last executing test programs:

18m46.138488869s ago: executing program 32 (id=626):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8607}, 0x10)
shutdown(r1, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000023c0)=ANY=[], 0xb8}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310001001000000950074000000000031fb0d3a42319fa204399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b60ac5ea9fca11027d19e93adb603deb92de3141e8fd7ac5b87a2070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba5fc4a5a17d103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c6367587e8ece17d5c6e7c7514386f5125c0e2aa441cda5630047b770bc93868c63db6b6c27786aaff609c902fd65b951074957e967a8a3a405eaafbfafacdb7c2f6f32c251fadcd5a2e34b2efc310dae213aaad007975c26f6001f9b9dd2bf699781e0bbff554630fd9f9fff61813814a65b8e3bb2156ea642519206f26eb7359f732d497c0d4fdb4a735b9a7edd66dbed5f9e04c0fd41bd80a60d6b2508d0318bb94edcbda8ecbd30b320f9bab6efc65de00cdeac3c7383a247"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x5, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x0, 0x1000)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0), 0x20302, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000025c0)=ANY=[@ANYBLOB="e1e646b9fae09c6350a676f0822dfd6088d577c950927ed226a5d8e89549993abb06c1274ca784e073f83546719dfb4771ef6b17840a04ad7639d0fed24cdb4235203a6d7ed06114f74339859728e66239b75ec721641705cd8294542f9f3a7789821b1a6b865bdfa95ce9e41b407c83e1f789fe26825b27e2c1304dd4f65ea7cb1a1b", @ANYRESHEX=r0, @ANYBLOB="3175f2afdf6703b600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28, @ANYRESDEC=r4, @ANYRES8=r2, @ANYRES64=r1, @ANYBLOB="0d3b508180bcec6ad046ef425d8650bd1670fbb6e4d79a0c414c00e1e0ae3e74acb3b63023b358175697382956f47fdf90d25522106b627fcd0846b7796b514992408d376b9b67fdcc9a605c0908e960878b148012ea85b63b9abd61e293e94e4e058863ed3bfac9fc11cbbbfb1a8b970a44a45e1b6e930b95c34378bfa80c20a357cabdce1550c41db7a00e28a28692cbe3b142310c6849b1852e05a2696cc00e80449fdacf7a27867fe45d186de3d2c7a81a1918e72ae51ed7635884f2621aa43ac7d7b940f4edbe180b173eeeaae156", @ANYRESDEC=r3], 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000014c80020850000000400000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000040), 0x20000000, 0x40800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002300)=ANY=[@ANYBLOB="3c00006841bfc78915fcde6557c45298c10000009d8ff4e9f70830add61ce5a09fa72ae3add018c52328fab94af10fdf991ca9207954fe549db61ec2b0aa1c61b4bb617493cabf5b026e1af152ce85aa2a82db69fe7f7d5290eed764da4b2b21491057e0d23dcfb3514c56f86a5ee541b6d99021cede230cebe25f33ebe3f115", @ANYRES32=0x0, @ANYBLOB="00000000001400001c00128009000100626f6e64000000000c0002800800140002000000"], 0x3c}}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x4000800)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020)

15m16.672305798s ago: executing program 33 (id=2235):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x24, 0x5, 0x0)
ioctl$SNDCTL_DSP_GETFMTS(0xffffffffffffffff, 0x8004500b, &(0x7f0000000000)=0x8)
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x0)

8m17.023534688s ago: executing program 34 (id=4743):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a8584c, 0x0)

8m13.840943206s ago: executing program 35 (id=4614):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000004700)=""/4097, 0x1001}, {&(0x7f0000001480)=""/4089, 0xff9}, {&(0x7f0000002500)=""/4137, 0x1029}, {&(0x7f0000000200)=""/115, 0x73}, {&(0x7f00000005c0)=""/172, 0xac}, {&(0x7f0000000280)=""/191, 0xbf}], 0x6}, 0x0)

8m6.283189397s ago: executing program 36 (id=4690):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)={@val={0x70}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x8100, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x5865}}}}}}}, 0xfdef)

8m3.576032714s ago: executing program 37 (id=4847):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
sendmsg$NFC_CMD_DEV_UP(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040}, 0x8000)

7m55.1955913s ago: executing program 38 (id=4791):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0xfffffffc, 0xb, 0x0, 0xfffffffc, 0x7f, "db8f2d2b3b7596160c6981acf8805944823a7f"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xfc40)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
r1 = dup3(0xffffffffffffffff, r0, 0x0)
read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2020)

7m31.224662141s ago: executing program 39 (id=5244):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
syz_usb_connect(0x0, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
mlock(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x19)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
close_range(r0, 0xffffffffffffffff, 0x0)

7m27.043492417s ago: executing program 40 (id=5262):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=ANY=[@ANYBLOB="3000000003010102000000000000000002000009100001800c000280040001003a00d90b0c001980"], 0x30}, 0x1, 0x0, 0x0, 0x8010}, 0x20008000)

4m19.732856208s ago: executing program 5 (id=6498):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
lsm_set_self_attr(0x66, &(0x7f0000000240)=ANY=[], 0x20, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x5}, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f0000000140))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000100ffff0000000000000000850000007b00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c00"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$pmem0(0xffffff9c, &(0x7f0000000040), 0x100, 0x0)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r7, 0xffffffff)
connect$pppl2tp(r7, 0x0, 0x0)
ioctl$BLKGETSIZE64(r6, 0x80041272, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001100)=ANY=[@ANYBLOB="38000000101401"], 0x38}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)

4m18.874604951s ago: executing program 5 (id=6503):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="070000000400000008020000210000000000", @ANYRES32, @ANYRES32=0x0], 0x50)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x17, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000190000000000000000181200009f9cd3ce9be20d0b3227a8a6ab951471c94391098c4756a4b9074471f3122dff4a65175fe3ef7792e0d6dfdb0997a25af8380d96dfd876a7035e68954119f4910e1ca23204012b3a3f675fc3b06b027c0fe6d0df2cb1204b04d7a0e658a74e65856f63f91920dafb272b60211e615b653202f70c6a37c3b4c1b44a8544c10000000000000009fbf5ee0037c48c2eedaa125116814b1cda8fa675c35000000000000000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
socket$qrtr(0x2a, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000380)={<r4=>0x0, 0x1000, "e5637b644e6868de451cd6591d8bccf7bc21a598ec9d751802cd61b899ff7bc679aab859f2ae42f7b8407bd7d737fa70a14e1d72b98991481be26c448fc5957e09f0e9fed80f50c3db87586e7db0e482bf718bfc378d6c88a9806e43c264ef7510b95bf233ba559aa747862bf602fbd1bad29e4194f03f60f75d1118a0580942159d76f5d4402172c93a6293d50ecf151f0609b3ad0c0dad1c85b11a5c77d1ae60be12668565d38b27d6ecdee61cd3b6dccf04016f7039c579727b0a03ddec48abd0e27612a2596e3ac081e654032df4af099f129a7af415a2000d497c22e36d81aedeb1f5f8a9fb2f0480421e0d2b06a68caf2e97fe9c74638f9580e26164cde7369932eb7163ce76f897ce72974987880132665454ff2c0198bcedf64bbbd36dced1812b68817a5398a48d071ba013d5a6d65e861d5179d50340070bed8c6303753fd61c5db8183257565cbf9459d8c207a613f312d845c9b12d085486d0ed1fbc61717d0d1f43efa77fb56a1264ded5d3c35fe67d5998fc8f72a6fceac5dfe8ab387e4ca56116273ac1233e48ab5a32e3ed2c9ffc7f660cb45a0757855fdaef49c0aae7600ec90f5fde03384adab2754c0be1536e88b779e9177c28e3b82e7ce56508e85d674a6331a2d51876b0192d1827ef4b60b2c0f3b05d4d950cd1f4f076924ea7ca4b3b8c071ab9bc357d07d4996b10469df5968ff29c1c33c09ab5c202f1aa594836142599486be8899e6cec8efdfd0821e28f211e37aab64b20d345f355ce656d8d7b55246b1df7a9991b9b2d83b5cdeb6d8960b666eab32706925f6596052cd79a2e1ddc19b5f40f1633aee43476a0ceff8576674587d63aba3e3b3e6bf57b5cf11d61a00a4b94207e8c0ec5554d0ff3252210505f19b4e5d9de888e2db50d297512d978664addf65b662e061ef208deed7cf9937f51e8d3c7b44b1be1c53cefbf5bee6523d8b73c081f4c7a46f73853e8b7497ea3a16828c0ea6bd03f3e9ba8092ffe00150d7f23b572001a26faf928bd5fa8744a422e22b9c6b6a40efb2f6cd37cfa5644325b6522f1fafa2a405bb47868c13e2276318de4ddc6e6fff07619291c6d7cd0823907777684c703611a920eaf86a0a34b48d5d2493dce050fa0618f1d50a3058bade440d0dde405ef485982307b636ee73fda161ac97adf79ae77e79c8de1f885f8de2eac1f0f932d03c94bfebeb25dfc1658dcfd6a47161fe8039c757e0e36b71e20c243406ea5c04a7b89f2b61e8d01964ff4eb5ae04681b6906e79bab4dd673455f9ae845eecb3d35fa24b15197f72376a5a5fdc6ddc3b4fc0f620d44ff03ee642ac8abcf22fd5d81534890c1b6d775f872927dcadecc3055796d75fc9330db3cd0695be2f3026bcf54105bf70a611f844039e1e3998739f5a3ee59a6998888bd97ceca9a3d1adf8afd3df31555d9bb8bb40113bbaa412a0697d87c8a0415bc10b405a2ad1c8535ffed1a30684f8f866f135f35beacfecbf82dd71e12875bcc2f9ee006164be5070532283cdaef09a987fd931477033acba94950f37961c2a1dbce2ebb4348b2516a30e778e2afd2c459294f1af11b9ec763add7197061d4586b4c5c98b67451e41ca93be94b6b8ed033ff40736953c0a2dd7f6de17213b85aa306b8f18de96146c231ace2f219f908e3be859131a63198b6e8ec0272fce74814d9e084311e37d0a4f466c8719d7c778a080e8c928e7ab32c932952a17660198dd1438ec31fbfbb62a7aa727bee2e8f38cab8f24ebe53d4f32071a7d26bb840854ab31a43d2ba0518dd6387919bb805c528ec8088b690e9cb80ac145542d15d8c0da8c8c81b2dd658821c6066b42aa8382f6ab2a6a0f64fb682ecfa41c92771c1b64360d82e5c8147ce185e62b6ba3de7bbfa4a46f5fedbd43cf1cd911e04cffba71d32b72b08e6132fd574d590d4eb8019aa9d2b425013f40bf7cf35eac3633bc0818b8b372d47f85e963123b52661b58fe02979177e580d0e7e462994265d1430fd2ec3c858564af08724185097b60c14a340af757448c53c0a8b028a6976fbde70768a64867e2d76c4d72852ce5cc5e4b094f5930cc80a7c5c57abdd1f5e73ae3c1566ee83126bcbbe8b4b818fd518cc86f1933b2b28b24a4345c0525173ded3b30ed109eb99df27d1d34fd98f2ef62b3879f81787b6148aeab886958a1c308dd4aba37614123d14216ddb2cc8c9d01e7b73a7844b735fc6080903979f6778a17b4db5b90cc5a3d6eee404b2d8bbc20b9826fa6f5852353627bef7eb4f67d5b676848761d589d9023007237ad990840ccac8ed08450f8debac6f78fb4cf5af85bc57a9a07840010e4c601eb57122869b06303889f31575cf7cb8c87f7145f0959606655e2e738a254b5925334dbe5aa7457421fe93f1af9be40095eb0263843adfe69951c6ee79acb4ed2ad54eb2903ae96182293bea1bf48035390cab29a9127d770947872961466597c32abd434db411a57927915091d9ad20aef3dc32ebc1ce14eaf481fd6a6f3d355fb96b45225464f4a512a2a272bb2a54d03711a408d6af69883fe83caa8b436c45f30d04243f1a672a1e2930a56666c2d44b3656ab13ad4e83673fbe2afa4883f73216d8323193ba0c098e0fe6257ec14fbcf36df67515ebf9a474713f98cdb95abff10490b2370f4b184ba10a7516955a04c8559e2cc582d41ade9d919a5c0323939385151a4862f8aff02ed2fe088e29363742e8c9fbde6e951b4ae38e1def6f72bd6901faefdd0c5439f2b08bf2ec773a03495567ea0c9f3ae4b7217500c9a16ad6928d2ec7fb28e965cafa716bead7ee488a8311c66498bf712448b235a3fa6f7e50b9993be68e77af9427ef8c9f3be987c1844ae2e57dc18ddc5118fdc58136a9e8578f126d8a5f4d573964ea3fbfb9205713a2caff693b90d019378252a7ae93e788b97ba50c94f7f2a8f6e2ff49554170b260547155bd3094fc63e1b25464104f1322054089be8ff2086e3018d648a5f5abe53074c3e7935d37c7f8ce9adeebf9892eff0df3816a88fc1a41445ed4cc2192656dea755f3a78b52be2f1b222de987419906d172f8e2e6399a35f9ab2fb1c269057fe1bf5659405b1d20d3101e1f94e80e0f64dc6e740811b4d15caaeea931f888f674ed1ee1304f093165750ca87462020d714d43a6292cde489b4fe607628398661aba13976c936d18aa05910cf1589520efe9bd4e6e3b56afe237ba57ef64f9f9144acfb39b97338a1c27997d278c9bf04d411c32d68452983b093aa3e132775abbf514db6f3ee5205150e7bb0920d145d189525acd4997ccb6f52c83d09f62074fc93be59391e9ea619f6a89f34d415cda8e70dc26ea99490a63096fc10e136e0451babea6135a39fc2319dd84a00d9e597769a0618522cd8f5bc72e4d03898774debbe15144f7697375be8f060accc97f8ae8fdfdf1bfec73cf87979bc216823c456eda918bc2d9a91b19b2d5dca5a5407aa055bb9747311ca346fe86e646ceaaab23816e94ec4a7c5cbb37b555687ca8f8a72e8882b85ed2b2fa658b40ba2f4e1f371dc0cfed1081d5873758060ac7f119bd00c64c1c50ab0d7ac09991167b09409e6c8750194ca70e0d4a769d62c9bf58eafbbb5bc5fafebd5c2fd3a62d65e4fc8c8f4a2790ecafe9726276cdb12ae95251c48386fd929f35d88fed25861bd1c99b96e5f1a4d772addb381c635ecbefc9c27e638c5adda9fa1b82cda27b9839f26b36eeb5c7f15d75018ee8b234ec14f8262e54f4b656358f298b18b14f033112856a34d9ab4c47789a40b9e4bdd951c35de671bf73ecfec88dcab50c52e124539338c33c0de432b5d479c9bb171f1e25448e61758c4f3e347a737128e3f2e4b9b073d13b2431de0b62de9075d72606c053b34313a83138c81fd55d0b330fd19ba0328047b1d481ff9c82a725478ca247021e575b05e6bcb1864aa05e86eb874873fd5ce36df060ca2d0fa8a8a07a5778b5a77d3c2276f696b73f42ff94d6b6dd391a4bc58d2b6f0a65d092d5b39eb227a2b6bb286f2b3b95f0d4e60e34cbe4fce9be58f19ea8983142cae8834576058e180ad13ba1870e2c04cb9c165d7316be7c5e16971777054377430f6993c9da562541ba414e02fa9818e2c0600cf0e229d3966c3a1507a61c4b32abe9f7218d846c53b4cca5614274fc6adf1ceb0ca38da8f0785ba9d58b69518118f7682c6f9530b9225c8617473c259587dd2a1b70d9e3eba1bbaf89735811fe147fc73c694e5a11f9f409b48da639afe219fd4b05c2a1a5f83b7c1ca7f75826e02ad5b399ba999e24403324a308963745bda784d1102194a91935ae02d5645b264604c666279e2e95a3158a93a6c8b3f5ef764b257bfa233b6a879ed3b2cd6c95aa7b3dcf5e0cc29c03235fdd6a70f0114d0502beea456385a839f100c3cc49dbf0d525e5a1fdb00a74414ab512f1db5cfefe4fb6a3fb9f5beb8848951b777a69ffdf1dcc00ba38b9db91153461724be93ccf77c566e570684b2dfdec6dfa8fb0728af54234ed561d6accb53d7fac38573204c8eb281a524458a3170e1eac19ce3ee7dad6650c0c7dd23853cfa7eb1f239390a11fdacb1e6fea4ee38d49cb0d47bcca3f13970738df5812e4189ce329b06482f94fefb88feaa440502d27e6f3949ff34f0e62a913646c277be435c20e32320cfa072df25dda312466d9778260f35cdcc6a9169e8309356874e27c48d6840938e980169a706ab9d5f495f6855929cd167d0b792f3d36e49cbf67f2872b78c9ba4dd86f908d094dd8a45e79ed181658d9a849c0089cbe8a8ff5a2870d6da861dc5c6e589e59937764a215e3219a84fd7856c86c4a78dc7d617fde4d5bb979fdd695fb061a05fd460601209a3205209ddb819f681da199d8766992dc41e19de53e6ff22cf24647bb1265e6804a94bb9da809570333ec8ee5dfb14413e9492f2cb2fd9952c422a394493d9647eafa89b75d6af8451c865fbeed497ba62b8c6d53adac69e72d7472f560b80164ce8f13a786107dbc426c5b900683c52991c60f7fac96dcb753216e0e41b2e436b7da059a5f7c8f37e615ba60496ca3fe0c0a3d1d774d9f8d01403fb9bedcccf47b5d554c46a237db279364736d629acea6687327191b40ad1e2778b30143b7bf1867564d7c5307710db5cd3d727badf4b033d5bdddaab86b54b1b5f33992ca07e333b3ad2843840c8733fda902f849de971789fa489dd2c28f86e2631b3531acb9f064f53ba5f407c8b70921a5e36c908a4352269f996ce4cba24ad2c9772c5f261cd2730b2311efdcfdba8906c877d85ba693baed5fad52a28fd7162e75ccbb8d52480f497efe538b7dfd35a97e9f0992d437582e22d1ddb585d18dbbd9b67635dcfef849efe0573e4bde3faa9d38ae9d26c1176f7138970e86c5fea815a172435f05f75a82fce8c4d0f3a6611159d056db6e953c7f575b5656ff0844d6b56e0c53c6075d8be5a7c6e199519dd778b01d2bc1d8459691ef6a1237a5c49a8981c13a076776277de9c083939f2ee67979cd4a9962478481facee8e6f1a44bf23054a38fb28486c057ee5ee71e681b0e13dd683deb97a9591e7cf2edd29d97eecf38c0e59f78541701ffc56b7e238327b8d831b91e4313158495d205e1c6045d5aa8a09c2bcfe8597480892dd9c86bff3acdcf7eafcf797baf4970751f2b1cab9972e0a30b11b5cbf8cb7f0c39950cc2277507501fa54584195889c40437c918d10eb37113dacd8aee7e4f5d48f74eb6f857d2c13c673b1cd39d8607f0a5911d824259c46a21c7"}, &(0x7f0000000080)=0x1008)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, 0x0, &(0x7f00000000c0))
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x5}, 0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000300)={r4}, &(0x7f00000014c0)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x60938, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
openat$6lowpan_enable(0xffffff9c, &(0x7f0000001500), 0x2, 0x0)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000280)={0x0, 0x6}, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)

4m17.818872847s ago: executing program 5 (id=6508):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000006c0)=ANY=[], 0xff2e)
r1 = syz_open_dev$dri(&(0x7f0000001480), 0xb, 0x200)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x5)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0xdd)
socket$kcm(0x2b, 0x1, 0x0)
r3 = syz_io_uring_setup(0x19d1, &(0x7f00000003c0)={0x0, 0x0, 0x10100, 0x8000000, 0x8000000}, &(0x7f0000000080)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0xff39)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000002c0)={0x0, 0x0, 0x0, &(0x7f0000000280)=[0x0, <r6=>0x0], 0x0, 0x0, 0x0, 0x2})
r7 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r8 = syz_open_dev$media(&(0x7f0000000040), 0x7ffffffe, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r8, 0x80047c05, &(0x7f0000000080)=<r9=>0xffffffffffffffff)
ioctl$VIDIOC_G_EXT_CTRLS(r7, 0xc0205648, &(0x7f0000000000)={0xf010000, 0x0, 0x0, r9, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETENCODER(r1, 0xc01464a6, &(0x7f0000000080)={r6})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000200)={0x0, 0x2, 0x7c, 0xfffffffa, 0xc6, "84b53f5dc1d996e6e7d479db86fe609ea2029b", 0x80, 0x2})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_subtree(r10, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r11, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5)
write$cgroup_subtree(r11, &(0x7f00000001c0)={[{0x2d, 'cpu'}]}, 0x5)
syz_open_procfs(0x0, &(0x7f0000000200)='net/ipv6_route\x00')
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r12 = syz_io_uring_setup(0x4aa, &(0x7f0000000380)={0x0, 0xfffffff8, 0x10100, 0x10000000, 0x13a}, &(0x7f0000000000)=<r13=>0x0, &(0x7f0000000200)=<r14=>0x0)
syz_io_uring_submit(r13, r14, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8126}})
io_uring_enter(r12, 0x38c5, 0x2000000, 0x0, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)
r15 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x141202, 0x0)
writev(r15, &(0x7f0000001800)=[{&(0x7f0000000580)='trylock ', 0x8}], 0x1)

4m16.858392931s ago: executing program 5 (id=6513):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080)={0x1, 0x2}, 0x8)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@iv={0x10}], 0x10, 0x4000000}, 0x44801)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000540), 0x181440, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x3)
ioctl$TCXONC(r4, 0x540a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x4)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r0)

4m16.819442211s ago: executing program 5 (id=6514):
add_key$fscrypt_v1(0x0, &(0x7f0000000000)={'fscrypt:', @desc1}, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x101, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0xb, 0xfffffffffffffffd, 0x0, 0x10000, 0xb0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101302, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000b7a100000000000007010000f8ffffffb702b1e420677f77000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = memfd_create(&(0x7f0000000040)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t%\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c\x87\x1e|C\xd8\x01\xd0\xf5\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajnW\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0)
write$binfmt_elf64(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46020000000d0200aa1e1c170003003e000839a59434d90a2742a24e000000000000000000deef14b40028e27ebdfd74dafc2038"], 0xfebe)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x4, <r6=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0xb8, 0xefb, &(0x7f0000000180)=0x10000000006})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r4, 0x4008ae48, &(0x7f0000000000)=0x100000)

4m16.671326079s ago: executing program 5 (id=6515):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_BITWISE_XOR={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x10c}}, 0x40)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000100)={0x1d30, 0x0, 0x2003, 0x1}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_BITWISE_XOR={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x10c}}, 0x40) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x0) (async)
modify_ldt$write2(0x11, &(0x7f0000000100)={0x1d30, 0x0, 0x2003, 0x1}, 0x10) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0) (async)

4m16.616791131s ago: executing program 41 (id=6515):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_BITWISE_XOR={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x10c}}, 0x40)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000100)={0x1d30, 0x0, 0x2003, 0x1}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_BITWISE_XOR={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x10c}}, 0x40) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x0) (async)
modify_ldt$write2(0x11, &(0x7f0000000100)={0x1d30, 0x0, 0x2003, 0x1}, 0x10) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0) (async)

2m53.051881845s ago: executing program 0 (id=7058):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
lsm_set_self_attr(0x66, &(0x7f0000000240)=ANY=[], 0x20, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x5}, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f0000000140))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000100ffff0000000000000000850000007b00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$pmem0(0xffffff9c, &(0x7f0000000040), 0x100, 0x0)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r7, 0xffffffff)
connect$pppl2tp(r7, 0x0, 0x0)
ioctl$BLKGETSIZE64(r6, 0x80041272, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001100)=ANY=[@ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)

2m52.098047183s ago: executing program 0 (id=7064):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)={0xd0, 0x12, 0xa01, 0x0, 0x0, {0xa}, [@nested={0xbc, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x8, 0xc7, 0x0, 0x0, @u32=0x7}, @nested={0xa1, 0x79, 0x0, 0x1, [@generic="b9f62a205837be508d1c2fdacd03217cf069b0aca34fb4863bbfcdcf13f2a436d4a48f57fa87b3f5b704fbee3b6afed97ed5086e1bf3833ab62552467cbdc425405ab1a6006ee8b8084c2528ebe8e6d0c7448e41aef7ff507d433adfd58b8216f82cd008e20f7e610264ec990fb4da28f04344fbc24e29aba110af192f0846b271c8e136b9e695c39aab4cf7a777b7a1b1062b0b6563b4359f1c73dd92"]}]}]}, 0xd0}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r8, 0xc048aeca, &(0x7f0000000480))

2m52.091071523s ago: executing program 9 (id=7065):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
lsm_set_self_attr(0x66, &(0x7f0000000240)=ANY=[], 0x20, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x5}, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f0000000140))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000100ffff0000000000000000850000007b00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$pmem0(0xffffff9c, &(0x7f0000000040), 0x100, 0x0)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r7, 0xffffffff)
connect$pppl2tp(r7, 0x0, 0x0)
ioctl$BLKGETSIZE64(r6, 0x80041272, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)

2m51.936031353s ago: executing program 0 (id=7066):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)

2m51.169280103s ago: executing program 9 (id=7072):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)=<r0=>0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2, @tid=r0}, &(0x7f0000000000))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000006c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x8, 0x1, 'ttl\x00'}, @NFTA_MATCH_INFO={0x6, 0x3, "7acc"}, @NFTA_MATCH_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}, 0x1, 0x0, 0x0, 0x24004001}, 0x0)

2m51.112434509s ago: executing program 9 (id=7073):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="070000000400000008020000210000000000", @ANYRES32, @ANYRES32=0x0], 0x50)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x17, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000190000000000000000181200009f9cd3ce9be20d0b3227a8a6ab951471c94391098c4756a4b9074471f3122dff4a65175fe3ef7792e0d6dfdb0997a25af8380d96dfd876a7035e68954119f4910e1ca23204012b3a3f675fc3b06b027c0fe6d0df2cb1204b04d7a0e658a74e65856f63f91920dafb272b60211e615b653202f70c6a37c3b4c1b44a8544c10000000000000009fbf5ee0037c48c2eedaa125116814b1cda8fa675c35000000000000000", @ANYRES32=r0], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
socket$qrtr(0x2a, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000380)={<r4=>0x0, 0xc00, "e5637b644e6868de451cd6591d8bccf7bc21a598ec9d751802cd61b899ff7bc679aab859f2ae42f7b8407bd7d737fa70a14e1d72b98991481be26c448fc5957e09f0e9fed80f50c3db87586e7db0e482bf718bfc378d6c88a9806e43c264ef7510b95bf233ba559aa747862bf602fbd1bad29e4194f03f60f75d1118a0580942159d76f5d4402172c93a6293d50ecf151f0609b3ad0c0dad1c85b11a5c77d1ae60be12668565d38b27d6ecdee61cd3b6dccf04016f7039c579727b0a03ddec48abd0e27612a2596e3ac081e654032df4af099f129a7af415a2000d497c22e36d81aedeb1f5f8a9fb2f0480421e0d2b06a68caf2e97fe9c74638f9580e26164cde7369932eb7163ce76f897ce72974987880132665454ff2c0198bcedf64bbbd36dced1812b68817a5398a48d071ba013d5a6d65e861d5179d50340070bed8c6303753fd61c5db8183257565cbf9459d8c207a613f312d845c9b12d085486d0ed1fbc61717d0d1f43efa77fb56a1264ded5d3c35fe67d5998fc8f72a6fceac5dfe8ab387e4ca56116273ac1233e48ab5a32e3ed2c9ffc7f660cb45a0757855fdaef49c0aae7600ec90f5fde03384adab2754c0be1536e88b779e9177c28e3b82e7ce56508e85d674a6331a2d51876b0192d1827ef4b60b2c0f3b05d4d950cd1f4f076924ea7ca4b3b8c071ab9bc357d07d4996b10469df5968ff29c1c33c09ab5c202f1aa594836142599486be8899e6cec8efdfd0821e28f211e37aab64b20d345f355ce656d8d7b55246b1df7a9991b9b2d83b5cdeb6d8960b666eab32706925f6596052cd79a2e1ddc19b5f40f1633aee43476a0ceff8576674587d63aba3e3b3e6bf57b5cf11d61a00a4b94207e8c0ec5554d0ff3252210505f19b4e5d9de888e2db50d297512d978664addf65b662e061ef208deed7cf9937f51e8d3c7b44b1be1c53cefbf5bee6523d8b73c081f4c7a46f73853e8b7497ea3a16828c0ea6bd03f3e9ba8092ffe00150d7f23b572001a26faf928bd5fa8744a422e22b9c6b6a40efb2f6cd37cfa5644325b6522f1fafa2a405bb47868c13e2276318de4ddc6e6fff07619291c6d7cd0823907777684c703611a920eaf86a0a34b48d5d2493dce050fa0618f1d50a3058bade440d0dde405ef485982307b636ee73fda161ac97adf79ae77e79c8de1f885f8de2eac1f0f932d03c94bfebeb25dfc1658dcfd6a47161fe8039c757e0e36b71e20c243406ea5c04a7b89f2b61e8d01964ff4eb5ae04681b6906e79bab4dd673455f9ae845eecb3d35fa24b15197f72376a5a5fdc6ddc3b4fc0f620d44ff03ee642ac8abcf22fd5d81534890c1b6d775f872927dcadecc3055796d75fc9330db3cd0695be2f3026bcf54105bf70a611f844039e1e3998739f5a3ee59a6998888bd97ceca9a3d1adf8afd3df31555d9bb8bb40113bbaa412a0697d87c8a0415bc10b405a2ad1c8535ffed1a30684f8f866f135f35beacfecbf82dd71e12875bcc2f9ee006164be5070532283cdaef09a987fd931477033acba94950f37961c2a1dbce2ebb4348b2516a30e778e2afd2c459294f1af11b9ec763add7197061d4586b4c5c98b67451e41ca93be94b6b8ed033ff40736953c0a2dd7f6de17213b85aa306b8f18de96146c231ace2f219f908e3be859131a63198b6e8ec0272fce74814d9e084311e37d0a4f466c8719d7c778a080e8c928e7ab32c932952a17660198dd1438ec31fbfbb62a7aa727bee2e8f38cab8f24ebe53d4f32071a7d26bb840854ab31a43d2ba0518dd6387919bb805c528ec8088b690e9cb80ac145542d15d8c0da8c8c81b2dd658821c6066b42aa8382f6ab2a6a0f64fb682ecfa41c92771c1b64360d82e5c8147ce185e62b6ba3de7bbfa4a46f5fedbd43cf1cd911e04cffba71d32b72b08e6132fd574d590d4eb8019aa9d2b425013f40bf7cf35eac3633bc0818b8b372d47f85e963123b52661b58fe02979177e580d0e7e462994265d1430fd2ec3c858564af08724185097b60c14a340af757448c53c0a8b028a6976fbde70768a64867e2d76c4d72852ce5cc5e4b094f5930cc80a7c5c57abdd1f5e73ae3c1566ee83126bcbbe8b4b818fd518cc86f1933b2b28b24a4345c0525173ded3b30ed109eb99df27d1d34fd98f2ef62b3879f81787b6148aeab886958a1c308dd4aba37614123d14216ddb2cc8c9d01e7b73a7844b735fc6080903979f6778a17b4db5b90cc5a3d6eee404b2d8bbc20b9826fa6f5852353627bef7eb4f67d5b676848761d589d9023007237ad990840ccac8ed08450f8debac6f78fb4cf5af85bc57a9a07840010e4c601eb57122869b06303889f31575cf7cb8c87f7145f0959606655e2e738a254b5925334dbe5aa7457421fe93f1af9be40095eb0263843adfe69951c6ee79acb4ed2ad54eb2903ae96182293bea1bf48035390cab29a9127d770947872961466597c32abd434db411a57927915091d9ad20aef3dc32ebc1ce14eaf481fd6a6f3d355fb96b45225464f4a512a2a272bb2a54d03711a408d6af69883fe83caa8b436c45f30d04243f1a672a1e2930a56666c2d44b3656ab13ad4e83673fbe2afa4883f73216d8323193ba0c098e0fe6257ec14fbcf36df67515ebf9a474713f98cdb95abff10490b2370f4b184ba10a7516955a04c8559e2cc582d41ade9d919a5c0323939385151a4862f8aff02ed2fe088e29363742e8c9fbde6e951b4ae38e1def6f72bd6901faefdd0c5439f2b08bf2ec773a03495567ea0c9f3ae4b7217500c9a16ad6928d2ec7fb28e965cafa716bead7ee488a8311c66498bf712448b235a3fa6f7e50b9993be68e77af9427ef8c9f3be987c1844ae2e57dc18ddc5118fdc58136a9e8578f126d8a5f4d573964ea3fbfb9205713a2caff693b90d019378252a7ae93e788b97ba50c94f7f2a8f6e2ff49554170b260547155bd3094fc63e1b25464104f1322054089be8ff2086e3018d648a5f5abe53074c3e7935d37c7f8ce9adeebf9892eff0df3816a88fc1a41445ed4cc2192656dea755f3a78b52be2f1b222de987419906d172f8e2e6399a35f9ab2fb1c269057fe1bf5659405b1d20d3101e1f94e80e0f64dc6e740811b4d15caaeea931f888f674ed1ee1304f093165750ca87462020d714d43a6292cde489b4fe607628398661aba13976c936d18aa05910cf1589520efe9bd4e6e3b56afe237ba57ef64f9f9144acfb39b97338a1c27997d278c9bf04d411c32d68452983b093aa3e132775abbf514db6f3ee5205150e7bb0920d145d189525acd4997ccb6f52c83d09f62074fc93be59391e9ea619f6a89f34d415cda8e70dc26ea99490a63096fc10e136e0451babea6135a39fc2319dd84a00d9e597769a0618522cd8f5bc72e4d03898774debbe15144f7697375be8f060accc97f8ae8fdfdf1bfec73cf87979bc216823c456eda918bc2d9a91b19b2d5dca5a5407aa055bb9747311ca346fe86e646ceaaab23816e94ec4a7c5cbb37b555687ca8f8a72e8882b85ed2b2fa658b40ba2f4e1f371dc0cfed1081d5873758060ac7f119bd00c64c1c50ab0d7ac09991167b09409e6c8750194ca70e0d4a769d62c9bf58eafbbb5bc5fafebd5c2fd3a62d65e4fc8c8f4a2790ecafe9726276cdb12ae95251c48386fd929f35d88fed25861bd1c99b96e5f1a4d772addb381c635ecbefc9c27e638c5adda9fa1b82cda27b9839f26b36eeb5c7f15d75018ee8b234ec14f8262e54f4b656358f298b18b14f033112856a34d9ab4c47789a40b9e4bdd951c35de671bf73ecfec88dcab50c52e124539338c33c0de432b5d479c9bb171f1e25448e61758c4f3e347a737128e3f2e4b9b073d13b2431de0b62de9075d72606c053b34313a83138c81fd55d0b330fd19ba0328047b1d481ff9c82a725478ca247021e575b05e6bcb1864aa05e86eb874873fd5ce36df060ca2d0fa8a8a07a5778b5a77d3c2276f696b73f42ff94d6b6dd391a4bc58d2b6f0a65d092d5b39eb227a2b6bb286f2b3b95f0d4e60e34cbe4fce9be58f19ea8983142cae8834576058e180ad13ba1870e2c04cb9c165d7316be7c5e16971777054377430f6993c9da562541ba414e02fa9818e2c0600cf0e229d3966c3a1507a61c4b32abe9f7218d846c53b4cca5614274fc6adf1ceb0ca38da8f0785ba9d58b69518118f7682c6f9530b9225c8617473c259587dd2a1b70d9e3eba1bbaf89735811fe147fc73c694e5a11f9f409b48da639afe219fd4b05c2a1a5f83b7c1ca7f75826e02ad5b399ba999e24403324a308963745bda784d1102194a91935ae02d5645b264604c6"}, &(0x7f0000000080)=0xc08)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, 0x0, &(0x7f00000000c0))
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x5}, 0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000300)={r4}, &(0x7f00000014c0)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x60938, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
openat$6lowpan_enable(0xffffff9c, &(0x7f0000001500), 0x2, 0x0)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000280)={0x0, 0x6}, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)

2m51.062973026s ago: executing program 0 (id=7074):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x4)

2m51.046597938s ago: executing program 0 (id=7075):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x149202, 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
read(r1, &(0x7f0000000080)=""/167, 0xa7)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0x6, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x290340, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}, {0x0}], 0x2)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="045ccaa38800000001ca3c1bdd78563027705449e856e51f69b4cd94813c70385ff8e19fa83acf49d36a21016e270362138190ffffffff"], 0x9)
openat$uhid(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x315600, 0x0)
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000180))
write$dsp(r5, &(0x7f0000000200)="dce480febb0ccd0bcb66ade3495e87b440e5afdc984cc06eb1c91c85a7fec04b2f82e267c1edd1543b79d80c0f949073bd", 0x31)
write$dsp(r5, &(0x7f0000000080)="cd", 0x1)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000100))

2m50.890731912s ago: executing program 0 (id=7076):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="440000000b0601020000000000000000010000000900020073797a310000000005000100073400001c0007800c00018008000140fffffffe0c000280"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)

2m50.881681693s ago: executing program 42 (id=7076):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="440000000b0601020000000000000000010000000900020073797a310000000005000100073400001c0007800c00018008000140fffffffe0c000280"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)

2m50.303563781s ago: executing program 9 (id=7083):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x4)

2m50.281681503s ago: executing program 9 (id=7084):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)={0xd0, 0x12, 0xa01, 0x0, 0x0, {0xa}, [@nested={0xbc, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x8, 0xc7, 0x0, 0x0, @u32=0x7}, @nested={0xa1, 0x79, 0x0, 0x1, [@generic="b9f62a205837be508d1c2fdacd03217cf069b0aca34fb4863bbfcdcf13f2a436d4a48f57fa87b3f5b704fbee3b6afed97ed5086e1bf3833ab62552467cbdc425405ab1a6006ee8b8084c2528ebe8e6d0c7448e41aef7ff507d433adfd58b8216f82cd008e20f7e610264ec990fb4da28f04344fbc24e29aba110af192f0846b271c8e136b9e695c39aab4cf7a777b7a1b1062b0b6563b4359f1c73dd92"]}]}]}, 0xd0}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0xc048aeca, &(0x7f0000000480))

2m50.120688463s ago: executing program 9 (id=7085):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0a00000004000000040000000a00000040000000c1729950540a7f9e3b16921961fd0760635af667a4d10d91790893fe482dda62048dd9bdf07895302a3fbb4c8b396db271525774497d2cc3306e5ad709ed82cc97abfc2196c3011daafc2772decbde5f49a90b6c5f88f61afc134a6a45cd9ca686b48c0cff95dd747892d0c84cefd9690c15a25fee724e1183610d8048f417204262fe9035cd2e59d1501c89fe078cb58330669b959909687cec9a8ab8d3d99d8236c6b76bf17c2420f1d0c3f537e84869300a60f12c28e2f9be3e71aa42d494c757bf376b5b14c4a1863ad977e6c873c5741521", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
close(0x3)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000380)={0x1, 0x3, 0x9, 0x5029f63b}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000003c0)=[r3, r3, r2, r3, r3, r2, r2, r1, r2, r3], &(0x7f00000004c0)=[{0x1, 0x3, 0x4, 0x3}]}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
chdir(&(0x7f0000000000)='./cgroup\x00')
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x515001, 0x408)
r5 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r5, 0x42, 0x1ff)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

2m50.102743335s ago: executing program 43 (id=7085):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0a00000004000000040000000a00000040000000c1729950540a7f9e3b16921961fd0760635af667a4d10d91790893fe482dda62048dd9bdf07895302a3fbb4c8b396db271525774497d2cc3306e5ad709ed82cc97abfc2196c3011daafc2772decbde5f49a90b6c5f88f61afc134a6a45cd9ca686b48c0cff95dd747892d0c84cefd9690c15a25fee724e1183610d8048f417204262fe9035cd2e59d1501c89fe078cb58330669b959909687cec9a8ab8d3d99d8236c6b76bf17c2420f1d0c3f537e84869300a60f12c28e2f9be3e71aa42d494c757bf376b5b14c4a1863ad977e6c873c5741521", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
close(0x3)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000380)={0x1, 0x3, 0x9, 0x5029f63b}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000003c0)=[r3, r3, r2, r3, r3, r2, r2, r1, r2, r3], &(0x7f00000004c0)=[{0x1, 0x3, 0x4, 0x3}]}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
chdir(&(0x7f0000000000)='./cgroup\x00')
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x515001, 0x408)
r5 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r5, 0x42, 0x1ff)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

2m47.120231075s ago: executing program 2 (id=7108):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
lsm_set_self_attr(0x66, &(0x7f0000000240)=ANY=[], 0x20, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x5}, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f0000000140))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000100ffff0000000000000000850000007b00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$pmem0(0xffffff9c, &(0x7f0000000040), 0x100, 0x0)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r7, 0xffffffff)
connect$pppl2tp(r7, 0x0, 0x0)
ioctl$BLKGETSIZE64(r6, 0x80041272, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001100)=ANY=[@ANYBLOB='8\x00\x00\x00'], 0x38}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)

2m46.240289742s ago: executing program 2 (id=7120):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)={{0x14, 0x10, 0x1, 0xf5, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x9, 0x1, 'time\x00'}, @NFTA_MATCH_INFO={0x1c, 0x3, "07682c020b7b37f27f51010054d4077549f4e34e86f469eb"}, @NFTA_MATCH_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

2m46.158687854s ago: executing program 2 (id=7122):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="070000000400000008020000210000000000", @ANYRES32, @ANYRES32=0x0], 0x50)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x17, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000190000000000000000181200009f9cd3ce9be20d0b3227a8a6ab951471c94391098c4756a4b9074471f3122dff4a65175fe3ef7792e0d6dfdb0997a25af8380d96dfd876a7035e68954119f4910e1ca23204012b3a3f675fc3b06b027c0fe6d0df2cb1204b04d7a0e658a74e65856f63f91920dafb272b60211e615b653202f70c6a37c3b4c1b44a8544c10000000000000009fbf5ee0037c48c2eedaa125116814b1cda8fa675c35000000000000000", @ANYRES32=r0], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
socket$qrtr(0x2a, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000380)={<r4=>0x0, 0x820, "e5637b644e6868de451cd6591d8bccf7bc21a598ec9d751802cd61b899ff7bc679aab859f2ae42f7b8407bd7d737fa70a14e1d72b98991481be26c448fc5957e09f0e9fed80f50c3db87586e7db0e482bf718bfc378d6c88a9806e43c264ef7510b95bf233ba559aa747862bf602fbd1bad29e4194f03f60f75d1118a0580942159d76f5d4402172c93a6293d50ecf151f0609b3ad0c0dad1c85b11a5c77d1ae60be12668565d38b27d6ecdee61cd3b6dccf04016f7039c579727b0a03ddec48abd0e27612a2596e3ac081e654032df4af099f129a7af415a2000d497c22e36d81aedeb1f5f8a9fb2f0480421e0d2b06a68caf2e97fe9c74638f9580e26164cde7369932eb7163ce76f897ce72974987880132665454ff2c0198bcedf64bbbd36dced1812b68817a5398a48d071ba013d5a6d65e861d5179d50340070bed8c6303753fd61c5db8183257565cbf9459d8c207a613f312d845c9b12d085486d0ed1fbc61717d0d1f43efa77fb56a1264ded5d3c35fe67d5998fc8f72a6fceac5dfe8ab387e4ca56116273ac1233e48ab5a32e3ed2c9ffc7f660cb45a0757855fdaef49c0aae7600ec90f5fde03384adab2754c0be1536e88b779e9177c28e3b82e7ce56508e85d674a6331a2d51876b0192d1827ef4b60b2c0f3b05d4d950cd1f4f076924ea7ca4b3b8c071ab9bc357d07d4996b10469df5968ff29c1c33c09ab5c202f1aa594836142599486be8899e6cec8efdfd0821e28f211e37aab64b20d345f355ce656d8d7b55246b1df7a9991b9b2d83b5cdeb6d8960b666eab32706925f6596052cd79a2e1ddc19b5f40f1633aee43476a0ceff8576674587d63aba3e3b3e6bf57b5cf11d61a00a4b94207e8c0ec5554d0ff3252210505f19b4e5d9de888e2db50d297512d978664addf65b662e061ef208deed7cf9937f51e8d3c7b44b1be1c53cefbf5bee6523d8b73c081f4c7a46f73853e8b7497ea3a16828c0ea6bd03f3e9ba8092ffe00150d7f23b572001a26faf928bd5fa8744a422e22b9c6b6a40efb2f6cd37cfa5644325b6522f1fafa2a405bb47868c13e2276318de4ddc6e6fff07619291c6d7cd0823907777684c703611a920eaf86a0a34b48d5d2493dce050fa0618f1d50a3058bade440d0dde405ef485982307b636ee73fda161ac97adf79ae77e79c8de1f885f8de2eac1f0f932d03c94bfebeb25dfc1658dcfd6a47161fe8039c757e0e36b71e20c243406ea5c04a7b89f2b61e8d01964ff4eb5ae04681b6906e79bab4dd673455f9ae845eecb3d35fa24b15197f72376a5a5fdc6ddc3b4fc0f620d44ff03ee642ac8abcf22fd5d81534890c1b6d775f872927dcadecc3055796d75fc9330db3cd0695be2f3026bcf54105bf70a611f844039e1e3998739f5a3ee59a6998888bd97ceca9a3d1adf8afd3df31555d9bb8bb40113bbaa412a0697d87c8a0415bc10b405a2ad1c8535ffed1a30684f8f866f135f35beacfecbf82dd71e12875bcc2f9ee006164be5070532283cdaef09a987fd931477033acba94950f37961c2a1dbce2ebb4348b2516a30e778e2afd2c459294f1af11b9ec763add7197061d4586b4c5c98b67451e41ca93be94b6b8ed033ff40736953c0a2dd7f6de17213b85aa306b8f18de96146c231ace2f219f908e3be859131a63198b6e8ec0272fce74814d9e084311e37d0a4f466c8719d7c778a080e8c928e7ab32c932952a17660198dd1438ec31fbfbb62a7aa727bee2e8f38cab8f24ebe53d4f32071a7d26bb840854ab31a43d2ba0518dd6387919bb805c528ec8088b690e9cb80ac145542d15d8c0da8c8c81b2dd658821c6066b42aa8382f6ab2a6a0f64fb682ecfa41c92771c1b64360d82e5c8147ce185e62b6ba3de7bbfa4a46f5fedbd43cf1cd911e04cffba71d32b72b08e6132fd574d590d4eb8019aa9d2b425013f40bf7cf35eac3633bc0818b8b372d47f85e963123b52661b58fe02979177e580d0e7e462994265d1430fd2ec3c858564af08724185097b60c14a340af757448c53c0a8b028a6976fbde70768a64867e2d76c4d72852ce5cc5e4b094f5930cc80a7c5c57abdd1f5e73ae3c1566ee83126bcbbe8b4b818fd518cc86f1933b2b28b24a4345c0525173ded3b30ed109eb99df27d1d34fd98f2ef62b3879f81787b6148aeab886958a1c308dd4aba37614123d14216ddb2cc8c9d01e7b73a7844b735fc6080903979f6778a17b4db5b90cc5a3d6eee404b2d8bbc20b9826fa6f5852353627bef7eb4f67d5b676848761d589d9023007237ad990840ccac8ed08450f8debac6f78fb4cf5af85bc57a9a07840010e4c601eb57122869b06303889f31575cf7cb8c87f7145f0959606655e2e738a254b5925334dbe5aa7457421fe93f1af9be40095eb0263843adfe69951c6ee79acb4ed2ad54eb2903ae96182293bea1bf48035390cab29a9127d770947872961466597c32abd434db411a57927915091d9ad20aef3dc32ebc1ce14eaf481fd6a6f3d355fb96b45225464f4a512a2a272bb2a54d03711a408d6af69883fe83caa8b436c45f30d04243f1a672a1e2930a56666c2d44b3656ab13ad4e83673fbe2afa4883f73216d8323193ba0c098e0fe6257ec14fbcf36df67515ebf9a474713f98cdb95abff10490b2370f4b184ba10a7516955a04c8559e2cc582d41ade9d919a5c0323939385151a4862f8aff02ed2fe088e29363742e8c9fbde6e951b4ae38e1def6f72bd6901faefdd0c5439f2b08bf2ec773a03495567ea0c9f3ae4b7217500c9a16ad6928d2ec7fb28e965cafa716bead7ee488a8311c66498bf712448b235a3fa6f7e50b9993be68e77af9427ef8c9f3be987c1844ae2e57dc18ddc5118fdc58136a9e8578f126d8a5f4d573964ea3fbfb9205713a2caff693b90d019378252a7ae93e788b97ba"}, &(0x7f0000000080)=0x828)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, 0x0, &(0x7f00000000c0))
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x5}, 0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000300)={r4}, &(0x7f00000014c0)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x60938, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
openat$6lowpan_enable(0xffffff9c, &(0x7f0000001500), 0x2, 0x0)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000280)={0x0, 0x6}, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)

2m45.889919035s ago: executing program 2 (id=7124):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x4)

2m45.810709756s ago: executing program 2 (id=7125):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000180)='./file1\x00', 0x800, 0x70)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x400, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
unlinkat(r0, &(0x7f0000000000)='./file1\x00', 0x0)
unlink(&(0x7f0000000040)='./file1\x00')

2m42.890514879s ago: executing program 2 (id=7136):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
lsm_set_self_attr(0x66, &(0x7f0000000240)=ANY=[], 0x20, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x5}, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f0000000140))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000100ffff0000000000000000850000007b00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$pmem0(0xffffff9c, &(0x7f0000000040), 0x100, 0x0)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r7, 0xffffffff)
connect$pppl2tp(r7, 0x0, 0x0)
ioctl$BLKGETSIZE64(r6, 0x80041272, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001100)=ANY=[@ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)

2m42.885897945s ago: executing program 44 (id=7136):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
lsm_set_self_attr(0x66, &(0x7f0000000240)=ANY=[], 0x20, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x5}, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f0000000140))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000100ffff0000000000000000850000007b00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$pmem0(0xffffff9c, &(0x7f0000000040), 0x100, 0x0)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r7, 0xffffffff)
connect$pppl2tp(r7, 0x0, 0x0)
ioctl$BLKGETSIZE64(r6, 0x80041272, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001100)=ANY=[@ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)

1m22.09688066s ago: executing program 4 (id=7845):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x2, &(0x7f0000000180)=[&(0x7f000093a000/0x2000)=nil, &(0x7f00001ac000/0x4000)=nil], &(0x7f0000000340)=[0x0, 0x1], &(0x7f0000000380), 0x2)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x474)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a, 0x2})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x80489439, &(0x7f0000000100))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000380)={0x0, 0xfffffffffffffe4f, &(0x7f0000000080)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc4}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="14000000100001005726a34f80494295e9a2084f00000000000000000600becf000000000000050000000000000000000700000e09fdffff1100010000000000000000000500000a"], 0x498}}, 0x200000d0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="042c1194c90000000000015bfc03fd0000050020"], 0x14)

1m21.868708623s ago: executing program 4 (id=7851):
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_genetlink_get_family_id$ethtool(&(0x7f0000007540), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000080)=0x80000003)
r4 = dup2(r3, r3)
read$FUSE(r4, &(0x7f00000063c0)={0x2020}, 0x2020)

1m20.879534036s ago: executing program 4 (id=7858):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000fcffffff000000000000000095"], &(0x7f0000000300)='syzkaller\x00'}, 0x94)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000540)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x80045b10, &(0x7f0000000040))

1m19.534491026s ago: executing program 4 (id=7869):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x101100)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f00000001c0)={0x5, 0x2, 0xfffffeff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x2b, &(0x7f0000024140)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3, 0x1d, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @echo={0x8, 0x0, 0x0, 0xf, 0x7, '>'}}}}}, 0x0)
setpgid(r2, 0x0)
setpgid(0x0, r2)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
capset(&(0x7f0000000340)={0x20080522}, &(0x7f0000000300)={0x0, 0x0, 0x5f22})
ioctl$AUTOFS_IOC_EXPIRE(r3, 0x810c9365, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c80)=ANY=[@ANYBLOB="340020003e7c0000040042800c797b8006000600800a0000100002d3010014800800048004000280"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r4 = openat$vmci(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r4, 0x7a5, &(0x7f0000000100)={{@host, 0x6}, 0x0, 0x1, 0x3})
r5 = syz_open_dev$hiddev(&(0x7f0000000140), 0x7, 0x24000)
kcmp$KCMP_EPOLL_TFD(r2, r2, 0x7, r5, &(0x7f0000000280)={r3, r4, 0x8})

1m19.531879843s ago: executing program 4 (id=7870):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, 0x0, 0x0)

1m19.39988534s ago: executing program 4 (id=7871):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0e000000040000000400000002000200", @ANYBLOB="00000000ebffffffffffdf"], 0x50)

1m19.382374131s ago: executing program 45 (id=7871):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0e000000040000000400000002000200", @ANYBLOB="00000000ebffffffffffdf"], 0x50)

1m16.576456238s ago: executing program 8 (id=7888):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x64adcf25b604e336)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x400, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4086, 0xff6}], 0x1)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0xa01018, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bc00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000008850000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r3, 0x4018aee3, &(0x7f0000000000))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000000)="feeae3a2b93f4fbc8d26fc0ed982", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0xf)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000400000000000000000000850000002c000000850000002a00000095"], &(0x7f0000000400)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r6, r5, 0x25, 0x0, @val=@netkit={@void, @value=r6}}, 0x1c)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x6, 0x10000, 0x5, 0x3, 0x4000, r1, 0x4, '\x00', r5, r7, 0x0, 0x2, 0x4}, 0x50)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)='./file0/file0/file0\x00', 0x0, 0x1adc51, 0x0)
umount2(&(0x7f0000000080)='./file0/file0\x00', 0x2)

1m16.454412929s ago: executing program 8 (id=7889):
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x20, 0x1, 0x3e, 0x0, r1}, &(0x7f0000000180), &(0x7f00000001c0))
ioctl$I2C_TENBIT(r1, 0x704, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0079907b2b5c580dbc0001000000000a00000000b006"], 0x1c}}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b26, &(0x7f0000000040)={'wlan1\x00', @broadcast})
ioctl(r2, 0x8b32, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000d"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000040)=r4, 0x4)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
writev(r6, &(0x7f0000000200)=[{&(0x7f0000000340)="031f31b1f09d76af21e3b0224966a232dc1f5bfd8a29f730b10a53e756087a1df416fd804b636964220910b05962d95d7fb7873e8a0b7b62d7384dbd12b536f0e55e588092441663f9665e4b39f8eb3430840ac3c6ad014d6268fca6b3fc43da09b1d0a95d18e26a8e0ddd857f4911abb72ced02e4f1fe5ebb35042436374c7119229c019819a8491bdd74a299ca4fa71ee05f4c49c99de404b76d08fb1938674fa45fd06104cfcc08e9c017a2769a77e1a9e4da0e451353ca53b990500b18e4f4bb5cf1309fe4707c3f7200"/218, 0xda}, {&(0x7f0000000640)="ffb3ef96fd55310531a92b9d4b2ebcb168c3e90db153fe8bc3c9e2cfd50d22329495b92a7e12a948fff8e40f44798512135fd8fec900cca0c10e9e61d61cff5507f9298209ab8dd95ba0cb024a07dc20d07ac8940c729de29318e23818b2169da4374e8ec904573105b3dafbed9c3958b6570ec6117f2a8b7823b94056c0bcfd679f57db483bb7631bfd74f5f73cdebd19d4bd31a81d7c73c4428a65dc3820987e1ea1c45773112d4e2b1cc8064f220c7b2d673f84d4b1a5a9aedc2063b740198f57d0848358b2cf118bfcdc7c40303dee672f1ca6384e006460df438bde154a0c", 0xe1}, {&(0x7f0000000140)="74812905b8bd297a48dc5adfa4052d6e7cdd8c1615a231859ac522b4ae78d7f1b3619ed73f0e93cf3ccd30f4e58303dfd9d20af483a3406d486bad53698267735b", 0x41}, {&(0x7f0000000280)="7c73c1e117e291cb0100000000000000f9a19a5183aa91163ef7aa02ce433c1042f6ee70b4fc666ca104a44c8043dfc59c3a2b2fafeed98ad7ba6746cac942f20cf64423a5f0e115770de6db3543b33035d537c0dc7d922120640d775418ed784594e7b95cf7c9abcaadc7c177116160fe4717105675db", 0x77}, {&(0x7f00000008c0)="790f076461633e860315f3328f99377a0aa835675115acd2b7f10f5db17ec3fde9fbe7060f7025e4aeb974183c45cef27e5f95a42d5eee4f9c3ba0ef5c6601d08076576cddefe74f2b3b23c3b16076675cb1bcdede8d819967d59a7b7c2c34e76233d38be07bc9d91e27bfe688115bb226db5e1179a69c22357df381e6a73bd8b4132f610008d32103ebde594b4611450ab4bd7e97a51718c9e186ee8ae006e66ea2c6afbdfc76b2c4ba738000000021bfce27e702bb3159ac514b3b7141d184fc95a53e825dd7a264360483622d808bcc55ecdc58eaba26d65e8fb40c1446c7d56358b40a0632a44acdfd8232d2e421f97e40b190155087b0bab3d0d816eb3671842438c631384ca936a989ecb918492452a72e4c60592557ca046e36b047c4ca8a7a82b79e1bebf1d3668eceaf6899dc759640ba5fc108ada047d13471fc5aed0dcf3ba6ea78297ef956f42c6d5786f099da4e55771ad021baea2b99a7", 0x15e}], 0x5)
r7 = syz_open_dev$sndpcmc(&(0x7f0000000240), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001a40)=[&(0x7f00000017c0)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}])
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='inet_sk_error_report\x00', r8}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x40)
r9 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000440)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r9, 0x7a0, &(0x7f0000000000)={@any, 0x2})

1m16.317256405s ago: executing program 8 (id=7894):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x2, &(0x7f0000000180)=[&(0x7f000093a000/0x2000)=nil, &(0x7f00001ac000/0x4000)=nil], &(0x7f0000000340)=[0x0, 0x1], &(0x7f0000000380), 0x2)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x474)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a, 0x2})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x80489439, &(0x7f0000000100))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000380)={0x0, 0xfffffffffffffe4f, &(0x7f0000000080)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc4}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="14000000100001005726a34f80494295e9a2084f00000000000000000600becf000000000000050000000000000000000700000e09fdffff1100010000000000000000000500000a"], 0x498}}, 0x200000d0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000440)="97713b46fbaa2b1044f2d408ffca802db4d770eb9874f493e0ef367e4bde497c403b450c72ff2417d079bb892435a1e107fa5c0ecd207d9e6f2a209bf148e6bc56955cb53347d1499097488fcad724a1"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000600)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffffc}], 0x0, 0x0, 0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan0\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r8=>0x0})
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000040)={0x0, 0x4d, &(0x7f0000000380)={&(0x7f0000000540)={0x2c, r9, 0x1, 0x70bd2c, 0x0, {{0x2}, {@val={0x8, 0x3, r8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x2c}, 0x1, 0x0, 0x0, 0x48845}, 0x4040000)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r2, &(0x7f00000005c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="080025bd7000fbdbdf256300000008000300", @ANYRES32=r8, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4a850}, 0x8000)

1m16.168761649s ago: executing program 8 (id=7896):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x101100)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f00000001c0)={0x5, 0x2, 0xfffffeff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x2b, &(0x7f0000024140)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3, 0x1d, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @echo={0x8, 0x0, 0x0, 0xf, 0x7, '>'}}}}}, 0x0)
setpgid(r2, 0x0)
setpgid(0x0, r2)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
capset(&(0x7f0000000340)={0x20080522}, &(0x7f0000000300)={0x0, 0x0, 0x5f22})
ioctl$AUTOFS_IOC_EXPIRE(r3, 0x810c9365, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c80)=ANY=[@ANYBLOB="340020003e7c0000040042800c797b8006000600800a0000100002d3010014800800048004000280"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r4 = openat$vmci(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r4, 0x7a5, &(0x7f0000000100)={{@host, 0x6}, 0x0, 0x1, 0x3})
r5 = syz_open_dev$hiddev(&(0x7f0000000140), 0x7, 0x24000)
kcmp$KCMP_EPOLL_TFD(r2, r2, 0x7, r5, &(0x7f0000000280)={r3, r4, 0x8})

1m16.111099112s ago: executing program 8 (id=7897):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_open_dev$sg(0x0, 0x0, 0x38dd80)
r0 = socket$inet6(0xa, 0xa, 0x400000)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newqdisc={0x5c, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}, {0xd, 0xc}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x5, 0x12, 0x400, 0x1, 0x200}}, {0x4}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44004}, 0x0)
sendmmsg$inet6(r0, 0x0, 0x0, 0xc8004)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ptrace$ARCH_SET_CPUID(0x1e, 0x0, 0x0, 0x1012)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
syz_open_procfs$pagemap(0x0, 0x0)
madvise(&(0x7f0000bdf000/0x4000)=nil, 0x4000, 0x76)
r4 = socket(0x18, 0x0, 0x1)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r5 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)
socket$inet6_tcp(0xa, 0x1, 0x0)
write$FUSE_CREATE_OPEN(r5, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0xfffffffffffffffb, 0xfffffffffedfff83, 0x3, 0x1, {0xffffffffffffffff, 0x3ff, 0x20ff, 0x7ff, 0xf7c, 0x800000000000d615, 0x3fb, 0x7fffffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x8ea2}}, {0x0, 0x12}}}, 0xa0)
sendfile(r5, r5, &(0x7f0000000080), 0x7f04)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)

1m15.969525509s ago: executing program 8 (id=7899):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$cuse(0xffffff9c, &(0x7f0000000340), 0x2, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000380)={{{@in6=@private1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@private2}, 0x0, @in=@empty}}, &(0x7f0000000500)=0xe4)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x8400, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f}}, 0x50)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xa4c81, 0x10)
write$FUSE_CREATE_OPEN(r5, &(0x7f00000005c0)={0xa0, 0x0, r3, {{0x2, 0x4000000, 0x7fff, 0x9, 0xfffffff2, 0xa, {0x5, 0x3, 0x8, 0x5, 0x5, 0x80, 0x8, 0x3, 0x2, 0x8000, 0x6, 0x0, r4, 0x80, 0x1}}, {0x0, 0x6}}}, 0xa0)
lstat(&(0x7f0000000540)='./file0/file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x2002000, &(0x7f0000000600)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r4}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x400}}], [{@dont_hash}, {@fowner_gt={'fowner>', r6}}, {@obj_type={'obj_type', 0x3d, '%-${)'}}, {@hash}, {@permit_directio}]}})
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000180)={'erspan0\x00', &(0x7f0000000200)={'sit0\x00', r9, 0x8, 0x67, 0x65, 0xc, {{0x1f, 0x4, 0x1, 0x34, 0x7c, 0x65, 0x0, 0x81, 0x29, 0x0, @private=0xa010102, @local, {[@cipso={0x86, 0x2a, 0x0, [{0x0, 0xe, "a5c34c96f08a84f1256c54f0"}, {0x2, 0x7, "bdd003e895"}, {0x6, 0xf, "1622d98510ed59f6f8c30052f2"}]}, @ssrr={0x89, 0xb, 0xe6, [@remote, @empty]}, @timestamp_prespec={0x44, 0x14, 0x27, 0x3, 0x1, [{@loopback, 0xe}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x807f1a40}]}, @timestamp_addr={0x44, 0x1c, 0x5, 0x1, 0x8, [{@multicast2, 0xebd}, {@multicast2, 0x1}, {@dev={0xac, 0x14, 0x14, 0x1a}, 0x6}]}]}}}}})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x9}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
write$FUSE_INIT(r7, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)

1m15.943634807s ago: executing program 46 (id=7899):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$cuse(0xffffff9c, &(0x7f0000000340), 0x2, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000380)={{{@in6=@private1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@private2}, 0x0, @in=@empty}}, &(0x7f0000000500)=0xe4)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x8400, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f}}, 0x50)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xa4c81, 0x10)
write$FUSE_CREATE_OPEN(r5, &(0x7f00000005c0)={0xa0, 0x0, r3, {{0x2, 0x4000000, 0x7fff, 0x9, 0xfffffff2, 0xa, {0x5, 0x3, 0x8, 0x5, 0x5, 0x80, 0x8, 0x3, 0x2, 0x8000, 0x6, 0x0, r4, 0x80, 0x1}}, {0x0, 0x6}}}, 0xa0)
lstat(&(0x7f0000000540)='./file0/file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x2002000, &(0x7f0000000600)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r4}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x400}}], [{@dont_hash}, {@fowner_gt={'fowner>', r6}}, {@obj_type={'obj_type', 0x3d, '%-${)'}}, {@hash}, {@permit_directio}]}})
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000180)={'erspan0\x00', &(0x7f0000000200)={'sit0\x00', r9, 0x8, 0x67, 0x65, 0xc, {{0x1f, 0x4, 0x1, 0x34, 0x7c, 0x65, 0x0, 0x81, 0x29, 0x0, @private=0xa010102, @local, {[@cipso={0x86, 0x2a, 0x0, [{0x0, 0xe, "a5c34c96f08a84f1256c54f0"}, {0x2, 0x7, "bdd003e895"}, {0x6, 0xf, "1622d98510ed59f6f8c30052f2"}]}, @ssrr={0x89, 0xb, 0xe6, [@remote, @empty]}, @timestamp_prespec={0x44, 0x14, 0x27, 0x3, 0x1, [{@loopback, 0xe}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x807f1a40}]}, @timestamp_addr={0x44, 0x1c, 0x5, 0x1, 0x8, [{@multicast2, 0xebd}, {@multicast2, 0x1}, {@dev={0xac, 0x14, 0x14, 0x1a}, 0x6}]}]}}}}})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x9}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
write$FUSE_INIT(r7, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)

2.826363661s ago: executing program 7 (id=8434):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet6_int(r0, 0x29, 0x42, 0x0, &(0x7f0000002500))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000000300)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2c, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x40, 0x3, "cd4b6abe42031763d02899c77f963d140d7a9d3ac869f3a860917523679abf4579f9cd6564e64066681fb945bfe585ab6933a6f6514a0eebad4e3537"}, @NFTA_TARGET_NAME={0xa, 0x1, 'HMARK\x00'}, @NFTA_TARGET_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xc0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x9}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus/../file0\x00', 0x68)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8918, &(0x7f0000000140)={'ip_vti0\x00', @random="0200ff7fffff"})
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file1\x00', &(0x7f0000000100), 0x0, 0x0, 0x1)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r4, 0x0, 0x0)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

2.75607154s ago: executing program 7 (id=8439):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfd6c}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x1d, &(0x7f00000001c0), 0x4)

2.698295038s ago: executing program 7 (id=8440):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280), 0x0)
sendmsg$inet_sctp(r0, 0x0, 0x881)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xbcb5, 0x0, 0x5, 0x1000}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000300)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x2, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r3, 0x3516, 0x3e44, 0x8, 0x0, 0x0)

1.88352936s ago: executing program 1 (id=8444):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
r1 = memfd_create(&(0x7f00000000c0)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x02\x00\x00\x006w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\xf0\x8f\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYS', 0x0)
write(r1, &(0x7f0000002140)="6963e65843ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba40", 0x21)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
readlinkat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000019240)=""/102393, 0x18ff9)

1.85758104s ago: executing program 1 (id=8445):
syslog(0x2, 0x0, 0x0)

1.849062291s ago: executing program 7 (id=8446):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/rt_cache\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x9, 0x6, 0x5, 0x10000, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x50)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000280)='xen_mmu_pte_clear\x00', r2, 0x0, 0xa}, 0xfffffffffffffd57)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r3, 0x20, &(0x7f00000002c0)={0x0, 0x3900, 0x0, &(0x7f0000002b00)=""/171, 0xab}}, 0x10)
r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', 0x0, 0x10}, 0x14)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_tracing={0x1a, 0x17, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_fd={0x18, 0x0, 0x1, 0x0, r1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @call={0x85, 0x0, 0x0, 0xb5}, @generic={0x8, 0x8, 0x9, 0xd9e3, 0x4}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000002c0)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0x19, r3, 0x8, &(0x7f0000000300)={0x8, 0x43}, 0x8, 0x10, &(0x7f0000000340)={0x0, 0x9, 0xfffffffe, 0xdae}, 0x10, 0x226a3, r4, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94)

1.845313912s ago: executing program 1 (id=8447):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)={0xf5ff, 0x0, 0xa294})

1.79792621s ago: executing program 7 (id=8448):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfd6c}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x1d, &(0x7f00000001c0), 0x4)

1.796975223s ago: executing program 1 (id=8449):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x8)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0xecb0, 0x0, 0x0, 0x0, 0x0, r1}, 0x0, &(0x7f0000000140))
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
unshare(0x6a040000)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r4 = socket(0x21, 0x2, 0x10000000000002)
connect$rxrpc(r4, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8000, @multicast2}}, 0x24)
sendmmsg(r4, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[{0x10, 0x110, 0x1}], 0x10, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r4, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0xf4}}], 0xf000, 0x10002, 0x0)

1.795365258s ago: executing program 7 (id=8450):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
r1 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e20, 0x0, 0x0, 0x7, 0xa, 0x20, 0x80}, {0x1000000003ff, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x2, 0x2}, {0x0, 0x0, 0x0, 0x1}, 0x7, 0x0, 0x1}, {{@in6=@mcast2, 0x4d6, 0x33}, 0x0, @in=@empty, 0x3502, 0x0, 0x0, 0x7, 0x78}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0xffd8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r3, 0x4068aea3, &(0x7f0000000200)={0xc4, 0x0, 0x4})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000540)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x18, 0x0, 0x0)
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2002)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(0xffffffffffffffff, &(0x7f00000004c0)={0x2, 0x4e24, @multicast2}, 0x10)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000f7ea238343ab7fbc9a273f6d56797d86426f8bb44cbb995b3ae2f763f601888d7e24c34354e6be56b1367c9a59867fd2a925bd953ddf2cbfd418dc87d3385bd2cd"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport=0x28, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r8, 0x80015b11, &(0x7f0000000040))

1.421888017s ago: executing program 1 (id=8452):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="011029bd700006000000080000000400038003d47da291a5a6d9b177e2a3631d68c18b2f90fb6f18507ef04085da417a173c402f14b2d307cf7f6c57ad046087eb7a2958d7249df91c690aa9022216b080a96d0c108beedca1572a4e1f3a30fd54531f9c4e1188807ca504c489af51beedf115519ec3cce922f4b90d49f7159b42fe803fb4"], 0x18}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x1b, 0x0, 0x1}, 0x28)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x4000084)
syz_open_dev$video(0x0, 0x485, 0x40000)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="6d17957952f605000000c961c56cdb0059bdc7d34dd7049967058aeef16364fd00082a4945f4871431891cdcaf14c0c348f4a5e3e7df7ed509b0745ae8e823f5ba68951798aff68472234a91d6289d6a5c4a7ecbad19867ab4902eef8df644582326565e107d81000000000000009de03a02221abb57bcbae41cb2ec607f0e123fe244d76cdda958a09884837abedc26dd5c991f70a998e77d1ff7a7aeffa028b4035a78aa"], 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x78)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b40)={r6, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000001080)=[0x0, 0x0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
socket(0x11, 0x3, 0x0)

1.167672277s ago: executing program 6 (id=8453):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x42280, 0x0)
close(r0)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYRESOCT=r1], 0xb)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
write$sndseq(r2, &(0x7f0000000040)=[{0xf, 0x0, 0x0, 0xfd, @time, {}, {0xe}, @queue}], 0x1c)

1.166673068s ago: executing program 6 (id=8454):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
r1 = memfd_create(&(0x7f00000000c0)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x02\x00\x00\x006w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\xf0\x8f\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYS', 0x0)
write(r1, &(0x7f0000002140)="6963e65843ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba40", 0x21)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
readlinkat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000019240)=""/102393, 0x18ff9)

1.098907929s ago: executing program 6 (id=8455):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280), 0x0)
sendmsg$inet_sctp(r0, 0x0, 0x881)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xbcb5, 0x0, 0x5, 0x1000}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000300)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x2, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r3, 0x3516, 0x3e44, 0x8, 0x0, 0x0)

877.664818ms ago: executing program 3 (id=8456):
r0 = socket$xdp(0x2c, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x200000, 0x4)
sendmsg$xdp(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="81e52364e2dcd950d73cf5ce1d2772e86b1169e4bb86bce85319365bf05fd900f2bbe73d019cce26c6106221c01f8a4099058edb1bf8c48c0695e162fa188c521cdc5adf24b1e914fb3bab77ca68ea3974dd9847862be9f1322cfb5ad661d10ec4f92c94f8aaa4891fefb330a76136b4fa2dc4ebd8922e531e2ba249d81b618fa78540e6bf03bfca9b16985a1ad76234f81d772b34ea2a64ecad81331cc81fc9a2bfc2b95ae08b8677b418049015f6140b54250a63b917db38f137c49cf9a1df1012a29e151ee1913fa958d78c1e2456057622eb382c7c", 0xd7}, {&(0x7f0000000200)="a4ea884b4f54b8c5e66ab572553fc38fb3b97a53e9d800bf3354a836dea6f15ac165ab7f321476ec5d7e81608d9d225bfaf9125de74f75a43b9c8c78bc8448796063d3bcaacd9fdff9759d7ad26615911fe02fdf589aba56a92a69b1e348e75f6b8bf26806ec4cc16e1d0ae9c328205ee838a4112ef95543583815c74b1903c75c9d99d73162e6d7db6e8ac73040dfdb8c50e352ec4a31d40a200f464bf6e4bbcf9c0cbe71b4ec09e702eac3b307b467c6f0f14df10e03b1726680dd323bcfad8c14670be153b90034b08fa1cf73068f78f0c3ac6eabebc3a3a95f8f376d0da986b76ca9a4ef181b2c054e", 0xeb}], 0x2, 0x0, 0x0, 0x8010}, 0x4000000)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000000)={0x2, 0x1, 0x0, 0x0, 0x9}, 0xc)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd4, &(0x7f0000000080)=0x9, 0x4)

683.85305ms ago: executing program 3 (id=8457):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x40010, 0xffffffffffffffff, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
wait4(r0, 0x0, 0x40000000, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xff0a, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x34, r2, 0x1b, 0x0, 0x3, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x34}}, 0x4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg0\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg0\x00', <r4=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wg1\x00', <r5=>0x0})
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000100)={@loopback, <r6=>0x0}, &(0x7f0000000140)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r7=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vcan0\x00', <r9=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000240)={'ip6gre0\x00', <r10=>0x0, 0x2f, 0x47, 0x8, 0x2f, 0x37, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}, 0x81670a1631da8b16, 0x7800, 0xfffffff8, 0x7}})
r11 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r11, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r12=>0x0})
bind$can_j1939(r11, &(0x7f0000000040)={0x1d, r12, 0x1}, 0x18)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r13=>0x0, @broadcast, @local}, &(0x7f0000000340)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'ip6tnl0\x00', &(0x7f0000000380)={'syztnl1\x00', <r14=>0x0, 0x29, 0x1, 0x9, 0x2, 0x24, @private0={0xfc, 0x0, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x32}, 0x1, 0x20, 0xf, 0x1}})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={<r15=>0x0, @rand_addr, @local}, &(0x7f0000000480)=0xc)
r16 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r16, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r16, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r17 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r16, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r17, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r18=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r16, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r16, &(0x7f0000000100)={0x2c, 0x0, r18}, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000700)={&(0x7f00000004c0)={0x218, r2, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r18}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x218}, 0x1, 0x0, 0x0, 0x8011}, 0x40480d5)

501.97292ms ago: executing program 3 (id=8458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfd6c}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x1d, 0x0, 0x0)

438.252317ms ago: executing program 3 (id=8459):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = dup3(r1, r0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x2, &(0x7f0000000180)=[&(0x7f000093a000/0x2000)=nil, &(0x7f00001ac000/0x4000)=nil], &(0x7f0000000340)=[0x0, 0x1], &(0x7f0000000380), 0x2)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x474)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a, 0x2})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x80489439, &(0x7f0000000100))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000380)={0x0, 0xfffffffffffffe4f, &(0x7f0000000080)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc4}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="14000000100001005726a34f80494295e9a2084f00000000000000000600becf000000000000050000000000000000000700000e09fdffff1100010000000000000000000500000a"], 0x498}}, 0x200000d0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000440)="97713b46fbaa2b1044f2d408ffca802db4d770eb9874f493e0ef367e4bde497c403b450c72ff2417d079bb892435a1e107fa5c0ecd207d9e6f2a209bf148e6bc56955cb53347d1499097488fcad724a1"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000600)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffffc}], 0x0, 0x0, 0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)={0x38, r6, 0x5, 0x1, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "941686f54c428e48193856257512280bf969b3ca75ea3f63"}]]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x40000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r9=>0x0})
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000040)={0x0, 0x4d, &(0x7f0000000380)={&(0x7f0000000540)={0x2c, r10, 0x1, 0x70bd2c, 0x0, {{0x2}, {@val={0x8, 0x3, r9}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x2c}, 0x1, 0x0, 0x0, 0x48845}, 0x4040000)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r2, &(0x7f00000005c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="080025bd7000fbdbdf256300000008000300", @ANYRES32=r9, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4a850}, 0x8000)

429.98897ms ago: executing program 1 (id=8460):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000008000000000000000080000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000a8d100008500000083000000bf0900000000000055090100000000009500000000000000850000000e000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000ac0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x103}, 0x1c)
sendto$inet6(r0, &(0x7f0000000000)="12", 0x100000, 0x44000, 0x0, 0x0)

329.849687ms ago: executing program 3 (id=8461):
syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x20, 0x1, 0x3e}, &(0x7f0000000180), &(0x7f00000001c0))
ioctl$I2C_TENBIT(0xffffffffffffffff, 0x704, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040), 0x4)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
writev(r1, &(0x7f0000000200)=[{&(0x7f0000000340)="031f31b1f09d76af21e3b0224966a232dc1f5bfd8a29f730b10a53e756087a1df416fd804b636964220910b05962d95d7fb7873e8a0b7b62d7384dbd12b536f0e55e588092441663f9665e4b39f8eb3430840ac3c6ad014d6268fca6b3fc43da09b1d0a95d18e26a8e0ddd857f4911abb72ced02e4f1fe5ebb35042436374c7119229c019819a8491bdd74a299ca4fa71ee05f4c49c99de404b76d08fb1938674fa45fd06104cfcc08e9c017a2769a77e1a9e4da0e451353ca53b990500b18e4f4bb5cf1309fe4707c3f7200"/218, 0xda}, {&(0x7f0000000640)="ffb3ef96fd55310531a92b9d4b2ebcb168c3e90db153fe8bc3c9e2cfd50d22329495b92a7e12a948fff8e40f44798512135fd8fec900cca0c10e9e61d61cff5507f9298209ab8dd95ba0cb024a07dc20d07ac8940c729de29318e23818b2169da4374e8ec904573105b3dafbed9c3958b6570ec6117f2a8b7823b94056c0bcfd679f57db483bb7631bfd74f5f73cdebd19d4bd31a81d7c73c4428a65dc3820987e1ea1c45773112d4e2b1cc8064f220c7b2d673f84d4b1a5a9aedc2063b740198f57d0848358b2cf118bfcdc7c40303dee672f1ca6384e006460df438bde154a0c", 0xe1}, {&(0x7f0000000140)="74812905b8bd297a48dc5adfa4052d6e7cdd8c1615a231859ac522b4ae78d7f1b3619ed73f0e93cf3ccd30f4e58303dfd9d20af483a3406d486bad53698267735b", 0x41}, {&(0x7f0000000280)="7c73c1e117e291cb0100000000000000f9a19a5183aa91163ef7aa02ce433c1042f6ee70b4fc666ca104a44c8043dfc59c3a2b2fafeed98ad7ba6746cac942f20cf64423a5f0e115770de6db3543b33035d537c0dc7d922120640d775418ed784594e7b95cf7c9abcaadc7c177116160fe4717105675db", 0x77}, {&(0x7f00000008c0)="790f076461633e860315f3328f99377a0aa835675115acd2b7f10f5db17ec3fde9fbe7060f7025e4aeb974183c45cef27e5f95a42d5eee4f9c3ba0ef5c6601d08076576cddefe74f2b3b23c3b16076675cb1bcdede8d819967d59a7b7c2c34e76233d38be07bc9d91e27bfe688115bb226db5e1179a69c22357df381e6a73bd8b4132f610008d32103ebde594b4611450ab4bd7e97a51718c9e186ee8ae006e66ea2c6afbdfc76b2c4ba738000000021bfce27e702bb3159ac514b3b7141d184fc95a53e825dd7a264360483622d808bcc55ecdc58eaba26d65e8fb40c1446c7d56358b40a0632a44acdfd8232d2e421f97e40b190155087b0bab3d0d816eb3671842438c631384ca936a989ecb918492452a72e4c60592557ca046e36b047c4ca8a7a82b79e1bebf1d3668eceaf6899dc759640ba5fc108ada047d13471fc5aed0dcf3ba6ea78297ef956f42c6d5786f099da4e55771ad021baea2b99a7", 0x15e}], 0x5)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000240), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001a40)=[&(0x7f00000017c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='inet_sk_error_report\x00', r3}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x40)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000440)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000000)={@any, 0x2})

302.014852ms ago: executing program 3 (id=8462):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000fcffffff000000000000000095"], &(0x7f0000000300)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000540)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x80045b10, &(0x7f0000000040))

260.102007ms ago: executing program 6 (id=8463):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000080)={0x1, 0x4, 0x81})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x402)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r6=>0x0})
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000040)={r6, 0x1, 0x6, @multicast}, 0x10)
setsockopt$packet_drop_memb(r5, 0x107, 0x2, &(0x7f0000000080)={r6, 0x1, 0x6, @multicast}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xfffffffe, '\x00', r6, 0xffffffffffffffff, 0x1, 0x3, 0x3}, 0x50)
ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5393, &(0x7f0000000000))
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[], 0x40}}, 0x0)

149.172416ms ago: executing program 6 (id=8464):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet6_int(r0, 0x29, 0x42, 0x0, &(0x7f0000002500))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000000300)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2c, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x40, 0x3, "cd4b6abe42031763d02899c77f963d140d7a9d3ac869f3a860917523679abf4579f9cd6564e64066681fb945bfe585ab6933a6f6514a0eebad4e3537"}, @NFTA_TARGET_NAME={0xa, 0x1, 'HMARK\x00'}, @NFTA_TARGET_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xc0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x9}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus/../file0\x00', 0x68)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8918, &(0x7f0000000140)={'ip_vti0\x00', @random="0200ff7fffff"})
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file1\x00', &(0x7f0000000100), 0x0, 0x0, 0x1)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r4, 0x0, 0x0)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

0s ago: executing program 6 (id=8465):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f0000002100)={0x0, 0x4, 0x0, 0xfffffffe, 0x4})
openat$cdrom(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8500, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x200)
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x10000, 0x0, 0x4, 0xefffffff, 0x0, [{0x2, 0x8, 0xfc, '\x00', 0x3}, {0x4, 0x9, 0xfc, '\x00', 0x7c}, {0xfc, 0x12, 0x4, '\x00', 0x1}, {0x11, 0xb, 0x0, '\x00', 0xea}, {}, {0xfe, 0x0, 0x1, '\x00', 0x2}, {0x1f, 0x1, 0x2}, {0xfd, 0x0, 0x7, '\x00', 0x2}, {0x0, 0xf, 0xf7, '\x00', 0xfc}, {0xa8, 0x6, 0x0, '\x00', 0x11}, {0xb}, {0x9, 0x9, 0x42, '\x00', 0xff}, {0x0, 0x0, 0x2, '\x00', 0x1}, {0x2, 0x0, 0x6}, {0xff, 0x9, 0x0, '\x00', 0x49}, {0x1, 0x1, 0x80}, {0x3, 0x0, 0x0, '\x00', 0x84}, {0x2, 0x2, 0x6, '\x00', 0x10}, {0x48, 0x4, 0xd, '\x00', 0xfd}, {0x8, 0xc0, 0x3}, {0x4, 0x12, 0x3, '\x00', 0x25}, {0xfd, 0x9, 0x0, '\x00', 0x5}, {0x2, 0x2, 0x9}, {0x9, 0xff, 0x3, '\x00', 0x7}]}})

kernel console output (not intermixed with test programs):

 1223.205362][T13210] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1223.209043][T13210] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1223.212432][T13210] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1223.215494][T13210] bond0 (unregistering): Released all slaves
[ 1223.219386][T13210] bond1 (unregistering): Released all slaves
[ 1223.224737][T13210] bond2 (unregistering): Released all slaves
[ 1223.228947][T32629] team0: Port device team_slave_1 added
[ 1223.248515][T32629] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1223.250714][T32629] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1223.260256][T32629] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1223.264782][T32629] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1223.267596][T32629] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1223.275848][T32629] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1223.298103][T32629] hsr_slave_0: entered promiscuous mode
[ 1223.300223][T32629] hsr_slave_1: entered promiscuous mode
[ 1223.302302][T32629] debugfs: 'hsr0' already exists in 'hsr'
[ 1223.304272][T32629] Cannot create hsr debugfs directory
[ 1223.315462][T13210] tipc: Left network mode
[ 1223.385594][T28620] usb 11-1: USB disconnect, device number 7
[ 1223.543110][ T5984] Bluetooth: hci1: command tx timeout
[ 1223.565930][T13210] hsr_slave_0: left promiscuous mode
[ 1223.568023][T13210] hsr_slave_1: left promiscuous mode
[ 1223.569973][T13210] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1223.572567][T13210] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1223.621218][T13210] team0 (unregistering): Port device team_slave_1 removed
[ 1223.631924][T13210] team0 (unregistering): Port device C removed
[ 1223.790040][T32629] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1223.793488][T32629] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1223.796822][T32629] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1223.800055][T32629] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1223.826988][T32629] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1223.832647][T32629] 8021q: adding VLAN 0 to HW filter on device team0
[ 1223.839317][T13200] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1223.841760][T13200] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1223.848269][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1223.851214][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1223.932595][T32629] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1224.037994][T32629] veth0_vlan: entered promiscuous mode
[ 1224.042494][T32629] veth1_vlan: entered promiscuous mode
[ 1224.057640][T32629] veth0_macvtap: entered promiscuous mode
[ 1224.060929][T32629] veth1_macvtap: entered promiscuous mode
[ 1224.067864][T32629] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1224.072590][T32629] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1224.077097][   T46] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1224.079980][   T46] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1224.083418][   T46] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1224.086329][   T46] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1224.107830][T13210] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1224.110551][T13210] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1224.110859][T32670] binder: 32669:32670 ioctl 80489439 80000100 returned -22
[ 1224.119376][T13217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1224.121897][T13217] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1224.282195][T32684] binder: 32680:32684 ioctl 80489439 80000100 returned -22
[ 1224.387527][T32689] syz.7.7909 (32689): drop_caches: 2
[ 1224.410727][T32689] netlink: 24 bytes leftover after parsing attributes in process `syz.7.7909'.
[ 1224.443021][T28620] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[ 1224.572973][T28620] usb 11-1: device descriptor read/64, error -71
[ 1224.682939][T30787] usb 12-1: new high-speed USB device number 17 using dummy_hcd
[ 1224.813005][T28620] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[ 1224.823113][ T5984] Bluetooth: hci3: command tx timeout
[ 1224.842897][T30787] usb 12-1: Using ep0 maxpacket: 8
[ 1224.846554][T30787] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1224.849833][T30787] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1224.853323][T30787] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1224.856457][T30787] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1224.860460][T30787] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1224.863954][T30787] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1224.919506][T32699] binder: 32698:32699 ioctl 80489439 80000100 returned -22
[ 1224.943630][T28620] usb 11-1: device descriptor read/64, error -71
[ 1225.053131][T28620] usb usb11-port1: attempt power cycle
[ 1225.069499][T30787] usb 12-1: GET_CAPABILITIES returned 0
[ 1225.071360][T30787] usbtmc 12-1:16.0: can't read capabilities
[ 1225.153661][T32712] binder: 32711:32712 ioctl 80489439 80000100 returned -22
[ 1225.156393][ T5984] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[ 1225.274369][T30787] usb 12-1: USB disconnect, device number 17
[ 1225.378003][T32721] usb usb8: usbfs: process 32721 (syz.1.7919) did not claim interface 0 before use
[ 1225.386236][T32721] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7919'.
[ 1225.412977][T28620] usb 11-1: new high-speed USB device number 10 using dummy_hcd
[ 1225.443526][T28620] usb 11-1: device descriptor read/8, error -71
[ 1225.633053][ T5984] Bluetooth: hci1: command tx timeout
[ 1225.692942][T28620] usb 11-1: new high-speed USB device number 11 using dummy_hcd
[ 1225.713507][T28620] usb 11-1: device descriptor read/8, error -71
[ 1225.833869][T28620] usb usb11-port1: unable to enumerate USB device
[ 1225.936891][T32726] netlink: 196 bytes leftover after parsing attributes in process `syz.3.7921'.
[ 1226.318613][T32734] binder: 32733:32734 ioctl 80489439 80000100 returned -22
[ 1226.489687][T32743] FAULT_INJECTION: forcing a failure.
[ 1226.489687][T32743] name failslab, interval 1, probability 0, space 0, times 0
[ 1226.493817][T32743] CPU: 3 UID: 0 PID: 32743 Comm: syz.1.7926 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1226.493835][T32743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1226.493842][T32743] Call Trace:
[ 1226.493846][T32743]  <TASK>
[ 1226.493850][T32743]  dump_stack_lvl+0x16c/0x1f0
[ 1226.493868][T32743]  should_fail_ex+0x512/0x640
[ 1226.493886][T32743]  ? nft_set_elem_init+0xcb/0x5b0
[ 1226.493904][T32743]  should_failslab+0xc2/0x120
[ 1226.493920][T32743]  __kmalloc_noprof+0xd2/0x510
[ 1226.493934][T32743]  ? stack_trace_save+0x8e/0xc0
[ 1226.493947][T32743]  nft_set_elem_init+0xcb/0x5b0
[ 1226.493961][T32743]  nft_add_set_elem+0x19ad/0x3d80
[ 1226.493975][T32743]  ? ____sys_sendmsg+0xa60/0xc70
[ 1226.493992][T32743]  ? srso_alias_untrain_ret+0x10/0x10
[ 1226.494004][T32743]  ? __pfx_nft_add_set_elem+0x10/0x10
[ 1226.494021][T32743]  ? rcu_is_watching+0x12/0xc0
[ 1226.494034][T32743]  ? net_generic+0xea/0x2a0
[ 1226.494047][T32743]  ? rcu_is_watching+0x12/0xc0
[ 1226.494058][T32743]  ? lock_release+0x201/0x2f0
[ 1226.494074][T32743]  ? __nla_validate_parse+0x600/0x2880
[ 1226.494089][T32743]  ? nla_strcmp+0xff/0x130
[ 1226.494098][T32743]  ? nft_set_lookup_global+0x164/0x390
[ 1226.494114][T32743]  nf_tables_newsetelem+0x5f7/0xa70
[ 1226.494129][T32743]  ? __pfx_nf_tables_newsetelem+0x10/0x10
[ 1226.494143][T32743]  ? __nla_parse+0x40/0x60
[ 1226.494154][T32743]  nfnetlink_rcv_batch+0x18ed/0x2330
[ 1226.494169][T32743]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[ 1226.494179][T32743]  ? stack_depot_save_flags+0x29/0x9c0
[ 1226.494195][T32743]  ? __pfx_stack_trace_save+0x10/0x10
[ 1226.494208][T32743]  ? kasan_save_stack+0x42/0x60
[ 1226.494220][T32743]  ? kasan_save_stack+0x33/0x60
[ 1226.494232][T32743]  ? kasan_save_track+0x14/0x30
[ 1226.494244][T32743]  ? __kasan_slab_alloc+0x89/0x90
[ 1226.494265][T32743]  ? __nla_parse+0x40/0x60
[ 1226.494276][T32743]  nfnetlink_rcv+0x3c1/0x430
[ 1226.494286][T32743]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1226.494297][T32743]  ? is_vmalloc_addr+0x86/0xa0
[ 1226.494310][T32743]  netlink_unicast+0x5aa/0x870
[ 1226.494325][T32743]  ? __pfx_netlink_unicast+0x10/0x10
[ 1226.494340][T32743]  ? __pfx___might_resched+0x10/0x10
[ 1226.494353][T32743]  netlink_sendmsg+0x8d1/0xdd0
[ 1226.494368][T32743]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1226.494383][T32743]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1226.494397][T32743]  ____sys_sendmsg+0xa95/0xc70
[ 1226.494433][T32743]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1226.494450][T32743]  ? get_compat_msghdr+0x11a/0x170
[ 1226.494465][T32743]  ? kstrtouint_from_user+0x13c/0x1d0
[ 1226.494480][T32743]  ___sys_sendmsg+0x134/0x1d0
[ 1226.494493][T32743]  ? get_pid_task+0xfc/0x250
[ 1226.494509][T32743]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1226.494524][T32743]  ? rcu_is_watching+0x12/0xc0
[ 1226.494539][T32743]  __sys_sendmsg+0x16d/0x220
[ 1226.494553][T32743]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1226.494569][T32743]  ? rcu_is_watching+0x12/0xc0
[ 1226.494580][T32743]  __do_fast_syscall_32+0x7c/0x3a0
[ 1226.494596][T32743]  do_fast_syscall_32+0x32/0x80
[ 1226.494610][T32743]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1226.494624][T32743] RIP: 0023:0xf704e579
[ 1226.494632][T32743] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1226.494643][T32743] RSP: 002b:00000000f543e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1226.494655][T32743] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009b40
[ 1226.494661][T32743] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[ 1226.494668][T32743] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1226.494674][T32743] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1226.494681][T32743] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1226.494690][T32743]  </TASK>
[ 1226.903058][ T5984] Bluetooth: hci3: command tx timeout
[ 1226.912975][T30787] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[ 1227.061457][T32755] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7929'.
[ 1227.062982][T30787] usb 6-1: Using ep0 maxpacket: 8
[ 1227.071671][T30787] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1227.075244][T30787] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1227.078344][T30787] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1227.081362][T30787] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1227.085827][T30787] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1227.088685][T30787] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1227.294301][T30787] usb 6-1: GET_CAPABILITIES returned 0
[ 1227.296144][T30787] usbtmc 6-1:16.0: can't read capabilities
[ 1227.382968][T30771] usb 44-1: device descriptor read/8, error -110
[ 1227.496134][T28619] usb 6-1: USB disconnect, device number 53
[ 1227.702982][ T5984] Bluetooth: hci1: command tx timeout
[ 1227.784965][T30771] usb usb44-port1: attempt power cycle
[ 1227.875169][T32766] binder: 32765:32766 ioctl 80489439 80000100 returned -22
[ 1227.943907][  T303] syz.3.7933 (303): drop_caches: 2
[ 1227.955371][  T303] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7933'.
[ 1228.210252][  T318] binder: 317:318 ioctl 80489439 80000100 returned -22
[ 1228.271791][  T322] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[ 1228.273882][  T322] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1228.290973][  T322] vhci_hcd vhci_hcd.0: Device attached
[ 1228.318507][  T322] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7937'.
[ 1228.572202][T30771] usb usb44-port1: unable to enumerate USB device
[ 1228.712900][T30769] usb 40-1: SetAddress Request (7) to port 0
[ 1228.714923][T30769] usb 40-1: new SuperSpeed USB device number 7 using vhci_hcd
[ 1228.992953][ T5984] Bluetooth: hci3: command tx timeout
[ 1229.000128][  T325] vhci_hcd: connection reset by peer
[ 1229.002912][T13217] vhci_hcd: stop threads
[ 1229.004461][T13217] vhci_hcd: release socket
[ 1229.006074][T13217] vhci_hcd: disconnect device
[ 1229.154254][  T341] geneve2: entered promiscuous mode
[ 1229.283609][  T347] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7942'.
[ 1229.376008][  T349] binder: 348:349 ioctl 80489439 80000100 returned -22
[ 1230.682900][  T392] usb usb8: usbfs: process 392 (syz.7.7956) did not claim interface 0 before use
[ 1230.799440][  T396] usb usb8: usbfs: process 396 (syz.3.7957) did not claim interface 0 before use
[ 1230.823749][   T40] kauditd_printk_skb: 80 callbacks suppressed
[ 1230.823784][   T40] audit: type=1326 audit(2000000275.259:57466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1230.832975][   T40] audit: type=1326 audit(2000000275.259:57467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1230.840136][  T395] netlink: 40 bytes leftover after parsing attributes in process `syz.7.7956'.
[ 1230.848904][   T40] audit: type=1326 audit(2000000275.259:57468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1230.863052][   T40] audit: type=1326 audit(2000000275.259:57469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1230.873563][   T40] audit: type=1326 audit(2000000275.259:57470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1230.891186][   T40] audit: type=1326 audit(2000000275.259:57471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1230.907920][   T40] audit: type=1326 audit(2000000275.259:57472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1230.923976][   T40] audit: type=1326 audit(2000000275.259:57473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1230.936243][   T40] audit: type=1326 audit(2000000275.259:57474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1230.948987][   T40] audit: type=1326 audit(2000000275.259:57475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=386 comm="syz.7.7956" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1231.047891][  T397] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7957'.
[ 1231.133237][ T5984] Bluetooth: hci3: command tx timeout
[ 1231.660649][T23459] IPVS: starting estimator thread 0...
[ 1231.669255][  T405] tipc: Started in network mode
[ 1231.671617][  T405] tipc: Node identity ac1414aa, cluster identity 4711
[ 1231.678112][  T405] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1231.681609][  T405] tipc: Enabled bearer <udp:s>, priority 10
[ 1231.690316][  T409] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(6)
[ 1231.693102][  T409] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1231.706064][  T409] vhci_hcd vhci_hcd.0: Device attached
[ 1231.751300][  T409] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7959'.
[ 1231.784269][  T407] IPVS: using max 53 ests per chain, 127200 per kthread
[ 1231.812940][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1231.953970][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1231.982963][T30770] usb 52-1: SetAddress Request (2) to port 0
[ 1231.985056][T30770] usb 52-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1232.093045][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1232.232908][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1232.371329][  T410] vhci_hcd: connection reset by peer
[ 1232.372926][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1232.375418][T13200] vhci_hcd: stop threads
[ 1232.376826][T13200] vhci_hcd: release socket
[ 1232.378254][T13200] vhci_hcd: disconnect device
[ 1232.512904][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1232.605848][  T437] binder: 436:437 ioctl 80489439 80000100 returned -22
[ 1232.652919][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1232.792974][T30787] tipc: Node number set to 2886997162
[ 1232.933036][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1232.966059][  T454] usb usb8: usbfs: process 454 (syz.3.7968) did not claim interface 0 before use
[ 1233.022593][ T5984] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1233.044226][  T456] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7968'.
[ 1233.213051][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1233.254624][  T466] binder: 465:466 ioctl 80489439 80000100 returned -22
[ 1233.375596][  T473] binder: 472:473 ioctl 80489439 80000100 returned -22
[ 1233.493286][T16594] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[ 1233.655124][T16594] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1233.661444][T16594] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1233.665812][T16594] usb 6-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1233.670506][T16594] usb 6-1: config 1 interface 1 has no altsetting 0
[ 1233.677472][T16594] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1233.681731][T16594] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1233.684868][T16594] usb 6-1: Product: syz
[ 1233.686388][T16594] usb 6-1: Manufacturer: syz
[ 1233.688013][T16594] usb 6-1: SerialNumber: syz
[ 1233.689316][  T496] netlink: 'syz.3.7984': attribute type 1 has an invalid length.
[ 1233.711807][  T496] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1233.714714][  T496] bond1: (slave bond2): making interface the new active one
[ 1233.717452][  T496] bond1: (slave bond2): Enslaving as an active interface with an up link
[ 1233.724528][  T496] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1233.728382][  T496] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[ 1233.782955][T30769] usb 40-1: device descriptor read/8, error -110
[ 1233.815370][  T502] binder: 501:502 ioctl 80489439 80000100 returned -22
[ 1233.825069][  T506] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1233.829258][  T506] FAULT_INJECTION: forcing a failure.
[ 1233.829258][  T506] name failslab, interval 1, probability 0, space 0, times 0
[ 1233.833945][  T506] CPU: 2 UID: 0 PID: 506 Comm: syz.3.7987 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1233.833962][  T506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1233.833969][  T506] Call Trace:
[ 1233.833973][  T506]  <TASK>
[ 1233.833978][  T506]  dump_stack_lvl+0x16c/0x1f0
[ 1233.833996][  T506]  should_fail_ex+0x512/0x640
[ 1233.834013][  T506]  ? ovl_lookup+0x1243/0x21a0
[ 1233.834025][  T506]  should_failslab+0xc2/0x120
[ 1233.834040][  T506]  __kmalloc_noprof+0xd2/0x510
[ 1233.834053][  T506]  ? __memcg_slab_post_alloc_hook+0x4a0/0x960
[ 1233.834070][  T506]  ovl_lookup+0x1243/0x21a0
[ 1233.834083][  T506]  ? rcu_is_watching+0x12/0xc0
[ 1233.834096][  T506]  ? __pfx_ovl_lookup+0x10/0x10
[ 1233.834109][  T506]  ? d_alloc_parallel+0x828/0x1480
[ 1233.834126][  T506]  ? aa_get_newest_label+0xd2/0x250
[ 1233.834140][  T506]  ? privileged_wrt_inode_uidgid+0xca/0x1d0
[ 1233.834154][  T506]  ? bpf_lsm_capable+0x9/0x10
[ 1233.834167][  T506]  ? lockdep_init_map_type+0x5c/0x280
[ 1233.834184][  T506]  __lookup_slow+0x24e/0x460
[ 1233.834201][  T506]  ? __pfx___lookup_slow+0x10/0x10
[ 1233.834222][  T506]  ? lookup_fast+0x156/0x610
[ 1233.834233][  T506]  walk_component+0x353/0x5b0
[ 1233.834244][  T506]  path_lookupat+0x142/0x6d0
[ 1233.834257][  T506]  filename_lookup+0x224/0x5f0
[ 1233.834269][  T506]  ? __pfx_filename_lookup+0x10/0x10
[ 1233.834287][  T506]  ? getname_flags.part.0+0x1c5/0x550
[ 1233.834303][  T506]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1233.834320][  T506]  user_path_at+0x3a/0x60
[ 1233.834332][  T506]  do_fchownat+0xf9/0x200
[ 1233.834367][  T506]  ? __pfx_do_fchownat+0x10/0x10
[ 1233.834383][  T506]  ? __pfx_ksys_write+0x10/0x10
[ 1233.834397][  T506]  __ia32_sys_chown16+0xe3/0x110
[ 1233.834410][  T506]  __do_fast_syscall_32+0x7c/0x3a0
[ 1233.834426][  T506]  do_fast_syscall_32+0x32/0x80
[ 1233.834441][  T506]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1233.834455][  T506] RIP: 0023:0xf708e579
[ 1233.834464][  T506] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1233.834475][  T506] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 00000000000000b6
[ 1233.834487][  T506] RAX: ffffffffffffffda RBX: 0000000080000240 RCX: 000000000000ee00
[ 1233.834494][  T506] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1233.834500][  T506] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1233.834507][  T506] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1233.834513][  T506] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1233.834523][  T506]  </TASK>
[ 1233.958734][T16594] usb 6-1: USB disconnect, device number 54
[ 1233.998963][  T512] xt_HMARK: proto mask must be zero with L3 mode
[ 1234.183704][T30769] usb usb40-port1: attempt power cycle
[ 1234.655319][ T5984] Bluetooth: hci1: Ignoring connect complete event for invalid link type
[ 1234.763257][T30769] usb usb40-port1: unable to enumerate USB device
[ 1234.986326][  T537] usb usb8: usbfs: process 537 (syz.3.7994) did not claim interface 0 before use
[ 1235.080448][  T540] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7994'.
[ 1235.177461][  T541] usb usb8: usbfs: process 541 (syz.6.7992) did not claim interface 0 before use
[ 1235.204884][  T541] netlink: 40 bytes leftover after parsing attributes in process `syz.6.7992'.
[ 1235.734303][  T547] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1235.853419][  T553] netlink: 'syz.7.8000': attribute type 1 has an invalid length.
[ 1236.389134][  T564] binder: 563:564 ioctl 80489439 80000100 returned -22
[ 1236.542941][T30787] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1236.576857][ T5984] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[ 1236.703768][T30787] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1236.707824][T30787] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1236.712367][T30787] usb 8-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1236.727383][T30787] usb 8-1: config 1 interface 1 has no altsetting 0
[ 1236.736014][T30787] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1236.739132][T30787] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1236.746817][T30787] usb 8-1: Product: syz
[ 1236.750263][T30787] usb 8-1: Manufacturer: syz
[ 1236.756598][T30787] usb 8-1: SerialNumber: syz
[ 1236.912889][    C0] net_ratelimit: 4 callbacks suppressed
[ 1236.912902][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1237.065541][T30770] usb 52-1: device descriptor read/8, error -110
[ 1237.164366][T30787] usb 8-1: USB disconnect, device number 14
[ 1237.473502][T30770] usb usb52-port1: attempt power cycle
[ 1237.757846][  T602] usb usb8: usbfs: process 602 (syz.1.8008) did not claim interface 0 before use
[ 1237.761915][   T40] kauditd_printk_skb: 172 callbacks suppressed
[ 1237.761926][   T40] audit: type=1326 audit(2000000282.189:57648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.771475][   T40] audit: type=1326 audit(2000000282.199:57649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.775877][  T602] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8008'.
[ 1237.779648][   T40] audit: type=1326 audit(2000000282.199:57650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.788313][   T40] audit: type=1326 audit(2000000282.199:57651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.795671][   T40] audit: type=1326 audit(2000000282.199:57652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.802317][   T40] audit: type=1326 audit(2000000282.199:57653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.809692][   T40] audit: type=1326 audit(2000000282.199:57654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.816357][   T40] audit: type=1326 audit(2000000282.199:57655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.823215][   T40] audit: type=1326 audit(2000000282.199:57656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.829860][   T40] audit: type=1326 audit(2000000282.199:57657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=592 comm="syz.1.8008" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1237.913940][  T605] usb usb8: usbfs: process 605 (syz.6.8011) did not claim interface 0 before use
[ 1237.924422][  T605] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8011'.
[ 1237.952884][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1238.033393][T30770] usb usb52-port1: unable to enumerate USB device
[ 1238.354255][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.356916][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 1238.853129][  T614] 9pnet_virtio: no channels available for device syz
[ 1238.983112][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1238.996354][ T5984] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1240.022909][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1240.204341][  T651] FAULT_INJECTION: forcing a failure.
[ 1240.204341][  T651] name failslab, interval 1, probability 0, space 0, times 0
[ 1240.208401][  T651] CPU: 1 UID: 0 PID: 651 Comm: syz.7.8023 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1240.208430][  T651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1240.208438][  T651] Call Trace:
[ 1240.208443][  T651]  <TASK>
[ 1240.208448][  T651]  dump_stack_lvl+0x16c/0x1f0
[ 1240.208465][  T651]  should_fail_ex+0x512/0x640
[ 1240.208483][  T651]  should_failslab+0xc2/0x120
[ 1240.208498][  T651]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1240.208510][  T651]  ? sctp_add_bind_addr+0xae/0x3f0
[ 1240.208522][  T651]  sctp_add_bind_addr+0xae/0x3f0
[ 1240.208533][  T651]  sctp_copy_local_addr_list+0x349/0x550
[ 1240.208548][  T651]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1240.208562][  T651]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[ 1240.208576][  T651]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1240.208594][  T651]  sctp_bind_addr_copy+0xe0/0x530
[ 1240.208607][  T651]  sctp_connect_new_asoc+0x1c9/0x770
[ 1240.208623][  T651]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1240.208638][  T651]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[ 1240.208652][  T651]  ? rcu_is_watching+0x12/0xc0
[ 1240.208665][  T651]  ? lock_release+0x201/0x2f0
[ 1240.208681][  T651]  __sctp_connect+0x3f3/0xc60
[ 1240.208697][  T651]  ? rcu_is_watching+0x12/0xc0
[ 1240.208708][  T651]  ? __pfx___sctp_connect+0x10/0x10
[ 1240.208723][  T651]  ? rcu_is_watching+0x12/0xc0
[ 1240.208733][  T651]  ? __might_fault+0xe3/0x190
[ 1240.208746][  T651]  ? lock_release+0x201/0x2f0
[ 1240.208761][  T651]  __sctp_setsockopt_connectx+0xfc/0x170
[ 1240.208783][  T651]  sctp_getsockopt+0x2740/0x69b0
[ 1240.208799][  T651]  ? __pv_queued_spin_lock_slowpath+0x28d/0xcf0
[ 1240.208814][  T651]  ? __pfx_sctp_getsockopt+0x10/0x10
[ 1240.208831][  T651]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[ 1240.208847][  T651]  ? sched_clock_cpu+0x6c/0x530
[ 1240.208860][  T651]  ? plist_check_prev_next+0x12a/0x1a0
[ 1240.208871][  T651]  ? rcu_is_watching+0x12/0xc0
[ 1240.208883][  T651]  ? aa_sk_perm+0x2f4/0xb10
[ 1240.208898][  T651]  ? rcu_is_watching+0x12/0xc0
[ 1240.208908][  T651]  ? trace_irq_enable.constprop.0+0xd4/0x120
[ 1240.208926][  T651]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1240.208939][  T651]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1240.208951][  T651]  ? rcu_is_watching+0x12/0xc0
[ 1240.208963][  T651]  ? aa_sock_opt_perm+0xfd/0x1c0
[ 1240.208974][  T651]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1240.208992][  T651]  do_sock_getsockopt+0x34a/0x440
[ 1240.209010][  T651]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1240.209026][  T651]  ? lock_release+0x201/0x2f0
[ 1240.209044][  T651]  __sys_getsockopt+0x123/0x1b0
[ 1240.209059][  T651]  __ia32_sys_getsockopt+0xbc/0x160
[ 1240.209073][  T651]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1240.209088][  T651]  __do_fast_syscall_32+0x7c/0x3a0
[ 1240.209104][  T651]  do_fast_syscall_32+0x32/0x80
[ 1240.209119][  T651]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1240.209134][  T651] RIP: 0023:0xf70ce579
[ 1240.209142][  T651] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1240.209154][  T651] RSP: 002b:00000000f547c55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[ 1240.209165][  T651] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084
[ 1240.209172][  T651] RDX: 000000000000006f RSI: 00000000800000c0 RDI: 0000000080000100
[ 1240.209179][  T651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1240.209185][  T651] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1240.209192][  T651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1240.209202][  T651]  </TASK>
[ 1240.241551][  T652] usb usb8: usbfs: process 652 (syz.1.8024) did not claim interface 0 before use
[ 1240.322903][T16594] usb 11-1: new high-speed USB device number 12 using dummy_hcd
[ 1240.389028][  T650] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8024'.
[ 1240.514439][T16594] usb 11-1: unable to get BOS descriptor or descriptor too short
[ 1240.517664][T16594] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1240.520894][T16594] usb 11-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1240.530032][T16594] usb 11-1: config 1 interface 1 has no altsetting 0
[ 1240.533624][T16594] usb 11-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1240.536797][T16594] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1240.539415][T16594] usb 11-1: Product: syz
[ 1240.540838][T16594] usb 11-1: Manufacturer: syz
[ 1240.542527][T16594] usb 11-1: SerialNumber: syz
[ 1240.766154][T16594] usb 11-1: USB disconnect, device number 12
[ 1240.996000][  T662] 9pnet_virtio: no channels available for device syz
[ 1241.063048][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1241.072013][  T663] 9pnet_virtio: no channels available for device syz
[ 1241.373727][  T665] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1241.379095][  T665] syzkaller0: entered promiscuous mode
[ 1241.381020][  T665] syzkaller0: entered allmulticast mode
[ 1241.418923][  T665] tipc: Resetting bearer <eth:syzkaller0>
[ 1241.423550][  T664] tipc: Resetting bearer <eth:syzkaller0>
[ 1241.427267][  T664] tipc: Disabling bearer <eth:syzkaller0>
[ 1241.562543][  T667] binder: 666:667 ioctl 80489439 80000100 returned -22
[ 1241.567671][  T667] binder_alloc: 666: binder_alloc_buf, no vma
[ 1242.102951][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1242.415495][  T695] usb usb8: usbfs: process 695 (syz.7.8035) did not claim interface 0 before use
[ 1242.498414][  T698] netlink: 40 bytes leftover after parsing attributes in process `syz.7.8035'.
[ 1242.548650][  T699] batman_adv: batadv0: Adding interface: gretap1
[ 1242.551012][  T699] batman_adv: batadv0: Interface activated: gretap1
[ 1242.665762][  T702] random: crng reseeded on system resumption
[ 1242.951550][  T706] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1242.956273][  T706] syzkaller0: entered promiscuous mode
[ 1242.958066][  T706] syzkaller0: entered allmulticast mode
[ 1242.971703][  T706] tipc: Resetting bearer <eth:syzkaller0>
[ 1242.977151][  T705] tipc: Resetting bearer <eth:syzkaller0>
[ 1242.979831][  T705] tipc: Disabling bearer <eth:syzkaller0>
[ 1243.143373][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1243.258114][  T718] 9pnet_virtio: no channels available for device syz
[ 1243.393914][ T5984] Bluetooth: hci1: Ignoring connect complete event for invalid link type
[ 1243.566123][ T5984] Bluetooth: hci1: Ignoring connect complete event for invalid link type
[ 1243.619122][  T735] binder: 734:735 ioctl 80489439 80000100 returned -22
[ 1243.624039][  T735] binder: 734:735 ioctl c0306201 80000240 returned -11
[ 1243.793902][  T745] usb usb8: usbfs: process 745 (syz.3.8053) did not claim interface 0 before use
[ 1243.874368][   T40] kauditd_printk_skb: 121 callbacks suppressed
[ 1243.874382][   T40] audit: type=1326 audit(2000000288.309:57779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1243.883998][   T40] audit: type=1326 audit(2000000288.309:57780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1243.888127][  T746] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8053'.
[ 1243.891008][   T40] audit: type=1326 audit(2000000288.309:57781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1243.902244][   T40] audit: type=1326 audit(2000000288.309:57782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1243.909353][   T40] audit: type=1326 audit(2000000288.309:57783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1243.918606][   T40] audit: type=1326 audit(2000000288.309:57784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1243.927791][   T40] audit: type=1326 audit(2000000288.309:57785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1243.938233][   T40] audit: type=1326 audit(2000000288.309:57786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1243.945670][   T40] audit: type=1326 audit(2000000288.309:57787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1243.953080][   T40] audit: type=1326 audit(2000000288.309:57788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=738 comm="syz.3.8053" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1244.182908][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1244.202278][  T749] batman_adv: batadv0: Adding interface: gretap1
[ 1244.205298][  T749] batman_adv: batadv0: Interface activated: gretap1
[ 1244.393346][  T754] netlink: 'syz.6.8057': attribute type 3 has an invalid length.
[ 1244.402866][  T754] netlink: 'syz.6.8057': attribute type 5 has an invalid length.
[ 1244.547870][  T759] FAULT_INJECTION: forcing a failure.
[ 1244.547870][  T759] name failslab, interval 1, probability 0, space 0, times 0
[ 1244.553209][  T759] CPU: 3 UID: 0 PID: 759 Comm: syz.3.8059 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1244.553228][  T759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1244.553235][  T759] Call Trace:
[ 1244.553239][  T759]  <TASK>
[ 1244.553244][  T759]  dump_stack_lvl+0x16c/0x1f0
[ 1244.553263][  T759]  should_fail_ex+0x512/0x640
[ 1244.553280][  T759]  should_failslab+0xc2/0x120
[ 1244.553295][  T759]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1244.553308][  T759]  ? __asan_memcpy+0x3c/0x60
[ 1244.553320][  T759]  ? __kernfs_new_node+0xd2/0x8e0
[ 1244.553335][  T759]  __kernfs_new_node+0xd2/0x8e0
[ 1244.553348][  T759]  ? __kernel_text_address+0xd/0x40
[ 1244.553360][  T759]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1244.553375][  T759]  ? rcu_is_watching+0x12/0xc0
[ 1244.553387][  T759]  ? kernfs_root+0xee/0x2a0
[ 1244.553400][  T759]  ? rcu_is_watching+0x12/0xc0
[ 1244.553411][  T759]  ? lock_release+0x201/0x2f0
[ 1244.553427][  T759]  kernfs_new_node+0x13c/0x1e0
[ 1244.553444][  T759]  kernfs_create_dir_ns+0x4c/0x1a0
[ 1244.553461][  T759]  sysfs_create_dir_ns+0x13a/0x2b0
[ 1244.553475][  T759]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1244.553488][  T759]  ? kobject_add_internal+0x25b/0x9b0
[ 1244.553513][  T759]  ? lock_release+0x201/0x2f0
[ 1244.553527][  T759]  ? class_dir_child_ns_type+0xd/0x60
[ 1244.553544][  T759]  kobject_add_internal+0x2c4/0x9b0
[ 1244.553561][  T759]  kobject_add+0x16e/0x240
[ 1244.553576][  T759]  ? __pfx_kobject_add+0x10/0x10
[ 1244.553592][  T759]  ? lock_release+0x201/0x2f0
[ 1244.553606][  T759]  ? kobject_put+0xab/0x5a0
[ 1244.553621][  T759]  ? device_add+0xbff/0x1aa0
[ 1244.553631][  T759]  device_add+0x288/0x1aa0
[ 1244.553641][  T759]  ? __pfx_device_add+0x10/0x10
[ 1244.553650][  T759]  ? __pfx___mutex_lock+0x10/0x10
[ 1244.553667][  T759]  input_register_device+0x7e8/0x1180
[ 1244.553680][  T759]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[ 1244.553695][  T759]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1244.553713][  T759]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[ 1244.553731][  T759]  ? rcu_is_watching+0x12/0xc0
[ 1244.553745][  T759]  ? __fget_files+0x204/0x3c0
[ 1244.553761][  T759]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1244.553778][  T759]  ? __pfx_uinput_compat_ioctl+0x10/0x10
[ 1244.553793][  T759]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1244.553812][  T759]  __do_fast_syscall_32+0x7c/0x3a0
[ 1244.553827][  T759]  do_fast_syscall_32+0x32/0x80
[ 1244.553842][  T759]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1244.553858][  T759] RIP: 0023:0xf708e579
[ 1244.553867][  T759] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1244.553878][  T759] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1244.553889][  T759] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005501
[ 1244.553897][  T759] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1244.553903][  T759] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1244.553910][  T759] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1244.553916][  T759] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1244.553926][  T759]  </TASK>
[ 1244.553937][  T759] kobject: kobject_add_internal failed for input57 (error: -12 parent: input)
[ 1244.757559][ T5984] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[ 1245.222980][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1245.597356][  T790] tipc: Started in network mode
[ 1245.598996][  T792] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1245.599076][  T790] tipc: Node identity 620e96fc8cdc, cluster identity 4711
[ 1245.604428][  T790] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1245.611611][  T790] syzkaller0: entered promiscuous mode
[ 1245.614063][  T790] syzkaller0: entered allmulticast mode
[ 1245.627866][  T790] tipc: Resetting bearer <eth:syzkaller0>
[ 1245.635417][  T789] tipc: Resetting bearer <eth:syzkaller0>
[ 1245.640094][  T789] tipc: Disabling bearer <eth:syzkaller0>
[ 1245.724849][  T801] FAULT_INJECTION: forcing a failure.
[ 1245.724849][  T801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1245.729936][  T801] CPU: 1 UID: 0 PID: 801 Comm: syz.7.8073 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1245.729976][  T801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1245.729984][  T801] Call Trace:
[ 1245.729989][  T801]  <TASK>
[ 1245.729993][  T801]  dump_stack_lvl+0x16c/0x1f0
[ 1245.730011][  T801]  should_fail_ex+0x512/0x640
[ 1245.730029][  T801]  _copy_from_user+0x2e/0xd0
[ 1245.730047][  T801]  get_compat_msghdr+0xa7/0x170
[ 1245.730061][  T801]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1245.730075][  T801]  ? kstrtouint_from_user+0x13c/0x1d0
[ 1245.730090][  T801]  ___sys_sendmsg+0x1ae/0x1d0
[ 1245.730103][  T801]  ? get_pid_task+0xfc/0x250
[ 1245.730119][  T801]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1245.730135][  T801]  ? rcu_is_watching+0x12/0xc0
[ 1245.730151][  T801]  __sys_sendmsg+0x16d/0x220
[ 1245.730165][  T801]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1245.730181][  T801]  ? rcu_is_watching+0x12/0xc0
[ 1245.730193][  T801]  __do_fast_syscall_32+0x7c/0x3a0
[ 1245.730209][  T801]  do_fast_syscall_32+0x32/0x80
[ 1245.730224][  T801]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1245.730264][  T801] RIP: 0023:0xf70ce579
[ 1245.730274][  T801] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1245.730286][  T801] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1245.730298][  T801] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[ 1245.730305][  T801] RDX: 0000000004008094 RSI: 0000000000000000 RDI: 0000000000000000
[ 1245.730312][  T801] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1245.730318][  T801] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1245.730325][  T801] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1245.730334][  T801]  </TASK>
[ 1245.841480][  T804] batman_adv: batadv0: Adding interface: gretap1
[ 1245.844200][  T804] batman_adv: batadv0: Interface activated: gretap1
[ 1246.261753][  T819] usb usb8: usbfs: process 819 (syz.1.8075) did not claim interface 0 before use
[ 1246.262917][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1246.340952][  T819] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8075'.
[ 1247.129885][ T5984] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1247.302964][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1247.390772][  T842] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1247.394117][  T842] syzkaller0: entered promiscuous mode
[ 1247.396028][  T842] syzkaller0: entered allmulticast mode
[ 1247.413109][  T839] tipc: Resetting bearer <eth:syzkaller0>
[ 1247.423596][  T839] tipc: Disabling bearer <eth:syzkaller0>
[ 1247.656067][  T853] 9pnet_virtio: no channels available for device syz
[ 1248.109683][  T855] random: crng reseeded on system resumption
[ 1248.342942][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1248.700916][  T869] usb usb8: usbfs: process 869 (syz.6.8088) did not claim interface 0 before use
[ 1248.746298][  T869] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8088'.
[ 1249.004511][ T5984] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1249.323018][T30787] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[ 1249.381327][T16594] IPVS: starting estimator thread 0...
[ 1249.382474][  T884] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1249.382944][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1249.388059][  T884] tipc: Enabled bearer <udp:s>, priority 10
[ 1249.473032][T30787] usb 8-1: Using ep0 maxpacket: 8
[ 1249.473049][  T886] IPVS: using max 50 ests per chain, 120000 per kthread
[ 1249.480914][T30787] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1249.488375][T30787] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1249.496822][T30787] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1249.505489][T30787] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1249.516537][T30787] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1249.521936][T30787] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1249.522971][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1249.652981][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1249.731848][T30787] usb 8-1: GET_CAPABILITIES returned 0
[ 1249.733947][T30787] usbtmc 8-1:16.0: can't read capabilities
[ 1249.792991][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1249.870135][  T896] usb usb8: usbfs: process 896 (syz.7.8096) did not claim interface 0 before use
[ 1249.932938][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1249.944934][T30787] usb 8-1: USB disconnect, device number 15
[ 1249.957254][   T40] kauditd_printk_skb: 81 callbacks suppressed
[ 1249.957270][   T40] audit: type=1326 audit(2000000294.389:57870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1249.970904][  T897] netlink: 40 bytes leftover after parsing attributes in process `syz.7.8096'.
[ 1250.082913][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1250.097862][   T40] audit: type=1326 audit(2000000294.389:57871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1250.111754][   T40] audit: type=1326 audit(2000000294.389:57872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1250.151491][   T40] audit: type=1326 audit(2000000294.389:57873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1250.159686][   T40] audit: type=1326 audit(2000000294.389:57874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1250.166896][   T40] audit: type=1326 audit(2000000294.389:57875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1250.183640][   T40] audit: type=1326 audit(2000000294.389:57876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1250.198558][   T40] audit: type=1326 audit(2000000294.389:57877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1250.210688][   T40] audit: type=1326 audit(2000000294.389:57878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1250.221758][   T40] audit: type=1326 audit(2000000294.389:57879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=890 comm="syz.7.8096" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1250.228676][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1250.340220][ T5984] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[ 1250.373221][T28619] tipc: Node number set to 4006778620
[ 1250.570228][  T912] 9pnet_virtio: no channels available for device syz
[ 1250.765423][  T915] 9pnet_virtio: no channels available for device syz
[ 1250.791652][  T917] 9pnet_virtio: no channels available for device syz
[ 1250.993765][  T919] binder: 918:919 ioctl 80489439 80000100 returned -22
[ 1251.493802][T28619] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1251.678121][  T936] tipc: Started in network mode
[ 1251.679767][  T936] tipc: Node identity fa665c85d6c3, cluster identity 4711
[ 1251.682035][  T936] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1251.685057][  T936] syzkaller0: entered promiscuous mode
[ 1251.686821][  T936] syzkaller0: entered allmulticast mode
[ 1251.691361][  T935] tipc: Resetting bearer <eth:syzkaller0>
[ 1251.699975][  T935] tipc: Disabling bearer <eth:syzkaller0>
[ 1252.104020][  T950] usb usb8: usbfs: process 950 (syz.3.8112) did not claim interface 0 before use
[ 1252.200655][  T951] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8112'.
[ 1252.342940][    C2] net_ratelimit: 5 callbacks suppressed
[ 1252.342958][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1252.502922][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1252.604359][  T954] binder: 953:954 ioctl 80489439 80000100 returned -22
[ 1253.382967][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1253.552886][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1253.619661][  T993] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1253.622893][  T993] syzkaller0: entered promiscuous mode
[ 1253.624741][  T993] syzkaller0: entered allmulticast mode
[ 1253.639913][  T992] tipc: Resetting bearer <eth:syzkaller0>
[ 1253.645821][  T992] tipc: Disabling bearer <eth:syzkaller0>
[ 1253.904254][ T1001] binder: 1000:1001 ioctl 80489439 80000100 returned -22
[ 1254.150570][ T1017] binder: 1016:1017 ioctl 80489439 80000100 returned -22
[ 1254.432882][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1254.582974][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1255.146528][ T1041] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1255.150039][ T1041] syzkaller0: entered promiscuous mode
[ 1255.152040][ T1041] syzkaller0: entered allmulticast mode
[ 1255.156639][ T1040] tipc: Resetting bearer <eth:syzkaller0>
[ 1255.161912][ T1040] tipc: Disabling bearer <eth:syzkaller0>
[ 1255.377214][ T1049] usb usb8: usbfs: process 1049 (syz.1.8140) did not claim interface 0 before use
[ 1255.386634][   T40] kauditd_printk_skb: 60 callbacks suppressed
[ 1255.386646][   T40] audit: type=1326 audit(2000000299.819:57940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.401708][ T1049] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8140'.
[ 1255.406388][   T40] audit: type=1326 audit(2000000299.819:57941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.439639][   T40] audit: type=1326 audit(2000000299.829:57942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.447385][   T40] audit: type=1326 audit(2000000299.829:57943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.458176][   T40] audit: type=1326 audit(2000000299.829:57944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.464966][   T40] audit: type=1326 audit(2000000299.829:57945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.471595][   T40] audit: type=1326 audit(2000000299.829:57946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.472931][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1255.478388][   T40] audit: type=1326 audit(2000000299.829:57947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.487641][   T40] audit: type=1326 audit(2000000299.829:57948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.495159][   T40] audit: type=1326 audit(2000000299.829:57949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1038 comm="syz.1.8140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[ 1255.511592][ T5984] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1255.539839][ T1054] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1255.634178][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1255.813080][ T1054] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1255.925405][ T1054] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1255.984087][ T1054] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1256.061476][T13211] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.067277][T13211] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.072868][T13211] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.075817][T13211] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.122746][ T1064] binder: 1063:1064 ioctl 80489439 80000100 returned -22
[ 1256.512918][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1256.640364][ T1089] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1256.645173][ T1089] syzkaller0: entered promiscuous mode
[ 1256.648422][ T1089] syzkaller0: entered allmulticast mode
[ 1256.651863][ T1086] tipc: Resetting bearer <eth:syzkaller0>
[ 1256.655561][ T1086] tipc: Disabling bearer <eth:syzkaller0>
[ 1256.662897][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1256.988855][ T1096] usb usb8: usbfs: process 1096 (syz.3.8146) did not claim interface 0 before use
[ 1257.087528][ T1096] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8146'.
[ 1257.294751][ T1104] usb usb8: usbfs: process 1104 (syz.6.8147) did not claim interface 0 before use
[ 1257.342667][ T1099] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8147'.
[ 1257.553073][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1257.702942][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1257.706879][ T1108] netlink: 'syz.1.8157': attribute type 10 has an invalid length.
[ 1257.712081][ T1108] team0: Port device dummy0 added
[ 1257.788709][ T1108] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8157'.
[ 1257.954148][ T1128] FAULT_INJECTION: forcing a failure.
[ 1257.954148][ T1128] name failslab, interval 1, probability 0, space 0, times 0
[ 1257.958578][ T1128] CPU: 1 UID: 0 PID: 1128 Comm: syz.6.8153 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1257.958597][ T1128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1257.958608][ T1128] Call Trace:
[ 1257.958613][ T1128]  <TASK>
[ 1257.958618][ T1128]  dump_stack_lvl+0x16c/0x1f0
[ 1257.958641][ T1128]  should_fail_ex+0x512/0x640
[ 1257.958663][ T1128]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1257.958680][ T1128]  should_failslab+0xc2/0x120
[ 1257.958696][ T1128]  __kmalloc_noprof+0xd2/0x510
[ 1257.958710][ T1128]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1257.958727][ T1128]  ? tomoyo_profile+0x47/0x60
[ 1257.958737][ T1128]  tomoyo_path_number_perm+0x245/0x580
[ 1257.958750][ T1128]  ? tomoyo_path_number_perm+0x237/0x580
[ 1257.958764][ T1128]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1257.958780][ T1128]  ? preempt_count_add+0x76/0x150
[ 1257.958799][ T1128]  ? rcu_is_watching+0x12/0xc0
[ 1257.958811][ T1128]  ? __fget_files+0x204/0x3c0
[ 1257.958823][ T1128]  ? hook_file_ioctl_common+0x145/0x410
[ 1257.958839][ T1128]  ? lock_release+0x201/0x2f0
[ 1257.958854][ T1128]  ? __fget_files+0x20e/0x3c0
[ 1257.958867][ T1128]  security_file_ioctl_compat+0x9b/0x240
[ 1257.958882][ T1128]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1257.958901][ T1128]  __do_fast_syscall_32+0x7c/0x3a0
[ 1257.958917][ T1128]  do_fast_syscall_32+0x32/0x80
[ 1257.958931][ T1128]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1257.958945][ T1128] RIP: 0023:0xf7fc1579
[ 1257.958954][ T1128] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1257.958965][ T1128] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1257.958977][ T1128] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000004c0a
[ 1257.958984][ T1128] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1257.958991][ T1128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1257.958997][ T1128] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1257.959004][ T1128] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1257.959014][ T1128]  </TASK>
[ 1257.959019][ T1128] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1258.004264][ T1131] usb usb8: usbfs: process 1131 (syz.3.8151) did not claim interface 0 before use
[ 1258.038486][ T1123] binder: 1120:1123 ioctl 80489439 80000100 returned -22
[ 1258.113792][ T1139] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8151'.
[ 1258.582995][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1258.742901][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1258.865491][ T1156] usb usb8: usbfs: process 1156 (syz.6.8158) did not claim interface 0 before use
[ 1259.003317][ T1153] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8158'.
[ 1259.632916][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1259.782891][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1259.918704][ T1176] FAULT_INJECTION: forcing a failure.
[ 1259.918704][ T1176] name failslab, interval 1, probability 0, space 0, times 0
[ 1259.924134][ T1176] CPU: 0 UID: 0 PID: 1176 Comm: syz.6.8165 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1259.924180][ T1176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1259.924191][ T1176] Call Trace:
[ 1259.924196][ T1176]  <TASK>
[ 1259.924202][ T1176]  dump_stack_lvl+0x16c/0x1f0
[ 1259.924227][ T1176]  should_fail_ex+0x512/0x640
[ 1259.924251][ T1176]  should_failslab+0xc2/0x120
[ 1259.924272][ T1176]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1259.924292][ T1176]  ? __alloc_skb+0x2b2/0x380
[ 1259.924313][ T1176]  __alloc_skb+0x2b2/0x380
[ 1259.924330][ T1176]  ? __pfx___alloc_skb+0x10/0x10
[ 1259.924349][ T1176]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1259.924373][ T1176]  netlink_alloc_large_skb+0x69/0x130
[ 1259.924394][ T1176]  netlink_sendmsg+0x6a1/0xdd0
[ 1259.924416][ T1176]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1259.924438][ T1176]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1259.924457][ T1176]  ____sys_sendmsg+0xa95/0xc70
[ 1259.924483][ T1176]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1259.924507][ T1176]  ? get_compat_msghdr+0x11a/0x170
[ 1259.924532][ T1176]  ___sys_sendmsg+0x134/0x1d0
[ 1259.924551][ T1176]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1259.924570][ T1176]  ? finish_task_switch.isra.0+0x21c/0xc10
[ 1259.924588][ T1176]  ? lock_release+0x201/0x2f0
[ 1259.924615][ T1176]  ? rcu_is_watching+0x12/0xc0
[ 1259.924640][ T1176]  __sys_sendmsg+0x16d/0x220
[ 1259.924660][ T1176]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1259.924684][ T1176]  ? rcu_is_watching+0x12/0xc0
[ 1259.924701][ T1176]  __do_fast_syscall_32+0x7c/0x3a0
[ 1259.924723][ T1176]  do_fast_syscall_32+0x32/0x80
[ 1259.924743][ T1176]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1259.924764][ T1176] RIP: 0023:0xf7fc1579
[ 1259.924776][ T1176] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1259.924791][ T1176] RSP: 002b:00000000f54c555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1259.924807][ T1176] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000240
[ 1259.924817][ T1176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1259.924827][ T1176] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1259.924836][ T1176] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1259.924845][ T1176] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1259.924860][ T1176]  </TASK>
[ 1259.971604][ T1174] binder: 1173:1174 ioctl 80489439 80000100 returned -22
[ 1260.050727][ T1175] usb usb8: usbfs: process 1175 (syz.1.8163) did not claim interface 0 before use
[ 1260.109110][ T1175] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8163'.
[ 1260.420762][   T40] kauditd_printk_skb: 163 callbacks suppressed
[ 1260.420778][   T40] audit: type=1326 audit(2000000304.849:58113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.430183][   T40] audit: type=1326 audit(2000000304.859:58114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.439491][   T40] audit: type=1326 audit(2000000304.859:58115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.447298][ T1182] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8166'.
[ 1260.448608][   T40] audit: type=1326 audit(2000000304.859:58116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.457865][   T40] audit: type=1326 audit(2000000304.859:58117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.464952][   T40] audit: type=1326 audit(2000000304.869:58118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.471792][   T40] audit: type=1326 audit(2000000304.869:58119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.478849][   T40] audit: type=1326 audit(2000000304.869:58120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.485667][   T40] audit: type=1326 audit(2000000304.869:58121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.492503][   T40] audit: type=1326 audit(2000000304.869:58122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1180 comm="syz.3.8166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1260.672936][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1260.822891][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1260.903017][ T5984] Bluetooth: hci2: command 0x0406 tx timeout
[ 1261.683558][ T1202] netlink: 'syz.3.8172': attribute type 1 has an invalid length.
[ 1261.712884][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1261.872894][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1261.953602][   T72] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1262.515901][ T1210] binder: 1209:1210 ioctl 80489439 80000100 returned -22
[ 1262.752959][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1262.902916][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1263.081073][ T1249] binder: 1247:1249 ioctl 80489439 80000100 returned -22
[ 1263.123625][ T1251] FAULT_INJECTION: forcing a failure.
[ 1263.123625][ T1251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1263.129053][ T1251] CPU: 1 UID: 0 PID: 1251 Comm: syz.6.8184 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1263.129071][ T1251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1263.129078][ T1251] Call Trace:
[ 1263.129083][ T1251]  <TASK>
[ 1263.129087][ T1251]  dump_stack_lvl+0x16c/0x1f0
[ 1263.129106][ T1251]  should_fail_ex+0x512/0x640
[ 1263.129123][ T1251]  _copy_from_user+0x2e/0xd0
[ 1263.129141][ T1251]  input_event_from_user+0x137/0x290
[ 1263.129154][ T1251]  ? __pfx_input_event_from_user+0x10/0x10
[ 1263.129165][ T1251]  ? input_inject_event+0x1c0/0x3b0
[ 1263.129177][ T1251]  evdev_write+0x26b/0x440
[ 1263.129188][ T1251]  ? __pfx_evdev_write+0x10/0x10
[ 1263.129197][ T1251]  ? common_file_perm+0x1a9/0x340
[ 1263.129212][ T1251]  ? bpf_lsm_file_permission+0x9/0x10
[ 1263.129229][ T1251]  ? security_file_permission+0x71/0x210
[ 1263.129245][ T1251]  ? rw_verify_area+0xcf/0x6c0
[ 1263.129256][ T1251]  ? __pfx_evdev_write+0x10/0x10
[ 1263.129266][ T1251]  vfs_write+0x2a0/0x11d0
[ 1263.129282][ T1251]  ? __pfx_vfs_write+0x10/0x10
[ 1263.129295][ T1251]  ? __fget_files+0x204/0x3c0
[ 1263.129306][ T1251]  ? rcu_is_watching+0x12/0xc0
[ 1263.129318][ T1251]  ? lock_release+0x201/0x2f0
[ 1263.129334][ T1251]  ? __fget_files+0x20e/0x3c0
[ 1263.129346][ T1251]  ksys_write+0x1f8/0x250
[ 1263.129359][ T1251]  ? __pfx_ksys_write+0x10/0x10
[ 1263.129372][ T1251]  ? rcu_is_watching+0x12/0xc0
[ 1263.129383][ T1251]  __do_fast_syscall_32+0x7c/0x3a0
[ 1263.129399][ T1251]  do_fast_syscall_32+0x32/0x80
[ 1263.129413][ T1251]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1263.129428][ T1251] RIP: 0023:0xf7fc1579
[ 1263.129437][ T1251] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1263.129448][ T1251] RSP: 002b:00000000f54a455c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1263.129459][ T1251] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000040
[ 1263.129466][ T1251] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000
[ 1263.129473][ T1251] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1263.129480][ T1251] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1263.129486][ T1251] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1263.129495][ T1251]  </TASK>
[ 1263.486968][ T1260] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1263.544768][ T1260] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1263.585209][ T1260] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1263.644952][ T1260] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1263.711114][T13209] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1263.716249][T13209] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1263.721427][T13209] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1263.726353][T13209] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1263.745499][ T1266] can0: slcan on ttyS3.
[ 1263.792928][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1263.833205][ T1266] can0 (unregistered): slcan off ttyS3.
[ 1263.907400][ T1273] FAULT_INJECTION: forcing a failure.
[ 1263.907400][ T1273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1263.911612][ T1273] CPU: 1 UID: 0 PID: 1273 Comm: syz.7.8192 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1263.911635][ T1273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1263.911642][ T1273] Call Trace:
[ 1263.911647][ T1273]  <TASK>
[ 1263.911651][ T1273]  dump_stack_lvl+0x16c/0x1f0
[ 1263.911669][ T1273]  should_fail_ex+0x512/0x640
[ 1263.911687][ T1273]  strncpy_from_user+0x3b/0x2e0
[ 1263.911702][ T1273]  getname_flags.part.0+0x8f/0x550
[ 1263.911721][ T1273]  getname_flags+0x93/0xf0
[ 1263.911733][ T1273]  __ia32_sys_mkdirat+0x75/0xb0
[ 1263.911746][ T1273]  __do_fast_syscall_32+0x7c/0x3a0
[ 1263.911762][ T1273]  do_fast_syscall_32+0x32/0x80
[ 1263.911776][ T1273]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1263.911791][ T1273] RIP: 0023:0xf70ce579
[ 1263.911799][ T1273] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1263.911810][ T1273] RSP: 002b:00000000f547c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000128
[ 1263.911821][ T1273] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000040
[ 1263.911828][ T1273] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1263.911835][ T1273] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1263.911841][ T1273] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1263.911847][ T1273] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1263.911857][ T1273]  </TASK>
[ 1263.942967][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1264.073431][T28620] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1264.465196][ T1295] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1264.822936][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1264.982940][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1265.245965][ T1316] usb usb8: usbfs: process 1316 (syz.1.8202) did not claim interface 0 before use
[ 1265.256721][ T1316] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8202'.
[ 1265.374970][ T1320] 9pnet_virtio: no channels available for device syz
[ 1265.450399][ T1326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1265.506154][ T1326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1265.862962][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1266.032895][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1266.065630][ T1338] FAULT_INJECTION: forcing a failure.
[ 1266.065630][ T1338] name failslab, interval 1, probability 0, space 0, times 0
[ 1266.070333][ T1338] CPU: 3 UID: 0 PID: 1338 Comm: syz.7.8215 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1266.070351][ T1338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1266.070357][ T1338] Call Trace:
[ 1266.070362][ T1338]  <TASK>
[ 1266.070367][ T1338]  dump_stack_lvl+0x16c/0x1f0
[ 1266.070386][ T1338]  should_fail_ex+0x512/0x640
[ 1266.070403][ T1338]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1266.070420][ T1338]  should_failslab+0xc2/0x120
[ 1266.070435][ T1338]  __kmalloc_noprof+0xd2/0x510
[ 1266.070450][ T1338]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1266.070467][ T1338]  ? tomoyo_profile+0x47/0x60
[ 1266.070477][ T1338]  tomoyo_path_number_perm+0x245/0x580
[ 1266.070496][ T1338]  ? tomoyo_path_number_perm+0x237/0x580
[ 1266.070510][ T1338]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1266.070526][ T1338]  ? preempt_count_add+0x76/0x150
[ 1266.070546][ T1338]  ? rcu_is_watching+0x12/0xc0
[ 1266.070558][ T1338]  ? __fget_files+0x204/0x3c0
[ 1266.070570][ T1338]  ? hook_file_ioctl_common+0x145/0x410
[ 1266.070585][ T1338]  ? lock_release+0x201/0x2f0
[ 1266.070600][ T1338]  ? __fget_files+0x20e/0x3c0
[ 1266.070612][ T1338]  security_file_ioctl_compat+0x9b/0x240
[ 1266.070627][ T1338]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1266.070646][ T1338]  __do_fast_syscall_32+0x7c/0x3a0
[ 1266.070662][ T1338]  do_fast_syscall_32+0x32/0x80
[ 1266.070676][ T1338]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1266.070691][ T1338] RIP: 0023:0xf70ce579
[ 1266.070700][ T1338] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1266.070711][ T1338] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1266.070722][ T1338] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800448d5
[ 1266.070729][ T1338] RDX: 0000000080000240 RSI: 0000000000000000 RDI: 0000000000000000
[ 1266.070736][ T1338] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1266.070742][ T1338] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1266.070749][ T1338] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1266.070759][ T1338]  </TASK>
[ 1266.070763][ T1338] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1266.246219][ T1366] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8225'.
[ 1266.260249][ T1366] FAULT_INJECTION: forcing a failure.
[ 1266.260249][ T1366] name failslab, interval 1, probability 0, space 0, times 0
[ 1266.265782][ T1366] CPU: 1 UID: 0 PID: 1366 Comm: syz.3.8225 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1266.265801][ T1366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1266.265808][ T1366] Call Trace:
[ 1266.265813][ T1366]  <TASK>
[ 1266.265818][ T1366]  dump_stack_lvl+0x16c/0x1f0
[ 1266.265838][ T1366]  should_fail_ex+0x512/0x640
[ 1266.265857][ T1366]  should_failslab+0xc2/0x120
[ 1266.265874][ T1366]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1266.265887][ T1366]  ? fl_change+0x168/0x4f70
[ 1266.265901][ T1366]  fl_change+0x168/0x4f70
[ 1266.265912][ T1366]  ? lock_release+0x201/0x2f0
[ 1266.265928][ T1366]  ? tc_new_tfilter+0x1e00/0x2340
[ 1266.265946][ T1366]  ? lock_release+0x201/0x2f0
[ 1266.265961][ T1366]  ? rcu_is_watching+0x12/0xc0
[ 1266.265974][ T1366]  ? fl_get+0x20a/0x3b0
[ 1266.265983][ T1366]  ? rcu_is_watching+0x12/0xc0
[ 1266.265995][ T1366]  ? lock_release+0x201/0x2f0
[ 1266.266011][ T1366]  ? __pfx_fl_change+0x10/0x10
[ 1266.266022][ T1366]  ? fl_get+0x214/0x3b0
[ 1266.266032][ T1366]  ? __pfx_fl_get+0x10/0x10
[ 1266.266042][ T1366]  ? mini_qdisc_pair_swap+0x128/0x1f0
[ 1266.266169][ T1366]  ? __pfx_fl_change+0x10/0x10
[ 1266.266181][ T1366]  tc_new_tfilter+0xa32/0x2340
[ 1266.266203][ T1366]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 1266.266224][ T1366]  ? apparmor_capable+0x114/0x1d0
[ 1266.266240][ T1366]  ? rcu_is_watching+0x12/0xc0
[ 1266.266252][ T1366]  ? rcu_is_watching+0x12/0xc0
[ 1266.266264][ T1366]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 1266.266281][ T1366]  ? lock_release+0x201/0x2f0
[ 1266.266296][ T1366]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 1266.266313][ T1366]  rtnetlink_rcv_msg+0x95b/0xe90
[ 1266.266332][ T1366]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1266.266351][ T1366]  ? ref_tracker_free+0x37c/0x830
[ 1266.266370][ T1366]  netlink_rcv_skb+0x155/0x420
[ 1266.266387][ T1366]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1266.266404][ T1366]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1266.266422][ T1366]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1266.266438][ T1366]  netlink_unicast+0x5aa/0x870
[ 1266.266455][ T1366]  ? __pfx_netlink_unicast+0x10/0x10
[ 1266.266471][ T1366]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1266.266489][ T1366]  netlink_sendmsg+0x8d1/0xdd0
[ 1266.266506][ T1366]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1266.266523][ T1366]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1266.266536][ T1366]  ____sys_sendmsg+0xa95/0xc70
[ 1266.266557][ T1366]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1266.266582][ T1366]  ? get_compat_msghdr+0x11a/0x170
[ 1266.266598][ T1366]  ? kstrtouint_from_user+0x13c/0x1d0
[ 1266.266614][ T1366]  ___sys_sendmsg+0x134/0x1d0
[ 1266.266629][ T1366]  ? get_pid_task+0xfc/0x250
[ 1266.266646][ T1366]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1266.266664][ T1366]  ? rcu_is_watching+0x12/0xc0
[ 1266.266680][ T1366]  __sys_sendmsg+0x16d/0x220
[ 1266.266696][ T1366]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1266.266714][ T1366]  ? rcu_is_watching+0x12/0xc0
[ 1266.266727][ T1366]  __do_fast_syscall_32+0x7c/0x3a0
[ 1266.266744][ T1366]  do_fast_syscall_32+0x32/0x80
[ 1266.266760][ T1366]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1266.266777][ T1366] RIP: 0023:0xf708e579
[ 1266.266788][ T1366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1266.266800][ T1366] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1266.266814][ T1366] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280
[ 1266.266822][ T1366] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1266.266829][ T1366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1266.266836][ T1366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1266.266843][ T1366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1266.266854][ T1366]  </TASK>
[ 1266.462747][ T1371] netlink: 212408 bytes leftover after parsing attributes in process `syz.7.8222'.
[ 1266.727271][ T1376] usb usb8: usbfs: process 1376 (syz.6.8223) did not claim interface 0 before use
[ 1266.740923][   T40] kauditd_printk_skb: 55 callbacks suppressed
[ 1266.740935][   T40] audit: type=1326 audit(2000000311.169:58178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.756872][ T1376] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8223'.
[ 1266.760564][   T40] audit: type=1326 audit(2000000311.179:58179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.767587][   T40] audit: type=1326 audit(2000000311.179:58180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.775004][   T40] audit: type=1326 audit(2000000311.179:58181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.782963][   T40] audit: type=1326 audit(2000000311.179:58182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.789842][   T40] audit: type=1326 audit(2000000311.179:58183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.796806][   T40] audit: type=1326 audit(2000000311.179:58184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.803562][   T40] audit: type=1326 audit(2000000311.179:58185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.810422][   T40] audit: type=1326 audit(2000000311.179:58186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.817487][   T40] audit: type=1326 audit(2000000311.179:58187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1361 comm="syz.6.8223" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1266.902976][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1267.072892][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1267.296878][ T1390] binder: 1389:1390 ioctl 80489439 80000100 returned -22
[ 1267.532950][   T72] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[ 1267.942899][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1268.102889][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1268.192723][ T1410] usb usb8: usbfs: process 1410 (syz.3.8238) did not claim interface 0 before use
[ 1268.323013][   T72] usb 6-1: Using ep0 maxpacket: 8
[ 1268.325806][ T1421] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8238'.
[ 1268.335009][   T72] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1268.338550][   T72] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1268.341697][   T72] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1268.344963][   T72] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1268.349196][   T72] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1268.351994][   T72] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1268.596141][   T72] usb 6-1: GET_CAPABILITIES returned 0
[ 1268.597921][   T72] usbtmc 6-1:16.0: can't read capabilities
[ 1268.611165][ T1432] usb usb8: usbfs: process 1432 (syz.6.8244) did not claim interface 0 before use
[ 1268.678867][ T1432] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8244'.
[ 1268.762768][T30781] usb 6-1: USB disconnect, device number 55
[ 1268.992881][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1269.142985][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1270.022919][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1270.182915][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1270.353040][T30785] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[ 1270.503212][T30785] usb 8-1: Using ep0 maxpacket: 8
[ 1270.512033][T30785] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1270.516407][T30785] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1270.520446][T30785] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1270.524083][T30785] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1270.528299][T30785] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1270.531326][T30785] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.741364][T30785] usb 8-1: GET_CAPABILITIES returned 0
[ 1270.743917][T30785] usbtmc 8-1:16.0: can't read capabilities
[ 1270.944836][T30770] usb 8-1: USB disconnect, device number 16
[ 1271.062948][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1271.222938][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1271.642943][ T1503] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.8267'.
[ 1271.826999][ T1498] binder: 1496:1498 ioctl 80489439 80000100 returned -22
[ 1271.842308][ T1498] binder: 1496:1498 ioctl c0306201 80000240 returned -11
[ 1272.102924][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1272.262971][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1272.405982][ T1520] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8274'.
[ 1272.434137][ T1524] FAULT_INJECTION: forcing a failure.
[ 1272.434137][ T1524] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1272.439033][ T1524] CPU: 0 UID: 0 PID: 1524 Comm: syz.3.8275 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1272.439053][ T1524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1272.439060][ T1524] Call Trace:
[ 1272.439064][ T1524]  <TASK>
[ 1272.439069][ T1524]  dump_stack_lvl+0x16c/0x1f0
[ 1272.439087][ T1524]  should_fail_ex+0x512/0x640
[ 1272.439105][ T1524]  _copy_from_user+0x2e/0xd0
[ 1272.439122][ T1524]  kvm_vm_ioctl+0x19cc/0x4000
[ 1272.439135][ T1524]  ? stack_trace_save+0x8e/0xc0
[ 1272.439148][ T1524]  ? __pfx_stack_trace_save+0x10/0x10
[ 1272.439160][ T1524]  ? kasan_save_stack+0x42/0x60
[ 1272.439173][ T1524]  ? stack_depot_save_flags+0x29/0x9c0
[ 1272.439190][ T1524]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1272.439200][ T1524]  ? kasan_save_stack+0x42/0x60
[ 1272.439212][ T1524]  ? kasan_save_stack+0x33/0x60
[ 1272.439224][ T1524]  ? kasan_save_track+0x14/0x30
[ 1272.439236][ T1524]  ? kasan_save_free_info+0x3b/0x60
[ 1272.439248][ T1524]  ? __kasan_slab_free+0x60/0x70
[ 1272.439261][ T1524]  ? kfree+0x2b4/0x4d0
[ 1272.439271][ T1524]  ? tomoyo_path_number_perm+0x470/0x580
[ 1272.439285][ T1524]  ? security_file_ioctl_compat+0x9b/0x240
[ 1272.439300][ T1524]  ? __ia32_compat_sys_ioctl+0xc3/0x370
[ 1272.439318][ T1524]  ? __do_fast_syscall_32+0x7c/0x3a0
[ 1272.439333][ T1524]  ? do_fast_syscall_32+0x32/0x80
[ 1272.439347][ T1524]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1272.439361][ T1524]  ? kvm_arch_vm_compat_ioctl+0x2d0/0x470
[ 1272.439376][ T1524]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[ 1272.439395][ T1524]  ? rcu_is_watching+0x12/0xc0
[ 1272.439406][ T1524]  ? trace_irq_enable.constprop.0+0xd4/0x120
[ 1272.439425][ T1524]  ? tomoyo_path_number_perm+0x295/0x580
[ 1272.439438][ T1524]  ? rcu_is_watching+0x12/0xc0
[ 1272.439448][ T1524]  ? lock_release+0x201/0x2f0
[ 1272.439463][ T1524]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1272.439477][ T1524]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1272.439498][ T1524]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1272.439515][ T1524]  ? do_vfs_ioctl+0x128/0x14f0
[ 1272.439532][ T1524]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1272.439549][ T1524]  kvm_vm_compat_ioctl+0x393/0x430
[ 1272.439560][ T1524]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[ 1272.439571][ T1524]  ? rcu_is_watching+0x12/0xc0
[ 1272.439583][ T1524]  ? __fget_files+0x204/0x3c0
[ 1272.439595][ T1524]  ? hook_file_ioctl_common+0x145/0x410
[ 1272.439616][ T1524]  ? __fget_files+0x20e/0x3c0
[ 1272.439634][ T1524]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[ 1272.439648][ T1524]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1272.439675][ T1524]  __do_fast_syscall_32+0x7c/0x3a0
[ 1272.439696][ T1524]  do_fast_syscall_32+0x32/0x80
[ 1272.439717][ T1524]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1272.439736][ T1524] RIP: 0023:0xf708e579
[ 1272.439749][ T1524] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1272.439764][ T1524] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1272.439782][ T1524] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020ae76
[ 1272.439797][ T1524] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[ 1272.439808][ T1524] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1272.439818][ T1524] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1272.439827][ T1524] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1272.439841][ T1524]  </TASK>
[ 1272.661055][ T1534] usb usb8: usbfs: process 1534 (syz.6.8277) did not claim interface 0 before use
[ 1272.709972][   T40] kauditd_printk_skb: 89 callbacks suppressed
[ 1272.710383][   T40] audit: type=1326 audit(2000000317.139:58277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.717083][ T1534] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8277'.
[ 1272.720077][   T40] audit: type=1326 audit(2000000317.139:58278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.729319][   T40] audit: type=1326 audit(2000000317.139:58279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.736284][   T40] audit: type=1326 audit(2000000317.139:58280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.743146][   T40] audit: type=1326 audit(2000000317.139:58281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.749885][   T40] audit: type=1326 audit(2000000317.139:58282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.757154][   T40] audit: type=1326 audit(2000000317.139:58283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.764006][   T40] audit: type=1326 audit(2000000317.139:58284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.770922][   T40] audit: type=1326 audit(2000000317.139:58285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.773000][T30770] usb 12-1: new high-speed USB device number 18 using dummy_hcd
[ 1272.777593][   T40] audit: type=1326 audit(2000000317.139:58286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1527 comm="syz.6.8277" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[ 1272.922896][T30770] usb 12-1: Using ep0 maxpacket: 8
[ 1272.926231][T30770] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1272.932252][T30770] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1272.932355][ T1539] usb usb8: usbfs: process 1539 (syz.3.8278) did not claim interface 0 before use
[ 1272.935485][T30770] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1272.935505][T30770] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1272.935528][T30770] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1272.935540][T30770] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1273.038519][ T1540] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8278'.
[ 1273.143003][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1273.155634][T30770] usb 12-1: GET_CAPABILITIES returned 0
[ 1273.157524][T30770] usbtmc 12-1:16.0: can't read capabilities
[ 1273.299039][ T1542] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8279'.
[ 1273.302920][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1273.338904][ T1544] syzkaller0: entered promiscuous mode
[ 1273.341013][ T1544] syzkaller0: entered allmulticast mode
[ 1273.356958][T30781] usb 12-1: USB disconnect, device number 18
[ 1273.604347][ T1547] binder: 1546:1547 ioctl 80489439 80000100 returned -22
[ 1273.614201][ T1547] binder: 1546:1547 ioctl c0306201 80000240 returned -11
[ 1274.154395][ T1568] usb usb8: usbfs: process 1568 (syz.7.8287) did not claim interface 0 before use
[ 1274.182904][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1274.248848][ T1572] netlink: 40 bytes leftover after parsing attributes in process `syz.7.8287'.
[ 1274.342964][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1274.903742][ T1585] syzkaller0: entered promiscuous mode
[ 1274.906161][ T1585] syzkaller0: entered allmulticast mode
[ 1274.956154][ T1584] binder: 1583:1584 ioctl 80489439 80000100 returned -22
[ 1274.961357][ T1584] binder: 1583:1584 ioctl c0306201 80000240 returned -11
[ 1275.064453][ T1592] syzkaller0: entered promiscuous mode
[ 1275.066492][ T1592] syzkaller0: entered allmulticast mode
[ 1275.185526][ T1601] usb usb8: usbfs: process 1601 (syz.6.8292) did not claim interface 0 before use
[ 1275.191040][ T1603] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8297'.
[ 1275.197959][ T1601] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8292'.
[ 1275.222915][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1275.382898][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1276.267247][ T1617] binder: 1614:1617 ioctl 80489439 80000100 returned -22
[ 1276.273060][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1276.422899][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1276.464876][ T1622] 9pnet_virtio: no channels available for device syz
[ 1276.495180][ T1628] syzkaller0: entered promiscuous mode
[ 1276.497392][ T1628] syzkaller0: entered allmulticast mode
[ 1276.565325][T32527] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[ 1276.724972][ T1633] binder: 1632:1633 ioctl 80489439 80000100 returned -22
[ 1276.732590][ T1633] binder: 1632:1633 ioctl c0306201 80000240 returned -11
[ 1276.912971][T28620] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[ 1276.993693][ T1646] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8310'.
[ 1276.998747][ T1646] misc userio: No port type given on /dev/userio
[ 1277.063107][T28620] usb 6-1: Using ep0 maxpacket: 8
[ 1277.067123][T28620] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1277.071015][T28620] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1277.093404][T28620] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1277.097462][T28620] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1277.102660][T28620] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1277.110357][T28620] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1277.129168][ T1646] input: syz1 as /devices/virtual/input/input58
[ 1277.146374][ T1647] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8309'.
[ 1277.302907][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1277.319938][T28620] usb 6-1: GET_CAPABILITIES returned 0
[ 1277.322189][T28620] usbtmc 6-1:16.0: can't read capabilities
[ 1277.462908][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1277.524166][T30781] usb 6-1: USB disconnect, device number 56
[ 1277.634116][ T1655] usb usb8: usbfs: process 1655 (syz.7.8312) did not claim interface 0 before use
[ 1277.703490][ T1656] netlink: 40 bytes leftover after parsing attributes in process `syz.7.8312'.
[ 1277.915910][T32527] Bluetooth: hci1: Ignoring connect complete event for invalid link type
[ 1277.971363][ T1667] syzkaller0: entered promiscuous mode
[ 1277.973183][ T1667] syzkaller0: entered allmulticast mode
[ 1278.136656][ T1674] netlink: 84 bytes leftover after parsing attributes in process `syz.1.8321'.
[ 1278.352896][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1278.502916][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1279.112228][ T1690] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8324'.
[ 1279.116356][ T1690] misc userio: No port type given on /dev/userio
[ 1279.182307][ T1684] binder: 1683:1684 ioctl 80489439 80000100 returned -22
[ 1279.187445][ T1684] binder: 1683:1684 ioctl c0306201 80000240 returned -11
[ 1279.225509][ T1690] input: syz1 as /devices/virtual/input/input59
[ 1279.259930][T32527] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1279.284096][ T1697] usb usb8: usbfs: process 1697 (syz.3.8323) did not claim interface 0 before use
[ 1279.346374][   T40] kauditd_printk_skb: 204 callbacks suppressed
[ 1279.346508][   T40] audit: type=1326 audit(2000000323.779:58491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.375292][ T1702] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8323'.
[ 1279.393007][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1279.394844][   T40] audit: type=1326 audit(2000000323.779:58492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.399896][ T1701] binder: 1700:1701 ioctl 80489439 80000100 returned -22
[ 1279.405223][   T40] audit: type=1326 audit(2000000323.789:58493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.417004][   T40] audit: type=1326 audit(2000000323.789:58494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.418737][ T1701] binder_alloc: 1700: binder_alloc_buf, no vma
[ 1279.427357][   T40] audit: type=1326 audit(2000000323.789:58495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.427407][   T40] audit: type=1326 audit(2000000323.789:58496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.427470][   T40] audit: type=1326 audit(2000000323.789:58497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.427505][   T40] audit: type=1326 audit(2000000323.789:58498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.447061][ T1701] binder: 1700:1701 ioctl c0306201 80000240 returned -11
[ 1279.453134][   T40] audit: type=1326 audit(2000000323.789:58499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.470900][   T40] audit: type=1326 audit(2000000323.789:58500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1685 comm="syz.3.8323" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1279.512943][T30785] usb 12-1: new high-speed USB device number 19 using dummy_hcd
[ 1279.542922][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1279.662912][T30785] usb 12-1: Using ep0 maxpacket: 8
[ 1279.665893][T30785] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1279.669877][T30785] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1279.673187][T30785] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1279.676358][T30785] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1279.680632][T30785] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1279.683575][T30785] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1279.768847][ T1712] usb usb8: usbfs: process 1712 (syz.1.8331) did not claim interface 0 before use
[ 1279.782637][ T1712] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8331'.
[ 1279.889323][T30785] usb 12-1: GET_CAPABILITIES returned 0
[ 1279.891067][T30785] usbtmc 12-1:16.0: can't read capabilities
[ 1280.058487][ T1716] netlink: 84 bytes leftover after parsing attributes in process `syz.6.8332'.
[ 1280.096083][   T72] usb 12-1: USB disconnect, device number 19
[ 1280.432928][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1280.575333][ T1722] input: syz1 as /devices/virtual/input/input60
[ 1280.583046][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1280.626755][T32527] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1280.641756][ T1723] 9pnet_virtio: no channels available for device syz
[ 1280.765727][ T1731] binder: 1730:1731 ioctl 80489439 80000100 returned -22
[ 1280.769517][ T1731] binder_alloc: 1730: binder_alloc_buf, no vma
[ 1280.771828][ T1731] binder: 1730:1731 ioctl c0306201 80000240 returned -11
[ 1280.861340][ T1738] netlink: 24 bytes leftover after parsing attributes in process `syz.7.8341'.
[ 1280.872290][ T1738] misc userio: No port type given on /dev/userio
[ 1280.912977][T19637] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[ 1280.976007][ T1738] input: syz1 as /devices/virtual/input/input61
[ 1281.072961][T19637] usb 6-1: Using ep0 maxpacket: 8
[ 1281.075843][T19637] usb 6-1: config 0 has no interfaces?
[ 1281.079314][T19637] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 1281.083242][T19637] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1281.085986][T19637] usb 6-1: Product: syz
[ 1281.087356][T19637] usb 6-1: Manufacturer: syz
[ 1281.088857][T19637] usb 6-1: SerialNumber: syz
[ 1281.091442][T19637] usb 6-1: config 0 descriptor??
[ 1281.301142][T30785] usb 6-1: USB disconnect, device number 57
[ 1281.462981][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1281.613809][ T1749] usb usb8: usbfs: process 1749 (syz.3.8342) did not claim interface 0 before use
[ 1281.622914][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1281.689709][ T1751] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8342'.
[ 1281.828517][T32527] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[ 1281.940086][ T1757] binder: 1756:1757 ioctl 80489439 80000100 returned -22
[ 1281.945336][ T1757] binder_alloc: 1756: binder_alloc_buf, no vma
[ 1281.948528][ T1757] binder: 1756:1757 ioctl c0306201 80000240 returned -11
[ 1282.033358][T28620] usb 12-1: new high-speed USB device number 20 using dummy_hcd
[ 1282.183126][T28620] usb 12-1: Using ep0 maxpacket: 8
[ 1282.186744][T28620] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1282.191281][T28620] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1282.195653][T28620] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1282.200100][T28620] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1282.205505][T28620] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1282.209486][T28620] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1282.421543][T28620] usb 12-1: GET_CAPABILITIES returned 0
[ 1282.423555][T28620] usbtmc 12-1:16.0: can't read capabilities
[ 1282.458701][ T1760] binder: 1759:1760 ioctl 80489439 80000100 returned -22
[ 1282.458894][ T1762] binder: 1761:1762 ioctl 80489439 80000100 returned -22
[ 1282.465185][ T1760] binder_alloc: 1759: binder_alloc_buf, no vma
[ 1282.467879][ T1760] binder: 1759:1760 ioctl c0306201 80000240 returned -11
[ 1282.473504][ T1762] binder_alloc: 1761: binder_alloc_buf, no vma
[ 1282.477304][ T1762] binder: 1761:1762 ioctl c0306201 80000240 returned -11
[ 1282.502932][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1282.634404][T30767] usb 12-1: USB disconnect, device number 20
[ 1282.672894][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1282.922951][ T1785] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8353'.
[ 1283.373094][ T1789] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[ 1283.375440][ T1789] UDF-fs: Scanning with blocksize 2048 failed
[ 1283.378352][ T1789] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[ 1283.380660][ T1789] UDF-fs: Scanning with blocksize 4096 failed
[ 1283.542963][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1283.626844][ T1795] FAULT_INJECTION: forcing a failure.
[ 1283.626844][ T1795] name failslab, interval 1, probability 0, space 0, times 0
[ 1283.630816][ T1795] CPU: 2 UID: 0 PID: 1795 Comm: syz.6.8358 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1283.630835][ T1795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1283.630842][ T1795] Call Trace:
[ 1283.630846][ T1795]  <TASK>
[ 1283.630851][ T1795]  dump_stack_lvl+0x16c/0x1f0
[ 1283.630869][ T1795]  should_fail_ex+0x512/0x640
[ 1283.630886][ T1795]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1283.630903][ T1795]  should_failslab+0xc2/0x120
[ 1283.630919][ T1795]  __kmalloc_noprof+0xd2/0x510
[ 1283.630934][ T1795]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1283.630951][ T1795]  ? tomoyo_profile+0x47/0x60
[ 1283.630962][ T1795]  tomoyo_path_number_perm+0x245/0x580
[ 1283.630975][ T1795]  ? tomoyo_path_number_perm+0x237/0x580
[ 1283.630989][ T1795]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1283.631004][ T1795]  ? preempt_count_add+0x76/0x150
[ 1283.631024][ T1795]  ? rcu_is_watching+0x12/0xc0
[ 1283.631036][ T1795]  ? __fget_files+0x204/0x3c0
[ 1283.631048][ T1795]  ? hook_file_ioctl_common+0x145/0x410
[ 1283.631063][ T1795]  ? lock_release+0x201/0x2f0
[ 1283.631078][ T1795]  ? __fget_files+0x20e/0x3c0
[ 1283.631090][ T1795]  security_file_ioctl_compat+0x9b/0x240
[ 1283.631106][ T1795]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1283.631124][ T1795]  __do_fast_syscall_32+0x7c/0x3a0
[ 1283.631140][ T1795]  do_fast_syscall_32+0x32/0x80
[ 1283.631154][ T1795]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1283.631169][ T1795] RIP: 0023:0xf7fc1579
[ 1283.631177][ T1795] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1283.631189][ T1795] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1283.631200][ T1795] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0cc5616
[ 1283.631208][ T1795] RDX: 0000000080000680 RSI: 0000000000000000 RDI: 0000000000000000
[ 1283.631214][ T1795] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1283.631221][ T1795] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1283.631227][ T1795] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1283.631237][ T1795]  </TASK>
[ 1283.631242][ T1795] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1283.703007][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1283.823369][ T1801] usb usb8: usbfs: process 1801 (syz.1.8357) did not claim interface 0 before use
[ 1283.857248][ T1801] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8357'.
[ 1284.164476][ T1806] binder: 1805:1806 ioctl 80489439 80000100 returned -22
[ 1284.172414][ T1806] binder_alloc: 1805: binder_alloc_buf, no vma
[ 1284.176115][ T1806] binder: 1805:1806 ioctl c0306201 80000240 returned -11
[ 1284.582936][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1284.742989][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1284.749660][ T1811] binder: 1810:1811 ioctl 80489439 80000100 returned -22
[ 1284.757386][ T1811] binder_alloc: 1810: binder_alloc_buf, no vma
[ 1284.761468][ T1811] binder: 1810:1811 ioctl c0306201 80000240 returned -11
[ 1284.866223][T32527] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1285.030584][ T1836] input: syz1 as /devices/virtual/input/input62
[ 1285.182511][ T1843] usb usb8: usbfs: process 1843 (syz.3.8372) did not claim interface 0 before use
[ 1285.244034][   T40] kauditd_printk_skb: 129 callbacks suppressed
[ 1285.244052][   T40] audit: type=1326 audit(2000000329.679:58630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.247946][ T1837] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8372'.
[ 1285.254081][   T40] audit: type=1326 audit(2000000329.679:58631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.254105][   T40] audit: type=1326 audit(2000000329.679:58632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.254127][   T40] audit: type=1326 audit(2000000329.679:58633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.254144][   T40] audit: type=1326 audit(2000000329.679:58634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.286095][   T40] audit: type=1326 audit(2000000329.679:58635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.294218][   T40] audit: type=1326 audit(2000000329.679:58636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.302467][   T40] audit: type=1326 audit(2000000329.679:58637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.310987][   T40] audit: type=1326 audit(2000000329.679:58638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.321517][   T40] audit: type=1326 audit(2000000329.679:58639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1833 comm="syz.3.8372" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[ 1285.363008][T30781] usb 12-1: new high-speed USB device number 21 using dummy_hcd
[ 1285.514526][T30781] usb 12-1: Using ep0 maxpacket: 8
[ 1285.517673][T30781] usb 12-1: config 0 has no interfaces?
[ 1285.521122][T30781] usb 12-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 1285.524164][T30781] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1285.526805][T30781] usb 12-1: Product: syz
[ 1285.528271][T30781] usb 12-1: Manufacturer: syz
[ 1285.529787][T30781] usb 12-1: SerialNumber: syz
[ 1285.532066][T30781] usb 12-1: config 0 descriptor??
[ 1285.623043][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1285.738963][T30781] usb 12-1: USB disconnect, device number 21
[ 1285.743027][T19637] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[ 1285.793249][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1285.903265][T19637] usb 6-1: Using ep0 maxpacket: 8
[ 1285.908074][T19637] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1285.911680][T19637] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1285.915048][T19637] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1285.918204][T19637] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1285.922247][T19637] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1285.925084][T19637] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1286.021559][ T1851] binder: 1850:1851 ioctl 80489439 80000100 returned -22
[ 1286.026610][ T1851] binder_alloc: 1850: binder_alloc_buf, no vma
[ 1286.029146][ T1851] binder: 1850:1851 ioctl c0306201 80000240 returned -11
[ 1286.134239][T19637] usb 6-1: GET_CAPABILITIES returned 0
[ 1286.136023][T19637] usbtmc 6-1:16.0: can't read capabilities
[ 1286.147956][ T1858] wg2: entered allmulticast mode
[ 1286.335509][T19637] usb 6-1: USB disconnect, device number 58
[ 1286.672947][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1286.822976][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1287.092992][ T1876] usb usb8: usbfs: process 1876 (syz.1.8381) did not claim interface 0 before use
[ 1287.124810][ T1876] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8381'.
[ 1287.325577][ T1883] usb usb8: usbfs: process 1883 (syz.3.8384) did not claim interface 0 before use
[ 1287.390177][ T1887] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8384'.
[ 1287.712937][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1287.862950][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1288.021616][ T1903] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1288.030108][ T1905] tipc: Enabled bearer <eth:team0>, priority 0
[ 1288.752980][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1288.902883][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1288.976442][ T1934] overlayfs: failed to resolve './file0': -2
[ 1288.987559][ T1934] 9pnet_fd: Insufficient options for proto=fd
[ 1289.113231][ T1941] tipc: Enabled bearer <eth:team0>, priority 0
[ 1289.194988][ T1944] usb usb8: usbfs: process 1944 (syz.1.8402) did not claim interface 0 before use
[ 1289.209574][ T1944] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8402'.
[ 1289.782912][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1289.942936][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1290.040452][ T1973] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1290.822911][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1290.992919][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1291.247401][ T2008] tipc: Enabled bearer <eth:team0>, priority 0
[ 1291.706099][ T2014] batadv_slave_1: entered promiscuous mode
[ 1291.708613][ T2014] batadv_slave_1: left promiscuous mode
[ 1291.862978][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1292.022919][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1292.362987][T19637] tipc: Node number set to 749034629
[ 1292.902938][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1292.925319][T30767] usb 12-1: new high-speed USB device number 22 using dummy_hcd
[ 1293.092941][T30767] usb 12-1: Using ep0 maxpacket: 8
[ 1293.095837][T30767] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1293.099285][T30767] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1293.102710][T30767] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1293.107164][T30767] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1293.110789][T30767] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1293.115681][T30767] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1293.193020][   T72] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[ 1293.324238][T30767] usb 12-1: GET_CAPABILITIES returned 0
[ 1293.326007][T30767] usbtmc 12-1:16.0: can't read capabilities
[ 1293.342956][   T72] usb 6-1: Using ep0 maxpacket: 8
[ 1293.346419][   T72] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1293.350070][   T72] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1293.354350][   T72] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1293.359441][   T72] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1293.363676][   T72] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1293.368019][   T72] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1293.370923][   T72] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1293.532594][T28620] usb 12-1: USB disconnect, device number 22
[ 1293.579833][   T72] usb 6-1: usb_control_msg returned -32
[ 1293.581645][   T72] usbtmc 6-1:16.0: can't read capabilities
[ 1293.942913][    C2] net_ratelimit: 1 callbacks suppressed
[ 1293.942932][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1294.102928][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1294.983075][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1295.152967][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1295.793563][T28620] usb 6-1: USB disconnect, device number 59
[ 1295.840439][ T2061] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1295.874607][ T2066] overlayfs: failed to resolve './file1': -2
[ 1295.938572][ T2071] FAULT_INJECTION: forcing a failure.
[ 1295.938572][ T2071] name failslab, interval 1, probability 0, space 0, times 0
[ 1295.942386][ T2071] CPU: 0 UID: 0 PID: 2071 Comm: syz.1.8438 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1295.942402][ T2071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1295.942409][ T2071] Call Trace:
[ 1295.942414][ T2071]  <TASK>
[ 1295.942419][ T2071]  dump_stack_lvl+0x16c/0x1f0
[ 1295.942437][ T2071]  should_fail_ex+0x512/0x640
[ 1295.942455][ T2071]  should_failslab+0xc2/0x120
[ 1295.942470][ T2071]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1295.942484][ T2071]  ? lock_release+0x201/0x2f0
[ 1295.942499][ T2071]  ? alloc_empty_file+0x55/0x1e0
[ 1295.942516][ T2071]  alloc_empty_file+0x55/0x1e0
[ 1295.942532][ T2071]  alloc_file_pseudo+0x13a/0x230
[ 1295.942549][ T2071]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1295.942567][ T2071]  sock_alloc_file+0x50/0x210
[ 1295.942583][ T2071]  do_accept+0x240/0x530
[ 1295.942595][ T2071]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1295.942612][ T2071]  ? __pfx_do_accept+0x10/0x10
[ 1295.942622][ T2071]  ? rcu_is_watching+0x12/0xc0
[ 1295.942638][ T2071]  __sys_accept4+0x100/0x1c0
[ 1295.942649][ T2071]  ? __pfx___sys_accept4+0x10/0x10
[ 1295.942661][ T2071]  ? __pfx_ksys_write+0x10/0x10
[ 1295.942675][ T2071]  __ia32_sys_accept4+0x94/0x100
[ 1295.942687][ T2071]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1295.942702][ T2071]  __do_fast_syscall_32+0x7c/0x3a0
[ 1295.942717][ T2071]  do_fast_syscall_32+0x32/0x80
[ 1295.942732][ T2071]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1295.942747][ T2071] RIP: 0023:0xf704e579
[ 1295.942755][ T2071] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1295.942766][ T2071] RSP: 002b:00000000f543e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016c
[ 1295.942778][ T2071] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[ 1295.942785][ T2071] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1295.942792][ T2071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1295.942798][ T2071] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1295.942805][ T2071] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1295.942815][ T2071]  </TASK>
[ 1296.022980][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1296.192945][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1296.332977][T22710] usb 11-1: new high-speed USB device number 13 using dummy_hcd
[ 1296.483025][T22710] usb 11-1: Using ep0 maxpacket: 8
[ 1296.487481][T22710] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1296.491730][T22710] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1296.495370][T22710] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1296.498734][T22710] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1296.503024][T22710] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1296.506002][T22710] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1296.717135][T22710] usb 11-1: GET_CAPABILITIES returned 0
[ 1296.720008][T22710] usbtmc 11-1:16.0: can't read capabilities
[ 1296.812632][ T2100] program syz.1.8447 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1296.813392][ T2089] binder: 2088:2089 ioctl 80489439 80000100 returned -22
[ 1296.826432][ T2089] binder: 2088:2089 ioctl c0306201 80000240 returned -11
[ 1296.918190][T16594] usb 11-1: USB disconnect, device number 13
[ 1297.073420][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1297.093193][T22710] usb 12-1: new high-speed USB device number 23 using dummy_hcd
[ 1297.222995][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1297.253019][T22710] usb 12-1: Using ep0 maxpacket: 8
[ 1297.256493][T22710] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1297.260410][T22710] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1297.263679][T22710] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1297.266848][T22710] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1297.271103][T22710] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1297.274153][T22710] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1297.520760][T22710] usb 12-1: GET_CAPABILITIES returned 0
[ 1297.523252][T22710] usbtmc 12-1:16.0: can't read capabilities
[ 1297.831618][ T2130] pim6reg: entered allmulticast mode
[ 1297.846004][ T2128] pim6reg: left allmulticast mode
[ 1298.102963][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1298.262968][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1298.269743][ T2142] binder: 2141:2142 ioctl 80489439 80000100 returned -22
[ 1298.274883][ T2142] binder: 2141:2142 ioctl c0306201 80000240 returned -11
[ 1298.411600][ T2152] batadv_slave_1: entered promiscuous mode
[ 1298.415175][ T2152] batadv_slave_1: left promiscuous mode
[ 1298.565720][ T2155] overlayfs: failed to resolve './file1': -2
[ 1298.592984][T22710] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[ 1298.652173][ T2143] BUG: sleeping function called from invalid context at mm/vmalloc.c:3409
[ 1298.656257][ T2143] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2143, name: syz.1.8460
[ 1298.660304][ T2143] preempt_count: 1, expected: 0
[ 1298.663559][ T2143] RCU nest depth: 0, expected: 0
[ 1298.665361][ T2143] INFO: lockdep is turned off.
[ 1298.667048][ T2143] Preemption disabled at:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1298.667055][ T2143] [<ffffffff8b91af20>] schedule+0xe0/0x3a0
[ 1298.670861][ T2143] CPU: 2 UID: 0 PID: 2143 Comm: syz.1.8460 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) 
[ 1298.670878][ T2143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1298.670884][ T2143] Call Trace:
[ 1298.670888][ T2143]  <TASK>
[ 1298.670893][ T2143]  dump_stack_lvl+0x16c/0x1f0
[ 1298.670909][ T2143]  __might_resched+0x3c0/0x5e0
[ 1298.670922][ T2143]  ? __pfx___might_resched+0x10/0x10
[ 1298.670933][ T2143]  ? pcpu_block_update+0x562/0x660
[ 1298.670950][ T2143]  ? pcpu_chunk_relocate+0x126/0x190
[ 1298.670963][ T2143]  vfree+0x75/0xb50
[ 1298.670980][ T2143]  ? rcu_is_watching+0x12/0xc0
[ 1298.670992][ T2143]  ? kfree+0x24f/0x4d0
[ 1298.671002][ T2143]  ? free_percpu+0x6db/0x13c0
[ 1298.671014][ T2143]  futex_hash_free+0x98/0xc0
[ 1298.671028][ T2143]  __mmdrop+0x33f/0x580
[ 1298.671046][ T2143]  ? rcu_is_watching+0x12/0xc0
[ 1298.671057][ T2143]  finish_task_switch.isra.0+0x7a4/0xc10
[ 1298.671069][ T2143]  ? __switch_to+0x7a5/0x11a0
[ 1298.671084][ T2143]  __schedule+0x1198/0x5de0
[ 1298.671095][ T2143]  ? lock_release+0x201/0x2f0
[ 1298.671111][ T2143]  ? ktime_get+0x111/0x310
[ 1298.671126][ T2143]  ? __pfx___schedule+0x10/0x10
[ 1298.671137][ T2143]  ? hrtimer_reprogram+0x27b/0x450
[ 1298.671155][ T2143]  ? schedule+0x2d7/0x3a0
[ 1298.671166][ T2143]  ? rcu_is_watching+0x12/0xc0
[ 1298.671177][ T2143]  ? lock_release+0x201/0x2f0
[ 1298.671191][ T2143]  schedule+0xe7/0x3a0
[ 1298.671203][ T2143]  do_nanosleep+0x21a/0x570
[ 1298.671214][ T2143]  ? __pfx_do_nanosleep+0x10/0x10
[ 1298.671224][ T2143]  ? __asan_memset+0x23/0x50
[ 1298.671235][ T2143]  ? __hrtimer_setup+0x176/0x280
[ 1298.671252][ T2143]  hrtimer_nanosleep+0x155/0x380
[ 1298.671263][ T2143]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[ 1298.671275][ T2143]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 1298.671293][ T2143]  ? get_old_timespec32+0xda/0x130
[ 1298.671308][ T2143]  ? __pfx_get_old_timespec32+0x10/0x10
[ 1298.671323][ T2143]  common_nsleep+0xa1/0xd0
[ 1298.671337][ T2143]  __ia32_sys_clock_nanosleep_time32+0x340/0x4f0
[ 1298.671349][ T2143]  ? __pfx___ia32_sys_clock_nanosleep_time32+0x10/0x10
[ 1298.671361][ T2143]  ? rcu_is_watching+0x12/0xc0
[ 1298.671373][ T2143]  __do_fast_syscall_32+0x7c/0x3a0
[ 1298.671389][ T2143]  do_fast_syscall_32+0x32/0x80
[ 1298.671404][ T2143]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1298.671419][ T2143] RIP: 0023:0xf704e579
[ 1298.671428][ T2143] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1298.671438][ T2143] RSP: 002b:00000000ff8292a0 EFLAGS: 00000293 ORIG_RAX: 000000000000010b
[ 1298.671450][ T2143] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[ 1298.671457][ T2143] RDX: 00000000ff8292d4 RSI: 00000000ff8292cc RDI: 00000000ff8292d4
[ 1298.671464][ T2143] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1298.671470][ T2143] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1298.671477][ T2143] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1298.671486][ T2143]  </TASK>
[ 1298.783260][T22710] usb 8-1: Using ep0 maxpacket: 8
[ 1298.787256][T22710] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1298.791944][T22710] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1298.795786][T22710] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1298.808602][T22710] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1298.813444][T22710] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1298.816864][T22710] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1298.980746][T16594] usb 12-1: USB disconnect, device number 23
[ 1299.142988][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1299.233162][T22710] usb 8-1: usb_control_msg returned -71
[ 1299.235386][T22710] usbtmc 8-1:16.0: can't read capabilities
[ 1299.257643][T22710] usb 8-1: USB disconnect, device number 17
[ 1299.313004][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1299.550565][T13210] batman_adv: batadv0: Interface deactivated: gretap1
[ 1299.565342][T13210] batman_adv: batadv0: Removing interface: gretap1
[ 1299.628077][T13210] bond0 (unregistering): Released all slaves
[ 1299.690930][T13210] tipc: Disabling bearer <eth:team0>
[ 1299.693620][T13210] tipc: Left network mode
[ 1299.784195][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 1299.786488][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 1299.847837][T13210] hsr_slave_0: left promiscuous mode
[ 1299.849890][T13210] hsr_slave_1: left promiscuous mode
[ 1299.935693][T13210] team0 (unregistering): Port device dummy0 removed
[ 1300.182944][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1300.325717][T13210] IPVS: stop unused estimator thread 0...
[ 1300.342979][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1300.407540][T13210] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.466465][T13210] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.526010][T13210] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.586279][T13210] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.638370][T13210] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.704794][T13210] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.765082][T13210] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.815495][T13210] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.862232][T13210] bridge_slave_1: left allmulticast mode
[ 1300.864220][T13210] bridge_slave_1: left promiscuous mode
[ 1300.866134][T13210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1300.869302][T13210] bridge_slave_0: left allmulticast mode
[ 1300.871167][T13210] bridge_slave_0: left promiscuous mode
[ 1300.873635][T13210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.877931][T13210] bridge_slave_1: left allmulticast mode
[ 1300.880231][T13210] bridge_slave_1: left promiscuous mode
[ 1300.882609][T13210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1300.886744][T13210] bridge_slave_0: left allmulticast mode
[ 1300.889029][T13210] bridge_slave_0: left promiscuous mode
[ 1300.891498][T13210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.896954][T13210] batman_adv: batadv0: Interface deactivated: gretap1
[ 1300.900140][T13210] batman_adv: batadv0: Interface deactivated: gretap1
[ 1300.955902][T13210] batman_adv: batadv0: Removing interface: gretap1
[ 1301.027814][T13210] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1301.032401][T13210] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1301.036571][T13210] bond0 (unregistering): Released all slaves
[ 1301.041980][T13210] bond1 (unregistering): (slave bond2): Releasing backup interface
[ 1301.045530][T13210] bond1 (unregistering): Released all slaves
[ 1301.051661][T13210] bond2 (unregistering): Released all slaves
[ 1301.069751][T13210] batman_adv: batadv0: Removing interface: gretap1
[ 1301.146312][T13210] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1301.151728][T13210] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1301.156148][T13210] bond0 (unregistering): Released all slaves
[ 1301.222998][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1301.240780][T13210] tipc: Disabling bearer <eth:team0>
[ 1301.242677][T13210] tipc: Left network mode
[ 1301.244467][T13210] tipc: Disabling bearer <udp:s>
[ 1301.246172][T13210] tipc: Disabling bearer <eth:team0>
[ 1301.248078][T13210] tipc: Left network mode
[ 1301.382941][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1301.589854][T13210] hsr_slave_0: left promiscuous mode
[ 1301.591825][T13210] hsr_slave_1: left promiscuous mode
[ 1301.594161][T13210] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1301.596465][T13210] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1301.599167][T13210] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1301.601476][T13210] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1301.605457][T13210] hsr_slave_0: left promiscuous mode
[ 1301.607586][T13210] hsr_slave_1: left promiscuous mode
[ 1301.609520][T13210] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1301.611828][T13210] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1301.614483][T13210] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1301.616986][T13210] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1301.623630][T13210] veth1_macvtap: left promiscuous mode
[ 1301.625459][T13210] veth0_macvtap: left promiscuous mode
[ 1301.627552][T13210] veth1_vlan: left promiscuous mode
[ 1301.629318][T13210] veth0_vlan: left promiscuous mode
[ 1301.631339][T13210] veth1_macvtap: left promiscuous mode
[ 1301.633193][T13210] veth0_macvtap: left promiscuous mode
[ 1301.635155][T13210] veth1_vlan: left promiscuous mode
[ 1301.636890][T13210] veth0_vlan: left promiscuous mode
[ 1301.720699][T13210] team0 (unregistering): Port device team_slave_1 removed
[ 1301.726301][T13210] team0 (unregistering): Port device team_slave_0 removed
[ 1301.780564][T13210] team0 (unregistering): Port device team_slave_1 removed
[ 1301.787603][T13210] team0 (unregistering): Port device team_slave_0 removed
[ 1302.417117][T13210] IPVS: stop unused estimator thread 0...
[ 1302.432957][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1303.463137][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1304.502995][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1305.542962][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1306.583028][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[ 1307.622950][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available

VM DIAGNOSIS:
01:29:03  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff8880777028e8 RCX=ffffffff822c3358 RDX=ffff888026840000
RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc9000711f938
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000001 R13=0000000000000001 R14=ffff888024226500 R15=1ffff92000e23f2a
RIP=ffffffff81bb09c8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880974c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7313b26 CR3=0000000056aad000 CR4=00352ef0
DR0=0000040000000000 DR1=000000000000064f DR2=0000000000000006 DR3=0000000000000006 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000033c86e4 RBX=0000000000000001 RCX=ffffffff8b908bf9 RDX=ffffed1005666656
RSI=ffffffff8c162c80 RDI=ffffffff8190cd41 RBP=ffffed1003bdf488 RSP=ffffc9000046fdf8
R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001
R12=0000000000000001 R13=ffff88801defa440 R14=ffffffff90ab7590 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000582bf4c0 CR3=000000005f3b6000 CR4=00352ef0
DR0=0000040000000000 DR1=000000000000064f DR2=0000000000000006 DR3=0000000000000006 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85616c45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc90006fef3f8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=5f74706d65657270
R12=0000000000000000 R13=0000000000000031 R14=ffffffff9b0f8640 R15=ffffffff85616be0
RIP=ffffffff85616c6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880976c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002d819ffc CR3=0000000057d99000 CR4=00352ef0
DR0=0000040000000000 DR1=000000000000064f DR2=0000000000000006 DR3=0000000000000006 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000001389ae4 RBX=0000000000000003 RCX=ffffffff8b908bf9 RDX=ffffed10056a6656
RSI=ffffffff8c162c80 RDI=ffffffff8190cd41 RBP=ffffed1003867000 RSP=ffffc9000048fdf8
R8 =0000000000000000 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=ffffffff9b0a9050
R12=0000000000000003 R13=ffff88801c338000 R14=ffffffff90ab7590 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080001000 CR3=000000006205d000 CR4=00352ef0
DR0=0000040000000000 DR1=000000000000064f DR2=0000000000000006 DR3=0000000000000006 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000