last executing test programs:

2m8.016267593s ago: executing program 2 (id=84):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f00000081c0)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000007c0)="55583418a3f9280be9a18761eaf403a5e1759552dc6aceeb0cb6d30312638cfdc23f4f2964cd4dbdb6901d48b4ef89bec1e4f9e909789274da94cb80b3aef9802293b8d5ae324b70bddabc1636a0bcd1ba7a7742562a68b0915eb94072111a8eb5b86ee91358449c1fb8f81e4c623f6509ab81b66299b057413e0957a522b06e3dacdfbd51fcee6685c4c5b3014522a2a01658d1091555e04c4c66302c0e72bb1cd97e056ac58400dabd1c0bd86e59ebb9d0b05500a9897a20b93b88a09eb87dc62fd35ad2115f4c2816ef1f", 0xcc}, {&(0x7f0000000400)="d37a2dbb29c27d5dfc7de6ceedc5039aa9b053bc68912b8ef8155dd38556649ef6d455f3f842e83f272009da6261effd49752f8b11a920df39d0e898ef474cde42d5ca09dba2d495e750f4ded7cba528e52949266d1266eadf6f6524bfbd2894463d0bee9c1c0bc396add7c9d732d9df15a84ae8e6ec8c28e6f80b9b5aeef5882bfbcd6f43b8a2f954b84355", 0x8c}, {&(0x7f00000008c0)="81b5d716d955c531441df6b678145466afbd5839f45a3c8e311be393c7bf6f", 0x1f}, {&(0x7f0000000900)="8d601d18ab3101b33e3937349d15c98da5fcd819f9db2a87acb9ecff169dfa6bb6ec635c89a0658db07c538ed5b1996769051c77a121b81be1c333c2ca2d495082eb9d781c037c569b35292c22beffb68262b44f8c228b1cdf8af91f05b247ed764e98ec3ebfce338d9b15e0f89680b7611e6d286166669195", 0x79}], 0x4}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="241f0000", @ANYRES16=r3, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r4, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

2m7.946721684s ago: executing program 2 (id=85):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$inet(r1, &(0x7f0000008c00)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000200)="21165a10978c50700e80c59745cd657346de16ec0b28b3c2c77a25771c409208eb61287561cf2e4f34aee3abbffb0babbada01cd7a9f5c798ae35df8e74928827230716e1a733600ecce1bc6fe85ba3c466a628a680ea7fb39b1c895e41a5a000381acfe1d2f6c8764d86ffb9aff61e128a13d022f5ca7d5adeb2fcd51ad59dda45a8428cfa1b42a322a0875534d7e23d2f54568f0b14907a3ad46afc2d9475b83d742c9685d63249e0c5e9b810745823327858c7c841e00", 0xb8}, {&(0x7f00000002c0)="4e64db0a9328d7a4e95bf99d67cc43c69de5abf4f4d80980d480772cf8dfbfe5269505e834097dfc62b11b13f334838fc65192b13bef4002deb9e7cbf4f45a36b1342f978624d74be2a571fdba877a47cf42064144daf29616879ef4550f9c3648d1918650ed3b4c3528fa6a3e3d3ca1b5f8767ac6c996e236c31be6afe2d2fefb7e2b1e3b6b30024c4bb68e0adeb2a912f3e226b653b917ae141ffcaedb52a9c165f9d0ddbf47bd3069fad9a91272e0ae9f7d77393884917cec8bec0219a1b41c7771057e0467c6", 0xc8}], 0x2}}], 0x1, 0x88c1)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0xfff0, &(0x7f0000000180)=[{&(0x7f0000001440)=""/4096, 0x1000}], 0x1}, 0xde2f8d673f441efe)

2m7.845686495s ago: executing program 2 (id=87):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@typedef={0x4, 0x0, 0x0, 0x8, 0x3}]}, {0x0, [0x0, 0x38e869a5bbd4abba, 0x2e]}}, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r1, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x44080)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001940)=@newtaction={0xcc, 0x30, 0x1, 0x0, 0x0, {}, [{0xb8, 0x1, [@m_vlan={0x6c, 0x1b, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x200}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x6, 0x8, 0x3, 0x1, 0x5}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x787}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x94d}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x1}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x3}, 0x4)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x5}, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCRSSCAUSE(r0, 0x89e1, &(0x7f0000001d80)=0x5)
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000002f80)='wlan0\x00', 0x10)
recvmmsg(r5, &(0x7f0000002e40)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)=""/84, 0x54}, {&(0x7f0000000100)=""/61, 0x3d}, {&(0x7f0000000340)=""/80, 0x50}], 0x3}, 0x6}, {{&(0x7f00000003c0)=@in6, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/16, 0x10}, {&(0x7f0000000480)=""/110, 0x6e}, {&(0x7f0000000500)=""/247, 0xf7}, {&(0x7f0000000600)=""/212, 0xd4}, {&(0x7f0000000940)=""/4096, 0x1000}, {&(0x7f0000000700)=""/10, 0xa}, {&(0x7f00000007c0)=""/149, 0x95}], 0x7, &(0x7f0000001a40)=""/118, 0x76}, 0x8}, {{&(0x7f0000001ac0)=@can, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001b40)=""/48, 0x30}, {&(0x7f0000001b80)=""/160, 0xa0}, {&(0x7f0000001c40)=""/65, 0x41}], 0x3}, 0x8}, {{&(0x7f0000001d00)=@qipcrtr, 0x80, &(0x7f0000001d80), 0x0, &(0x7f0000001dc0)=""/120, 0x78}, 0x8}, {{0x0, 0x0, &(0x7f00000022c0)=[{&(0x7f0000001e40)=""/179, 0xb3}, {&(0x7f0000001f00)=""/196, 0xc4}, {&(0x7f0000002000)=""/183, 0xb7}, {&(0x7f00000020c0)=""/16, 0x10}, {&(0x7f0000002100)=""/145, 0x91}, {&(0x7f00000021c0)=""/234, 0xea}], 0x6, &(0x7f0000002300)=""/195, 0xc3}, 0x8}, {{&(0x7f0000002400)=@l2tp6={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @multicast2}}, 0x80, &(0x7f0000002b40)=[{&(0x7f0000002480)=""/172, 0xac}, {&(0x7f0000002540)=""/119, 0x77}, {&(0x7f00000025c0)=""/192, 0xc0}, {&(0x7f0000002680)=""/254, 0xfe}, {&(0x7f0000002780)=""/236, 0xec}, {&(0x7f0000002880)=""/74, 0x4a}, {&(0x7f0000002900)=""/18, 0x12}, {&(0x7f0000002940)=""/239, 0xef}, {&(0x7f0000002a40)=""/200, 0xc8}], 0x9}, 0x40000}, {{&(0x7f0000002bc0)=@nfc_llcp, 0x80, &(0x7f0000002e00)=[{&(0x7f0000002c40)=""/181, 0xb5}, {&(0x7f0000002d00)=""/47, 0x2f}, {&(0x7f0000002d40)=""/105, 0x69}, {&(0x7f0000002dc0)=""/46, 0x2e}], 0x4}, 0x1}], 0x7, 0x2021, &(0x7f0000002f40)={0x0, 0x3938700})
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4000000019000109000000000000000218000000defc010000000008000100ac141400080005000ade00020c00168008000300e00000020600150006000000"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

2m6.906648408s ago: executing program 2 (id=92):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x200000000000000, &(0x7f0000000140)="d2"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x700000000000000, 0x0})

2m6.856994205s ago: executing program 2 (id=93):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = getpid()
syz_pidfd_open(r0, 0x0)
prlimit64(r0, 0xc, &(0x7f0000000140)={0x40000000000000, 0x88}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0xc9ca]}, 0x8)
fcntl$setownex(r2, 0xf, &(0x7f00000000c0)={0x1, 0xffffffffffffffff})
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x78, 0x2, 0x8, 0x801, 0x0, 0x0, {0x5, 0x0, 0xa}, [@CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x540d}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0xfffffff9}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x2c, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x7f}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0xb4}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6005}]}, 0x78}, 0x1, 0x0, 0x0, 0x24008080}, 0x8001)
faccessat2(r2, &(0x7f0000000100)='.\x00', 0x20, 0x600)
setpgid(r1, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000240), 0x10000, &(0x7f0000000440))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bpf(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x1000, 0x3fd, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000001c0)=@generic={&(0x7f00000000c0)='./file0/file0\x00', r3}, 0x18)
mlockall(0x2)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000440)='./file0/file0\x00'}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r4, 0x9360, 0x800000000000001)

2m6.798146232s ago: executing program 2 (id=95):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/fs/nfs', 0x0, 0x0)
mknodat(r0, &(0x7f0000000280)='./file0\x00', 0x800, 0x80000800) (async)
r1 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r2 = fcntl$dupfd(r1, 0x0, r1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e) (async, rerun: 64)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d) (async)
r5 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async)
io_uring_enter(r5, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_DISABLE(0x1011, 0x0) (async)
r8 = socket$can_bcm(0x1d, 0x2, 0x2) (async)
io_setup(0x9, &(0x7f0000000240)=<r9=>0x0)
connect$can_bcm(r8, &(0x7f0000000000), 0x10)
io_submit(r9, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f427e00000000000029ffffff000000", 0x20000238}])
r10 = socket$inet_smc(0x2b, 0x1, 0x0) (async)
setsockopt$MRT_TABLE(r5, 0x0, 0xcf, &(0x7f0000000140)=0xfd, 0x4)
fdatasync(r10)

1m59.184649294s ago: executing program 3 (id=135):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x1714, &(0x7f00000020c0)={0x0, 0x0, 0x4000, 0x5, 0x102}, &(0x7f0000000100), &(0x7f0000000080))
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000340), 0x2000011a)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x14}}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000010c0)=""/4096, 0x1000}], 0x1}, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000b00)={0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r4 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCINITREPORT(r4, 0x4805, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$unix(0x1, 0x2, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ec0)={0x48, r8, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r10, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@gettaction={0x34, 0x32, 0x9408f9ce2610ee65, 0xfffffffd, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x14040800}, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000340)={0x8, {"eb9d8988e81b395b45bd0cba3a8483077474dd3dd0c47bc253e5f8e8b4292aac2796001366e4c71f9f35008b53e42578e610c78571ad7fd714bbf1d6fd513c82063c7b62f80247dae47c5c719fcb141465938af815fb5f2695978afaf02bc89e649ba154d25cd9128fa00c4655085aaa52d42552f2b09df1d9bb0e372396aa8bcb1358797975d0f0609075102a2744764709002ff83c2341d3365f98a022a3adb2984c475f59af4129dbfd9a93d73ebd4e3cb4f1e4ab97495820ac3a2091f1a472e09074da690ef8a1271c19fa97898e3be7b5000d91bbc78a0e2415b557a6ac425159469271188e5adbb631ee32f1c01b8aab308dad8548079f00eb770e058ec6480cb78a47d832ff6f7d23348118d2a8a317c1d0cb05299e4541dd566ca584cbe7508ab24fa6fdd1e5fd301a57f7b01f55543d5289911b1040011acfa9247e9f2b08635fc066b8725bc114c59fdbdd3a35903b19613e3f29ce4457a59c64567f1fea4a17185e7edde0ccc64cf9d0086ef292c318c8a56b28406cdcfd091245a8e0fa721e11aa064b642d9afbcf3dd23c79c466e634e84e0ccf866e8bcc03a6e6ac823fe6056a7aa6aa8622969e263eff3fb74ea46e0bd6a1ce08244e39f59df03e6cdd7fdc2811c4c1719099a56f1c5e07ab0e7d6a07192dcc0d03f6bcbc2323f4606b52950e3ebf54b379a97bb4c0c27db1e0824068a353aa025258f16eec23148997eb0f14ade49c1216cfd2ce324f289ddcf0ff8247984c4567692e9b64c2fbbc1272a3e532122e65f97cec13564ece0b7029c2c34ca9c7a9557d487336d849513afaaaa6c1a0388e72dba891750cebb09747cdadd4228b66ce5972f9c67bc4bd795753bc83fd36897edb29a4d9ca5c5cbb0e92dab163d6c980ef76a5f79f6f05f9a7e0e745a129cbbfc12281f9566f656b1f9de9bec23d3a2bec3852430fb7dcbc692e0fcccb69402639a0e1693a70a5983a462b001131a4774e5e3d8bd9a19389ab7e819a77ae145d2ca8e4477215905e8e1dce02ccd3f8942744313a30b68025844e5a68a9a2dd382a3a32042c232459a776d6e1741eec549b4d2867580fc511393281917f5145952997aebd29d8056d4282586ccd91d633a7c1764012e09d7746fef7246eb56640fef2bdd74b78fbcaa32e6b6f4136431a51229956a8a8149de241511e2760f997886e098fc1847adee880f3ae61a1240581e13758be18a33bde20ffad43a0ae9a4f7144a16993858e445c7c5bc83e13dfeb81ae6fc11be70e0ab490ab976106e3d8e627c44df3ac588239fbf885a2439b69e5a121245fd3c42c86555b198452ffcac7168d789ff3f61da76d389b0fc1e6c39df6608824babcb098c509e0def7f1701e67ab7d6c64ab5150eaaadbe38a11673fee8d286d88ae6f39241966fa6df46464166db4f41d67596d9d67382f1069042ee118b0af630a5e12f07d8cfa4183f2c28b27a6105d69804508235f877693cf1f359ffb95b585496b941c2e3f2170d916ded547beee1ae24e1724f17cb85cfcba15e1cbabe44e60b16c2ac4f4afed9506e25bd35a8897de4ae4a4c929b25289f75b2da34a1b65edfc2dd74b74b8f3d74f1387805cf5933a616798fa890718c9ebd6079c26a5f732298f8e8a2e378fccffd7fc3ecc8b10d1cd013a7340b7842c4b1dff0e9f2ea70329fb9c3013151f43fa5bad0dd5f61a92da5a78e68052ab72c38d915136184a49da2a6b6e248e9d106777c1bde4dfc94f8a4a29dfa95fe7681516061a83650c8b39968bd3a7a34b34e93844fc8ed8a84b59f7e657a025592db7a7252491b18695693a68d178564909e5971b8956479e518a1202af31718fe22f4e65c93a9a08e802e07fd274e5a23cb466a7b48cf344a2176d61ef27d348b40a510e8cc8e372693cb6c1c7cfb4e3972fbe4204f0048bc53793e049b0484b3bbe6d3b6a986bc2c95fdb63f60ebfdbea38b48405a8b85ee84568fb6921a75fb54e9026671ed43b923286d64d60c9060a86c2217f98f049259d99d0c5ce4889b165557fa4536a6d5222eb289a6dd83ff235dbde83897d1627f6d85c3e551997007b5219c5b010d53b92879e19951ba21db665f724d7c45da7c635f3a982047a1ebed638dca4f3e97ee036e18ae68d37cd8fda64fac7dce84587311b2e17420c31d50a5da4d052052ea1b4116aa9a0ef20434420c51887cf2d03a1d578925f19e700451f404413f7371693f2e0a622e1ae49daccd12de5ec59d2acbb635d854ce22a418f143c3a637dc731d45c5d1c38adcb770602a92f3de006a4eef1d838b91178476ff168fa639eb5b420da8a343a0ec6e6144cc802eb08d1833beb6ca18ffa1fd7b019bb2d02c97d62963a8a9180769323d8e45639b68aaa56775306bdc6c020678ecd64e751fb92c85dc474bbde8f94c029d92dea48b837c7b5524dc061374e637e299fef6b1355ce23d0f649f0e61402d375bb444a37a22a812821ade48df3be021ecacff6873654bf21e111d079f5bb140568b5c4b77f1aaa22416ab983eb8fe903286fdf114024622f443686078c8318329aebe5df891a9a91bd5512b3aed59557de62d1a9586e10fa07306f815fc10204200d6282813f729c3f8e8af7c450f55037397125ef5e806306a9ba351a6f3e1dede486bc75ae897581b649ef55f19c97b330c5a61a6f76674722429ea894d1c638074cedb0b863514c19166a5c2baf4ee6d1eaeee85155afd10fdd4361c78b3c0d00d01a37df52be0ed3458bc7a1afa0c8c9a2f3406b1e4607e955f57f626c7ed2efac888e72110e0dc0f79cfdd02bc245f0b3a7939bbdc31229ab99ecd36927e1fdd7b17b5037457856fe3f773b6af24af6d67cbd7978e2f127b86b50153e9b0f13f4942006198d6a6ac335cf7560676fd607e6a3a7b518fa815def5eca1372813f97d6ea9d62b848db37015aa648c8426f26776728332fad5f72c919a6f96d1c3b0a97df4c1892ff814e2e57979da7f7098c42b963ca5929765b1ad2284abd2c1f7ef9570b8c97a513da8f4078130e70f31327708619331571d78d3475b6b41e835dc948f0e809c6610942e4c7d515d9303e6281a3980a742dc85f4528fddc34d22bbd9aa4b4b2351df10884f1dbc877717d984b0b3bafda47801103cda459d006a9a9982f5cf67fc0face3def54d579358e623dae4d9b4248cebd82111cf4c431f8852bcf862a65a124ca709cec2454e4c65514128bc2d6f8cc92624f20c02b008081d334cc7fa0b8e8d9d3dfe2a283600e875c7ecb8e4949f958f6f84f8e52b78e3eae58fa02d85bb8ac52ddf3b262ec52eca50d6d590139c24c042e1c040d8da6c9a2e95055dc91ed65881bc4c43c13c240eb9f6ef9a4cffb44e96c9c055cbbc10b5d63850bc3e2fa46aabb2c732c0c31bf1dba3ad1ce2b1b671259aaaef955d39c420b18d78828248563cacd9417ef2cb63859ebef3936e26803e7ccf5233cb3c0a2f440d898ff258cb03a783415a6f81b1b1a07bb5cef530c78c30ec9adfd2df246d581bc662336d5029f65588995adc3190e97a418c15fa3620eb68cdcc6233f1aa0009ab558b22ae9316003c6af1fe0d7807e583943e48692fcd9fa2525fefe3467d099951c83943312f0e889cef4c1ecf17ad469f5ad683b405eb59230e89df96e8dd94e41e5f62822ba957e065f22d96b1c0c2b83f5a57fbb04d5af399ece3ddd52e5afff783a876e2066fbe30963421acb427c95fd3e7bc6b7d3d731a7e347052cd9636805cab94ad40bdb63a264b3127c7f8d21d25810bd2eadb2c3e31b5c807283ad062d750e5b21ec1e20cc3ac5753ac536faf23e2b5c37e9d021870b0350ecea7187643a00a08ec3ffaf7e6c236c4d694ff41af7b5fbf8a554949f5026a8b2adcf377f94848cd17fbcc0249e796008962d3db16b4bb85483dbe75ef5b301175e052203436b38248fbd1a28a5e2b3ab75c77eb8f853e60e95d5f16cb9858b33b3752b4c69776ec4506ba2bd490a6f17aae1152d8762d86cc0ef32788cf149e8fa9464c3ea588f15d8eb2092254c470acf221cfe680845167fc6778b8af1609681ae4f4e65426ce059b9768eb2e0c89f29de7b91db89a72e4c677c65dd980f9a6bfa656ed01d5e683a33e6b80462139476225cc0fcc309d926c36aa250bdad1454db46cd2536046f909a05b08829cad973bc705231a32a5f2e7ac5e96e2315cb175724607a5af02073fc936272aa724990ba6dcc4ea79da6eb7ec0bbdbd0a878114c493bc4b3e26e24b18553bd0a617981d8ea9e91ed2e3bcbd48f5d67aa913790bf52c31435184d6c73079e964e9ef05194e88b072b372d48cb70dbca99238c4474ed0b6932cc1b233bce0c87d48d478fa3c937c42c8637714e9995041f8b2b7dce17eb2f26c730f5559cf5919b88ee00bbf40726f90e1cf29e0f5fadc64de1bf28d447e8996948dc2fe658620b6fb8cfc592d5e0621b66057eb774c31ab16235456210c5ee7990b71b5b3d51cf13e30361a8cdaa107b13fa6a1c84b172efece3b70753e81e7e9e572d228c7bbcdaba40d8d0eb4de13bda1fca38d3ed667bb0897335aadaa0c3905a1283292c89ef5747ad5462db4011c3f8a4a476aa78d74badf8bf3785997ba9824e21256eed4c2805331fa24c81e28f21e895a0b03e7de52787065faded0f1b59eba1c922dce5576e8ab190ef716c021d8dfa13a1e73b8962d9f9238ba8b9fa2cf84addfe37e78cdb398ee4c0642a716fb8db1e332f873a16c6225ebc51fe05f33273380e64272159bb808336e87b4b0cddb492a992b2e7f423bf37725e1d9dda0dc6b4426172c2a93ee1cc9acea7fe1ece9ba0ddee3e232efb11fc4d4e266cd2a83c017e32315c434b73e9729d5a3a7fe993e72f9bb70d78672493263a2653fe1bfd42d1f97cbf0fffb6705b2e35fe65ceb9ad7ddc525b689027352db9c194939559ebb3b505a58e0404103482ce10f7d67761c13b235b52ad1b25803aa94cf7df5ca8d8bd0d4e6d0ab8bcfb8f72a26cecf071e31c02a1034c0144d850f1732926981dca7a18f0a197da3703d74d3e951ed510ed38a8fcae93eb2bebdf92e0feb0f06dbe1331cb43cfa548ca294ea479ecb325aea7aff8d924745298a3d34f23f40b992995a908130165b44beb8cc9da8390dae2a09cb7e1ac7e95b84f35e7be147b4be04883047cdcaec662aa8b66694ae8914e65edb63696494bff66eacb3aecdb23746a36cec7f832d628d38698ba6b3d4020095eae2a5b36a21039ce50901cdf2582b88ab8c86c6f4a8c345618f10d7aab081edb3ce8e4479e0ac476112d4b261cb8ed952221fb660898491fc7134b091c0565173bebf014caffae12852b5314c930d41e27bcfa7bc536fc4da3b714630e1ac7aaf006755da1da792dcad08f796c2ebdd6427ad3374e25132a103d62f98584462aa164d742b4d7c668a85119480199dd90f0a903f6c76cfca28b84a2279ae6965fdec403072be146d2d1f39b122113fbcfb52cf8c7c1d47a32f437b895bcd7a67ad08f196112a15b07e5b57b4db2b7c7f70a42923d6d0625515375b9281d331bd1e5dd75ff3a6e1ca5b75eb328e6c935f2c8f0c57b0aaf2ad85983160b0e53fca44d95e956ef2726d97acb2da34ca4482bb86aabde6d8b8b85da2e44ae89b8359f7edb88a3e2a9aad23125b8c2bd0c7be0847ac9b1e16db2c395e0c9eb040af710c31d32f7b356bfb6f1704f4d884f37c15b865eda87685ae8926fbf3a4465e7e2968ee18ea1ff5d4f4cbfb55634089687b9f0bce5b9cf10779299893cf64980193fd3a1096507e7a8be", 0x1000}}, 0x1006)
io_uring_enter(r1, 0x27e2, 0x0, 0x0, 0x0, 0x0)
writev(r0, &(0x7f0000004400)=[{&(0x7f0000002000)="87", 0x1}], 0x1)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000040a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000801800034000000000000000008f00"/100], 0x64}, 0x1, 0x0, 0x0, 0x890}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000130a03000000000000000000020001000900020073797a310000000008000340000000010900010073797a3000000000"], 0x34}, 0x1, 0x0, 0x0, 0x40001}, 0x4000040)

1m57.476561835s ago: executing program 3 (id=139):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x4, 0x5c0, 0xffffffff, 0xc8, 0x4f8, 0xc8, 0xfeffffff, 0xffffffff, 0x4f8, 0x4f8, 0x4f8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [], 'macsec0\x00', 'rose0\x00'}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0x1fc, 0x220, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x4, 0x0, 0x40, 0x0, 0x0, 0xf8e74ba, 0xfe8c}}}]}, @common=@unspec=@CONNSECMARK={0x24}}, {{@uncond, 0x0, 0x1dc, 0x210, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@local, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @private1, @empty, @mcast1, @mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast2, @local, @remote, @private1, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2]}}]}, @common=@inet=@SET3={0x34}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x61c)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), r4)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000980)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000940)={&(0x7f0000000880)={0x88, r5, 0x20, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x3, 0x46}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x27}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x21}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8}], @NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x20, 0x2, 0x0, 0x0, {0x934c, 0x6, 0x0, 0x5, 0x0, 0x1, 0x0, 0x3, 0x1}, 0x400, 0x4, 0x3}}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}]}, 0x88}, 0x1, 0x0, 0x0, 0x40088d0}, 0x20008055)
syz_clone(0xb011800, &(0x7f0000000640)="daf3236aa80c284da28858", 0xb, &(0x7f0000000680), &(0x7f00000006c0), &(0x7f0000000700)="85d18401b9f5d9d45397d430c7d6addea114f08eaca14ed05d58abb0ccb627ae984b8093ec69c3381399f4400aad681d20481e206d510c4cc8e799efdbaf1ae8920e6a9b061eca9d6a7ec1a6eddc3a5ad19bff464b4bdea423cb40e3157f2dc118c442a350d4ed45a21dde7e8c1761d63d1f275366ef2f2fd7a6524a0acb837eeda2be7688cb1839e8075ec32980fd4e3a76567b4c5c9ace0851e02958d286063e217d778e5f30db10ed3455d8b849be868ab3df5344da09ba1478068b3acf7bf271086a14df355940c8d6e2ae316d3c705cd3b68049d0ffe63c60d656f2a987d49fe0def1ba993b6af263f009fe3f05647616c7")
io_uring_setup(0x3f1e, &(0x7f00000009c0)={0x0, 0xa636, 0x4, 0x3, 0x24})
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002d00010000000000fcdbdf250401f280080018000dac0f"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1m57.282205433s ago: executing program 3 (id=140):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x400, 0x2}, 0x14}, 0x1, 0x0, 0x0, 0xd6e798c4f6b461a3}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x28b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x1000000b49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = inotify_init()
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0xba01, 0x0, 0x4004}, 0x810)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)
io_setup(0x7, &(0x7f0000000000))
eventfd(0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
inotify_add_watch(r2, &(0x7f00000000c0)='.\x00', 0x5000009)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x189a7c, 0x113)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
pwritev2(r5, &(0x7f00000001c0)=[{&(0x7f0000000200)="05", 0x1}], 0x0, 0x6000000, 0x0, 0x1a)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x37fffee, 0x2010, r4, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x20010, 0xffffffffffffffff, 0x0)
socket$inet6(0x10, 0x3, 0x0)
memfd_create(0x0, 0xa)
openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

1m56.295475334s ago: executing program 3 (id=144):
getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b0000000500000034bcf22e29ef0f8813e91d678e539b881746b3988b2779eac5b1c56327967fc0fb9132126269f6b627ee5ba7a165fadc4c26f4e9204f3b31021f81dc09356d8a1f9e64400393c50763cc852800e52cd2a65c26b140ae44157c00000000543f134100bf40eb344676713805c6bfb8f96f3e8d353dbab3e2fccbb6155440742b4467e92bf17e2a2fa4d31995ff30df5cdc685b60dfcb6e93aeaca0971f7e51fe85eed047f62ac2a758751eb6fcdea2f41e40", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = socket$inet(0x2, 0x3, 0x8d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x2461, &(0x7f0000000380)={0x0, 0x239b, 0x10100}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r6, &(0x7f0000000040)={0x2020}, 0x2020)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0)
r8 = fcntl$dupfd(r7, 0x2, 0xffffffffffffffff)
splice(r6, 0x0, r8, 0x0, 0x2000, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x8, 0x0, 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f00000003c0), 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r9, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
setsockopt$sock_int(r10, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="021200000200000080597227c60c0000"], 0x10}}, 0x0)

1m55.416629832s ago: executing program 3 (id=147):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = getpid()
syz_pidfd_open(r0, 0x0)
prlimit64(r0, 0xc, &(0x7f0000000140)={0x40000000000000, 0x88}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0xc9ca]}, 0x8)
fcntl$setownex(r2, 0xf, &(0x7f00000000c0)={0x1, 0xffffffffffffffff})
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x78, 0x2, 0x8, 0x801, 0x0, 0x0, {0x5, 0x0, 0xa}, [@CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x540d}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0xfffffff9}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x2c, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x7f}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0xb4}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6005}]}, 0x78}, 0x1, 0x0, 0x0, 0x24008080}, 0x8001)
faccessat2(r2, &(0x7f0000000100)='.\x00', 0x20, 0x600)
setpgid(0x0, r1)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000240), 0x10000, &(0x7f0000000440))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bpf(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x1000, 0x3fd, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000001c0)=@generic={&(0x7f00000000c0)='./file0/file0\x00', r3}, 0x18)
mlockall(0x2)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000440)='./file0/file0\x00'}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r4, 0x9360, 0x800000000000001)

1m55.416051785s ago: executing program 3 (id=148):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
syz_io_uring_setup(0x24fa, &(0x7f00000002c0)={0x0, 0x0, 0x10100, 0xffffffff}, &(0x7f0000000240), &(0x7f0000000200))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
r1 = fsopen(&(0x7f0000000040)='exfat\x00', 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$igmp6(0xa, 0x3, 0x3a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountstats\x00')
r7 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
write$dsp(r7, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
ioctl$SNDCTL_DSP_SPEED(r7, 0xc0045002, &(0x7f00000000c0)=0xfffffffd)
preadv(r6, &(0x7f0000000040)=[{&(0x7f0000000180)=""/136, 0x88}], 0x1, 0x4, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')

1m51.626549002s ago: executing program 32 (id=95):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/fs/nfs', 0x0, 0x0)
mknodat(r0, &(0x7f0000000280)='./file0\x00', 0x800, 0x80000800) (async)
r1 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r2 = fcntl$dupfd(r1, 0x0, r1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e) (async, rerun: 64)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d) (async)
r5 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async)
io_uring_enter(r5, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_DISABLE(0x1011, 0x0) (async)
r8 = socket$can_bcm(0x1d, 0x2, 0x2) (async)
io_setup(0x9, &(0x7f0000000240)=<r9=>0x0)
connect$can_bcm(r8, &(0x7f0000000000), 0x10)
io_submit(r9, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f427e00000000000029ffffff000000", 0x20000238}])
r10 = socket$inet_smc(0x2b, 0x1, 0x0) (async)
setsockopt$MRT_TABLE(r5, 0x0, 0xcf, &(0x7f0000000140)=0xfd, 0x4)
fdatasync(r10)

1m40.136401742s ago: executing program 33 (id=148):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
syz_io_uring_setup(0x24fa, &(0x7f00000002c0)={0x0, 0x0, 0x10100, 0xffffffff}, &(0x7f0000000240), &(0x7f0000000200))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
r1 = fsopen(&(0x7f0000000040)='exfat\x00', 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$igmp6(0xa, 0x3, 0x3a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountstats\x00')
r7 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
write$dsp(r7, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
ioctl$SNDCTL_DSP_SPEED(r7, 0xc0045002, &(0x7f00000000c0)=0xfffffffd)
preadv(r6, &(0x7f0000000040)=[{&(0x7f0000000180)=""/136, 0x88}], 0x1, 0x4, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')

4.197673876s ago: executing program 1 (id=928):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xd5, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x44044)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000001000)={0x2020, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0xfffffffffffffff0)
socket$inet6(0xa, 0x2, 0x5)
r3 = openat$udambuf(0xffffff9c, 0x0, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="12000000040000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000000800000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x8001, r2, 0x2, 0x0)
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
r8 = socket(0xa, 0x3, 0x3a)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c0000263caf25b3a0fb6ac7c28e40001b030500000200000000ff04c2c6b2c5f96284ad2bc08399777212e7553b1ac53f1ec86ebd49a95e231bebdfccb694e869d2baee83040000006841cc5840347b6d2dada87ba5b8949dba5a575766079c35b4988b290aace01ae4f503377fd34bff3961a7a46b72320300310a323f7bf59265719182a06aa7e1d26f5f112bd310335cefaffdbe363ff4682ed6141ccda687d107008de6e51e2823b35dd193a830bd53bcaff50b80e19d5353a27ab459159241a606140d00b5e08e639ac20868f0b49357230885e17f3effbadb71df0bb3105c47edbfdaaec8ba7970202db5767c8a332aefca8c8dba28d5204901c43747e101d86820a113a4fdaffac25a12c45cd8291601a945b3d1d77c87624c1348bb750f47672122f5b8a5f711831cd1bf85da7c1819711a0c69328b3c5e31e95d6c39db8e9affa978e24859ef1c448dbf88c816da4ce4c1f992d409dec746a9790000000000000000", @ANYRES64=r5, @ANYRES32=r3], 0x1c}}, 0x44840)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000020301040000000000000000000000100800010001000000958811c90662e58a6c08455314dc3a95ae960d74d98c316786f29e7095317eb97abc322c57a88b65df07000000319211150d21897e7433deed4fc454ec1805aa515f4d8f663a3006c658c5774e196415583f25ee56d306902027f9a4c42c8964c9186b60f3b8ede366780fe5febbb05c5620a480aae1bb62052d4624da6146ae6b7c53a55c3b86764ebaac68694d6236625610dc36b9faf84993d7f38374fa33eaf3f904192a625f62f508f0ac"], 0x1c}}, 0x0)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(r8, 0x29, 0xca, &(0x7f0000000000)={0x0, 0x1}, 0xc)
setsockopt$MRT6_DEL_MIF(r8, 0x29, 0xcb, &(0x7f0000000040), 0xc)
syz_io_uring_setup(0x7ea4, &(0x7f0000000380)={0x0, 0x7320, 0x8000, 0x1001, 0xd7, 0x0, r7}, &(0x7f0000000180), 0x0)
openat$ipvs(0xffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
ioctl$TIOCGPGRP(r7, 0x540f, &(0x7f0000000080))
syz_open_dev$usbmon(&(0x7f00000000c0), 0x9, 0x880)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)

3.894324075s ago: executing program 5 (id=931):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), r0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r2}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)=r2}, 0x1c)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x20000, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout_data(r4, 0x107, 0x16, 0x0, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\xccEi\xfb\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee<\x8bw\xdd^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\x89>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3\x00\x00\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x4)
syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
socket$inet_sctp(0x2, 0x1, 0x84)
close_range(r1, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x2c, 0x0, 0xb, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_COMPAT_NAME={0x8, 0x1, '@%*\x00'}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004045}, 0x20000000)
socket$igmp6(0xa, 0x3, 0x2)

3.560562822s ago: executing program 5 (id=933):
getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000002080)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b0000000500000034bcf22e29ef0f8813e91d678e539b881746b3988b2779eac5b1c56327967fc0fb9132126269f6b627ee5ba7a165fadc4c26f4e9204f3b31021f81dc09356d8a1f9e64400393c50763cc852800e52cd2a65c26b140ae44157c00000000543f134100bf40eb344676713805c6bfb8f96f3e8d353dbab3e2fccbb6155440742b4467e92bf17e2a2fa4d31995ff30df5cdc685b60dfcb", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = socket$inet(0x2, 0x3, 0x8d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x2461, &(0x7f0000000380)={0x0, 0x239b, 0x10100}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r6, &(0x7f0000000040)={0x2020}, 0x2020)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0)
r8 = fcntl$dupfd(r7, 0x2, 0xffffffffffffffff)
splice(r6, 0x0, r8, 0x0, 0x2000, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x8, 0x0, 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f00000003c0), 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r9, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
setsockopt$sock_int(r10, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="021200000200000080597227c60c0000"], 0x10}}, 0x0)

3.008042904s ago: executing program 1 (id=934):
open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
pipe2(&(0x7f0000001440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, 0x1, 0x9, 0x101}, 0x14}}, 0x0)

2.809043361s ago: executing program 1 (id=938):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000f0ff00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, 0x0, 0x20000010)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x13, 0xc, &(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES32=<r6=>r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000002000008500000082000000"], &(0x7f0000000300)='syzkaller\x00', 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
sendmsg$inet(r1, 0x0, 0x20040820)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x1ff, 0x153100)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x35, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r9}, 0x18)
r10 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r10, 0x29, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$MRT6_DONE(r10, 0x29, 0xc9, 0xffa4, 0x0)
r11 = dup(r8)
write$6lowpan_enable(r8, &(0x7f0000000000)='1', 0x1)
r12 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x102, 0x0, r11}, &(0x7f0000000180)=<r13=>0x0, &(0x7f00000001c0)=<r14=>0x0)
syz_io_uring_submit(r13, r14, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r8})
io_uring_enter(r12, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
clock_gettime(0x0, &(0x7f0000000100)={<r15=>0x0, <r16=>0x0})
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000000, 0x10, r12, 0x97793000)
ppoll(0x0, 0x0, &(0x7f0000000200)={r15, r16+60000000}, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x5)
syz_emit_ethernet(0x42, &(0x7f0000000080)=ANY=[@ANYRES8=r4, @ANYRESHEX=r11, @ANYRES16, @ANYRESOCT=r6], 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0xd)
ioctl$TIOCVHANGUP(r7, 0x5437, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

2.734713122s ago: executing program 4 (id=939):
add_key$keyring(&(0x7f0000000300), 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040010}, 0x800)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
r1 = socket$inet(0x2, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0xe2, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0xfe1e}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x74}}, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r5, 0x29, 0x14, &(0x7f0000000280)="ff02040000b5ffffffffffff507c674bd9ef1e35f653fbd6d3f434ffff2e2be82db1af00000000", 0x27)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
sendmmsg$inet6(r5, 0x0, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000", 0x36}], 0x1)
writev(r6, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
socket$inet(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x20, 0x7800, 0xa4, 0x2b8, {{0x5, 0x4, 0x0, 0x1c, 0x14, 0x68, 0x0, 0x1, 0x29, 0x0, @loopback, @remote}}}})

2.421045682s ago: executing program 5 (id=941):
r0 = openat$uhid(0xffffff9c, &(0x7f0000000300), 0x802, 0x0)
write$UHID_INPUT(r0, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b33090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f3b006d090890e0878f0e1ac6e7049b336d959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b3831070d074b0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0xc8c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="6000000002060500000000010000000000000000140007800800080000000000080006400000825d0500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x60}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
r3 = getpid()
syz_pidfd_open(r3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = syz_open_dev$loop(&(0x7f0000000380), 0x401, 0x559000)
fchmod(r4, 0x40)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885, 0x0, 0x1}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f0000000100)={0x1, 'pim6reg1\x00', 0x1}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffd, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r8, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.834457997s ago: executing program 1 (id=945):
fanotify_init(0x18, 0x1000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/address_bits', 0x0, 0x0)
socket(0x1d, 0x6, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[@ANYBLOB="03020c"], 0xa, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)

1.773343516s ago: executing program 0 (id=947):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), r0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r2}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)=r2}, 0x1c)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x20000, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0xffff, 0x7}, 0x4)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\xccEi\xfb\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee<\x8bw\xdd^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\x89>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3\x00\x00\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x4)
syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
socket$inet_sctp(0x2, 0x1, 0x84)
close_range(r1, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x2c, 0x0, 0xb, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_COMPAT_NAME={0x8, 0x1, '@%*\x00'}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004045}, 0x20000000)
socket$igmp6(0xa, 0x3, 0x2)

1.645795244s ago: executing program 4 (id=948):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
syz_io_uring_setup(0x24fa, &(0x7f00000002c0)={0x0, 0x0, 0x10100, 0xffffffff}, &(0x7f0000000240), &(0x7f0000000200))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
r1 = fsopen(&(0x7f0000000040)='exfat\x00', 0x1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
socket$igmp6(0xa, 0x3, 0x3a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x1c)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountstats\x00')
r8 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
write$dsp(r8, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
ioctl$SNDCTL_DSP_SPEED(r8, 0xc0045002, &(0x7f00000000c0)=0xfffffffd)
preadv(r7, 0x0, 0x0, 0x4, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')

1.255547494s ago: executing program 5 (id=949):
write(0xffffffffffffffff, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d956", 0x3c)
socket(0x840000000002, 0x3, 0x100)
r0 = socket(0x200000100000011, 0x3, 0x0)
bind$packet(r0, 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x6, 0x11, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001240)=@mangle={'mangle\x00', 0xc061, 0x6, 0x540, 0x0, 0x35c, 0x294, 0x294, 0x35c, 0x478, 0x478, 0x478, 0x478, 0x478, 0x6, 0x0, {[{{@ipv6={@mcast1, @empty, [], [], 'ip_vti0\x00', 'veth1_vlan\x00'}, 0x0, 0xa4, 0xe4, 0x0, {0x0, 0x3a010000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x4}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0xa4, 0xe8}, @DNPT={0x44, 'DNPT\x00', 0x0, {@ipv6=@mcast1, @ipv6=@private0, 0xfd}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @HL={0x24}}, {{@uncond, 0x0, 0xf8, 0x11c, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@ah={{0x30}}]}, @inet=@DSCP={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x59c)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f0adf700082c"], 0x0)

1.25519356s ago: executing program 5 (id=950):
getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000002080)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b0000000500000034bcf22e29ef0f8813e91d678e539b881746b3988b2779eac5b1c56327967fc0fb9132126269f6b627ee5ba7a165fadc4c26f4e9204f3b31021f81dc09356d8a1f9e64400393c50763cc852800e52cd2a65c26b140ae44157c00000000543f134100bf40eb344676713805c6bfb8f96f3e8d353dbab3e2fccbb6155440742b4467e92bf17e2a2fa4d31995ff30df5cdc685b60dfcb", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = socket$inet(0x2, 0x3, 0x8d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x2461, &(0x7f0000000380)={0x0, 0x239b, 0x10100}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r6, &(0x7f0000000040)={0x2020}, 0x2020)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0)
r8 = fcntl$dupfd(r7, 0x2, 0xffffffffffffffff)
splice(r6, 0x0, r8, 0x0, 0x2000, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x8, 0x0, 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f00000003c0), 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r9, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
setsockopt$sock_int(r10, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="021200000200000080597227c60c0000"], 0x10}}, 0x0)

1.166121379s ago: executing program 0 (id=951):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$alg(0x26, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x40605414, 0x0)

1.165876634s ago: executing program 0 (id=952):
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x1f00, 0x0, 0x0)
tkill(r4, 0xb)

1.006426941s ago: executing program 4 (id=953):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f018581c0bc0065666765f36f0f33f0100a660f3a0cb9000000752066b9800000c00f3a32c632c6004000a50f01d70f0901", 0x32}], 0x1, 0x54, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x48, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0xadd, 0x100000001, 0x800000000, 0x3e, 0x0, 0x5f7b, 0x2004cc, 0x5, 0x8, 0x1, 0xfffffffdfffffffc, 0xfffffffffffffffc, 0x0, 0x9, 0x4000000000000004, 0x767], 0xeeef0000, 0xc0086})
r4 = gettid()
syz_pidfd_open(r4, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x1})

850.801275ms ago: executing program 1 (id=954):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0900000009000000020000000900000002000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000c6853d9d933be1dfd714164469626a146d27481484cbb5a43bede7e2a44e8e873380d076ba8d4079bb8f01e12e2bb2aa832f4523991ab5fe15336794847a1495afdd42307e427f194a003d3aa70181ca1e64bbc85a76728b17d9", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000100"/28], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="340000000008010800000000000000000300000206000240dada00000900010073797a300000000004000480050000"], 0x34}, 0x1, 0x0, 0x0, 0x24018100}, 0x4000000)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
unlink(&(0x7f0000000000)='./file0\x00')
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
modify_ldt$read(0x0, &(0x7f0000000400)=""/229, 0xe5)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a005124deacb12e68d5b042fd94802e899d13e0374769b03ac3273b6ab1188023b587e473253682146a9f24b52e89b42d3c836c1702078fbba099e45a9ddb039922f65e595e5fb3172b8fc94fe9185633ff84974096e32e8d6ce93ad1488698052714e15b7763bfe3d117e145752db35e4553df3a7d153ee8c27ebc9342e6eecf4d1b92e4ac8c64700aec62c72fd06f652ebc960a30868729b4b249183381de3f1879286998f3493e664e810b0c", @ANYRES32, @ANYBLOB], 0x40}}, 0x0)
syz_io_uring_setup(0x779b, &(0x7f0000000380)={0x0, 0xf5a5, 0x0, 0xffffffff, 0x2028a}, &(0x7f0000000280), &(0x7f0000000200))

727.305435ms ago: executing program 4 (id=955):
socket$igmp6(0xa, 0x3, 0x3a)
r0 = syz_io_uring_setup(0x7440, &(0x7f00000004c0)={0x0, 0xa6e9, 0x10100, 0x2, 0xfffffffb}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0xce})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x1000000, 0x0, 0x0)

624.712195ms ago: executing program 4 (id=956):
open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
pipe2(&(0x7f0000001440)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
sendmsg$NFNL_MSG_CTHELPER_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, 0x1, 0x9, 0x101}, 0x14}}, 0x0)

515.760384ms ago: executing program 4 (id=957):
r0 = openat$uhid(0xffffff9c, &(0x7f0000000300), 0x802, 0x0)
write$UHID_INPUT(r0, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b33090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f3b006d090890e0878f0e1ac6e7049b336d959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b3831070d074b0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0xc8c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="6000000002060500000000010000000000000000140007800800080000000000080006400000825d0500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x60}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
r3 = getpid()
syz_pidfd_open(r3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = syz_open_dev$loop(&(0x7f0000000380), 0x401, 0x559000)
fchmod(r4, 0x40)
r5 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885, 0x0, 0x1}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f0000000100)={0x1, 'pim6reg1\x00', 0x1}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffd, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r8, 0x3516, 0x0, 0x0, 0x0, 0x0)

363.490412ms ago: executing program 5 (id=958):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f00002da000/0x3000)=nil, 0x3000, 0x4, 0x10010, 0xffffffffffffffff, 0x7bc7d000)
chroot(0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
fsopen(0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
listen(r1, 0x1)
listen(r1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x1}, 0x1c)
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r7=>r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYRESDEC=r4, @ANYRES8=r0, @ANYBLOB="35066604ace74a4804b0ae68b8ceae06781a5159f3d5c5c93df36e439fef38e7f5fbe28d8c94de53dd8eb1c7a1aed67b56905c40112ea0055bcce13651495fc9528c573c5d76578cb55cd6ea17a9d20a9549908680b97a2abc36f1892062bd8a6d6189442680092187823abf3882423a0f539122b22d85cba84d7b", @ANYRESDEC, @ANYRES8=r7, @ANYRESDEC=r4, @ANYRES32, @ANYBLOB="dff476ad7d2fc42be60845933761ff0b9e4cb9a6eccd5d7800cd289aa2754b0d1189b95fd4683e4256daef1721846efef01a045f5597dd1b", @ANYBLOB="86c4f52c28064d101da0b8079678c6a640c6141ea41f24"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r8}, 0x10)
fstat64(r8, &(0x7f00000004c0))
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r9, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
recvmsg$can_raw(0xffffffffffffffff, 0x0, 0x0)

214.441013ms ago: executing program 0 (id=959):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r0, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="a6", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000000c0)='}', 0x1}], 0x1}}], 0x2, 0x40080)
shutdown(r0, 0x1)

95.855237ms ago: executing program 0 (id=960):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000001c0)=0x2)
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
pwrite64(r0, &(0x7f00000000c0)="7906", 0x2, 0x9)
socket$inet_udplite(0x2, 0x2, 0x88)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x20, 0x1)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000004200)={0x2020, 0x0, <r3=>0x0}, 0x2020)
openat$vsock(0xffffff9c, &(0x7f00000000c0), 0x101200, 0x0)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0x8, 0x140400c, 0x0, 0x0, 0x4}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x20, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
acct(&(0x7f00000001c0)='./file0\x00')
acct(0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

15.716157ms ago: executing program 0 (id=961):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x1714, &(0x7f00000020c0)={0x0, 0x0, 0x4000, 0x5, 0x102}, &(0x7f0000000100), &(0x7f0000000080))
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000340), 0x2000011a)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[], 0x14}}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000010c0)=""/4096, 0x1000}], 0x1}, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000", @ANYRES8], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000b00)={0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r4 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCINITREPORT(r4, 0x4805, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$unix(0x1, 0x2, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ec0)={0x48, r8, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r10, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@gettaction={0x34, 0x32, 0x9408f9ce2610ee65, 0xfffffffd, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x14040800}, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000340)={0x8, {"eb9d8988e81b395b45bd0cba3a8483077474dd3dd0c47bc253e5f8e8b4292aac2796001366e4c71f9f35008b53e42578e610c78571ad7fd714bbf1d6fd513c82063c7b62f80247dae47c5c719fcb141465938af815fb5f2695978afaf02bc89e649ba154d25cd9128fa00c4655085aaa52d42552f2b09df1d9bb0e372396aa8bcb1358797975d0f0609075102a2744764709002ff83c2341d3365f98a022a3adb2984c475f59af4129dbfd9a93d73ebd4e3cb4f1e4ab97495820ac3a2091f1a472e09074da690ef8a1271c19fa97898e3be7b5000d91bbc78a0e2415b557a6ac425159469271188e5adbb631ee32f1c01b8aab308dad8548079f00eb770e058ec6480cb78a47d832ff6f7d23348118d2a8a317c1d0cb05299e4541dd566ca584cbe7508ab24fa6fdd1e5fd301a57f7b01f55543d5289911b1040011acfa9247e9f2b08635fc066b8725bc114c59fdbdd3a35903b19613e3f29ce4457a59c64567f1fea4a17185e7edde0ccc64cf9d0086ef292c318c8a56b28406cdcfd091245a8e0fa721e11aa064b642d9afbcf3dd23c79c466e634e84e0ccf866e8bcc03a6e6ac823fe6056a7aa6aa8622969e263eff3fb74ea46e0bd6a1ce08244e39f59df03e6cdd7fdc2811c4c1719099a56f1c5e07ab0e7d6a07192dcc0d03f6bcbc2323f4606b52950e3ebf54b379a97bb4c0c27db1e0824068a353aa025258f16eec23148997eb0f14ade49c1216cfd2ce324f289ddcf0ff8247984c4567692e9b64c2fbbc1272a3e532122e65f97cec13564ece0b7029c2c34ca9c7a9557d487336d849513afaaaa6c1a0388e72dba891750cebb09747cdadd4228b66ce5972f9c67bc4bd795753bc83fd36897edb29a4d9ca5c5cbb0e92dab163d6c980ef76a5f79f6f05f9a7e0e745a129cbbfc12281f9566f656b1f9de9bec23d3a2bec3852430fb7dcbc692e0fcccb69402639a0e1693a70a5983a462b001131a4774e5e3d8bd9a19389ab7e819a77ae145d2ca8e4477215905e8e1dce02ccd3f8942744313a30b68025844e5a68a9a2dd382a3a32042c232459a776d6e1741eec549b4d2867580fc511393281917f5145952997aebd29d8056d4282586ccd91d633a7c1764012e09d7746fef7246eb56640fef2bdd74b78fbcaa32e6b6f4136431a51229956a8a8149de241511e2760f997886e098fc1847adee880f3ae61a1240581e13758be18a33bde20ffad43a0ae9a4f7144a16993858e445c7c5bc83e13dfeb81ae6fc11be70e0ab490ab976106e3d8e627c44df3ac588239fbf885a2439b69e5a121245fd3c42c86555b198452ffcac7168d789ff3f61da76d389b0fc1e6c39df6608824babcb098c509e0def7f1701e67ab7d6c64ab5150eaaadbe38a11673fee8d286d88ae6f39241966fa6df46464166db4f41d67596d9d67382f1069042ee118b0af630a5e12f07d8cfa4183f2c28b27a6105d69804508235f877693cf1f359ffb95b585496b941c2e3f2170d916ded547beee1ae24e1724f17cb85cfcba15e1cbabe44e60b16c2ac4f4afed9506e25bd35a8897de4ae4a4c929b25289f75b2da34a1b65edfc2dd74b74b8f3d74f1387805cf5933a616798fa890718c9ebd6079c26a5f732298f8e8a2e378fccffd7fc3ecc8b10d1cd013a7340b7842c4b1dff0e9f2ea70329fb9c3013151f43fa5bad0dd5f61a92da5a78e68052ab72c38d915136184a49da2a6b6e248e9d106777c1bde4dfc94f8a4a29dfa95fe7681516061a83650c8b39968bd3a7a34b34e93844fc8ed8a84b59f7e657a025592db7a7252491b18695693a68d178564909e5971b8956479e518a1202af31718fe22f4e65c93a9a08e802e07fd274e5a23cb466a7b48cf344a2176d61ef27d348b40a510e8cc8e372693cb6c1c7cfb4e3972fbe4204f0048bc53793e049b0484b3bbe6d3b6a986bc2c95fdb63f60ebfdbea38b48405a8b85ee84568fb6921a75fb54e9026671ed43b923286d64d60c9060a86c2217f98f049259d99d0c5ce4889b165557fa4536a6d5222eb289a6dd83ff235dbde83897d1627f6d85c3e551997007b5219c5b010d53b92879e19951ba21db665f724d7c45da7c635f3a982047a1ebed638dca4f3e97ee036e18ae68d37cd8fda64fac7dce84587311b2e17420c31d50a5da4d052052ea1b4116aa9a0ef20434420c51887cf2d03a1d578925f19e700451f404413f7371693f2e0a622e1ae49daccd12de5ec59d2acbb635d854ce22a418f143c3a637dc731d45c5d1c38adcb770602a92f3de006a4eef1d838b91178476ff168fa639eb5b420da8a343a0ec6e6144cc802eb08d1833beb6ca18ffa1fd7b019bb2d02c97d62963a8a9180769323d8e45639b68aaa56775306bdc6c020678ecd64e751fb92c85dc474bbde8f94c029d92dea48b837c7b5524dc061374e637e299fef6b1355ce23d0f649f0e61402d375bb444a37a22a812821ade48df3be021ecacff6873654bf21e111d079f5bb140568b5c4b77f1aaa22416ab983eb8fe903286fdf114024622f443686078c8318329aebe5df891a9a91bd5512b3aed59557de62d1a9586e10fa07306f815fc10204200d6282813f729c3f8e8af7c450f55037397125ef5e806306a9ba351a6f3e1dede486bc75ae897581b649ef55f19c97b330c5a61a6f76674722429ea894d1c638074cedb0b863514c19166a5c2baf4ee6d1eaeee85155afd10fdd4361c78b3c0d00d01a37df52be0ed3458bc7a1afa0c8c9a2f3406b1e4607e955f57f626c7ed2efac888e72110e0dc0f79cfdd02bc245f0b3a7939bbdc31229ab99ecd36927e1fdd7b17b5037457856fe3f773b6af24af6d67cbd7978e2f127b86b50153e9b0f13f4942006198d6a6ac335cf7560676fd607e6a3a7b518fa815def5eca1372813f97d6ea9d62b848db37015aa648c8426f26776728332fad5f72c919a6f96d1c3b0a97df4c1892ff814e2e57979da7f7098c42b963ca5929765b1ad2284abd2c1f7ef9570b8c97a513da8f4078130e70f31327708619331571d78d3475b6b41e835dc948f0e809c6610942e4c7d515d9303e6281a3980a742dc85f4528fddc34d22bbd9aa4b4b2351df10884f1dbc877717d984b0b3bafda47801103cda459d006a9a9982f5cf67fc0face3def54d579358e623dae4d9b4248cebd82111cf4c431f8852bcf862a65a124ca709cec2454e4c65514128bc2d6f8cc92624f20c02b008081d334cc7fa0b8e8d9d3dfe2a283600e875c7ecb8e4949f958f6f84f8e52b78e3eae58fa02d85bb8ac52ddf3b262ec52eca50d6d590139c24c042e1c040d8da6c9a2e95055dc91ed65881bc4c43c13c240eb9f6ef9a4cffb44e96c9c055cbbc10b5d63850bc3e2fa46aabb2c732c0c31bf1dba3ad1ce2b1b671259aaaef955d39c420b18d78828248563cacd9417ef2cb63859ebef3936e26803e7ccf5233cb3c0a2f440d898ff258cb03a783415a6f81b1b1a07bb5cef530c78c30ec9adfd2df246d581bc662336d5029f65588995adc3190e97a418c15fa3620eb68cdcc6233f1aa0009ab558b22ae9316003c6af1fe0d7807e583943e48692fcd9fa2525fefe3467d099951c83943312f0e889cef4c1ecf17ad469f5ad683b405eb59230e89df96e8dd94e41e5f62822ba957e065f22d96b1c0c2b83f5a57fbb04d5af399ece3ddd52e5afff783a876e2066fbe30963421acb427c95fd3e7bc6b7d3d731a7e347052cd9636805cab94ad40bdb63a264b3127c7f8d21d25810bd2eadb2c3e31b5c807283ad062d750e5b21ec1e20cc3ac5753ac536faf23e2b5c37e9d021870b0350ecea7187643a00a08ec3ffaf7e6c236c4d694ff41af7b5fbf8a554949f5026a8b2adcf377f94848cd17fbcc0249e796008962d3db16b4bb85483dbe75ef5b301175e052203436b38248fbd1a28a5e2b3ab75c77eb8f853e60e95d5f16cb9858b33b3752b4c69776ec4506ba2bd490a6f17aae1152d8762d86cc0ef32788cf149e8fa9464c3ea588f15d8eb2092254c470acf221cfe680845167fc6778b8af1609681ae4f4e65426ce059b9768eb2e0c89f29de7b91db89a72e4c677c65dd980f9a6bfa656ed01d5e683a33e6b80462139476225cc0fcc309d926c36aa250bdad1454db46cd2536046f909a05b08829cad973bc705231a32a5f2e7ac5e96e2315cb175724607a5af02073fc936272aa724990ba6dcc4ea79da6eb7ec0bbdbd0a878114c493bc4b3e26e24b18553bd0a617981d8ea9e91ed2e3bcbd48f5d67aa913790bf52c31435184d6c73079e964e9ef05194e88b072b372d48cb70dbca99238c4474ed0b6932cc1b233bce0c87d48d478fa3c937c42c8637714e9995041f8b2b7dce17eb2f26c730f5559cf5919b88ee00bbf40726f90e1cf29e0f5fadc64de1bf28d447e8996948dc2fe658620b6fb8cfc592d5e0621b66057eb774c31ab16235456210c5ee7990b71b5b3d51cf13e30361a8cdaa107b13fa6a1c84b172efece3b70753e81e7e9e572d228c7bbcdaba40d8d0eb4de13bda1fca38d3ed667bb0897335aadaa0c3905a1283292c89ef5747ad5462db4011c3f8a4a476aa78d74badf8bf3785997ba9824e21256eed4c2805331fa24c81e28f21e895a0b03e7de52787065faded0f1b59eba1c922dce5576e8ab190ef716c021d8dfa13a1e73b8962d9f9238ba8b9fa2cf84addfe37e78cdb398ee4c0642a716fb8db1e332f873a16c6225ebc51fe05f33273380e64272159bb808336e87b4b0cddb492a992b2e7f423bf37725e1d9dda0dc6b4426172c2a93ee1cc9acea7fe1ece9ba0ddee3e232efb11fc4d4e266cd2a83c017e32315c434b73e9729d5a3a7fe993e72f9bb70d78672493263a2653fe1bfd42d1f97cbf0fffb6705b2e35fe65ceb9ad7ddc525b689027352db9c194939559ebb3b505a58e0404103482ce10f7d67761c13b235b52ad1b25803aa94cf7df5ca8d8bd0d4e6d0ab8bcfb8f72a26cecf071e31c02a1034c0144d850f1732926981dca7a18f0a197da3703d74d3e951ed510ed38a8fcae93eb2bebdf92e0feb0f06dbe1331cb43cfa548ca294ea479ecb325aea7aff8d924745298a3d34f23f40b992995a908130165b44beb8cc9da8390dae2a09cb7e1ac7e95b84f35e7be147b4be04883047cdcaec662aa8b66694ae8914e65edb63696494bff66eacb3aecdb23746a36cec7f832d628d38698ba6b3d4020095eae2a5b36a21039ce50901cdf2582b88ab8c86c6f4a8c345618f10d7aab081edb3ce8e4479e0ac476112d4b261cb8ed952221fb660898491fc7134b091c0565173bebf014caffae12852b5314c930d41e27bcfa7bc536fc4da3b714630e1ac7aaf006755da1da792dcad08f796c2ebdd6427ad3374e25132a103d62f98584462aa164d742b4d7c668a85119480199dd90f0a903f6c76cfca28b84a2279ae6965fdec403072be146d2d1f39b122113fbcfb52cf8c7c1d47a32f437b895bcd7a67ad08f196112a15b07e5b57b4db2b7c7f70a42923d6d0625515375b9281d331bd1e5dd75ff3a6e1ca5b75eb328e6c935f2c8f0c57b0aaf2ad85983160b0e53fca44d95e956ef2726d97acb2da34ca4482bb86aabde6d8b8b85da2e44ae89b8359f7edb88a3e2a9aad23125b8c2bd0c7be0847ac9b1e16db2c395e0c9eb040af710c31d32f7b356bfb6f1704f4d884f37c15b865eda87685ae8926fbf3a4465e7e2968ee18ea1ff5d4f4cbfb55634089687b9f0bce5b9cf10779299893cf64980193fd3a1096507e7a8be", 0x1000}}, 0x1006)
io_uring_enter(r1, 0x27e2, 0x0, 0x0, 0x0, 0x0)
writev(r0, &(0x7f0000004400)=[{&(0x7f0000002000)="87", 0x1}], 0x1)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000040a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000801800034000000000000000008f00"/100], 0x64}, 0x1, 0x0, 0x0, 0x890}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000130a03000000000000000000020001000900020073797a310000000008000340000000010900010073797a3000000000"], 0x34}, 0x1, 0x0, 0x0, 0x40001}, 0x4000040)

0s ago: executing program 1 (id=962):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
r1 = syz_open_dev$loop(&(0x7f00000005c0), 0x2, 0x4a0200)
ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000280))
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x80000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000100000000000000e9ff000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r4}, 0x10)
rt_sigsuspend(0x0, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket$pppoe(0x18, 0x1, 0x0)
close(r7)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000840)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8040}, 0x8840)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
r9 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r9, 0x81785501, &(0x7f0000000540)=""/113)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r10, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r11=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000340)={'syztnl0\x00', &(0x7f0000000440)={'tunl0\x00', r11, 0x8, 0x700, 0xfffffffc, 0x2, {{0x46, 0x4, 0x0, 0x28, 0x118, 0x67, 0x0, 0x80, 0x29, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0xc, 0x81, 0x1, 0x1, [{@dev={0xac, 0x14, 0x14, 0x44}, 0x5}]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x4c, 0xfe, 0x1, 0x5, [{@remote, 0x7}, {@loopback, 0x7}, {@multicast1, 0x7fffffff}, {@remote, 0xc}, {@local, 0x1}, {@empty, 0xe}, {@rand_addr=0x64010101, 0x101}, {@local, 0x5}, {@multicast2, 0xa2000000}]}, @cipso={0x86, 0x47, 0x3, [{0x1, 0x6, "241b3814"}, {0x5, 0xd, "c298cccd05d789561f00c1"}, {0x2, 0x9, "90847b4e3c1a03"}, {0x1, 0x6, "adf2a5e1"}, {0x7, 0x3, "f0"}, {0x7, 0xe, "18bd03045b2773959d7e6e05"}, {0x0, 0xe, "4a6ce153ae3fc72242a792a6"}]}, @generic={0x94, 0xf, "2ac1f54b729f044c1dd269239e"}, @timestamp_prespec={0x44, 0x1c, 0x4c, 0x3, 0x2, [{@empty, 0x8}, {@private=0xa010101, 0x7236}, {@empty, 0x3}]}, @timestamp_prespec={0x44, 0x14, 0xb2, 0x3, 0x4, [{@dev={0xac, 0x14, 0x14, 0x30}, 0x5}, {@multicast2, 0x4}]}, @timestamp={0x44, 0x20, 0x1a, 0x0, 0x2, [0x5, 0x3ff, 0x0, 0x2, 0x100, 0x3, 0xd]}]}}}}})
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
open(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

 RSP: 002b:00000000f506c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[   90.648915][ T6969] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080004100
[   90.648921][ T6969] RDX: 00000000ffffff80 RSI: 0000000000000000 RDI: 0000000000000000
[   90.648927][ T6969] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   90.648933][ T6969] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   90.648938][ T6969] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   90.648951][ T6969]  </TASK>
[   91.074940][ T6979] netlink: 'syz.0.204': attribute type 4 has an invalid length.
[   91.501483][ T5953] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   91.505492][ T5953] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   91.509129][ T5953] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   91.525032][ T5953] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   91.530701][ T5953] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   91.663644][ T6997] FAULT_INJECTION: forcing a failure.
[   91.663644][ T6997] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.667824][ T6997] CPU: 0 UID: 0 PID: 6997 Comm: syz.4.207 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[   91.667838][ T6997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.667844][ T6997] Call Trace:
[   91.667848][ T6997]  <TASK>
[   91.667864][ T6997]  dump_stack_lvl+0x16c/0x1f0
[   91.667884][ T6997]  should_fail_ex+0x512/0x640
[   91.667902][ T6997]  strncpy_from_user+0x3b/0x2e0
[   91.667918][ T6997]  __do_sys_add_key+0xce/0x470
[   91.667930][ T6997]  ? __pfx___do_sys_add_key+0x10/0x10
[   91.667939][ T6997]  ? ksys_write+0x1b9/0x240
[   91.667952][ T6997]  ? rcu_is_watching+0x12/0xc0
[   91.667964][ T6997]  __do_fast_syscall_32+0x73/0x120
[   91.667981][ T6997]  do_fast_syscall_32+0x32/0x80
[   91.667997][ T6997]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   91.668010][ T6997] RIP: 0023:0xf7fc8579
[   91.668019][ T6997] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   91.668029][ T6997] RSP: 002b:00000000f50c555c EFLAGS: 00000296 ORIG_RAX: 000000000000011e
[   91.668039][ T6997] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000080000040
[   91.668045][ T6997] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000fffffffd
[   91.668050][ T6997] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   91.668056][ T6997] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   91.668062][ T6997] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   91.668074][ T6997]  </TASK>
[   91.672392][ T6997] netlink: 'syz.4.207': attribute type 11 has an invalid length.
[   91.685707][ T6992] chnl_net:caif_netlink_parms(): no params data found
[   91.764386][   T46] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.855366][   T46] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.879630][ T6992] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.887618][ T6992] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.890358][ T6992] bridge_slave_0: entered allmulticast mode
[   91.893491][ T6992] bridge_slave_0: entered promiscuous mode
[   91.897000][ T6992] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.899275][ T6992] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.902126][ T6992] bridge_slave_1: entered allmulticast mode
[   91.909611][ T6992] bridge_slave_1: entered promiscuous mode
[   91.979204][   T46] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.994702][ T6992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.011831][ T6992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.035607][ T7016] overlayfs: failed to clone upperpath
[   92.086750][   T46] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.105490][ T6992] team0: Port device team_slave_0 added
[   92.109049][ T6992] team0: Port device team_slave_1 added
[   92.112379][ T7018] netlink: 'syz.0.211': attribute type 1 has an invalid length.
[   92.265290][ T6992] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.267466][ T6992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.302995][ T6992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.311836][ T6992] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.320543][ T6992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.339676][ T6992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.433737][ T7023] team_slave_0: entered allmulticast mode
[   92.492758][ T7027] netlink: 36 bytes leftover after parsing attributes in process `syz.4.212'.
[   92.587443][ T6992] hsr_slave_0: entered promiscuous mode
[   92.598513][ T6992] hsr_slave_1: entered promiscuous mode
[   92.602034][ T6992] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.605701][ T6992] Cannot create hsr debugfs directory
[   92.610493][   T46] bridge_slave_1: left allmulticast mode
[   92.615312][   T46] bridge_slave_1: left promiscuous mode
[   92.626175][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.637592][   T46] bridge_slave_0: left allmulticast mode
[   92.642889][   T46] bridge_slave_0: left promiscuous mode
[   92.647855][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.819587][ T7037] netlink: 'syz.0.215': attribute type 4 has an invalid length.
[   92.908687][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   92.913213][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   92.916964][   T46] bond0 (unregistering): Released all slaves
[   93.140365][ T6992] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   93.146515][ T6992] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   93.162496][ T6992] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   93.186826][ T7048] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.192557][ T6992] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   93.197620][ T7048] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.237472][ T7055] overlayfs: failed to resolve './file1': -2
[   93.260230][   T46] hsr_slave_0: left promiscuous mode
[   93.267772][   T46] hsr_slave_1: left promiscuous mode
[   93.269798][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   93.272133][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[   93.284318][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   93.286649][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[   93.307573][   T46] veth1_macvtap: left promiscuous mode
[   93.309448][   T46] veth0_macvtap: left promiscuous mode
[   93.311272][   T46] veth1_vlan: left promiscuous mode
[   93.313967][   T46] veth0_vlan: left promiscuous mode
[   93.614448][ T5953] Bluetooth: hci2: command tx timeout
[   93.886953][   T46] team0 (unregistering): Port device team_slave_1 removed
[   93.943655][   T46] team0 (unregistering): Port device team_slave_0 removed
[   94.446369][ T6992] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.504883][ T6992] 8021q: adding VLAN 0 to HW filter on device team0
[   94.514785][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.517112][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.524782][ T1170] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.527538][ T1170] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.654803][ T6992] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.818394][ T6992] veth0_vlan: entered promiscuous mode
[   94.826214][ T6992] veth1_vlan: entered promiscuous mode
[   94.847438][ T6992] veth0_macvtap: entered promiscuous mode
[   94.855398][ T6992] veth1_macvtap: entered promiscuous mode
[   94.865486][ T6992] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.871653][ T6992] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.880660][ T6992] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.883625][ T6992] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.886455][ T6992] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.890000][ T6992] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.969677][ T7114] netlink: 'syz.0.226': attribute type 4 has an invalid length.
[   94.979661][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.992608][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.015251][ T1170] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.018141][ T1170] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.362580][ T6681] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[   95.512511][ T6681] usb 10-1: Using ep0 maxpacket: 32
[   95.535263][ T6681] usb 10-1: unable to get BOS descriptor or descriptor too short
[   95.538358][ T6681] usb 10-1: no configurations
[   95.540262][ T6681] usb 10-1: can't read configurations, error -22
[   95.692562][ T5953] Bluetooth: hci2: command tx timeout
[   95.797186][ T7164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.232'.
[   96.091406][ T7177] netlink: 'syz.5.234': attribute type 5 has an invalid length.
[   96.099133][   T40] audit: type=1326 audit(1747904647.864:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.5.234" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ee579 code=0x0
[   96.507222][ T7194] ieee802154 phy0 wpan0: encryption failed: -90
[   96.763118][  T835] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   96.852611][ T6233] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   97.012554][  T835] usb 9-1: Using ep0 maxpacket: 32
[   97.015549][  T835] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[   97.019247][  T835] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[   97.024292][  T835] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   97.026002][ T6233] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   97.031799][  T835] usb 9-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[   97.033272][ T6233] usb 6-1: config 0 has no interfaces?
[   97.033289][ T6233] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   97.033301][ T6233] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.034500][ T6233] usb 6-1: config 0 descriptor??
[   97.037021][  T835] usb 9-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[   97.037043][  T835] usb 9-1: Product: syz
[   97.037055][  T835] usb 9-1: Manufacturer: syz
[   97.058577][  T835] usb 9-1: SerialNumber: syz
[   97.068916][  T835] input: appletouch as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:1.0/input/input7
[   97.221045][ T7226] vivid-000: disconnect
[   97.263429][   T65] usb 6-1: USB disconnect, device number 5
[   97.284679][ T7203] macvtap0: entered allmulticast mode
[   97.287103][ T7203] veth0_macvtap: entered allmulticast mode
[   97.290104][ T7203] netlink: 'syz.1.238': attribute type 3 has an invalid length.
[   97.293883][ T7203] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check.
[   97.314778][ T5984] usb 9-1: USB disconnect, device number 2
[   97.326929][ T5984] appletouch 9-1:1.0: input: appletouch disconnected
[   97.462514][ T7232] netlink: 32 bytes leftover after parsing attributes in process `syz.0.243'.
[   97.613104][ T7243] cgroup: none used incorrectly
[   97.773384][ T5953] Bluetooth: hci2: command tx timeout
[   97.871999][ T7255] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[   97.987365][ T7265] lo: entered promiscuous mode
[   97.995767][ T7265] tunl0: entered promiscuous mode
[   97.997808][ T7265] gre0: entered promiscuous mode
[   97.999888][ T7265] gretap0: entered promiscuous mode
[   98.001791][ T7265] erspan0: entered promiscuous mode
[   98.005535][ T7265] ip_vti0: entered promiscuous mode
[   98.007503][ T7265] ip6_vti0: entered promiscuous mode
[   98.010336][ T7265] sit0: entered promiscuous mode
[   98.012290][ T7265] ip6tnl0: entered promiscuous mode
[   98.015137][ T7265] ip6gre0: entered promiscuous mode
[   98.017113][ T7265] syz_tun: entered promiscuous mode
[   98.019026][ T7265] ip6gretap0: entered promiscuous mode
[   98.021092][ T7265] bridge0: entered promiscuous mode
[   98.023719][ T7265] vcan0: entered promiscuous mode
[   98.026304][ T7265] bond0: entered promiscuous mode
[   98.027872][ T7265] bond_slave_0: entered promiscuous mode
[   98.029716][ T7265] bond_slave_1: entered promiscuous mode
[   98.032121][ T7265] team0: entered promiscuous mode
[   98.036086][ T7223] vivid-000: reconnect
[   98.041830][ T7265] team_slave_0: entered promiscuous mode
[   98.045667][ T7265] team_slave_1: entered promiscuous mode
[   98.056125][ T7265] dummy0: entered promiscuous mode
[   98.059959][ T7265] nlmon0: entered promiscuous mode
[   98.064577][ T7265] caif0: entered promiscuous mode
[   98.066235][ T7265] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   98.343626][  T835] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[   98.432576][ T5982] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   98.492727][  T835] usb 10-1: Using ep0 maxpacket: 8
[   98.497114][  T835] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   98.501144][  T835] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   98.506055][  T835] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   98.510273][  T835] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   98.515960][  T835] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   98.519730][  T835] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.604563][ T5982] usb 6-1: config 0 has no interfaces?
[   98.608873][ T5982] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[   98.611731][ T5982] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.614461][ T5982] usb 6-1: Product: syz
[   98.615889][ T5982] usb 6-1: Manufacturer: syz
[   98.617465][ T5982] usb 6-1: SerialNumber: syz
[   98.620765][ T5982] usb 6-1: config 0 descriptor??
[   98.729519][  T835] usb 10-1: GET_CAPABILITIES returned 0
[   98.731416][  T835] usbtmc 10-1:16.0: can't read capabilities
[   98.828390][ T7282] netlink: 'syz.1.252': attribute type 4 has an invalid length.
[   98.838740][ T6681] usb 6-1: USB disconnect, device number 6
[   98.872561][ T7306] veth1_to_bond: entered allmulticast mode
[   98.877215][ T7305] veth1_to_bond: left allmulticast mode
[   98.932381][ T7270] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.935284][ T7270] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.940956][ T5983] usb 10-1: USB disconnect, device number 4
[   99.559130][ T1339] Process accounting resumed
[   99.599125][ T7316] e1000e 0000:00:02.0 eth1: NIC Link is Down
[   99.852511][ T5953] Bluetooth: hci2: command tx timeout
[   99.977238][ T7358] netlink: 'syz.4.267': attribute type 10 has an invalid length.
[   99.980298][ T7358] syz_tun: entered promiscuous mode
[   99.984998][ T7358] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  100.558592][ T7383] Cannot find del_set index 3 as target
[  100.718762][ T6681] Process accounting resumed
[  100.786483][ T7395] futex_wake_op: syz.0.274 tries to shift op by 144; fix this program
[  100.961900][ T7408] netlink: 'syz.0.279': attribute type 12 has an invalid length.
[  101.626591][ T7430] tmpfs: Unknown parameter '00000000000000000003'
[  102.142468][ T5984] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  102.252499][ T5955] Bluetooth: hci2: command 0x0405 tx timeout
[  102.323688][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.698814][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.703150][ T5984] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  102.712572][ T5984] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  102.717595][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.725697][ T5984] usb 6-1: config 0 descriptor??
[  102.797129][ T7466] exFAT-fs (nullb0): invalid boot record signature
[  102.799240][ T7466] exFAT-fs (nullb0): failed to read boot sector
[  102.801179][ T7466] exFAT-fs (nullb0): failed to recognize exfat type
[  103.133781][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.136175][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.138753][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.141098][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.143827][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.146040][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.148273][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.150631][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.155320][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.157858][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.160165][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.163661][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.166418][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.169007][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.171513][ T5984] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  103.174411][ T5984] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[  103.180726][ T5984] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  103.289569][ T1331] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  103.412237][ T5983] usb 6-1: USB disconnect, device number 7
[  103.718993][ T1331] usb 9-1: too many configurations: 224, using maximum allowed: 8
[  103.753976][ T1331] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  103.757702][ T1331] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.760884][ T1331] usb 9-1: Product: syz
[  103.762620][ T1331] usb 9-1: Manufacturer: syz
[  103.764233][ T1331] usb 9-1: SerialNumber: syz
[  103.770273][ T1331] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  103.791778][ T1331] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  104.214495][ T6681] usb 9-1: USB disconnect, device number 3
[  104.812895][ T1331] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive
[  104.816175][ T1331] ath9k_htc: Failed to initialize the device
[  104.829807][ T6681] usb 9-1: ath9k_htc: USB layer deinitialized
[  104.874074][   T40] audit: type=1326 audit(1747904656.644:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  104.882351][   T40] audit: type=1326 audit(1747904656.644:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  104.914765][   T40] audit: type=1326 audit(1747904656.654:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=30 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  104.921355][   T40] audit: type=1326 audit(1747904656.654:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  104.928325][   T40] audit: type=1326 audit(1747904656.654:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  104.937619][   T40] audit: type=1326 audit(1747904656.654:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  104.944307][   T40] audit: type=1326 audit(1747904656.654:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  104.950917][   T40] audit: type=1326 audit(1747904656.654:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  104.957622][   T40] audit: type=1326 audit(1747904656.654:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  104.964653][   T40] audit: type=1326 audit(1747904656.654:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.4.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  105.813484][ T7517] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.303'.
[  106.262492][   T58] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  106.446238][   T58] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.450742][   T58] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.462699][   T58] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  106.467778][   T58] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  106.471233][   T58] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.482874][   T58] usb 10-1: config 0 descriptor??
[  106.873294][ T7560] process 'syz.4.315' launched './file0' with NULL argv: empty string added
[  106.881518][ T7560] netlink: 'syz.4.315': attribute type 9 has an invalid length.
[  106.903009][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.905552][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.907939][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.910263][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.913198][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.915361][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.918046][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.920310][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.922692][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.924970][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.927232][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.929518][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.931769][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.937293][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.939880][   T58] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  106.942686][   T58] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  106.952597][   T58] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  107.158343][ T7572] netlink: 40 bytes leftover after parsing attributes in process `syz.4.318'.
[  107.171707][  T835] usb 10-1: USB disconnect, device number 5
[  107.614092][ T7578] lo speed is unknown, defaulting to 1000
[  107.616362][ T7578] lo speed is unknown, defaulting to 1000
[  107.618764][ T7578] lo speed is unknown, defaulting to 1000
[  107.626060][ T7578] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  107.635347][ T7577] could not allocate digest TFM handle cbcmac-aes-neon
[  107.638841][ T7577] CUSE: unknown device info "�KJéH+ßãÛ¤2Lh¸änLþ1Õ`†CcÝòn§õ†îì8­¨×°º©®(À3Õ¶ië®â>f¡Çè_Ù®,�°
ð<Ö_e¤FÀÆ"
[  107.642308][ T7577] CUSE: unknown device info "3�ÜŸ•,²¥Ì˜õ"
[  107.643925][ T7578] lo speed is unknown, defaulting to 1000
[  107.644210][ T7577] CUSE: DEVNAME unspecified
[  107.646601][ T7578] lo speed is unknown, defaulting to 1000
[  107.651085][ T7578] lo speed is unknown, defaulting to 1000
[  107.653967][ T7578] lo speed is unknown, defaulting to 1000
[  107.740405][ T7578] netlink: 16 bytes leftover after parsing attributes in process `syz.4.320'.
[  108.289098][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  109.732533][  T835] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  109.976370][  T835] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.979943][  T835] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.982943][  T835] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  109.986998][  T835] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  109.989742][  T835] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.993432][  T835] usb 6-1: config 0 descriptor??
[  110.179228][ T7666] netlink: 84 bytes leftover after parsing attributes in process `syz.5.331'.
[  110.423909][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.428233][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.430689][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.433982][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.436428][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.440224][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.442774][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.445249][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.447566][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.449909][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.452229][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.455108][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.457497][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.459804][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.462093][  T835] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  110.465120][  T835] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  110.473171][  T835] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  110.680979][   T58] usb 6-1: USB disconnect, device number 8
[  111.066432][ T7680] siw: device registration error -23
[  111.070341][ T7680] netlink: 16 bytes leftover after parsing attributes in process `syz.5.333'.
[  111.223796][ T7683] netlink: 'syz.1.334': attribute type 10 has an invalid length.
[  111.237023][ T7683] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  111.240389][ T7683] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  111.428102][    C3] IPv4: Oversized IP packet from 172.20.20.24
[  111.513193][ T7689] IPv6: NLM_F_CREATE should be specified when creating new route
[  112.141612][ T7704] overlayfs: failed to clone upperpath
[  112.425814][ T7713] block device autoloading is deprecated and will be removed.
[  112.512579][ T6002] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  112.774296][ T6002] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.778770][ T6002] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.778966][ T7720] 9pnet_fd: Insufficient options for proto=fd
[  112.782264][ T6002] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  112.782306][ T6002] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  112.793172][ T6002] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.796792][ T6002] usb 9-1: config 0 descriptor??
[  112.983292][ T7734] overlayfs: failed to clone upperpath
[  113.123742][ T7741] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  113.162093][ T7744] netlink: 12 bytes leftover after parsing attributes in process `syz.0.350'.
[  113.215468][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.217746][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.220152][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.224455][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.226674][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.228955][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.231824][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.235272][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.237541][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.239724][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.241985][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.251125][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.253711][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.256018][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.258321][ T6002] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  113.260965][ T6002] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving
[  113.268798][ T6002] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  113.271109][ T7751] capability: warning: `syz.1.352' uses deprecated v2 capabilities in a way that may be insecure
[  113.485446][   T57] usb 9-1: USB disconnect, device number 4
[  113.485676][ T7757] 9pnet_fd: Insufficient options for proto=fd
[  113.605043][ T7760] FAULT_INJECTION: forcing a failure.
[  113.605043][ T7760] name failslab, interval 1, probability 0, space 0, times 0
[  113.609129][ T7760] CPU: 2 UID: 0 PID: 7760 Comm: syz.5.353 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  113.609143][ T7760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.609149][ T7760] Call Trace:
[  113.609153][ T7760]  <TASK>
[  113.609158][ T7760]  dump_stack_lvl+0x16c/0x1f0
[  113.609189][ T7760]  should_fail_ex+0x512/0x640
[  113.609205][ T7760]  ? __kmalloc_noprof+0xbf/0x510
[  113.609218][ T7760]  ? acpi_ns_internalize_name+0x144/0x220
[  113.609229][ T7760]  should_failslab+0xc2/0x120
[  113.609242][ T7760]  __kmalloc_noprof+0xd2/0x510
[  113.609255][ T7760]  ? acpi_ns_get_internal_name_length+0x272/0x400
[  113.609267][ T7760]  acpi_ns_internalize_name+0x144/0x220
[  113.609278][ T7760]  ? __pfx_acpi_ns_internalize_name+0x10/0x10
[  113.609287][ T7760]  ? __pfx___schedule+0x10/0x10
[  113.609300][ T7760]  ? lockdep_unlock+0x64/0xe0
[  113.609314][ T7760]  ? mark_held_locks+0x49/0x80
[  113.609329][ T7760]  acpi_ns_get_node_unlocked+0x163/0x310
[  113.609341][ T7760]  ? __pfx_acpi_ns_get_node_unlocked+0x10/0x10
[  113.609351][ T7760]  ? preempt_schedule_common+0x44/0xc0
[  113.609365][ T7760]  ? preempt_schedule_thunk+0x16/0x30
[  113.609385][ T7760]  ? down_timeout+0x6b/0x90
[  113.609395][ T7760]  ? acpi_os_wait_semaphore+0xcb/0xf0
[  113.609411][ T7760]  ? acpi_ns_get_node+0x4c/0x70
[  113.609421][ T7760]  acpi_ns_get_node+0x4c/0x70
[  113.609432][ T7760]  acpi_get_handle+0x105/0x270
[  113.609443][ T7760]  ? __pfx_acpi_get_handle+0x10/0x10
[  113.609457][ T7760]  acpi_has_method+0x7a/0xc0
[  113.609473][ T7760]  ? __pfx_acpi_has_method+0x10/0x10
[  113.609492][ T7760]  acpi_pci_set_power_state+0xa4/0x290
[  113.609503][ T7760]  pci_power_up+0x80/0x4b0
[  113.609516][ T7760]  ? __pfx_pci_power_up+0x10/0x10
[  113.609527][ T7760]  ? preempt_schedule_common+0x44/0xc0
[  113.609541][ T7760]  ? __pfx_pci_pm_runtime_resume+0x10/0x10
[  113.609553][ T7760]  ? preempt_schedule_thunk+0x16/0x30
[  113.609570][ T7760]  pci_pm_runtime_resume+0xa1/0x280
[  113.609582][ T7760]  ? __pfx_pci_pm_runtime_resume+0x10/0x10
[  113.609594][ T7760]  __rpm_callback+0xc5/0x610
[  113.609611][ T7760]  ? __pfx_pci_pm_runtime_resume+0x10/0x10
[  113.609624][ T7760]  rpm_callback+0x1b7/0x200
[  113.609634][ T7760]  ? __pfx_pci_pm_runtime_resume+0x10/0x10
[  113.609646][ T7760]  rpm_resume+0xd0a/0x1310
[  113.609661][ T7760]  ? __pfx_rpm_resume+0x10/0x10
[  113.609671][ T7760]  ? do_raw_spin_lock+0x12c/0x2b0
[  113.609692][ T7760]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  113.609721][ T7760]  __pm_runtime_resume+0xb6/0x170
[  113.609750][ T7760]  i801_access+0x13a/0x2040
[  113.609786][ T7760]  ? __pfx_i801_access+0x10/0x10
[  113.609795][ T7760]  ? irqentry_exit+0x3b/0x90
[  113.609809][ T7760]  ? lockdep_hardirqs_on+0x7c/0x110
[  113.609827][ T7760]  __i2c_smbus_xfer+0x4ed/0x1020
[  113.609838][ T7760]  ? __pfx_i801_access+0x10/0x10
[  113.609850][ T7760]  ? __pfx___i2c_smbus_xfer+0x10/0x10
[  113.609860][ T7760]  ? rt_mutex_slowtrylock+0xc9/0x100
[  113.609873][ T7760]  i2c_smbus_xfer+0x200/0x3c0
[  113.609886][ T7760]  i2cdev_ioctl_smbus+0x531/0x960
[  113.609902][ T7760]  ? __pfx_i2cdev_ioctl_smbus+0x10/0x10
[  113.609915][ T7760]  ? __might_fault+0xe3/0x190
[  113.609927][ T7760]  ? __might_fault+0xe3/0x190
[  113.609944][ T7760]  compat_i2cdev_ioctl+0x434/0x530
[  113.609961][ T7760]  ? __pfx_compat_i2cdev_ioctl+0x10/0x10
[  113.609976][ T7760]  ? __fget_files+0x20e/0x3c0
[  113.609985][ T7760]  ? __pfx_fput+0x10/0x10
[  113.610000][ T7760]  ? __pfx_compat_i2cdev_ioctl+0x10/0x10
[  113.610015][ T7760]  __ia32_compat_sys_ioctl+0x24f/0x360
[  113.610032][ T7760]  __do_fast_syscall_32+0x73/0x120
[  113.610048][ T7760]  do_fast_syscall_32+0x32/0x80
[  113.610064][ T7760]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  113.610077][ T7760] RIP: 0023:0xf70ee579
[  113.610085][ T7760] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  113.610095][ T7760] RSP: 002b:00000000f50bd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  113.610105][ T7760] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000720
[  113.610111][ T7760] RDX: 0000000080003080 RSI: 0000000000000000 RDI: 0000000000000000
[  113.610116][ T7760] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  113.610122][ T7760] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  113.610127][ T7760] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  113.610140][ T7760]  </TASK>
[  113.851707][ T7768] hfs: unable to load iocharset "io#harset"
[  114.117649][ T7776] geneve1: entered promiscuous mode
[  114.468262][ T7781] IPVS: length: 78 != 8
[  114.824942][ T7794] 9pnet_fd: Insufficient options for proto=fd
[  114.882326][ T7799] futex_wake_op: syz.5.364 tries to shift op by 144; fix this program
[  114.886239][ T7799] futex_wake_op: syz.5.364 tries to shift op by 144; fix this program
[  114.889037][ T7799] futex_wake_op: syz.5.364 tries to shift op by 144; fix this program
[  114.892184][ T7799] futex_wake_op: syz.5.364 tries to shift op by 144; fix this program
[  114.896964][ T7799] futex_wake_op: syz.5.364 tries to shift op by 144; fix this program
[  114.899554][ T7799] futex_wake_op: syz.5.364 tries to shift op by 144; fix this program
[  114.948502][ T7805] netlink: 8 bytes leftover after parsing attributes in process `syz.5.365'.
[  114.951392][ T7805] netlink: 28 bytes leftover after parsing attributes in process `syz.5.365'.
[  114.954449][ T7805] netlink: 8 bytes leftover after parsing attributes in process `syz.5.365'.
[  115.008718][ T7808] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(13)
[  115.010893][ T7808] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  115.016188][ T7808] vhci_hcd vhci_hcd.0: Device attached
[  115.020454][ T7808] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  115.027795][ T7808] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(17)
[  115.027887][ T7808] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  115.027911][ T7808] vhci_hcd vhci_hcd.0: Device attached
[  115.053726][ T7808] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(19)
[  115.056218][ T7808] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  115.059060][ T7808] vhci_hcd vhci_hcd.0: Device attached
[  115.063911][ T7808] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  115.067601][ T7808] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  115.072658][ T7808] vhci_hcd vhci_hcd.0: pdev(5) rhport(6) sockfd(25)
[  115.074975][ T7808] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  115.077624][ T7808] vhci_hcd vhci_hcd.0: Device attached
[  115.105723][ T7813] vhci_hcd: connection closed
[  115.108637][ T7815] vhci_hcd: connection closed
[  115.109653][ T7809] vhci_hcd: connection closed
[  115.111569][   T12] vhci_hcd: stop threads
[  115.112651][ T7800] netlink: 'syz.1.362': attribute type 10 has an invalid length.
[  115.113199][ T7811] vhci_hcd: connection closed
[  115.114094][   T12] vhci_hcd: release socket
[  115.123025][   T12] vhci_hcd: disconnect device
[  115.125543][   T12] vhci_hcd: stop threads
[  115.127353][   T12] vhci_hcd: release socket
[  115.130430][   T12] vhci_hcd: disconnect device
[  115.132463][   T12] vhci_hcd: stop threads
[  115.134250][   T12] vhci_hcd: release socket
[  115.136197][   T12] vhci_hcd: disconnect device
[  115.141719][   T12] vhci_hcd: stop threads
[  115.143712][   T12] vhci_hcd: release socket
[  115.148512][ T7800] bond0: (slave wlan1): Releasing backup interface
[  115.149062][   T12] vhci_hcd: disconnect device
[  115.153916][ T7800] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  115.162127][ T7800] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  115.166399][ T7800] team0: Port device wlan1 added
[  115.193055][   T57] vhci_hcd: vhci_device speed not set
[  115.343895][ T7826] 9pnet_virtio: no channels available for device ./file0/file0
[  115.400461][ T6002] libceph: connect (1)[c::]:6789 error -101
[  115.403675][ T6002] libceph: mon0 (1)[c::]:6789 connect error
[  115.424391][ T7827] ceph: No mds server is up or the cluster is laggy
[  115.594905][ T7838] FAULT_INJECTION: forcing a failure.
[  115.594905][ T7838] name failslab, interval 1, probability 0, space 0, times 0
[  115.599888][ T7838] CPU: 2 UID: 0 PID: 7838 Comm: syz.1.372 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  115.599909][ T7838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  115.599920][ T7838] Call Trace:
[  115.599939][ T7838]  <TASK>
[  115.599946][ T7838]  dump_stack_lvl+0x16c/0x1f0
[  115.599966][ T7838]  should_fail_ex+0x512/0x640
[  115.599985][ T7838]  should_failslab+0xc2/0x120
[  115.599999][ T7838]  __kmalloc_cache_noprof+0x6a/0x3e0
[  115.600011][ T7838]  ? sctp_add_bind_addr+0xae/0x3f0
[  115.600028][ T7838]  sctp_add_bind_addr+0xae/0x3f0
[  115.600044][ T7838]  sctp_copy_local_addr_list+0x39d/0x5a0
[  115.600063][ T7838]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  115.600082][ T7838]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  115.600095][ T7838]  ? sctp_bind_addr_copy+0x331/0x530
[  115.600110][ T7838]  sctp_bind_addr_copy+0x331/0x530
[  115.600127][ T7838]  sctp_connect_new_asoc+0x1d7/0x790
[  115.600141][ T7838]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  115.600156][ T7838]  ? sctp_get_af_specific+0x62/0x70
[  115.600168][ T7838]  __sctp_connect+0x3f3/0xc60
[  115.600181][ T7838]  ? do_raw_spin_lock+0x12c/0x2b0
[  115.600197][ T7838]  ? __pfx___sctp_connect+0x10/0x10
[  115.600210][ T7838]  ? __pfx_sctp_inet_connect+0x10/0x10
[  115.600223][ T7838]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  115.600239][ T7838]  ? __pfx_sctp_inet_connect+0x10/0x10
[  115.600250][ T7838]  sctp_inet_connect+0x15f/0x200
[  115.600262][ T7838]  __sys_connect_file+0x141/0x1a0
[  115.600275][ T7838]  __sys_connect+0x14d/0x170
[  115.600285][ T7838]  ? __pfx___sys_connect+0x10/0x10
[  115.600301][ T7838]  ? __pfx_ksys_write+0x10/0x10
[  115.600314][ T7838]  __ia32_sys_connect+0x71/0xb0
[  115.600324][ T7838]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  115.600340][ T7838]  __do_fast_syscall_32+0x73/0x120
[  115.600356][ T7838]  do_fast_syscall_32+0x32/0x80
[  115.600372][ T7838]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  115.600385][ T7838] RIP: 0023:0xf70be579
[  115.600393][ T7838] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  115.600402][ T7838] RSP: 002b:00000000f508d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  115.600412][ T7838] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000000
[  115.600418][ T7838] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  115.600424][ T7838] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  115.600429][ T7838] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  115.600435][ T7838] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  115.600448][ T7838]  </TASK>
[  115.601064][ T7838] netlink: 68 bytes leftover after parsing attributes in process `syz.1.372'.
[  115.713700][ T7842] netlink: 72 bytes leftover after parsing attributes in process `syz.5.373'.
[  115.754344][ T7844] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  115.798263][ T7847] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  115.833277][ T7849] overlayfs: failed to clone upperpath
[  116.134600][ T7858] could not allocate digest TFM handle cbcmac-aes-neon
[  117.653556][ T7921] lo speed is unknown, defaulting to 1000
[  118.209882][ T7941] openvswitch: netlink: Key 6 has unexpected len 17 expected 2
[  118.452487][  T835] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  118.573752][ T7952] overlayfs: failed to resolve 'É': -2
[  118.644923][  T835] usb 10-1: config index 0 descriptor too short (expected 45, got 36)
[  118.648401][  T835] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.653569][  T835] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  118.666671][  T835] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  118.673384][  T835] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  118.682736][  T835] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  118.686611][  T835] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.694384][  T835] usb 10-1: config 0 descriptor??
[  118.697310][ T7941] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  119.310765][  T835] usbhid 10-1:0.0: can't add hid device: -71
[  119.312793][  T835] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  119.322278][  T835] usb 10-1: USB disconnect, device number 6
[  119.476905][ T7971] No control pipe specified
[  119.662780][ T6002] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  119.897653][ T6002] usb 6-1: device descriptor read/64, error -71
[  120.132514][ T6002] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  120.262498][ T6002] usb 6-1: device descriptor read/64, error -71
[  120.406306][ T6002] usb usb6-port1: attempt power cycle
[  120.535491][ T7990] orangefs_mount: mount request failed with -4
[  120.604178][ T8003] No control pipe specified
[  120.763235][ T6002] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  120.793790][ T6002] usb 6-1: device descriptor read/8, error -71
[  120.944164][ T8020] netlink: 4 bytes leftover after parsing attributes in process `syz.0.426'.
[  120.947061][ T8020] bridge_slave_1: left allmulticast mode
[  120.949454][ T8020] bridge_slave_1: left promiscuous mode
[  120.951474][ T8020] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.957785][ T8020] bridge_slave_0: left allmulticast mode
[  120.959844][ T8020] bridge_slave_0: left promiscuous mode
[  120.961712][ T8020] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.042483][ T6002] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  121.074251][ T6002] usb 6-1: device descriptor read/8, error -71
[  121.192819][ T6002] usb usb6-port1: unable to enumerate USB device
[  121.466241][ T8035] No control pipe specified
[  122.053836][ T8046] siw: device registration error -23
[  122.056443][ T8046] netlink: 16 bytes leftover after parsing attributes in process `syz.0.433'.
[  122.263991][ T8055] netlink: 8 bytes leftover after parsing attributes in process `syz.1.436'.
[  122.336265][ T8060] netlink: 8 bytes leftover after parsing attributes in process `syz.1.438'.
[  122.381233][ T8065] netlink: 244 bytes leftover after parsing attributes in process `syz.5.440'.
[  122.569729][ T8081] snd_dummy snd_dummy.0: control 1:0:132:syz0:0 is already present
[  122.702507][ T6002] usb 9-1: new low-speed USB device number 5 using dummy_hcd
[  122.723771][ T8093] lo speed is unknown, defaulting to 1000
[  122.763071][ T8094] netlink: 52 bytes leftover after parsing attributes in process `syz.1.451'.
[  122.766640][ T8094] netlink: 4 bytes leftover after parsing attributes in process `syz.1.451'.
[  122.812829][ T8100] bond0: (slave bond_slave_0): Releasing backup interface
[  122.817108][ T8100] bond0: (slave bond_slave_1): Releasing backup interface
[  122.840438][ T8100] team0: Port device team_slave_0 removed
[  122.852621][ T8100] team0: Port device team_slave_1 removed
[  122.854964][ T8100] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.855495][ T6002] usb 9-1: config 0 has an invalid interface number: 198 but max is 0
[  122.857258][ T8100] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.859769][ T6002] usb 9-1: config 0 has no interface number 0
[  122.859795][ T6002] usb 9-1: config 0 interface 198 altsetting 8 endpoint 0x4 has invalid maxpacket 64, setting to 8
[  122.859809][ T6002] usb 9-1: config 0 interface 198 altsetting 8 endpoint 0x86 is Bulk; changing to Interrupt
[  122.859821][ T6002] usb 9-1: config 0 interface 198 has no altsetting 0
[  122.859837][ T6002] usb 9-1: New USB device found, idVendor=1b3d, idProduct=0138, bcdDevice=74.e6
[  122.875365][ T6002] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.876377][ T8100] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.879089][ T6002] usb 9-1: config 0 descriptor??
[  122.880380][ T8100] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.882591][ T8073] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  122.886446][ T8073] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  123.051447][ T8112] tc_dump_action: action bad kind
[  123.054711][ T8112] netlink: 20 bytes leftover after parsing attributes in process `syz.5.457'.
[  123.094749][ T6002] usb 9-1: string descriptor 0 read error: -71
[  123.097319][ T6002] ftdi_sio 9-1:0.198: FTDI USB Serial Device converter detected
[  123.100557][ T6002] ftdi_sio ttyUSB0: unknown device type: 0x74e6
[  123.107401][ T6002] usb 9-1: USB disconnect, device number 5
[  123.121733][ T6002] ftdi_sio 9-1:0.198: device disconnected
[  123.784502][   T67] Bluetooth: hci0: command 0x0406 tx timeout
[  123.952786][ T6002] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  123.984476][ T8136] FAULT_INJECTION: forcing a failure.
[  123.984476][ T8136] name failslab, interval 1, probability 0, space 0, times 0
[  123.988418][ T8136] CPU: 3 UID: 0 PID: 8136 Comm: syz.4.466 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  123.988433][ T8136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.988440][ T8136] Call Trace:
[  123.988444][ T8136]  <TASK>
[  123.988449][ T8136]  dump_stack_lvl+0x16c/0x1f0
[  123.988468][ T8136]  should_fail_ex+0x512/0x640
[  123.988491][ T8136]  ? fs_reclaim_acquire+0xae/0x150
[  123.988508][ T8136]  ? tomoyo_encode2+0x100/0x3e0
[  123.988523][ T8136]  should_failslab+0xc2/0x120
[  123.988537][ T8136]  __kmalloc_noprof+0xd2/0x510
[  123.988549][ T8136]  ? d_absolute_path+0x136/0x1a0
[  123.988564][ T8136]  tomoyo_encode2+0x100/0x3e0
[  123.988581][ T8136]  tomoyo_encode+0x29/0x50
[  123.988594][ T8136]  tomoyo_realpath_from_path+0x18f/0x6e0
[  123.988614][ T8136]  tomoyo_path_number_perm+0x245/0x580
[  123.988626][ T8136]  ? tomoyo_path_number_perm+0x237/0x580
[  123.988640][ T8136]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  123.988668][ T8136]  ? find_held_lock+0x2b/0x80
[  123.988678][ T8136]  ? hook_file_ioctl_common+0x145/0x410
[  123.988690][ T8136]  ? __fget_files+0x204/0x3c0
[  123.988702][ T8136]  ? __fget_files+0x20e/0x3c0
[  123.988710][ T8136]  ? __pfx_fput+0x10/0x10
[  123.988725][ T8136]  security_file_ioctl_compat+0x9b/0x240
[  123.988740][ T8136]  __ia32_compat_sys_ioctl+0xc3/0x360
[  123.988757][ T8136]  __do_fast_syscall_32+0x73/0x120
[  123.988774][ T8136]  do_fast_syscall_32+0x32/0x80
[  123.988789][ T8136]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  123.988803][ T8136] RIP: 0023:0xf7fc8579
[  123.988811][ T8136] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  123.988821][ T8136] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  123.988831][ T8136] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c05064a7
[  123.988837][ T8136] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000
[  123.988843][ T8136] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  123.988849][ T8136] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  123.988855][ T8136] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  123.988868][ T8136]  </TASK>
[  123.988878][ T8136] ERROR: Out of memory at tomoyo_realpath_from_path.
[  124.121335][ T6002] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  124.127370][ T6002] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  124.142544][ T6002] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  124.148072][ T6002] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  124.155754][ T6002] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.158351][ T6002] usb 6-1: Product: syz
[  124.159785][ T6002] usb 6-1: Manufacturer: syz
[  124.161313][ T6002] usb 6-1: SerialNumber: syz
[  124.539834][ T8147] netlink: 12 bytes leftover after parsing attributes in process `syz.0.469'.
[  124.602082][ T8149] lo speed is unknown, defaulting to 1000
[  124.644378][ T5953] Bluetooth: hci1: unexpected Set CIG Parameters response data
[  125.092755][ T8159] siw: device registration error -23
[  125.095080][ T8159] netlink: 16 bytes leftover after parsing attributes in process `syz.0.472'.
[  125.213295][ T5955] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  125.213786][ T5953] Bluetooth: hci3: command 0x1003 tx timeout
[  125.684781][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  125.684791][   T40] audit: type=1326 audit(1747904677.454:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  125.693509][   T40] audit: type=1326 audit(1747904677.454:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  125.700166][   T40] audit: type=1326 audit(1747904677.454:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  125.708514][   T40] audit: type=1326 audit(1747904677.454:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  125.717485][   T40] audit: type=1326 audit(1747904677.484:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  125.725820][   T40] audit: type=1326 audit(1747904677.484:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  125.879211][   T40] audit: type=1326 audit(1747904677.644:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  125.894394][   T40] audit: type=1326 audit(1747904677.644:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  125.901641][   T40] audit: type=1326 audit(1747904677.644:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  125.910957][   T40] audit: type=1326 audit(1747904677.654:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8170 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  126.014406][ T8171] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  126.021267][ T8171] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  126.352076][ T8193] overlayfs: failed to resolve './file0': -2
[  126.721047][ T6002] usb 6-1: 0:2 : does not exist
[  126.723425][ T6233] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  126.734833][ T6002] usb 6-1: USB disconnect, device number 13
[  126.751093][ T5948] udevd[5948]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  126.884301][ T6233] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.887767][ T6233] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.890771][ T6233] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  126.894926][ T6233] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  126.897769][ T6233] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.901577][ T6233] usb 9-1: config 0 descriptor??
[  127.319119][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.321769][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.328002][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.330572][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.334484][ T8212] netlink: 20 bytes leftover after parsing attributes in process `syz.5.486'.
[  127.337650][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.340124][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.357223][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.359020][ T8213] siw: device registration error -23
[  127.367497][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.374179][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.390702][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.396519][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.402213][ T8213] netlink: 16 bytes leftover after parsing attributes in process `syz.1.484'.
[  127.407647][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.416043][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.418599][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.422049][ T6233] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  127.425180][ T6233] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[  127.432167][ T6233] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  127.666999][ T1331] usb 9-1: USB disconnect, device number 6
[  128.045137][ T8221] tap0: tun_chr_ioctl cmd 1074025678
[  128.047394][ T8221] tap0: group set to 0
[  128.051153][ T8223] tap0: tun_chr_ioctl cmd 1074025673
[  128.065830][ T8226] openvswitch: netlink: Duplicate or invalid key (type 0).
[  128.068713][ T8226] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  128.167752][ T8233] trusted_key: encrypted_key: keylen parameter is missing
[  128.543121][ T8240] bridge0: port 3(vlan2) entered blocking state
[  128.545835][ T8240] bridge0: port 3(vlan2) entered disabled state
[  128.548529][ T8240] vlan2: entered allmulticast mode
[  128.550599][ T8240] bridge0: entered allmulticast mode
[  128.555023][ T8240] vlan2: left allmulticast mode
[  128.557100][ T8240] bridge0: left allmulticast mode
[  128.656659][ T5955] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  128.659629][ T5955] Bluetooth: hci1: Injecting HCI hardware error event
[  128.664053][ T5953] Bluetooth: hci1: hardware error 0x00
[  128.971640][ T8249] siw: device registration error -23
[  128.976555][ T8249] netlink: 16 bytes leftover after parsing attributes in process `syz.1.495'.
[  130.404852][ T8293] netlink: 8 bytes leftover after parsing attributes in process `syz.0.506'.
[  130.408493][ T8293] netlink: 24 bytes leftover after parsing attributes in process `syz.0.506'.
[  130.425321][ T8293] bond1: entered promiscuous mode
[  130.427173][ T8293] 8021q: adding VLAN 0 to HW filter on device bond1
[  130.431513][ T8293] netlink: 8 bytes leftover after parsing attributes in process `syz.0.506'.
[  130.434729][ T8293] netlink: 24 bytes leftover after parsing attributes in process `syz.0.506'.
[  130.446514][ T8293] bond2: entered promiscuous mode
[  130.448456][ T8293] 8021q: adding VLAN 0 to HW filter on device bond2
[  130.732566][ T5953] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  131.289099][ T8322] overlayfs: failed to resolve './file0': -2
[  131.328062][ T8324] FAULT_INJECTION: forcing a failure.
[  131.328062][ T8324] name failslab, interval 1, probability 0, space 0, times 0
[  131.332296][ T8324] CPU: 1 UID: 0 PID: 8324 Comm: syz.1.516 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  131.332312][ T8324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.332318][ T8324] Call Trace:
[  131.332322][ T8324]  <TASK>
[  131.332327][ T8324]  dump_stack_lvl+0x16c/0x1f0
[  131.332347][ T8324]  should_fail_ex+0x512/0x640
[  131.332362][ T8324]  ? fs_reclaim_acquire+0xae/0x150
[  131.332379][ T8324]  ? tomoyo_encode2+0x100/0x3e0
[  131.332409][ T8324]  should_failslab+0xc2/0x120
[  131.332424][ T8324]  __kmalloc_noprof+0xd2/0x510
[  131.332435][ T8324]  ? d_absolute_path+0x136/0x1a0
[  131.332451][ T8324]  tomoyo_encode2+0x100/0x3e0
[  131.332467][ T8324]  tomoyo_encode+0x29/0x50
[  131.332481][ T8324]  tomoyo_realpath_from_path+0x18f/0x6e0
[  131.332501][ T8324]  tomoyo_path_number_perm+0x245/0x580
[  131.332513][ T8324]  ? tomoyo_path_number_perm+0x237/0x580
[  131.332527][ T8324]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  131.332555][ T8324]  ? find_held_lock+0x2b/0x80
[  131.332565][ T8324]  ? hook_file_ioctl_common+0x145/0x410
[  131.332577][ T8324]  ? __fget_files+0x204/0x3c0
[  131.332588][ T8324]  ? __fget_files+0x20e/0x3c0
[  131.332597][ T8324]  ? __pfx_fput+0x10/0x10
[  131.332611][ T8324]  security_file_ioctl_compat+0x9b/0x240
[  131.332626][ T8324]  __ia32_compat_sys_ioctl+0xc3/0x360
[  131.332643][ T8324]  __do_fast_syscall_32+0x73/0x120
[  131.332664][ T8324]  do_fast_syscall_32+0x32/0x80
[  131.332680][ T8324]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  131.332693][ T8324] RIP: 0023:0xf70be579
[  131.332702][ T8324] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  131.332712][ T8324] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  131.332722][ T8324] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040505330
[  131.332728][ T8324] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  131.332734][ T8324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  131.332740][ T8324] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  131.332745][ T8324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  131.332758][ T8324]  </TASK>
[  131.421805][ T8324] ERROR: Out of memory at tomoyo_realpath_from_path.
[  131.867114][ T8341] overlayfs: failed to resolve './file0': -2
[  132.254638][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  132.256642][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  133.674991][ T5982] Process accounting resumed
[  134.276164][ T8390] [U] 
[  134.803955][ T8405] Cannot find del_set index 3 as target
[  135.749056][ T5983] IPVS: starting estimator thread 0...
[  135.852751][ T8430] IPVS: using max 23 ests per chain, 55200 per kthread
[  135.942887][ T8433] lo speed is unknown, defaulting to 1000
[  136.304113][ T6002] IPVS: starting estimator thread 0...
[  136.392500][ T8444] IPVS: using max 44 ests per chain, 105600 per kthread
[  136.522773][ T8449] cgroup: No subsys list or none specified
[  136.643015][ T8456] overlayfs: failed to clone upperpath
[  137.206215][ T8476] macvlan0: entered allmulticast mode
[  137.458045][ T8485] fuse: Bad value for 'fd'
[  137.759287][ T8503] FAULT_INJECTION: forcing a failure.
[  137.759287][ T8503] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.764943][ T8503] CPU: 1 UID: 0 PID: 8503 Comm: syz.1.565 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  137.764974][ T8503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.764983][ T8503] Call Trace:
[  137.764988][ T8503]  <TASK>
[  137.764993][ T8503]  dump_stack_lvl+0x16c/0x1f0
[  137.765022][ T8503]  should_fail_ex+0x512/0x640
[  137.765050][ T8503]  _copy_from_user+0x2e/0xd0
[  137.765077][ T8503]  __sys_bpf+0x21d/0x4d80
[  137.765105][ T8503]  ? __pfx___sys_bpf+0x10/0x10
[  137.765129][ T8503]  ? ksys_write+0x190/0x240
[  137.765150][ T8503]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  137.765190][ T8503]  ? fput+0x70/0xf0
[  137.765209][ T8503]  ? ksys_write+0x1b9/0x240
[  137.765226][ T8503]  ? __pfx_ksys_write+0x10/0x10
[  137.765247][ T8503]  __ia32_sys_bpf+0x76/0xe0
[  137.765273][ T8503]  __do_fast_syscall_32+0x73/0x120
[  137.765300][ T8503]  do_fast_syscall_32+0x32/0x80
[  137.765325][ T8503]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.765347][ T8503] RIP: 0023:0xf70be579
[  137.765360][ T8503] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  137.765376][ T8503] RSP: 002b:00000000f506c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  137.765399][ T8503] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800054c0
[  137.765409][ T8503] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  137.765419][ T8503] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  137.765429][ T8503] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  137.765438][ T8503] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  137.765460][ T8503]  </TASK>
[  138.446273][ T8520] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  138.702546][ T6002] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  138.840497][ T8538] bridge_slave_0: left allmulticast mode
[  138.842325][ T8538] bridge_slave_0: left promiscuous mode
[  138.847298][ T8538] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.851502][ T8538] bridge_slave_1: left allmulticast mode
[  138.853697][ T8538] bridge_slave_1: left promiscuous mode
[  138.855751][ T8538] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.860779][ T8538] bond0: (slave bond_slave_0): Releasing backup interface
[  138.866019][ T8538] bond0: (slave bond_slave_1): Releasing backup interface
[  138.880746][ T8538] team0: Port device team_slave_0 removed
[  138.888818][ T8538] team0: Port device team_slave_1 removed
[  138.892026][ T8538] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.897799][ T8538] batman_adv: batadv0: Removing interface: batadv_slave_0
[  138.902257][ T8538] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.902587][ T6002] usb 6-1: Using ep0 maxpacket: 8
[  138.906435][ T8538] batman_adv: batadv0: Removing interface: batadv_slave_1
[  138.913209][ T6002] usb 6-1: config index 0 descriptor too short (expected 5924, got 36)
[  138.920799][ T6002] usb 6-1: config 250 has an invalid interface number: 228 but max is -1
[  138.923807][ T6002] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0
[  138.926699][ T6002] usb 6-1: config 250 has no interface number 0
[  138.930866][ T6002] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  138.942464][ T6002] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  138.946011][ T6002] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid maxpacket 65535, setting to 1024
[  138.949768][ T6002] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 1024
[  138.953258][ T6002] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  138.957613][ T6002] usb 6-1: config 250 interface 228 has no altsetting 0
[  138.964359][ T6002] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  138.964556][ T8549] netlink: 8 bytes leftover after parsing attributes in process `syz.5.578'.
[  138.967334][ T6002] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  138.976909][ T6002] usb 6-1: Product: syz
[  138.978434][ T6002] usb 6-1: SerialNumber: syz
[  138.986211][ T6002] hub 6-1:250.228: bad descriptor, ignoring hub
[  138.988385][ T6002] hub 6-1:250.228: probe with driver hub failed with error -5
[  139.188241][ T6002] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 14 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  139.312545][ T6681] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  139.462616][ T6681] usb 10-1: Using ep0 maxpacket: 32
[  139.465687][ T6681] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[  139.468126][ T6681] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  139.471616][ T6681] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  139.475423][ T6681] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  139.479428][ T6681] usb 10-1: config 0 interface 0 has no altsetting 0
[  139.483476][ T6681] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  139.486340][ T6681] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  139.488951][ T6681] usb 10-1: Product: syz
[  139.490281][ T6681] usb 10-1: Manufacturer: syz
[  139.491920][ T6681] usb 10-1: SerialNumber: syz
[  139.495298][ T6681] usb 10-1: config 0 descriptor??
[  139.498389][ T6681] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  139.503805][ T6681] ldusb 10-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[  139.543860][ T8562] netlink: 240 bytes leftover after parsing attributes in process `syz.1.571'.
[  139.646588][    C3] usblp0: nonzero read bulk status received: -71
[  139.673934][ T6233] usb 6-1: USB disconnect, device number 14
[  139.679894][ T6233] usblp0: removed
[  139.687862][ T8568] binder: BINDER_SET_CONTEXT_MGR already set
[  139.689909][ T8568] binder: 8567:8568 ioctl 4018620d 80000040 returned -16
[  139.722333][    T9] usb 10-1: USB disconnect, device number 7
[  139.727295][    T9] ldusb 10-1:0.0: LD USB Device #1 now disconnected
[  139.952529][ T6681] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  140.075619][ T8572] pim6reg: entered allmulticast mode
[  140.122658][ T6681] usb 9-1: Using ep0 maxpacket: 32
[  140.127634][ T6681] usb 9-1: config 0 has an invalid interface number: 12 but max is 0
[  140.130164][ T6681] usb 9-1: config 0 has no interface number 0
[  140.132101][ T6681] usb 9-1: config 0 interface 12 has no altsetting 0
[  140.136635][ T6681] usb 9-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  140.139435][ T6681] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.141902][ T6681] usb 9-1: Product: syz
[  140.144264][ T6681] usb 9-1: Manufacturer: syz
[  140.146164][ T6681] usb 9-1: SerialNumber: syz
[  140.149840][ T6681] usb 9-1: config 0 descriptor??
[  140.153305][ T6681] f81534 9-1:0.12: required endpoints missing
[  140.361068][ T5982] usb 9-1: USB disconnect, device number 7
[  142.086157][ T8623] Cannot find del_set index 3 as target
[  142.094482][ T8623] netlink: 244 bytes leftover after parsing attributes in process `syz.1.598'.
[  142.494002][ T6233] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  142.558341][ T8638] overlayfs: failed to clone upperpath
[  142.654082][ T6233] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  142.659535][ T6233] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  142.665838][ T6233] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  142.671181][ T6233] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  142.676655][ T6233] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  142.682723][ T6233] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  142.685263][ T6233] usb 10-1: Manufacturer: syz
[  142.688259][ T6233] usb 10-1: config 0 descriptor??
[  142.809723][ T8641] pim6reg: entered allmulticast mode
[  142.821732][ T8641] pim6reg: left allmulticast mode
[  143.178141][ T8654] FAULT_INJECTION: forcing a failure.
[  143.178141][ T8654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.183056][ T8654] CPU: 3 UID: 0 PID: 8654 Comm: syz.4.602 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  143.183099][ T8654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  143.183109][ T8654] Call Trace:
[  143.183115][ T8654]  <TASK>
[  143.183120][ T8654]  dump_stack_lvl+0x16c/0x1f0
[  143.183147][ T8654]  should_fail_ex+0x512/0x640
[  143.183171][ T8654]  _copy_to_user+0x32/0xd0
[  143.183187][ T8654]  simple_read_from_buffer+0xcb/0x170
[  143.183215][ T8654]  proc_fail_nth_read+0x197/0x270
[  143.183237][ T8654]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  143.183261][ T8654]  ? rw_verify_area+0xcf/0x680
[  143.183283][ T8654]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  143.183305][ T8654]  vfs_read+0x1de/0xc70
[  143.183324][ T8654]  ? __pfx___mutex_lock+0x10/0x10
[  143.183350][ T8654]  ? __pfx_vfs_read+0x10/0x10
[  143.183373][ T8654]  ? __fget_files+0x20e/0x3c0
[  143.183386][ T8654]  ? rcu_watching_snap_stopped_since+0x60/0x110
[  143.183427][ T8654]  ksys_read+0x12a/0x240
[  143.183444][ T8654]  ? __pfx_ksys_read+0x10/0x10
[  143.183457][ T8654]  ? rcu_is_watching+0x12/0xc0
[  143.183473][ T8654]  ? rcu_is_watching+0x12/0xc0
[  143.183492][ T8654]  __do_fast_syscall_32+0x73/0x120
[  143.183519][ T8654]  do_fast_syscall_32+0x32/0x80
[  143.183549][ T8654]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  143.183569][ T8654] RIP: 0023:0xf7fc8579
[  143.183581][ T8654] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  143.183598][ T8654] RSP: 002b:00000000f50c5590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  143.183614][ T8654] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f50c5620
[  143.183624][ T8654] RDX: 000000000000000f RSI: 00000000f7452ff4 RDI: 0000000000000000
[  143.183633][ T8654] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  143.183643][ T8654] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  143.183653][ T8654] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  143.183675][ T8654]  </TASK>
[  143.559629][ T8661] netlink: 16 bytes leftover after parsing attributes in process `syz.4.603'.
[  143.965465][ T8666] kvm: pic: non byte read
[  143.968651][ T8666] kvm: pic: non byte read
[  144.584703][ T5984] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  144.732548][ T5984] usb 9-1: Using ep0 maxpacket: 16
[  144.740573][ T5984] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.745489][ T5984] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.749766][ T5984] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  144.757205][ T5984] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  144.796962][ T5984] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.808348][ T5984] usb 9-1: config 0 descriptor??
[  144.912501][ T6233] rc_core: IR keymap rc-hauppauge not found
[  144.914448][ T6233] Registered IR keymap rc-empty
[  144.916243][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  144.932496][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  144.953335][ T6233] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0
[  144.957760][ T6233] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0/input8
[  144.975987][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  144.992558][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  145.012608][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  145.032619][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  145.052655][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  145.067482][ T8692] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  145.069665][ T8692] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  145.072217][ T8692] vhci_hcd vhci_hcd.0: Device attached
[  145.072639][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  145.092582][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  145.122587][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  145.134679][ T8697] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  145.136809][ T8697] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  145.140767][ T8697] vhci_hcd vhci_hcd.0: Device attached
[  145.142773][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  145.146087][ T8698] usbip_core: unknown command
[  145.148087][ T8698] vhci_hcd: unknown pdu 0
[  145.149456][ T8698] usbip_core: unknown command
[  145.152904][   T12] vhci_hcd: stop threads
[  145.154495][   T12] vhci_hcd: release socket
[  145.156082][   T12] vhci_hcd: disconnect device
[  145.162557][ T6233] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  145.183584][ T6233] mceusb 10-1:0.0: Registered  with mce emulator interface version 1
[  145.186358][ T6233] mceusb 10-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  145.193180][ T6233] usb 10-1: USB disconnect, device number 8
[  145.240476][ T5984] usbhid 9-1:0.0: can't add hid device: -71
[  145.243272][ T5984] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  145.246902][ T5984] usb 9-1: USB disconnect, device number 8
[  145.312612][ T5983] usb 47-1: new low-speed USB device number 3 using vhci_hcd
[  145.392543][ T6002] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  145.532639][ T6233] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  145.542860][ T6002] usb 6-1: Using ep0 maxpacket: 8
[  145.546059][ T6002] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  145.548525][ T6002] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  145.552145][ T6002] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  145.556176][ T6002] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  145.559791][ T6002] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  145.565254][ T6002] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  145.567665][ T6002] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  145.571189][ T6002] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  145.575081][ T6002] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  145.578575][ T6002] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  145.583171][ T6002] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  145.585570][ T6002] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  145.589026][ T6002] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  145.592840][ T6002] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  145.596821][ T6002] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  145.602918][ T6002] usb 6-1: string descriptor 0 read error: -22
[  145.604928][ T6002] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  145.607806][ T6002] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.616645][ T6002] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  145.662582][ T6233] usb 10-1: device descriptor read/64, error -71
[  145.820878][ T8697] netlink: 4 bytes leftover after parsing attributes in process `syz.1.612'.
[  145.829398][ T8697] netlink: 4 bytes leftover after parsing attributes in process `syz.1.612'.
[  145.837439][ T8697] netlink: 4 bytes leftover after parsing attributes in process `syz.1.612'.
[  145.876055][ T8706] wg1: entered promiscuous mode
[  145.877789][ T8706] wg1: entered allmulticast mode
[  145.912501][ T6233] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  146.042523][ T6233] usb 10-1: device descriptor read/64, error -71
[  146.152945][ T6233] usb usb10-port1: attempt power cycle
[  146.444648][ T8715] siw: device registration error -23
[  146.448992][ T8715] netlink: 16 bytes leftover after parsing attributes in process `syz.0.615'.
[  146.522477][ T6233] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  146.553057][ T6233] usb 10-1: device descriptor read/8, error -71
[  146.812666][ T6233] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  146.833221][ T6233] usb 10-1: device descriptor read/8, error -71
[  146.953067][ T6233] usb usb10-port1: unable to enumerate USB device
[  146.989303][ T8725] sp0: Synchronizing with TNC
[  147.407846][ T8737] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  147.904762][ T8694] vhci_hcd: connection reset by peer
[  147.907406][ T1135] vhci_hcd: stop threads
[  147.909240][ T1135] vhci_hcd: release socket
[  147.910756][ T1135] vhci_hcd: disconnect device
[  147.933822][  T835] usb 6-1: USB disconnect, device number 15
[  148.386072][ T8748] netlink: 3 bytes leftover after parsing attributes in process `syz.5.625'.
[  148.409920][ T8750] syz.4.626: attempt to access beyond end of device
[  148.409920][ T8750] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  148.410566][ T8748] batadv1: entered allmulticast mode
[  148.415821][ T8750] syz.4.626: attempt to access beyond end of device
[  148.415821][ T8750] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0
[  148.424481][ T8750] Mount JFS Failure: -5
[  148.457594][ T8751] input: syz1 as /devices/virtual/input/input9
[  150.137479][ T8785] netlink: 6 bytes leftover after parsing attributes in process `syz.5.637'.
[  150.141149][ T8785] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  150.195462][ T8796] netlink: 4 bytes leftover after parsing attributes in process `syz.0.640'.
[  150.200475][ T8796] netlink: 168 bytes leftover after parsing attributes in process `syz.0.640'.
[  150.205166][ T8796] netlink: 168 bytes leftover after parsing attributes in process `syz.0.640'.
[  150.349082][ T8806] wireguard0: entered promiscuous mode
[  150.350937][ T8806] wireguard0: entered allmulticast mode
[  150.402522][ T5983] vhci_hcd: vhci_device speed not set
[  150.474399][ T8818] netlink: 'syz.5.647': attribute type 1 has an invalid length.
[  150.512587][ T8818] bond1: entered promiscuous mode
[  150.514697][ T8818] 8021q: adding VLAN 0 to HW filter on device bond1
[  151.112694][ T5953] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  151.115508][ T5953] Bluetooth: hci4: Injecting HCI hardware error event
[  151.118824][ T5953] Bluetooth: hci4: hardware error 0x00
[  151.408343][ T8848] trusted_key: encrypted_key: insufficient parameters specified
[  151.911582][ T8863] FAULT_INJECTION: forcing a failure.
[  151.911582][ T8863] name failslab, interval 1, probability 0, space 0, times 0
[  151.917000][ T8863] CPU: 2 UID: 0 PID: 8863 Comm: syz.5.659 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  151.917016][ T8863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.917023][ T8863] Call Trace:
[  151.917027][ T8863]  <TASK>
[  151.917031][ T8863]  dump_stack_lvl+0x16c/0x1f0
[  151.917051][ T8863]  should_fail_ex+0x512/0x640
[  151.917067][ T8863]  ? fs_reclaim_acquire+0xae/0x150
[  151.917084][ T8863]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  151.917100][ T8863]  should_failslab+0xc2/0x120
[  151.917113][ T8863]  __kmalloc_noprof+0xd2/0x510
[  151.917128][ T8863]  tomoyo_realpath_from_path+0xc2/0x6e0
[  151.917145][ T8863]  ? tomoyo_profile+0x47/0x60
[  151.917156][ T8863]  tomoyo_path_number_perm+0x245/0x580
[  151.917168][ T8863]  ? tomoyo_path_number_perm+0x237/0x580
[  151.917182][ T8863]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  151.917209][ T8863]  ? find_held_lock+0x2b/0x80
[  151.917219][ T8863]  ? hook_file_ioctl_common+0x145/0x410
[  151.917232][ T8863]  ? __fget_files+0x204/0x3c0
[  151.917244][ T8863]  ? __fget_files+0x20e/0x3c0
[  151.917252][ T8863]  ? __pfx_fput+0x10/0x10
[  151.917266][ T8863]  security_file_ioctl_compat+0x9b/0x240
[  151.917282][ T8863]  __ia32_compat_sys_ioctl+0xc3/0x360
[  151.917299][ T8863]  __do_fast_syscall_32+0x73/0x120
[  151.917316][ T8863]  do_fast_syscall_32+0x32/0x80
[  151.917331][ T8863]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  151.917344][ T8863] RIP: 0023:0xf70ee579
[  151.917353][ T8863] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  151.917363][ T8863] RSP: 002b:00000000f509c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  151.917373][ T8863] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000400454ca
[  151.917379][ T8863] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  151.917385][ T8863] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  151.917391][ T8863] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  151.917397][ T8863] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  151.917409][ T8863]  </TASK>
[  151.917414][ T8863] ERROR: Out of memory at tomoyo_realpath_from_path.
[  152.039307][ T8845] mmap: syz.0.656 (8845) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  153.142558][ T5953] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  153.559881][ T8926] netlink: 24 bytes leftover after parsing attributes in process `syz.1.679'.
[  153.586879][ T8928] overlayfs: missing 'lowerdir'
[  154.169472][ T8953] netlink: 4 bytes leftover after parsing attributes in process `syz.5.686'.
[  154.176495][ T8953] netlink: 12 bytes leftover after parsing attributes in process `syz.5.686'.
[  154.209358][ T8953] netlink: 4 bytes leftover after parsing attributes in process `syz.5.686'.
[  154.242791][ T8957] tmpfs: Cannot enable swap on remount if it was disabled on first mount
[  154.371438][ T8961] overlayfs: missing 'lowerdir'
[  154.845848][ T8983] FAULT_INJECTION: forcing a failure.
[  154.845848][ T8983] name failslab, interval 1, probability 0, space 0, times 0
[  154.849958][ T8983] CPU: 1 UID: 0 PID: 8983 Comm: syz.1.695 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  154.849974][ T8983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.849981][ T8983] Call Trace:
[  154.849985][ T8983]  <TASK>
[  154.849990][ T8983]  dump_stack_lvl+0x16c/0x1f0
[  154.850008][ T8983]  should_fail_ex+0x512/0x640
[  154.850024][ T8983]  ? fs_reclaim_acquire+0xae/0x150
[  154.850041][ T8983]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  154.850057][ T8983]  should_failslab+0xc2/0x120
[  154.850071][ T8983]  __kmalloc_noprof+0xd2/0x510
[  154.850086][ T8983]  tomoyo_realpath_from_path+0xc2/0x6e0
[  154.850103][ T8983]  ? tomoyo_profile+0x47/0x60
[  154.850114][ T8983]  tomoyo_path_number_perm+0x245/0x580
[  154.850126][ T8983]  ? tomoyo_path_number_perm+0x237/0x580
[  154.850140][ T8983]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  154.850167][ T8983]  ? find_held_lock+0x2b/0x80
[  154.850177][ T8983]  ? hook_file_ioctl_common+0x145/0x410
[  154.850189][ T8983]  ? __fget_files+0x204/0x3c0
[  154.850202][ T8983]  ? __fget_files+0x20e/0x3c0
[  154.850210][ T8983]  ? __pfx_fput+0x10/0x10
[  154.850229][ T8983]  security_file_ioctl_compat+0x9b/0x240
[  154.850245][ T8983]  __ia32_compat_sys_ioctl+0xc3/0x360
[  154.850262][ T8983]  __do_fast_syscall_32+0x73/0x120
[  154.850280][ T8983]  do_fast_syscall_32+0x32/0x80
[  154.850295][ T8983]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  154.850308][ T8983] RIP: 0023:0xf70be579
[  154.850317][ T8983] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  154.850327][ T8983] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  154.850337][ T8983] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008954
[  154.850343][ T8983] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  154.850349][ T8983] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  154.850355][ T8983] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  154.850361][ T8983] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  154.850373][ T8983]  </TASK>
[  154.850377][ T8983] ERROR: Out of memory at tomoyo_realpath_from_path.
[  155.193037][ T8988] siw: device registration error -23
[  155.990683][ T9000] FAULT_INJECTION: forcing a failure.
[  155.990683][ T9000] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.994913][ T9000] CPU: 1 UID: 0 PID: 9000 Comm: syz.4.700 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  155.994939][ T9000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.994965][ T9000] Call Trace:
[  155.994972][ T9000]  <TASK>
[  155.994978][ T9000]  dump_stack_lvl+0x16c/0x1f0
[  155.994999][ T9000]  should_fail_ex+0x512/0x640
[  155.995017][ T9000]  _copy_from_iter+0x2a4/0x15b0
[  155.995034][ T9000]  ? irqentry_exit+0x3b/0x90
[  155.995049][ T9000]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.995063][ T9000]  ? __pfx__copy_from_iter+0x10/0x10
[  155.995082][ T9000]  ? find_held_lock+0x2b/0x80
[  155.995095][ T9000]  tun_get_user+0x240/0x3b10
[  155.995111][ T9000]  ? __lock_acquire+0x5ca/0x1ba0
[  155.995125][ T9000]  ? __pfx_tun_get_user+0x10/0x10
[  155.995140][ T9000]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  155.995160][ T9000]  ? find_held_lock+0x2b/0x80
[  155.995170][ T9000]  ? tun_get+0x191/0x370
[  155.995183][ T9000]  tun_chr_write_iter+0xdc/0x210
[  155.995195][ T9000]  vfs_write+0x5bd/0x1180
[  155.995206][ T9000]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  155.995219][ T9000]  ? __pfx_vfs_write+0x10/0x10
[  155.995228][ T9000]  ? find_held_lock+0x2b/0x80
[  155.995246][ T9000]  ksys_write+0x12a/0x240
[  155.995256][ T9000]  ? __pfx_ksys_write+0x10/0x10
[  155.995267][ T9000]  ? rcu_is_watching+0x12/0xc0
[  155.995279][ T9000]  __do_fast_syscall_32+0x73/0x120
[  155.995297][ T9000]  do_fast_syscall_32+0x32/0x80
[  155.995312][ T9000]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.995326][ T9000] RIP: 0023:0xf7fc8579
[  155.995335][ T9000] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.995346][ T9000] RSP: 002b:00000000f50a455c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  155.995356][ T9000] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000800002c0
[  155.995362][ T9000] RDX: 0000000000000026 RSI: 0000000000000000 RDI: 0000000000000000
[  155.995368][ T9000] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.995373][ T9000] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.995379][ T9000] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.995392][ T9000]  </TASK>
[  158.067948][ T9039] vlan0: entered allmulticast mode
[  158.069670][ T9039] bond0: entered allmulticast mode
[  158.072006][ T9039] batman_adv: batadv0: Adding interface: vlan0
[  158.074281][ T9039] batman_adv: batadv0: The MTU of interface vlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.082139][ T9039] batman_adv: batadv0: Interface activated: vlan0
[  158.218620][   T40] kauditd_printk_skb: 61 callbacks suppressed
[  158.218631][   T40] audit: type=1800 audit(1747904709.984:90): pid=9045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.715" name="/" dev="sockfs" ino=22591 res=0 errno=0
[  158.453866][ T9053] siw: device registration error -23
[  158.917092][   T58] Process accounting resumed
[  160.179253][ T9090] siw: device registration error -23
[  160.256122][ T9092] netlink: 40 bytes leftover after parsing attributes in process `syz.1.728'.
[  160.263695][ T9093] netlink: 40 bytes leftover after parsing attributes in process `syz.1.728'.
[  160.283490][   T58] libceph: connect (1)[c::]:6789 error -101
[  160.285554][   T58] libceph: mon0 (1)[c::]:6789 connect error
[  160.542702][   T58] libceph: connect (1)[c::]:6789 error -101
[  160.547600][   T58] libceph: mon0 (1)[c::]:6789 connect error
[  160.686725][ T9112] FAULT_INJECTION: forcing a failure.
[  160.686725][ T9112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.692009][ T9112] CPU: 2 UID: 0 PID: 9112 Comm: syz.5.734 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  160.692032][ T9112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  160.692043][ T9112] Call Trace:
[  160.692049][ T9112]  <TASK>
[  160.692057][ T9112]  dump_stack_lvl+0x16c/0x1f0
[  160.692084][ T9112]  should_fail_ex+0x512/0x640
[  160.692110][ T9112]  strncpy_from_user+0x3b/0x2e0
[  160.692134][ T9112]  getname_flags.part.0+0x8f/0x550
[  160.692158][ T9112]  getname_flags+0x93/0xf0
[  160.692182][ T9112]  __do_compat_sys_newlstat+0x94/0x140
[  160.692202][ T9112]  ? __pfx___do_compat_sys_newlstat+0x10/0x10
[  160.692236][ T9112]  ? __pfx_ksys_write+0x10/0x10
[  160.692253][ T9112]  ? rcu_is_watching+0x12/0xc0
[  160.692268][ T9112]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  160.692294][ T9112]  __do_fast_syscall_32+0x73/0x120
[  160.692319][ T9112]  do_fast_syscall_32+0x32/0x80
[  160.692346][ T9112]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  160.692365][ T9112] RIP: 0023:0xf70ee579
[  160.692378][ T9112] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  160.692406][ T9112] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 000000000000006b
[  160.692423][ T9112] RAX: ffffffffffffffda RBX: 0000000080000100 RCX: 0000000000000000
[  160.692433][ T9112] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  160.692442][ T9112] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  160.692451][ T9112] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  160.692461][ T9112] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  160.692484][ T9112]  </TASK>
[  160.773332][ T9114] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  160.777006][ T9114] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  160.832518][   T58] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  160.987080][   T58] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.991514][   T58] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  160.995338][   T58] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.000832][   T58] usb 9-1: config 0 descriptor??
[  161.064229][ T5982] libceph: connect (1)[c::]:6789 error -101
[  161.066825][ T5982] libceph: mon0 (1)[c::]:6789 connect error
[  161.070418][ T9092] ceph: No mds server is up or the cluster is laggy
[  161.240771][ T9133] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.286984][   T58] usbhid 9-1:0.0: can't add hid device: -71
[  161.289076][   T58] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  161.295840][   T58] usb 9-1: USB disconnect, device number 9
[  161.345752][ T9133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.361213][ T9133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.428497][ T9133] veth0_macvtap: left allmulticast mode
[  161.438657][ T9133] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.442232][ T9133] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.447513][ T9133] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.451384][ T9133] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.746818][ T1331] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  162.017839][ T1331] usb 9-1: Using ep0 maxpacket: 32
[  162.021465][ T1331] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.026840][ T1331] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  162.029713][ T1331] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.034597][ T1331] usb 9-1: config 0 descriptor??
[  162.040690][ T1331] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  162.049392][ T1331] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  162.173869][ T9162] siw: device registration error -23
[  162.262840][ T9161] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.747'.
[  162.643275][ T9165] FAULT_INJECTION: forcing a failure.
[  162.643275][ T9165] name failslab, interval 1, probability 0, space 0, times 0
[  162.648405][ T9165] CPU: 2 UID: 0 PID: 9165 Comm: syz.5.748 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  162.648428][ T9165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.648439][ T9165] Call Trace:
[  162.648446][ T9165]  <TASK>
[  162.648453][ T9165]  dump_stack_lvl+0x16c/0x1f0
[  162.648483][ T9165]  should_fail_ex+0x512/0x640
[  162.648508][ T9165]  ? fs_reclaim_acquire+0xae/0x150
[  162.648534][ T9165]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  162.648558][ T9165]  should_failslab+0xc2/0x120
[  162.648580][ T9165]  __kmalloc_noprof+0xd2/0x510
[  162.648606][ T9165]  tomoyo_realpath_from_path+0xc2/0x6e0
[  162.648633][ T9165]  ? tomoyo_profile+0x47/0x60
[  162.648651][ T9165]  tomoyo_path_number_perm+0x245/0x580
[  162.648672][ T9165]  ? tomoyo_path_number_perm+0x237/0x580
[  162.648694][ T9165]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  162.648739][ T9165]  ? find_held_lock+0x2b/0x80
[  162.648755][ T9165]  ? hook_file_ioctl_common+0x145/0x410
[  162.648774][ T9165]  ? __fget_files+0x204/0x3c0
[  162.648793][ T9165]  ? __fget_files+0x20e/0x3c0
[  162.648806][ T9165]  ? __pfx_fput+0x10/0x10
[  162.648827][ T9165]  security_file_ioctl_compat+0x9b/0x240
[  162.648850][ T9165]  __ia32_compat_sys_ioctl+0xc3/0x360
[  162.648877][ T9165]  __do_fast_syscall_32+0x73/0x120
[  162.648905][ T9165]  do_fast_syscall_32+0x32/0x80
[  162.648931][ T9165]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  162.648952][ T9165] RIP: 0023:0xf70ee579
[  162.648966][ T9165] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  162.648981][ T9165] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  162.648998][ T9165] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0506107
[  162.649009][ T9165] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  162.649018][ T9165] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  162.649026][ T9165] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  162.649035][ T9165] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  162.649058][ T9165]  </TASK>
[  162.649065][ T9165] ERROR: Out of memory at tomoyo_realpath_from_path.
[  163.536365][ T5984] usb 9-1: USB disconnect, device number 10
[  163.545254][ T5984] ldusb 9-1:0.0: LD USB Device #0 now disconnected
[  163.946553][ T9194] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  163.952116][ T9194] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  163.972688][ T6233] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  164.222658][ T6233] usb 9-1: device descriptor read/64, error -71
[  164.247075][ T9198] netlink: 8 bytes leftover after parsing attributes in process `syz.1.757'.
[  164.462537][ T6233] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  164.576566][ T9203] syz_tun: entered allmulticast mode
[  164.592521][ T6233] usb 9-1: device descriptor read/64, error -71
[  164.643366][ T9203] syzkaller1: entered promiscuous mode
[  164.645135][ T9203] syzkaller1: entered allmulticast mode
[  164.702936][ T6233] usb usb9-port1: attempt power cycle
[  164.769123][ T9207] ip6tnl1: entered promiscuous mode
[  164.770908][ T9207] ip6tnl1: entered allmulticast mode
[  164.776463][ T9207] team0: Device ip6tnl1 is up. Set it down before adding it as a team port
[  165.042575][ T6233] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  165.063005][ T6233] usb 9-1: device descriptor read/8, error -71
[  165.298649][   T40] audit: type=1800 audit(1747904717.064:91): pid=9233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.766" name="/" dev="sockfs" ino=23614 res=0 errno=0
[  165.322507][ T6233] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  165.343588][ T6233] usb 9-1: device descriptor read/8, error -71
[  165.462687][ T6233] usb usb9-port1: unable to enumerate USB device
[  165.521235][ T9244] netlink: 'syz.0.770': attribute type 10 has an invalid length.
[  165.531389][ T9244] team0: Port device dummy0 added
[  166.968077][ T9270] netlink: 24 bytes leftover after parsing attributes in process `syz.1.777'.
[  167.312527][ T6681] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  167.462592][ T6681] usb 10-1: Using ep0 maxpacket: 16
[  167.467229][ T6681] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.471676][ T6681] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.474781][ T6681] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  167.479117][ T6681] usb 10-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  167.481970][ T6681] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.486267][ T6681] usb 10-1: config 0 descriptor??
[  167.490545][ T6681] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input10
[  167.495633][ T5338] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  167.501309][ T5338] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  167.505428][ T5338] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  167.508659][ T5338] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  167.513039][ T5942] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  167.523328][ T5338] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  167.533076][ T5338] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  167.535125][ T9287] 9pnet_fd: Insufficient options for proto=fd
[  167.541381][ T5338] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  167.691582][ T9283] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  167.699627][ T6712] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  167.771561][ T6712] hid-generic 0000:0000:0000.000E: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  167.782727][ T6712] usb 10-1: USB disconnect, device number 13
[  167.802432][ T9295] fido_id[9295]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  167.925778][ T9298] 9pnet_fd: Insufficient options for proto=fd
[  168.259201][ T9308] netlink: 24 bytes leftover after parsing attributes in process `syz.4.788'.
[  168.439557][ T9312] overlayfs: missing 'workdir'
[  169.146168][ T6712] Process accounting resumed
[  169.252372][   T40] audit: type=1326 audit(1747904721.014:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.4.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  169.261023][   T40] audit: type=1326 audit(1747904721.014:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.4.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  169.282579][   T40] audit: type=1326 audit(1747904721.024:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.4.796" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  169.290466][   T40] audit: type=1326 audit(1747904721.024:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.4.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  169.297405][   T40] audit: type=1326 audit(1747904721.024:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.4.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  169.304136][   T40] audit: type=1326 audit(1747904721.024:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.4.796" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  169.322492][   T40] audit: type=1326 audit(1747904721.024:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.4.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  169.329025][   T40] audit: type=1326 audit(1747904721.024:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.4.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  169.342508][   T40] audit: type=1326 audit(1747904721.024:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.4.796" exe="/syz-executor" sig=0 arch=40000003 syscall=364 compat=1 ip=0xf7fc8579 code=0x7ffc0000
[  170.080126][ T9353] Driver unsupported XDP return value 0 on prog  (id 102) dev N/A, expect packet loss!
[  170.119671][ T9354] netlink: 16 bytes leftover after parsing attributes in process `syz.5.801'.
[  170.384738][ T9361] fuse: Bad value for 'fd'
[  170.386987][ T6712] Process accounting resumed
[  171.034269][ T9382] fuse: Bad value for 'fd'
[  171.082875][ T9383] program syz.1.809 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  171.115120][ T9385] netlink: 'syz.1.811': attribute type 10 has an invalid length.
[  171.117565][ T9385] dummy0: left promiscuous mode
[  171.129933][ T9385] dummy0: entered promiscuous mode
[  171.132062][ T9385] team0: Port device dummy0 added
[  171.204569][ T9388] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  171.209208][ T9388] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  171.315639][ T9391] fuse: Bad value for 'fd'
[  171.317746][  T835] Process accounting resumed
[  171.449674][ T9399] netlink: 'syz.0.816': attribute type 10 has an invalid length.
[  171.453447][ T9399] netlink: 4 bytes leftover after parsing attributes in process `syz.0.816'.
[  171.492509][ T1331] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  171.672542][ T1331] usb 10-1: Using ep0 maxpacket: 32
[  171.675657][ T1331] usb 10-1: config 0 has an invalid interface number: 12 but max is 0
[  171.678300][ T1331] usb 10-1: config 0 has no interface number 0
[  171.680584][ T1331] usb 10-1: config 0 interface 12 has no altsetting 0
[  171.688438][ T1331] usb 10-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  171.691440][ T1331] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.695098][ T1331] usb 10-1: Product: syz
[  171.696571][ T1331] usb 10-1: Manufacturer: syz
[  171.698084][ T1331] usb 10-1: SerialNumber: syz
[  171.704415][ T1331] usb 10-1: config 0 descriptor??
[  171.711823][ T1331] f81534 10-1:0.12: required endpoints missing
[  173.133672][ T9438] FAULT_INJECTION: forcing a failure.
[  173.133672][ T9438] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.138930][ T9438] CPU: 0 UID: 0 PID: 9438 Comm: syz.1.826 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  173.138952][ T9438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  173.138958][ T9438] Call Trace:
[  173.138963][ T9438]  <TASK>
[  173.138967][ T9438]  dump_stack_lvl+0x16c/0x1f0
[  173.138987][ T9438]  should_fail_ex+0x512/0x640
[  173.139005][ T9438]  _copy_from_user+0x2e/0xd0
[  173.139022][ T9438]  get_compat_msghdr+0xa7/0x170
[  173.139035][ T9438]  ? __pfx_get_compat_msghdr+0x10/0x10
[  173.139052][ T9438]  ___sys_sendmsg+0x1ae/0x1d0
[  173.139068][ T9438]  ? __pfx____sys_sendmsg+0x10/0x10
[  173.139096][ T9438]  __sys_sendmsg+0x16d/0x220
[  173.139109][ T9438]  ? __pfx___sys_sendmsg+0x10/0x10
[  173.139126][ T9438]  ? rcu_is_watching+0x12/0xc0
[  173.139139][ T9438]  __do_fast_syscall_32+0x73/0x120
[  173.139157][ T9438]  do_fast_syscall_32+0x32/0x80
[  173.139173][ T9438]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  173.139186][ T9438] RIP: 0023:0xf70be579
[  173.139196][ T9438] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  173.139206][ T9438] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  173.139216][ T9438] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[  173.139222][ T9438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  173.139228][ T9438] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  173.139234][ T9438] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  173.139240][ T9438] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  173.139252][ T9438]  </TASK>
[  173.919170][ T9436] orangefs_mount: mount request failed with -4
[  174.069295][ T1331] usb 10-1: USB disconnect, device number 14
[  174.875917][ T9491] netlink: 12 bytes leftover after parsing attributes in process `syz.4.841'.
[  175.096457][ T9493] netlink: 36 bytes leftover after parsing attributes in process `syz.0.842'.
[  175.266184][ T9475] orangefs_mount: mount request failed with -4
[  175.774817][ T6681] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  175.932632][ T6681] usb 6-1: Using ep0 maxpacket: 8
[  175.937898][ T6681] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  175.941099][ T6681] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  175.944860][ T6681] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  175.948129][ T6681] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  175.951317][ T6681] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  175.960267][ T6681] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  175.964490][ T6681] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.180411][ T6681] usb 6-1: GET_CAPABILITIES returned 0
[  176.183034][ T6681] usbtmc 6-1:16.0: can't read capabilities
[  176.477020][ T6233] usb 6-1: USB disconnect, device number 16
[  177.118379][ T9563] lo speed is unknown, defaulting to 1000
[  178.289926][ T9591] netlink: 24 bytes leftover after parsing attributes in process `syz.1.872'.
[  178.292930][ T9591] netlink: 24 bytes leftover after parsing attributes in process `syz.1.872'.
[  178.741720][ T9600] netlink: 4 bytes leftover after parsing attributes in process `syz.4.875'.
[  178.972953][ T9586] orangefs_mount: mount request failed with -4
[  179.072570][ T6681] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  179.225886][ T6681] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  179.230102][ T6681] usb 9-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  179.234317][ T6681] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  179.238132][ T6681] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.244001][ T6681] usb 9-1: config 0 descriptor??
[  179.319581][ T9614] netlink: 'syz.5.879': attribute type 4 has an invalid length.
[  179.325956][ T9614] netlink: 'syz.5.879': attribute type 4 has an invalid length.
[  179.416024][ T9622] 9pnet_fd: Insufficient options for proto=fd
[  179.675696][ T6681] usb 9-1: string descriptor 0 read error: -71
[  179.686960][ T6681] usb 9-1: USB disconnect, device number 15
[  179.710828][ T5983] libceph: connect (1)[c::]:6789 error -101
[  179.713078][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  179.861648][ T9629] ceph: No mds server is up or the cluster is laggy
[  180.662529][   T58] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  180.832554][   T58] usb 9-1: Using ep0 maxpacket: 8
[  180.852459][   T58] usb 9-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  180.857430][   T58] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.860126][   T58] usb 9-1: Product: syz
[  180.861932][   T58] usb 9-1: Manufacturer: syz
[  180.863803][   T58] usb 9-1: SerialNumber: syz
[  180.868963][ T9652] No control pipe specified
[  180.880560][   T58] usb 9-1: config 0 descriptor??
[  180.911809][   T58] gspca_main: se401-2.14.0 probing 047d:5003
[  181.058858][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  181.058869][   T40] audit: type=1326 audit(1747904732.824:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  181.072704][   T40] audit: type=1326 audit(1747904732.824:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  181.079316][   T40] audit: type=1326 audit(1747904732.844:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  181.090274][   T40] audit: type=1326 audit(1747904732.844:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  181.111123][   T40] audit: type=1326 audit(1747904732.844:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  181.120799][   T40] audit: type=1326 audit(1747904732.844:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  181.129253][   T40] audit: type=1326 audit(1747904732.844:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=378 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  181.136332][   T40] audit: type=1326 audit(1747904732.844:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  181.143873][   T40] audit: type=1326 audit(1747904732.844:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  181.150551][   T40] audit: type=1326 audit(1747904732.884:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9654 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  182.486065][ T9676] FAULT_INJECTION: forcing a failure.
[  182.486065][ T9676] name failslab, interval 1, probability 0, space 0, times 0
[  182.489918][ T9676] CPU: 0 UID: 0 PID: 9676 Comm: syz.4.898 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  182.489933][ T9676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.489939][ T9676] Call Trace:
[  182.489943][ T9676]  <TASK>
[  182.489947][ T9676]  dump_stack_lvl+0x16c/0x1f0
[  182.489967][ T9676]  should_fail_ex+0x512/0x640
[  182.489982][ T9676]  ? fs_reclaim_acquire+0xae/0x150
[  182.490000][ T9676]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  182.490015][ T9676]  should_failslab+0xc2/0x120
[  182.490029][ T9676]  __kmalloc_noprof+0xd2/0x510
[  182.490045][ T9676]  tomoyo_realpath_from_path+0xc2/0x6e0
[  182.490061][ T9676]  ? tomoyo_profile+0x47/0x60
[  182.490073][ T9676]  tomoyo_path_number_perm+0x245/0x580
[  182.490085][ T9676]  ? tomoyo_path_number_perm+0x237/0x580
[  182.490099][ T9676]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  182.490125][ T9676]  ? find_held_lock+0x2b/0x80
[  182.490135][ T9676]  ? hook_file_ioctl_common+0x145/0x410
[  182.490148][ T9676]  ? __fget_files+0x204/0x3c0
[  182.490159][ T9676]  ? __fget_files+0x20e/0x3c0
[  182.490167][ T9676]  ? __pfx_fput+0x10/0x10
[  182.490182][ T9676]  security_file_ioctl_compat+0x9b/0x240
[  182.490197][ T9676]  __ia32_compat_sys_ioctl+0xc3/0x360
[  182.490214][ T9676]  __do_fast_syscall_32+0x73/0x120
[  182.490231][ T9676]  do_fast_syscall_32+0x32/0x80
[  182.490247][ T9676]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.490260][ T9676] RIP: 0023:0xf7fc8579
[  182.490268][ T9676] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  182.490279][ T9676] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  182.490288][ T9676] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005001
[  182.490295][ T9676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  182.490300][ T9676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  182.490306][ T9676] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  182.490312][ T9676] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  182.490325][ T9676]  </TASK>
[  182.490329][ T9676] ERROR: Out of memory at tomoyo_realpath_from_path.
[  182.814179][   T58] gspca_se401: read req failed req 0x06 error -19
[  182.819612][   T58] usb 9-1: USB disconnect, device number 16
[  183.063173][ T9683] autofs: Bad value for 'fd'
[  183.596570][ T9699] netlink: 8 bytes leftover after parsing attributes in process `syz.1.904'.
[  183.646540][ T9697] futex_wake_op: syz.5.903 tries to shift op by -1; fix this program
[  183.776421][ T9703] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  184.158183][ T9719] netlink: 28 bytes leftover after parsing attributes in process `syz.0.908'.
[  184.422533][ T6712] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  184.594257][ T6712] usb 9-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  184.597637][ T6712] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  184.601662][ T6712] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  184.612459][ T6712] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.622981][ T6712] usb 9-1: config 0 descriptor??
[  184.632665][ T6712] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[  184.682263][ T9745] autofs: Bad value for 'fd'
[  184.756173][ T9751] netlink: 4 bytes leftover after parsing attributes in process `syz.5.911'.
[  184.761056][ T9751] netlink: 12 bytes leftover after parsing attributes in process `syz.5.911'.
[  185.065549][ T9767] FAULT_INJECTION: forcing a failure.
[  185.065549][ T9767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.070836][ T9767] CPU: 2 UID: 0 PID: 9767 Comm: syz.1.912 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  185.070851][ T9767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  185.070858][ T9767] Call Trace:
[  185.070862][ T9767]  <TASK>
[  185.070867][ T9767]  dump_stack_lvl+0x16c/0x1f0
[  185.070887][ T9767]  should_fail_ex+0x512/0x640
[  185.070905][ T9767]  _copy_from_user+0x2e/0xd0
[  185.070922][ T9767]  get_compat_msghdr+0xa7/0x170
[  185.070936][ T9767]  ? __pfx_get_compat_msghdr+0x10/0x10
[  185.070952][ T9767]  ___sys_sendmsg+0x1ae/0x1d0
[  185.070967][ T9767]  ? __pfx____sys_sendmsg+0x10/0x10
[  185.070996][ T9767]  __sys_sendmsg+0x16d/0x220
[  185.071009][ T9767]  ? __pfx___sys_sendmsg+0x10/0x10
[  185.071027][ T9767]  ? rcu_is_watching+0x12/0xc0
[  185.071039][ T9767]  __do_fast_syscall_32+0x73/0x120
[  185.071056][ T9767]  do_fast_syscall_32+0x32/0x80
[  185.071072][ T9767]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  185.071085][ T9767] RIP: 0023:0xf70be579
[  185.071094][ T9767] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  185.071104][ T9767] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  185.071115][ T9767] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  185.071121][ T9767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  185.071127][ T9767] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  185.071132][ T9767] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  185.071138][ T9767] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  185.071150][ T9767]  </TASK>
[  185.632595][ T9810] autofs: Bad value for 'fd'
[  185.978812][ T9833] netlink: 'syz.0.920': attribute type 4 has an invalid length.
[  186.626504][ T9842] FAULT_INJECTION: forcing a failure.
[  186.626504][ T9842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.631999][ T9842] CPU: 0 UID: 0 PID: 9842 Comm: syz.5.923 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  186.632023][ T9842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.632033][ T9842] Call Trace:
[  186.632040][ T9842]  <TASK>
[  186.632047][ T9842]  dump_stack_lvl+0x16c/0x1f0
[  186.632078][ T9842]  should_fail_ex+0x512/0x640
[  186.632107][ T9842]  _copy_from_user+0x2e/0xd0
[  186.632136][ T9842]  get_compat_msghdr+0xa7/0x170
[  186.632157][ T9842]  ? __pfx_get_compat_msghdr+0x10/0x10
[  186.632192][ T9842]  ___sys_sendmsg+0x1ae/0x1d0
[  186.632217][ T9842]  ? __pfx____sys_sendmsg+0x10/0x10
[  186.632266][ T9842]  __sys_sendmsg+0x16d/0x220
[  186.632288][ T9842]  ? __pfx___sys_sendmsg+0x10/0x10
[  186.632316][ T9842]  ? rcu_is_watching+0x12/0xc0
[  186.632336][ T9842]  ? rcu_is_watching+0x12/0xc0
[  186.632355][ T9842]  __do_fast_syscall_32+0x73/0x120
[  186.632381][ T9842]  do_fast_syscall_32+0x32/0x80
[  186.632422][ T9842]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  186.632444][ T9842] RIP: 0023:0xf70ee579
[  186.632456][ T9842] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  186.632471][ T9842] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  186.632488][ T9842] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[  186.632499][ T9842] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  186.632507][ T9842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  186.632516][ T9842] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  186.632526][ T9842] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  186.632547][ T9842]  </TASK>
[  186.814895][ T9840] netlink: 'syz.1.922': attribute type 4 has an invalid length.
[  187.112334][ T6712] usb 9-1: USB disconnect, device number 17
[  187.468555][ T9869] pim6reg: entered allmulticast mode
[  187.475091][ T9869] pim6reg: left allmulticast mode
[  187.493349][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  187.493367][   T40] audit: type=1804 audit(1747904739.264:157): pid=9870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.929" name="/newroot/171/bus" dev="tmpfs" ino=977 res=1 errno=0
[  189.013133][ T9913] netlink: 'syz.4.939': attribute type 4 has an invalid length.
[  189.018899][ T5984] lo speed is unknown, defaulting to 1000
[  190.242614][ T9946] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  191.096226][ T9972] wireguard0: entered promiscuous mode
[  191.101993][ T9972] wireguard0: entered allmulticast mode
[  191.434258][  T835] Process accounting resumed
[  191.611208][ T9992] netlink: 'syz.1.962': attribute type 27 has an invalid length.
[  191.618528][ T9992] lo: left promiscuous mode
[  191.624281][ T9992] tunl0: left promiscuous mode
[  191.626172][ T9992] gre0: left promiscuous mode
[  191.628315][ T9992] gretap0: left promiscuous mode
[  191.629993][ T9992] erspan0: left promiscuous mode
[  191.631845][ T9992] ip_vti0: left promiscuous mode
[  191.640854][ T9992] ip6_vti0: left promiscuous mode
[  191.642726][ T9992] sit0: left promiscuous mode
[  191.644588][ T9992] ip6tnl0: left promiscuous mode
[  191.646674][ T9992] ip6gre0: left promiscuous mode
[  191.648378][ T9992] syz_tun: left promiscuous mode
[  191.650514][ T9992] ip6gretap0: left promiscuous mode
[  191.652908][ T9992] bridge0: left promiscuous mode
[  191.654964][ T9992] vcan0: left promiscuous mode
[  191.656989][ T9992] bond0: left promiscuous mode
[  191.658812][ T9992] bond_slave_0: left promiscuous mode
[  191.661060][ T9992] bond_slave_1: left promiscuous mode
[  191.663616][ T9992] team0: left promiscuous mode
[  191.665199][ T9992] team_slave_0: left promiscuous mode
[  191.666980][ T9992] team_slave_1: left promiscuous mode
[  191.668830][ T9992] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  191.671132][ T9992] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578
[  191.674377][ T9992] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 9992, name: syz.1.962
[  191.677681][ T9992] preempt_count: 0, expected: 0
[  191.680107][ T9992] RCU nest depth: 1, expected: 0
[  191.681905][ T9992] 2 locks held by syz.1.962/9992:
[  191.683700][ T9992]  #0: ffffffff9012a3e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  191.686949][ T9992]  #1: ffffffff8e3bfa80 (rcu_read_lock){....}-{1:3}, at: team_change_rx_flags+0x33/0x390
[  191.690243][ T9992] CPU: 3 UID: 0 PID: 9992 Comm: syz.1.962 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  191.690257][ T9992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.690263][ T9992] Call Trace:
[  191.690269][ T9992]  <TASK>
[  191.690273][ T9992]  dump_stack_lvl+0x16c/0x1f0
[  191.690293][ T9992]  __might_resched+0x3c0/0x5e0
[  191.690306][ T9992]  ? __pfx___might_resched+0x10/0x10
[  191.690322][ T9992]  __mutex_lock+0x106/0xb90
[  191.690340][ T9992]  ? dev_set_promiscuity+0xa2/0x260
[  191.690356][ T9992]  ? __pfx___mutex_lock+0x10/0x10
[  191.690371][ T9992]  ? lock_acquire+0x179/0x350
[  191.690389][ T9992]  ? __local_bh_enable_ip+0xa4/0x120
[  191.690401][ T9992]  ? lockdep_hardirqs_on+0x7c/0x110
[  191.690417][ T9992]  ? dev_set_promiscuity+0xa2/0x260
[  191.690431][ T9992]  dev_set_promiscuity+0xa2/0x260
[  191.690446][ T9992]  team_change_rx_flags+0x146/0x390
[  191.690460][ T9992]  ? __pfx_team_change_rx_flags+0x10/0x10
[  191.690473][ T9992]  __dev_set_promiscuity+0x217/0x590
[  191.690486][ T9992]  ? __local_bh_enable_ip+0xa4/0x120
[  191.690499][ T9992]  __dev_change_flags+0x2d1/0x720
[  191.690512][ T9992]  ? __pfx___dev_change_flags+0x10/0x10
[  191.690524][ T9992]  ? validate_linkmsg+0x57c/0xb60
[  191.690536][ T9992]  ? netif_state_change+0xfa/0x3b0
[  191.690551][ T9992]  ? __pfx_validate_linkmsg+0x10/0x10
[  191.690565][ T9992]  netif_change_flags+0x8d/0x160
[  191.690578][ T9992]  do_setlink.constprop.0+0xddf/0x44b0
[  191.690595][ T9992]  ? __lock_acquire+0xaa4/0x1ba0
[  191.690608][ T9992]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  191.690649][ T9992]  ? __mutex_trylock_common+0xe9/0x250
[  191.690667][ T9992]  ? __pfx___mutex_trylock_common+0x10/0x10
[  191.690683][ T9992]  ? __pfx___might_resched+0x10/0x10
[  191.690695][ T9992]  ? rcu_is_watching+0x12/0xc0
[  191.690706][ T9992]  ? trace_contention_end+0xdd/0x130
[  191.690722][ T9992]  ? __mutex_lock+0x1ca/0xb90
[  191.690738][ T9992]  ? rcu_is_watching+0x12/0xc0
[  191.690748][ T9992]  ? rtnl_newlink+0x600/0x2000
[  191.690761][ T9992]  ? trace_cap_capable+0x18d/0x200
[  191.690773][ T9992]  ? __pfx___mutex_lock+0x10/0x10
[  191.690787][ T9992]  ? apparmor_capable+0x114/0x1d0
[  191.690808][ T9992]  ? netlink_ns_capable+0xfa/0x130
[  191.690823][ T9992]  rtnl_newlink+0x18e0/0x2000
[  191.690840][ T9992]  ? __pfx_rtnl_newlink+0x10/0x10
[  191.690854][ T9992]  ? kernel_text_address+0x8d/0x100
[  191.690864][ T9992]  ? __kernel_text_address+0xd/0x40
[  191.690874][ T9992]  ? unwind_get_return_address+0x59/0xa0
[  191.690887][ T9992]  ? arch_stack_walk+0xa6/0x100
[  191.690905][ T9992]  ? __lock_acquire+0x5ca/0x1ba0
[  191.690921][ T9992]  ? rcu_is_watching+0x12/0xc0
[  191.690935][ T9992]  ? trace_cap_capable+0x18d/0x200
[  191.690955][ T9992]  ? find_held_lock+0x2b/0x80
[  191.690964][ T9992]  ? __pfx_rtnl_newlink+0x10/0x10
[  191.690976][ T9992]  ? __pfx_rtnl_newlink+0x10/0x10
[  191.690987][ T9992]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  191.691000][ T9992]  ? __pfx_rtnl_newlink+0x10/0x10
[  191.691013][ T9992]  rtnetlink_rcv_msg+0x95b/0xe90
[  191.691028][ T9992]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  191.691048][ T9992]  netlink_rcv_skb+0x16d/0x440
[  191.691061][ T9992]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  191.691075][ T9992]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  191.691096][ T9992]  ? netlink_deliver_tap+0x1ae/0xd30
[  191.691111][ T9992]  netlink_unicast+0x53a/0x7f0
[  191.691127][ T9992]  ? __pfx_netlink_unicast+0x10/0x10
[  191.691144][ T9992]  netlink_sendmsg+0x8d1/0xdd0
[  191.691167][ T9992]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.691182][ T9992]  ? __import_iovec+0x1c8/0x660
[  191.691195][ T9992]  ____sys_sendmsg+0xa95/0xc70
[  191.691212][ T9992]  ? __pfx_____sys_sendmsg+0x10/0x10
[  191.691226][ T9992]  ? get_compat_msghdr+0x11a/0x170
[  191.691244][ T9992]  ___sys_sendmsg+0x134/0x1d0
[  191.691258][ T9992]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.691288][ T9992]  __sys_sendmsg+0x16d/0x220
[  191.691300][ T9992]  ? __pfx___sys_sendmsg+0x10/0x10
[  191.691319][ T9992]  ? rcu_is_watching+0x12/0xc0
[  191.691336][ T9992]  __do_fast_syscall_32+0x73/0x120
[  191.691359][ T9992]  do_fast_syscall_32+0x32/0x80
[  191.691374][ T9992]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  191.691388][ T9992] RIP: 0023:0xf70be579
[  191.691396][ T9992] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  191.691406][ T9992] RSP: 002b:00000000f508d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  191.691416][ T9992] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000000
[  191.691423][ T9992] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  191.691428][ T9992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  191.691433][ T9992] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  191.691439][ T9992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  191.691452][ T9992]  </TASK>
[  191.691458][ T9992] 
[  191.848243][ T9992] =============================
[  191.849970][ T9992] [ BUG: Invalid wait context ]
[  191.851743][ T9992] 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 Tainted: G        W          
[  191.854945][ T9992] -----------------------------
[  191.856869][ T9992] syz.1.962/9992 is trying to lock:
[  191.858712][ T9992] ffff88805425ad30 (&dev_instance_lock_key#3){+.+.}-{4:4}, at: dev_set_promiscuity+0xa2/0x260
[  191.861905][ T9992] other info that might help us debug this:
[  191.863824][ T9992] context-{5:5}
[  191.864976][ T9992] 2 locks held by syz.1.962/9992:
[  191.866593][ T9992]  #0: ffffffff9012a3e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  191.869600][ T9992]  #1: ffffffff8e3bfa80 (rcu_read_lock){....}-{1:3}, at: team_change_rx_flags+0x33/0x390
[  191.872720][ T9992] stack backtrace:
[  191.874001][ T9992] CPU: 3 UID: 0 PID: 9992 Comm: syz.1.962 Tainted: G        W           6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) 
[  191.874019][ T9992] Tainted: [W]=WARN
[  191.874023][ T9992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.874030][ T9992] Call Trace:
[  191.874034][ T9992]  <TASK>
[  191.874039][ T9992]  dump_stack_lvl+0x116/0x1f0
[  191.874058][ T9992]  __lock_acquire+0x3ff/0x1ba0
[  191.874073][ T9992]  ? netif_set_promiscuity+0xff/0x150
[  191.874089][ T9992]  lock_acquire+0x179/0x350
[  191.874107][ T9992]  ? dev_set_promiscuity+0xa2/0x260
[  191.874132][ T9992]  ? __pfx___might_resched+0x10/0x10
[  191.874154][ T9992]  __mutex_lock+0x199/0xb90
[  191.874172][ T9992]  ? dev_set_promiscuity+0xa2/0x260
[  191.874187][ T9992]  ? dev_set_promiscuity+0xa2/0x260
[  191.874201][ T9992]  ? __pfx___mutex_lock+0x10/0x10
[  191.874215][ T9992]  ? lock_acquire+0x179/0x350
[  191.874229][ T9992]  ? __local_bh_enable_ip+0xa4/0x120
[  191.874240][ T9992]  ? lockdep_hardirqs_on+0x7c/0x110
[  191.874255][ T9992]  ? dev_set_promiscuity+0xa2/0x260
[  191.874269][ T9992]  dev_set_promiscuity+0xa2/0x260
[  191.874284][ T9992]  team_change_rx_flags+0x146/0x390
[  191.874297][ T9992]  ? __pfx_team_change_rx_flags+0x10/0x10
[  191.874309][ T9992]  __dev_set_promiscuity+0x217/0x590
[  191.874324][ T9992]  ? __local_bh_enable_ip+0xa4/0x120
[  191.874340][ T9992]  __dev_change_flags+0x2d1/0x720
[  191.874353][ T9992]  ? __pfx___dev_change_flags+0x10/0x10
[  191.874364][ T9992]  ? validate_linkmsg+0x57c/0xb60
[  191.874376][ T9992]  ? netif_state_change+0xfa/0x3b0
[  191.874391][ T9992]  ? __pfx_validate_linkmsg+0x10/0x10
[  191.874404][ T9992]  netif_change_flags+0x8d/0x160
[  191.874416][ T9992]  do_setlink.constprop.0+0xddf/0x44b0
[  191.874430][ T9992]  ? __lock_acquire+0xaa4/0x1ba0
[  191.874443][ T9992]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  191.874458][ T9992]  ? __mutex_trylock_common+0xe9/0x250
[  191.874472][ T9992]  ? __pfx___mutex_trylock_common+0x10/0x10
[  191.874486][ T9992]  ? __pfx___might_resched+0x10/0x10
[  191.874497][ T9992]  ? rcu_is_watching+0x12/0xc0
[  191.874507][ T9992]  ? trace_contention_end+0xdd/0x130
[  191.874520][ T9992]  ? __mutex_lock+0x1ca/0xb90
[  191.874538][ T9992]  ? rcu_is_watching+0x12/0xc0
[  191.874551][ T9992]  ? rtnl_newlink+0x600/0x2000
[  191.874563][ T9992]  ? trace_cap_capable+0x18d/0x200
[  191.874574][ T9992]  ? __pfx___mutex_lock+0x10/0x10
[  191.874589][ T9992]  ? apparmor_capable+0x114/0x1d0
[  191.874602][ T9992]  ? netlink_ns_capable+0xfa/0x130
[  191.874615][ T9992]  rtnl_newlink+0x18e0/0x2000
[  191.874656][ T9992]  ? __pfx_rtnl_newlink+0x10/0x10
[  191.874669][ T9992]  ? kernel_text_address+0x8d/0x100
[  191.874679][ T9992]  ? __kernel_text_address+0xd/0x40
[  191.874687][ T9992]  ? unwind_get_return_address+0x59/0xa0
[  191.874700][ T9992]  ? arch_stack_walk+0xa6/0x100
[  191.874714][ T9992]  ? __lock_acquire+0x5ca/0x1ba0
[  191.874727][ T9992]  ? rcu_is_watching+0x12/0xc0
[  191.874736][ T9992]  ? trace_cap_capable+0x18d/0x200
[  191.874748][ T9992]  ? find_held_lock+0x2b/0x80
[  191.874757][ T9992]  ? __pfx_rtnl_newlink+0x10/0x10
[  191.874769][ T9992]  ? __pfx_rtnl_newlink+0x10/0x10
[  191.874781][ T9992]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  191.874793][ T9992]  ? __pfx_rtnl_newlink+0x10/0x10
[  191.874811][ T9992]  rtnetlink_rcv_msg+0x95b/0xe90
[  191.874824][ T9992]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  191.874840][ T9992]  netlink_rcv_skb+0x16d/0x440
[  191.874853][ T9992]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  191.874866][ T9992]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  191.874883][ T9992]  ? netlink_deliver_tap+0x1ae/0xd30
[  191.874896][ T9992]  netlink_unicast+0x53a/0x7f0
[  191.874909][ T9992]  ? __pfx_netlink_unicast+0x10/0x10
[  191.874924][ T9992]  netlink_sendmsg+0x8d1/0xdd0
[  191.874938][ T9992]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.874952][ T9992]  ? __import_iovec+0x1c8/0x660
[  191.874963][ T9992]  ____sys_sendmsg+0xa95/0xc70
[  191.874978][ T9992]  ? __pfx_____sys_sendmsg+0x10/0x10
[  191.874993][ T9992]  ? get_compat_msghdr+0x11a/0x170
[  191.875008][ T9992]  ___sys_sendmsg+0x134/0x1d0
[  191.875021][ T9992]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.875040][ T9992]  __sys_sendmsg+0x16d/0x220
[  191.875053][ T9992]  ? __pfx___sys_sendmsg+0x10/0x10
[  191.875068][ T9992]  ? rcu_is_watching+0x12/0xc0
[  191.875078][ T9992]  __do_fast_syscall_32+0x73/0x120
[  191.875094][ T9992]  do_fast_syscall_32+0x32/0x80
[  191.875109][ T9992]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  191.875122][ T9992] RIP: 0023:0xf70be579
[  191.875131][ T9992] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  191.875141][ T9992] RSP: 002b:00000000f508d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  191.875151][ T9992] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000000
[  191.875158][ T9992] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  191.875163][ T9992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  191.875169][ T9992] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  191.875175][ T9992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  191.875184][ T9992]  </TASK>
[  192.037808][ T9992] dummy0: left promiscuous mode
[  192.040835][ T9992] nlmon0: left promiscuous mode
[  192.042577][ T9992] caif0: left promiscuous mode
[  192.046218][ T9992] macvlan1: left promiscuous mode
[  192.047915][ T9992] macvlan1: left allmulticast mode
[  192.049785][ T9992] macvtap0: left allmulticast mode
[  192.051531][ T9992] geneve1: left promiscuous mode
[  192.053497][ T9992] bridge1: left promiscuous mode
[  192.055145][ T9992] bridge1: left allmulticast mode
[  192.067052][ T9993] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.069567][ T9993] 8021q: adding VLAN 0 to HW filter on device team0
[  192.072968][ T9993] chnl_net:chnl_net_open(): err: Unable to register and open device, Err:-19
[  192.075636][ T9993] caif:caif_disconnect_client(): nothing to disconnect
[  192.077821][ T9993] chnl_net:chnl_flowctrl_cb(): NET flowctrl func called flow: CLOSE/DEINIT
[  192.080755][ T9993] chnl_net:chnl_net_open(): state disconnected
[  192.082849][ T9993] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  193.694447][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  193.696629][ T1417] ieee802154 phy1 wpan1: encryption failed: -22

VM DIAGNOSIS:
09:05:43  Registers:
info registers vcpu 0

CPU#0
EAX=f66503b8 EBX=ffffffff ECX=ffffffff EDX=820d2cb8
ESI=820d2e33 EDI=ffffffff EBP=f66339e0 ESP=ffbb9770
EIP=f7127a9b EFL=00000297 [--S-APC] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 566bb440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 00003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f506cda4 CR3=000000006f032000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000007f5f33 RBX=0000000000000001 RCX=ffffffff8b69a3e9 RDX=0000000000000000
RSI=ffffffff8dbde65f RDI=ffffffff8bf48c60 RBP=ffffed1003b53488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000000
R12=0000000000000001 R13=ffff88801da9a440 R14=ffffffff90854c10 R15=0000000000000000
RIP=ffffffff8b698c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978e7000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000081000000 CR3=000000005c292000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000268e2f RBX=0000000000000002 RCX=ffffffff8b69a3e9 RDX=0000000000000000
RSI=ffffffff8dbde65f RDI=ffffffff8bf48c60 RBP=ffffed1003b53910 RSP=ffffc9000047fdf8
R8 =0000000000000001 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000000000
R12=0000000000000002 R13=ffff88801da9c880 R14=ffffffff90854c10 R15=0000000000000000
RIP=ffffffff8b698c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979e7000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe5609225d0 CR3=000000004aa1c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7492ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854c5b75 RDI=ffffffff9ade4c80 RBP=ffffffff9ade4c40 RSP=ffffc90007d7e8a8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000065 R14=ffffffff9ade4c40 R15=ffffffff854c5b10
RIP=ffffffff854c5b9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097ae7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080001d40 CR3=0000000022267000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000001 Opmask01=0000000000000001 Opmask02=00000000000001c0 Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff75fecdab 00007fff75fecdab
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff75fed2b0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff75fed2b0 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2034372033302036 3020303120313020 3862203a65646f43 205d323438395400
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2034372033302036 3020303120313020 3262203065646543 2057323432335400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e6f63206469 6c61766e69206d6f 72662064656c6c61 63206e6f6974636e
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 303d6f6e72726520 313d736572203737 393d6f6e69202273 66706d74223d7665
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6420227375622f31 37312f746f6f7277 656e2f223d656d61 6e20223932392e34
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e7a7973223d6d6d 6f63207372657469 72775f6e65706f3d 6573756163207263
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 705f64696c61766e 693d706f2064656e 69666e6f636e753d 6a62757320353932
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000