descriptor??
[  160.482706][   T57] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  160.484970][   T57] dvb-usb: bulk message failed: -22 (3/0)
[  160.487933][   T57] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  160.494985][   T57] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  160.497454][   T57] usb 8-1: media controller created
[  160.500539][   T57] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  160.504962][   T57] dvb-usb: bulk message failed: -22 (6/0)
[  160.506973][   T57] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  160.520888][   T57] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input13
[  160.529919][   T57] dvb-usb: schedule remote query interval to 150 msecs.
[  160.532124][   T57] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  160.689713][   T57] dvb-usb: bulk message failed: -22 (1/0)
[  160.691589][   T57] dvb-usb: error while querying for an remote control event.
[  160.738571][ T5961] Bluetooth: hci0: command 0x0c1a tx timeout
[  160.780029][   T57] usb 8-1: USB disconnect, device number 5
[  160.850676][   T57] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  160.860432][ T8490] netlink: 'syz.4.639': attribute type 7 has an invalid length.
[  160.945029][ T8490] syz.4.639: attempt to access beyond end of device
[  160.945029][ T8490] nbd4: rw=0, sector=16, nr_sectors = 1 limit=0
[  160.954037][ T8490] qnx6: unable to read the first superblock
[  160.956049][ T8490] syz.4.639: attempt to access beyond end of device
[  160.956049][ T8490] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  160.961040][ T8490] qnx6: unable to read the first superblock
[  160.962998][ T8490] qnx6: unable to read the first superblock
[  161.005244][ T8495] netlink: 156 bytes leftover after parsing attributes in process `syz.2.640'.
[  161.058586][ T5961] Bluetooth: hci4: command 0x041b tx timeout
[  161.058589][ T5971] Bluetooth: hci1: command 0x0c1a tx timeout
[  161.060643][ T5971] Bluetooth: hci3: command 0x0c1a tx timeout
[  161.062954][ T5961] Bluetooth: hci2: command 0x0c1a tx timeout
[  161.136537][ T8502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  161.144537][ T8506] netlink: 36 bytes leftover after parsing attributes in process `syz.2.643'.
[  161.151628][ T8502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  161.242799][ T8510] netlink: 196 bytes leftover after parsing attributes in process `syz.5.645'.
[  162.675040][ T8537] netlink: 8 bytes leftover after parsing attributes in process `syz.3.650'.
[  162.726349][ T8537] syz.3.650: attempt to access beyond end of device
[  162.726349][ T8537] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0
[  162.731798][ T8537] XFS (nbd3): SB validate failed with error -5.
[  163.109373][ T8547] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes
[  163.148493][ T5958] Bluetooth: hci4: command 0x041b tx timeout
[  164.605989][ T8583] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  164.624536][ T8585] netlink: 'syz.3.661': attribute type 7 has an invalid length.
[  164.692360][ T8585] syz.3.661: attempt to access beyond end of device
[  164.692360][ T8585] nbd3: rw=0, sector=16, nr_sectors = 1 limit=0
[  164.696851][ T8585] qnx6: unable to read the first superblock
[  164.699826][ T8585] syz.3.661: attempt to access beyond end of device
[  164.699826][ T8585] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  164.704192][ T8585] qnx6: unable to read the first superblock
[  164.712785][ T8585] qnx6: unable to read the first superblock
[  164.877825][   T40] kauditd_printk_skb: 27 callbacks suppressed
[  164.877840][   T40] audit: type=1326 audit(1745423576.878:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70be579 code=0x7ffc0000
[  164.916335][   T40] audit: type=1326 audit(1745423576.898:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70be5a7 code=0x7ffc0000
[  164.923755][   T40] audit: type=1326 audit(1745423576.898:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70be579 code=0x7ffc0000
[  164.932590][   T40] audit: type=1326 audit(1745423576.898:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70be5a7 code=0x7ffc0000
[  164.941401][   T40] audit: type=1326 audit(1745423576.898:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70be579 code=0x7ffc0000
[  164.948292][   T40] audit: type=1326 audit(1745423576.898:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70be5a7 code=0x7ffc0000
[  164.955519][   T40] audit: type=1326 audit(1745423576.898:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70be579 code=0x7ffc0000
[  164.962372][   T40] audit: type=1326 audit(1745423576.898:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70be5a7 code=0x7ffc0000
[  164.969303][   T40] audit: type=1326 audit(1745423576.898:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70be579 code=0x7ffc0000
[  164.979504][   T40] audit: type=1326 audit(1745423576.898:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.2.663" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70be5a7 code=0x7ffc0000
[  165.219076][ T5958] Bluetooth: hci4: command 0x041b tx timeout
[  165.492369][ T8606] netlink: 16 bytes leftover after parsing attributes in process `syz.5.667'.
[  165.574803][ T8607] netlink: 12 bytes leftover after parsing attributes in process `syz.4.665'.
[  165.747049][ T8624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.673'.
[  165.750185][ T8624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.673'.
[  165.754052][ T8624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.673'.
[  165.756852][ T8624] bridge_slave_1: left allmulticast mode
[  165.758709][ T8624] bridge_slave_1: left promiscuous mode
[  165.760753][ T8624] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.772751][ T8624] bridge_slave_0: left allmulticast mode
[  165.774560][ T8624] bridge_slave_0: left promiscuous mode
[  165.776477][ T8624] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.786992][ T8625] xt_CT: You must specify a L4 protocol and not use inversions on it
[  166.602008][ T8641] netlink: 36 bytes leftover after parsing attributes in process `syz.3.676'.
[  166.606657][ T8641] netlink: 16 bytes leftover after parsing attributes in process `syz.3.676'.
[  166.611993][ T8641] netlink: 36 bytes leftover after parsing attributes in process `syz.3.676'.
[  166.616261][ T8641] netlink: 36 bytes leftover after parsing attributes in process `syz.3.676'.
[  166.707915][ T8644] netlink: 48 bytes leftover after parsing attributes in process `syz.2.677'.
[  167.298738][ T5958] Bluetooth: hci4: command 0x041b tx timeout
[  167.567819][ T8673] 9pnet_fd: Insufficient options for proto=fd
[  168.329919][ T8694] overlayfs: failed to clone upperpath
[  169.380561][ T5958] Bluetooth: hci4: command 0x041b tx timeout
[  169.868521][ T8734] netlink: 'syz.4.703': attribute type 4 has an invalid length.
[  170.210104][ T8742] syzkaller1: entered promiscuous mode
[  170.212134][ T8742] syzkaller1: entered allmulticast mode
[  170.675771][ T8764] __nla_validate_parse: 3 callbacks suppressed
[  170.675782][ T8764] netlink: 4 bytes leftover after parsing attributes in process `syz.4.714'.
[  170.826103][   T40] kauditd_printk_skb: 646 callbacks suppressed
[  170.826114][   T40] audit: type=1326 audit(1745423582.828:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.2.712" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[  171.458935][ T5958] Bluetooth: hci4: command 0x041b tx timeout
[  171.836467][ T5998] usb 9-1: new low-speed USB device number 4 using dummy_hcd
[  171.843131][ T8797] netlink: 4 bytes leftover after parsing attributes in process `syz.3.724'.
[  171.968558][ T5998] usb 9-1: device descriptor read/64, error -71
[  172.228544][ T5998] usb 9-1: new low-speed USB device number 5 using dummy_hcd
[  172.323591][ T8808] netlink: 4 bytes leftover after parsing attributes in process `syz.2.728'.
[  172.348830][ T8808] netlink: 4 bytes leftover after parsing attributes in process `syz.2.728'.
[  172.359075][ T5998] usb 9-1: device descriptor read/64, error -71
[  172.470060][ T5998] usb usb9-port1: attempt power cycle
[  172.541773][ T8812] nfs4: Bad value for 'source'
[  172.786558][ T8818] netlink: 144 bytes leftover after parsing attributes in process `syz.2.731'.
[  172.794124][ T8818] lo speed is unknown, defaulting to 1000
[  172.796064][ T8818] lo speed is unknown, defaulting to 1000
[  172.802845][ T8818] lo speed is unknown, defaulting to 1000
[  172.808589][ T5998] usb 9-1: new low-speed USB device number 6 using dummy_hcd
[  172.813799][ T8818] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  172.827975][ T8818] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  172.828996][ T5998] usb 9-1: device descriptor read/8, error -71
[  172.869229][ T8818] lo speed is unknown, defaulting to 1000
[  172.873610][ T8818] lo speed is unknown, defaulting to 1000
[  172.877688][ T8818] lo speed is unknown, defaulting to 1000
[  172.881850][ T8818] lo speed is unknown, defaulting to 1000
[  172.885465][ T8818] lo speed is unknown, defaulting to 1000
[  172.889079][ T8818] lo speed is unknown, defaulting to 1000
[  172.970239][ T8821] Illegal XDP return value 123240448 on prog  (id 177) dev N/A, expect packet loss!
[  173.078610][ T5998] usb 9-1: new low-speed USB device number 7 using dummy_hcd
[  173.099939][ T5998] usb 9-1: device descriptor read/8, error -71
[  173.209357][ T5998] usb usb9-port1: unable to enumerate USB device
[  173.325351][ T1139] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.329287][ T1139] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  173.423008][ T1139] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.426452][ T1139] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  173.521574][ T1139] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.524965][ T1139] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  173.590933][ T1139] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.594229][ T1139] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  173.689736][ T1139] bridge_slave_1: left allmulticast mode
[  173.691680][ T1139] bridge_slave_1: left promiscuous mode
[  173.694364][ T1139] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.700250][ T1139] bridge_slave_0: left allmulticast mode
[  173.702068][ T1139] bridge_slave_0: left promiscuous mode
[  173.703994][ T1139] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.027282][ T1139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  174.031633][ T1139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  174.035184][ T1139] bond0 (unregistering): Released all slaves
[  174.164987][ T8840] netlink: 4 bytes leftover after parsing attributes in process `syz.2.739'.
[  174.233488][ T8844] ieee802154 phy0 wpan0: encryption failed: -22
[  174.821719][ T1139] hsr_slave_0: left promiscuous mode
[  174.824176][ T1139] hsr_slave_1: left promiscuous mode
[  174.826519][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  174.829231][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_0
[  174.832347][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  174.834685][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_1
[  174.868146][ T1139] veth1_macvtap: left promiscuous mode
[  174.870484][ T1139] veth0_macvtap: left promiscuous mode
[  174.872304][ T1139] veth1_vlan: left promiscuous mode
[  174.874037][ T1139] veth0_vlan: left promiscuous mode
[  175.264507][ T8875] netlink: 4 bytes leftover after parsing attributes in process `syz.5.746'.
[  175.721347][ T5958] block nbd1: Receive control failed (result -32)
[  175.729333][ T8886] afs: Unknown parameter '+¯“Zá{"ê—yÊŠ©'
[  175.848151][ T1139] team0 (unregistering): Port device team_slave_1 removed
[  175.918083][ T1139] team0 (unregistering): Port device team_slave_0 removed
[  176.469269][ T8886] netlink: 12 bytes leftover after parsing attributes in process `syz.3.749'.
[  176.490179][ T8881] lo speed is unknown, defaulting to 1000
[  176.546244][ T8893] ip6tnl1: entered promiscuous mode
[  176.548813][ T8893] ip6tnl1: entered allmulticast mode
[  176.755978][ T8907] netlink: 12 bytes leftover after parsing attributes in process `syz.4.756'.
[  176.936434][ T8915] netlink: 52 bytes leftover after parsing attributes in process `syz.4.757'.
[  176.992055][ T8915] xt_CT: You must specify a L4 protocol and not use inversions on it
[  177.384308][ T8922] netlink: 4 bytes leftover after parsing attributes in process `syz.3.759'.
[  177.389084][ T8922] netlink: 24 bytes leftover after parsing attributes in process `syz.3.759'.
[  178.488268][   T40] audit: type=1326 audit(1745423590.488:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.4.768" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0
[  179.343179][ T8968] netlink: 8 bytes leftover after parsing attributes in process `syz.5.772'.
[  179.467888][ T8972] overlayfs: failed to clone upperpath
[  179.691117][ T8979] befs: (loop11): No write support. Marking filesystem read-only
[  179.694159][ T8979] syz.5.775: attempt to access beyond end of device
[  179.694159][ T8979] loop11: rw=0, sector=0, nr_sectors = 2 limit=0
[  179.698220][ T8979] befs: (loop11): unable to read superblock
[  179.700581][ T8980] befs: (loop11): No write support. Marking filesystem read-only
[  179.704637][ T8980] syz.5.775: attempt to access beyond end of device
[  179.704637][ T8980] loop11: rw=0, sector=0, nr_sectors = 2 limit=0
[  179.709726][ T8980] befs: (loop11): unable to read superblock
[  179.980767][ T8989] misc userio: Can't change port type on an already running userio instance
[  181.176715][ T9044] tmpfs: Bad value for 'mpol'
[  181.234368][ T9038] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[  181.706737][ T9037] ------------[ cut here ]------------
[  181.709173][ T9037] WARNING: CPU: 2 PID: 9037 at mm/shmem.c:1388 shmem_evict_inode+0x8f0/0xbe0
[  181.712813][ T9037] Modules linked in:
[  181.714941][ T9037] CPU: 2 UID: 0 PID: 9037 Comm: syz.2.788 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  181.721762][ T9037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  181.726214][ T9037] RIP: 0010:shmem_evict_inode+0x8f0/0xbe0
[  181.728665][ T9037] Code: fe e8 34 27 be ff 45 85 ff 75 ac e8 ea 2b be ff 48 8b 74 24 28 48 8b 7c 24 30 e8 bb 6c 97 ff e9 e3 fd ff ff e8 d1 2b be ff 90 <0f> 0b 90 e9 4f f9 ff ff e8 c3 2b be ff 4c 89 e2 48 b8 00 00 00 00
[  181.736524][ T9037] RSP: 0018:ffffc9000c00f9b8 EFLAGS: 00010293
[  181.740451][ T9037] RAX: 0000000000000000 RBX: ffff888057f0bc48 RCX: ffffffff81fc776e
[  181.743898][ T9037] RDX: ffff888025b62440 RSI: ffffffff81fc7e1f RDI: 0000000000000007
[  181.747230][ T9037] RBP: ffffc9000c00fae0 R08: 0000000000000007 R09: 0000000000000000
[  181.750868][ T9037] R10: 0000000000000008 R11: 0000000000000000 R12: 0000000000000008
[  181.754325][ T9037] R13: 0000000000000000 R14: ffff888057f0bc78 R15: ffff888057f0bb38
[  181.757968][ T9037] FS:  0000000000000000(0000) GS:ffff8880979bf000(0000) knlGS:0000000000000000
[  181.761788][ T9037] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  181.764108][ T9037] CR2: 000000000c416623 CR3: 0000000068a62000 CR4: 0000000000352ef0
[  181.766722][ T9037] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  181.769764][ T9037] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  181.772319][ T9037] Call Trace:
[  181.773480][ T9037]  <TASK>
[  181.774471][ T9037]  ? __pfx_shmem_evict_inode+0x10/0x10
[  181.776235][ T9037]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  181.778246][ T9037]  ? find_held_lock+0x2b/0x80
[  181.779821][ T9037]  ? evict+0x3a2/0x920
[  181.781147][ T9037]  ? __pfx_shmem_evict_inode+0x10/0x10
[  181.782890][ T9037]  evict+0x3e3/0x920
[  181.784192][ T9037]  ? __pfx_evict+0x10/0x10
[  181.785626][ T9037]  ? iput+0x519/0x880
[  181.786913][ T9037]  iput+0x521/0x880
[  181.788178][ T9037]  ? __pfx_generic_delete_inode+0x10/0x10
[  181.790093][ T9037]  dentry_unlink_inode+0x29c/0x480
[  181.792015][ T9037]  __dentry_kill+0x1d0/0x600
[  181.793889][ T9037]  dput.part.0+0x4b1/0x9b0
[  181.795740][ T9037]  dput+0x1f/0x30
[  181.797334][ T9037]  __fput+0x51c/0xb70
[  181.799121][ T9037]  ? _raw_spin_unlock_irq+0x23/0x50
[  181.801146][ T9037]  task_work_run+0x14d/0x240
[  181.803017][ T9037]  ? __pfx_task_work_run+0x10/0x10
[  181.805010][ T9037]  ? do_raw_spin_unlock+0x172/0x230
[  181.806742][ T9037]  do_exit+0xafb/0x2c30
[  181.808134][ T9037]  ? __pfx_do_exit+0x10/0x10
[  181.809717][ T9037]  ? preempt_schedule_thunk+0x16/0x30
[  181.811480][ T9037]  do_group_exit+0xd3/0x2a0
[  181.813013][ T9037]  __ia32_sys_exit_group+0x3e/0x50
[  181.814685][ T9037]  ia32_sys_call+0xd56/0x1c40
[  181.816215][ T9037]  __do_fast_syscall_32+0x73/0x120
[  181.817865][ T9037]  do_fast_syscall_32+0x32/0x80
[  181.819490][ T9037]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  181.821494][ T9037] RIP: 0023:0xf70be579
[  181.822812][ T9037] Code: Unable to access opcode bytes at 0xf70be54f.
[  181.824996][ T9037] RSP: 002b:00000000ffb179bc EFLAGS: 00000286 ORIG_RAX: 00000000000000fc
[  181.827641][ T9037] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  181.830195][ T9037] RDX: 0000000000000000 RSI: 00000000ffffff9c RDI: 00000000f7422ff4
[  181.832699][ T9037] RBP: 000000000000002c R08: 0000000000000000 R09: 0000000000000000
[  181.835411][ T9037] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  181.838143][ T9037] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  181.840722][ T9037]  </TASK>
[  181.841739][ T9037] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  181.844078][ T9037] CPU: 2 UID: 0 PID: 9037 Comm: syz.2.788 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  181.847768][ T9037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  181.851509][ T9037] Call Trace:
[  181.852625][ T9037]  <TASK>
[  181.853587][ T9037]  dump_stack_lvl+0x3d/0x1f0
[  181.855273][ T9037]  panic+0x71c/0x800
[  181.856817][ T9037]  ? __pfx_panic+0x10/0x10
[  181.858289][ T9037]  ? show_trace_log_lvl+0x29b/0x3e0
[  181.859986][ T9037]  ? check_panic_on_warn+0x1f/0xb0
[  181.862063][ T9037]  ? shmem_evict_inode+0x8f0/0xbe0
[  181.863834][ T9037]  check_panic_on_warn+0xab/0xb0
[  181.865560][ T9037]  __warn+0xf6/0x3c0
[  181.867092][ T9037]  ? shmem_evict_inode+0x8f0/0xbe0
[  181.868742][ T9037]  report_bug+0x3c3/0x580
[  181.870144][ T9037]  ? shmem_evict_inode+0x8f0/0xbe0
[  181.872281][ T9037]  handle_bug+0x184/0x210
[  181.873718][ T9037]  exc_invalid_op+0x17/0x50
[  181.875599][ T9037]  asm_exc_invalid_op+0x1a/0x20
[  181.877578][ T9037] RIP: 0010:shmem_evict_inode+0x8f0/0xbe0
[  181.879845][ T9037] Code: fe e8 34 27 be ff 45 85 ff 75 ac e8 ea 2b be ff 48 8b 74 24 28 48 8b 7c 24 30 e8 bb 6c 97 ff e9 e3 fd ff ff e8 d1 2b be ff 90 <0f> 0b 90 e9 4f f9 ff ff e8 c3 2b be ff 4c 89 e2 48 b8 00 00 00 00
[  181.887452][ T9037] RSP: 0018:ffffc9000c00f9b8 EFLAGS: 00010293
[  181.889762][ T9037] RAX: 0000000000000000 RBX: ffff888057f0bc48 RCX: ffffffff81fc776e
[  181.892912][ T9037] RDX: ffff888025b62440 RSI: ffffffff81fc7e1f RDI: 0000000000000007
[  181.896072][ T9037] RBP: ffffc9000c00fae0 R08: 0000000000000007 R09: 0000000000000000
[  181.899219][ T9037] R10: 0000000000000008 R11: 0000000000000000 R12: 0000000000000008
[  181.902360][ T9037] R13: 0000000000000000 R14: ffff888057f0bc78 R15: ffff888057f0bb38
[  181.905117][ T9037]  ? shmem_evict_inode+0x23e/0xbe0
[  181.907160][ T9037]  ? shmem_evict_inode+0x8ef/0xbe0
[  181.908911][ T9037]  ? shmem_evict_inode+0x8ef/0xbe0
[  181.910683][ T9037]  ? __pfx_shmem_evict_inode+0x10/0x10
[  181.912515][ T9037]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  181.914602][ T9037]  ? find_held_lock+0x2b/0x80
[  181.916162][ T9037]  ? evict+0x3a2/0x920
[  181.917503][ T9037]  ? __pfx_shmem_evict_inode+0x10/0x10
[  181.919332][ T9037]  evict+0x3e3/0x920
[  181.920628][ T9037]  ? __pfx_evict+0x10/0x10
[  181.922120][ T9037]  ? iput+0x519/0x880
[  181.923487][ T9037]  iput+0x521/0x880
[  181.924768][ T9037]  ? __pfx_generic_delete_inode+0x10/0x10
[  181.926597][ T9037]  dentry_unlink_inode+0x29c/0x480
[  181.928319][ T9037]  __dentry_kill+0x1d0/0x600
[  181.929845][ T9037]  dput.part.0+0x4b1/0x9b0
[  181.931333][ T9037]  dput+0x1f/0x30
[  181.932572][ T9037]  __fput+0x51c/0xb70
[  181.933911][ T9037]  ? _raw_spin_unlock_irq+0x23/0x50
[  181.935606][ T9037]  task_work_run+0x14d/0x240
[  181.937149][ T9037]  ? __pfx_task_work_run+0x10/0x10
[  181.938794][ T9037]  ? do_raw_spin_unlock+0x172/0x230
[  181.940531][ T9037]  do_exit+0xafb/0x2c30
[  181.941922][ T9037]  ? __pfx_do_exit+0x10/0x10
[  181.943657][ T9037]  ? preempt_schedule_thunk+0x16/0x30
[  181.945424][ T9037]  do_group_exit+0xd3/0x2a0
[  181.946937][ T9037]  __ia32_sys_exit_group+0x3e/0x50
[  181.948631][ T9037]  ia32_sys_call+0xd56/0x1c40
[  181.950157][ T9037]  __do_fast_syscall_32+0x73/0x120
[  181.951890][ T9037]  do_fast_syscall_32+0x32/0x80
[  181.953485][ T9037]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  181.955561][ T9037] RIP: 0023:0xf70be579
[  181.956891][ T9037] Code: Unable to access opcode bytes at 0xf70be54f.
[  181.959012][ T9037] RSP: 002b:00000000ffb179bc EFLAGS: 00000286 ORIG_RAX: 00000000000000fc
[  181.961706][ T9037] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  181.964314][ T9037] RDX: 0000000000000000 RSI: 00000000ffffff9c RDI: 00000000f7422ff4
[  181.967083][ T9037] RBP: 000000000000002c R08: 0000000000000000 R09: 0000000000000000
[  181.970136][ T9037] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  181.973112][ T9037] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  181.975650][ T9037]  </TASK>
[  181.977157][ T9037] Kernel Offset: disabled
[  181.978610][ T9037] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:53:13  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000080000 RBX=ffff888023050208 RCX=ffffc90032373000 RDX=0000000000080000
RSI=ffffffff84d2b398 RDI=0000000000000005 RBP=0000000000001000 RSP=ffffc90003a9e1e8
R8 =0000000000000005 R9 =0000000000000400 R10=0000000000000034 R11=0000000000000000
R12=ffff88802442c000 R13=0000000000000034 R14=dffffc0000000000 R15=ffff888023050000
RIP=ffffffff81baaa56 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977bf000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f501cda4 CR3=000000006ec58000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff84d2d0b4 RDX=0000000000000002
RSI=ffffffff84d2d0ee RDI=0000000000000001 RBP=ffffffff8ef5da3a RSP=ffffc90002226b08
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=ffff8880294d0030
R12=0000000000000002 R13=dffffc0000000000 R14=0000000000000006 R15=0000000000000002
RIP=ffffffff81baa9f8 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978bf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005618077c0131 CR3=000000006ec58000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000005d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854afb75 RDI=ffffffff9ae0cb80 RBP=ffffffff9ae0cb40 RSP=ffffc9000c00f320
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000005d R14=ffffffff9ae0cb40 R15=ffffffff854afb10
RIP=ffffffff854afb9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979bf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000000c416623 CR3=0000000068a62000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff81f6d21f RDX=ffff88802116c880
RSI=0000000000000000 RDI=0000000000000000 RBP=ffffea00004c7b00 RSP=ffffc9000106f1a8
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=ffffea00004c7b00 R14=0000000000000000 R15=ffffea00004c7b18
RIP=ffffffff81baa530 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097abf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f742d000 CR3=000000004a7d2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 47c1f3ddf6e7f6ba 3006b9639bed297f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d53e7b669dda49f2 37de441824c646f6
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 618ba57e3d80269b e1984c4e2705ebde
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 896da469fcd46f02 2e12c33ebe433203
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000069c0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00006f2b00000001 0f05ac00939f2c00
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100006f2c 0000001000006f2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00006f2b8d1b7500 df88d200301cbd00
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c1f43c009b995200 00006f2d24997400
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e06284d625c6719e c8dbdca09e1bc8f5
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d23548ba4a5bdc76 1d10c98337f58f80
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000