last executing test programs:

2m27.810128051s ago: executing program 3 (id=629):
r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
close(r0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000140)={0x1, 0x101})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000740)={0x0, 0x1f, r2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "65366a50432b7ee2c7feddd91df868e7cfc6fa7272f3bf0a71b5d0c19323a260"}})

2m26.894401887s ago: executing program 3 (id=633):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000000a00ecff0800010073797a300000000074000000160a01010000f5ffffff00000a00000008000740000000014000038008000140000000002c000380140001006e657464657673696d300000000000001400010076657468305f766c616e00000000000008000240000000070900010073797a3000000000090002"], 0xbc}}, 0x0)

2m26.894169466s ago: executing program 3 (id=634):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x7, 0x18, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x38}}, @generic={0x8, 0x3, 0x5, 0x1, 0x6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000005c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m26.842991032s ago: executing program 3 (id=635):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x4, 0x10058, 0x0, 0x0, 0xa84}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r3 = dup2(r2, r0)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x8081)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000000000000000000001400"}})

2m26.740122037s ago: executing program 3 (id=636):
r0 = socket$packet(0x11, 0xa, 0x300)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000440)="2ba3309c1649b46e8137a10036d0b49dfdd5a8280ec9aad614dae8e161a64d705a304db913e5fd9bf23dc4ef72696827c386214f82a240d8d63da75d2a9676822659221cee5edf856ea0ee6ad0929d7a973efd8816c4235e079a41ad197d7874fc66036440ce8c7d26c39219cdf10ac491e2957b7f102fa43b189d97900ca5706187ffc25da4f988eb7737433d037eea86d12b2528632d53adff", 0x9a)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x2, 0x3, 0x2, 0x3, {0xa, 0x4e24, 0x1000, @mcast1, 0x7}}}, 0xfffffffffffffcf7, 0x0}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r1, 0x4)
socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x80800)
sendmmsg$alg(r3, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
r4 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r4, 0x29, 0x49, 0x0, 0x300)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000004ae2444a34f50a2024207b1af80000000007010000f8ffffffb702000004000000b70300000000001e8500097cfe246dc988da8474725add2a338f87f4c8608a5a00f429817db607b0c236497d7f000000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r7 = dup(r6)
ioctl$KVM_CAP_MSR_PLATFORM_INFO(r7, 0x4068aea3, 0x0)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x1, 0x0, 0x0)
r8 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100, 0x0, 0x16e}, &(0x7f0000000180)=<r9=>0x0, &(0x7f0000000080)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r6})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
io_uring_enter(r8, 0x3f80, 0x3697, 0x25, 0x0, 0x0)
r11 = openat$vimc2(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_DQEVENT(r11, 0x80805659, &(0x7f00000001c0)={0x0, @frame_sync})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="8000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x50)
recvmsg$can_raw(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000ac0)=""/4096, 0x1000}], 0x1}, 0x40)

2m26.614105568s ago: executing program 3 (id=637):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6000000002"], 0x60}, 0x1, 0x0, 0x0, 0x20000851}, 0x4004c004)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x3}, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x4)
write(r2, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000180))
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x7f, 0x2, 0x0, '\x00', 0x7})
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_open_dev$sndpcmc(&(0x7f000000cc40), 0x1, 0x8000)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r6, 0xc25c4111, &(0x7f000000cc80)={0xf65, [[0x0, 0x5, 0x0, 0x5, 0x0, 0x4, 0xfffffffe, 0x5], [0x804, 0x6, 0x3, 0x3, 0x333, 0x7, 0x3000000, 0x1], [0x3, 0xb, 0x6, 0x9, 0x1, 0x6, 0x5, 0x5f1]], '\x00', [{0xa6, 0x2b, 0x1, 0x1, 0x0, 0x1}, {0x9, 0x8, 0x1, 0x1, 0x1}, {0x80, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x104, 0x5, 0x0, 0x1, 0x1}, {0x401, 0xfae, 0x1, 0x1}, {0x4, 0x3, 0x0, 0x0, 0x1}, {0xdfffff05, 0xff, 0x0, 0x1, 0x1}, {0x7802e748, 0x4, 0x0, 0x1, 0x0, 0x1}, {0x3, 0x2, 0x1, 0x1, 0x1}, {0x2, 0x9, 0x1}, {0x5, 0xfff, 0x0, 0x1, 0x0, 0x1}, {0xffffff00, 0x40000, 0x1, 0x1, 0x1}], '\x00', 0xc060})
r7 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x4]}, 0x8)
tkill(r7, 0x27)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000100)={0x1f, 0x3}, 0x6)
ioctl$sock_bt_hci(r8, 0x800448d5, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYRES64=r4], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x13)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)

2m26.567875189s ago: executing program 32 (id=637):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6000000002"], 0x60}, 0x1, 0x0, 0x0, 0x20000851}, 0x4004c004)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x3}, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x4)
write(r2, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000180))
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x7f, 0x2, 0x0, '\x00', 0x7})
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_open_dev$sndpcmc(&(0x7f000000cc40), 0x1, 0x8000)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r6, 0xc25c4111, &(0x7f000000cc80)={0xf65, [[0x0, 0x5, 0x0, 0x5, 0x0, 0x4, 0xfffffffe, 0x5], [0x804, 0x6, 0x3, 0x3, 0x333, 0x7, 0x3000000, 0x1], [0x3, 0xb, 0x6, 0x9, 0x1, 0x6, 0x5, 0x5f1]], '\x00', [{0xa6, 0x2b, 0x1, 0x1, 0x0, 0x1}, {0x9, 0x8, 0x1, 0x1, 0x1}, {0x80, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x104, 0x5, 0x0, 0x1, 0x1}, {0x401, 0xfae, 0x1, 0x1}, {0x4, 0x3, 0x0, 0x0, 0x1}, {0xdfffff05, 0xff, 0x0, 0x1, 0x1}, {0x7802e748, 0x4, 0x0, 0x1, 0x0, 0x1}, {0x3, 0x2, 0x1, 0x1, 0x1}, {0x2, 0x9, 0x1}, {0x5, 0xfff, 0x0, 0x1, 0x0, 0x1}, {0xffffff00, 0x40000, 0x1, 0x1, 0x1}], '\x00', 0xc060})
r7 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x4]}, 0x8)
tkill(r7, 0x27)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000100)={0x1f, 0x3}, 0x6)
ioctl$sock_bt_hci(r8, 0x800448d5, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYRES64=r4], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x13)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)

2m11.013912071s ago: executing program 1 (id=739):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000500)=@acquire={0x130, 0x17, 0x1, 0x0, 0x0, {{@in6=@loopback}, @in6=@remote, {@in=@remote, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}}, {{@in, @in=@private, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3a}, {0x6ee0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0x130}}, 0x0)

2m11.012554702s ago: executing program 1 (id=741):
openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000140)='cgroup.events\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="010000000500000009000000"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r0}, 0x38)

2m10.953389877s ago: executing program 1 (id=743):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000ff94000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x40010, r0, 0xee19d000)

2m10.901487453s ago: executing program 1 (id=745):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x4, 0x10058, 0x0, 0x0, 0xa84}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r3 = dup2(r2, r0)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x8081)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000000000000000000ffffffffff"}})

2m10.734156165s ago: executing program 1 (id=748):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x60b03, 0x0)
fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000900)=""/72, 0x48}], 0x1, &(0x7f0000000200)=[@cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0xc}}, @cred={{0x18}}], 0x84}}, {{0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000140)=""/34, 0x22}, {&(0x7f0000000680)=""/66, 0x42}, {&(0x7f00000002c0)}, {&(0x7f0000000bc0)=""/151, 0x97}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000001c80)=""/30, 0x1e}, {&(0x7f0000001cc0)=""/179, 0xb3}], 0x7}}, {{&(0x7f0000000740), 0x6e, &(0x7f0000000980), 0x0, &(0x7f0000001dc0)=[@cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0xc}}, @cred={{0x18}}], 0xe4}}], 0x3, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0x11, 0x148, 0x0, 0x10, 0x20c, 0x2a8, 0x2a8, 0x20c, 0x2a8, 0xac, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'sit0\x00'}, 0x10, 0xf4, 0x13c, 0x1c, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'irc-20000\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00', {0x2}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x0, 0x5, 0x7, 0x6, 0x1], 0x5, 0x3}, {0x3, [0x2, 0x2, 0x3, 0x6, 0x2, 0x3], 0x2, 0x3}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x2fc)
r3 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e00000001300000000000000000000007374726565626f673531322d67656e6572696300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009e540000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/224], 0xe0}}, 0x0)
sendmsg$nl_crypto(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0)
mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x1)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000100)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000040)={{@local, 0x200001}, @local, 0x8, 0x6, 0x347, 0x80000004, 0x24b, 0x10001, 0x9})

2m10.194120397s ago: executing program 1 (id=751):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$udambuf(0xffffff9c, 0x0, 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="03000000040000000400", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000001135071693da9143c2d7e368d544bd1922a727b43ee4afe0fbe2a0989aa81127355526c5", @ANYRES32=0x0, @ANYRES32], 0x50)
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1)
syz_80211_inject_frame(0x0, &(0x7f00000001c0)=ANY=[], 0xb5)
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000280)={0x43, 0x4, 0x1}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000c80)={&(0x7f0000000980)=@id, 0x10, 0x0}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0xb, &(0x7f0000000000)=0x2, 0x4)
fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f0000000140)=@rnullb, r6, 0x0)

2m10.187517905s ago: executing program 33 (id=751):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$udambuf(0xffffff9c, 0x0, 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="03000000040000000400", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000001135071693da9143c2d7e368d544bd1922a727b43ee4afe0fbe2a0989aa81127355526c5", @ANYRES32=0x0, @ANYRES32], 0x50)
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1)
syz_80211_inject_frame(0x0, &(0x7f00000001c0)=ANY=[], 0xb5)
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000280)={0x43, 0x4, 0x1}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000c80)={&(0x7f0000000980)=@id, 0x10, 0x0}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0xb, &(0x7f0000000000)=0x2, 0x4)
fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f0000000140)=@rnullb, r6, 0x0)

1m30.230944082s ago: executing program 2 (id=1103):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000000540)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYRES16=r0, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c9f3493e0a72e056c4b6da952efd75f62356b00"])
read$FUSE(r0, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x20e6012, 0xfffd, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0xee}}, 0xfffffffffffffcf7)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x208d, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x1000, {0x0, 0x18}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYRESDEC], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0x65, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c0000000000000c548dc7914cb11ad63bf3707164aac031971c4be105eb953f86fbc6b204e076aa7a493e796123bbbd8e3b7e62d8fd097cf21d6d431a069ebc0aefd5fce80cc99fb38c771fa46e2c32a95fe99", 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x334a01, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f0000000400)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
ioctl$IOMMU_GET_HW_INFO(r4, 0x3b8a, &(0x7f0000000480)={0x28, 0x0, r5, 0x40, &(0x7f0000000140)=""/64})
socket$kcm(0x2, 0xa, 0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14004801}, 0x800)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r8 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
getdents64(r8, &(0x7f0000000300)=""/152, 0x98)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x10, &(0x7f0000000040)=0x9eb9, 0x4)

1m29.30504463s ago: executing program 2 (id=1112):
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, r2})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0xfffff000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m29.033711211s ago: executing program 2 (id=1116):
openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000140)='cgroup.events\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="01000000050000000900000084"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r0}, 0x38) (fail_nth: 20)

1m28.943721692s ago: executing program 2 (id=1117):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x4, 0x10058, 0x0, 0x0, 0xa84}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r3 = dup2(r2, r0)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x8081)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

1m28.872804277s ago: executing program 2 (id=1118):
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0x315500, 0x0) (async)
r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0x315500, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid() (async)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@map=r0, 0xffffffffffffffff, 0x4, 0x0, 0x0, @void, @value}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) (async)
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100, 0xfffffffd}, &(0x7f0000000180), 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'dummy0\x00', 0x4000})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
ioctl(r5, 0x8b1b, &(0x7f0000000040))
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0) (async)
r6 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0xd) (async)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0xd)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) (async)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x15, 0x0, 0x0) (async)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x15, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) (async)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
creat(&(0x7f00000002c0)='./file0\x00', 0x6)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x2, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x25dfdbfb}, 0x10}}, 0x0)
readv(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000001680)=""/4096, 0x1000}], 0x1) (async)
readv(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000001680)=""/4096, 0x1000}], 0x1)

1m28.403785385s ago: executing program 2 (id=1121):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000580)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[])

1m28.299161956s ago: executing program 34 (id=1121):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000580)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[])

41.920739452s ago: executing program 5 (id=1183):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={<r1=>0x0, 0xd7, "09d2bd22a62b979423ba552e343ff3dee96fb66707243fbfb1903b4f687f66958c77ae6a7a6a9d674b65a3c3e45fdbc51073aa275fa3e27ca78fbbb9cdb34ecf7bee52e659dca1f0059d7bcd3cddc91043b9d0e0b68a239f043295bb587afab4d690e17108479b7d368fa4a6594f06c7598c2c76f84a15f05d8a271a5b8b03ef4f2d607892ce564e1f27fbcd809b054957a366ef700cb7a160bd9e766aa3f30555b6e571d1d6c4dffe012b8e33249050436e4b3cfa2513899c73794fd9eb440559a413c389e1fbb71b2c65017a77b07c839c80f3bcebb9"}, &(0x7f0000000000)=0xdf)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000040)={r1, 0xb}, &(0x7f0000000080)=0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = accept4$tipc(r0, &(0x7f00000002c0)=@id, &(0x7f0000000300)=0x10, 0x80800)
bind$tipc(r2, &(0x7f0000000340)=@id={0x1e, 0x3, 0x3, {0x4e24, 0x4}}, 0x10)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000140)='cgroup.events\x00')
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x44, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x8090)
ioctl$sock_ifreq(r3, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0xfffffffd, @sync=0x0}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="01000000050000000900000084"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r5}, 0x38)
clock_gettime(0x0, &(0x7f0000000100)={<r6=>0x0, <r7=>0x0})
mq_timedreceive(r0, 0x0, 0x0, 0x8, &(0x7f0000000280)={r6, r7+60000000})
mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x80010, r0, 0x7)

41.771699739s ago: executing program 4 (id=1235):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000180)='./file0\x00', 0x8e)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0)

33.980249371s ago: executing program 4 (id=1235):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000180)='./file0\x00', 0x8e)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0)

33.669445376s ago: executing program 5 (id=1183):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={<r1=>0x0, 0xd7, "09d2bd22a62b979423ba552e343ff3dee96fb66707243fbfb1903b4f687f66958c77ae6a7a6a9d674b65a3c3e45fdbc51073aa275fa3e27ca78fbbb9cdb34ecf7bee52e659dca1f0059d7bcd3cddc91043b9d0e0b68a239f043295bb587afab4d690e17108479b7d368fa4a6594f06c7598c2c76f84a15f05d8a271a5b8b03ef4f2d607892ce564e1f27fbcd809b054957a366ef700cb7a160bd9e766aa3f30555b6e571d1d6c4dffe012b8e33249050436e4b3cfa2513899c73794fd9eb440559a413c389e1fbb71b2c65017a77b07c839c80f3bcebb9"}, &(0x7f0000000000)=0xdf)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000040)={r1, 0xb}, &(0x7f0000000080)=0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = accept4$tipc(r0, &(0x7f00000002c0)=@id, &(0x7f0000000300)=0x10, 0x80800)
bind$tipc(r2, &(0x7f0000000340)=@id={0x1e, 0x3, 0x3, {0x4e24, 0x4}}, 0x10)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000140)='cgroup.events\x00')
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x44, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x8090)
ioctl$sock_ifreq(r3, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0xfffffffd, @sync=0x0}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="01000000050000000900000084"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r5}, 0x38)
clock_gettime(0x0, &(0x7f0000000100)={<r6=>0x0, <r7=>0x0})
mq_timedreceive(r0, 0x0, 0x0, 0x8, &(0x7f0000000280)={r6, r7+60000000})
mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x80010, r0, 0x7)

24.551609344s ago: executing program 4 (id=1235):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000180)='./file0\x00', 0x8e)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0)

24.028651699s ago: executing program 5 (id=1183):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={<r1=>0x0, 0xd7, "09d2bd22a62b979423ba552e343ff3dee96fb66707243fbfb1903b4f687f66958c77ae6a7a6a9d674b65a3c3e45fdbc51073aa275fa3e27ca78fbbb9cdb34ecf7bee52e659dca1f0059d7bcd3cddc91043b9d0e0b68a239f043295bb587afab4d690e17108479b7d368fa4a6594f06c7598c2c76f84a15f05d8a271a5b8b03ef4f2d607892ce564e1f27fbcd809b054957a366ef700cb7a160bd9e766aa3f30555b6e571d1d6c4dffe012b8e33249050436e4b3cfa2513899c73794fd9eb440559a413c389e1fbb71b2c65017a77b07c839c80f3bcebb9"}, &(0x7f0000000000)=0xdf)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000040)={r1, 0xb}, &(0x7f0000000080)=0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = accept4$tipc(r0, &(0x7f00000002c0)=@id, &(0x7f0000000300)=0x10, 0x80800)
bind$tipc(r2, &(0x7f0000000340)=@id={0x1e, 0x3, 0x3, {0x4e24, 0x4}}, 0x10)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000140)='cgroup.events\x00')
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x44, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x8090)
ioctl$sock_ifreq(r3, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0xfffffffd, @sync=0x0}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="01000000050000000900000084"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r5}, 0x38)
clock_gettime(0x0, &(0x7f0000000100)={<r6=>0x0, <r7=>0x0})
mq_timedreceive(r0, 0x0, 0x0, 0x8, &(0x7f0000000280)={r6, r7+60000000})
mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x80010, r0, 0x7)

17.691407465s ago: executing program 4 (id=1235):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000180)='./file0\x00', 0x8e)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0)

16.473579911s ago: executing program 5 (id=1183):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={<r1=>0x0, 0xd7, "09d2bd22a62b979423ba552e343ff3dee96fb66707243fbfb1903b4f687f66958c77ae6a7a6a9d674b65a3c3e45fdbc51073aa275fa3e27ca78fbbb9cdb34ecf7bee52e659dca1f0059d7bcd3cddc91043b9d0e0b68a239f043295bb587afab4d690e17108479b7d368fa4a6594f06c7598c2c76f84a15f05d8a271a5b8b03ef4f2d607892ce564e1f27fbcd809b054957a366ef700cb7a160bd9e766aa3f30555b6e571d1d6c4dffe012b8e33249050436e4b3cfa2513899c73794fd9eb440559a413c389e1fbb71b2c65017a77b07c839c80f3bcebb9"}, &(0x7f0000000000)=0xdf)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000040)={r1, 0xb}, &(0x7f0000000080)=0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = accept4$tipc(r0, &(0x7f00000002c0)=@id, &(0x7f0000000300)=0x10, 0x80800)
bind$tipc(r2, &(0x7f0000000340)=@id={0x1e, 0x3, 0x3, {0x4e24, 0x4}}, 0x10)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000140)='cgroup.events\x00')
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x44, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x8090)
ioctl$sock_ifreq(r3, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0xfffffffd, @sync=0x0}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="01000000050000000900000084"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r5}, 0x38)
clock_gettime(0x0, &(0x7f0000000100)={<r6=>0x0, <r7=>0x0})
mq_timedreceive(r0, 0x0, 0x0, 0x8, &(0x7f0000000280)={r6, r7+60000000})
mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x80010, r0, 0x7)

10.747559305s ago: executing program 4 (id=1235):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000180)='./file0\x00', 0x8e)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0)

9.739318729s ago: executing program 0 (id=1493):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x0, &(0x7f0000000300)=ANY=[@ANYRESDEC=r1, @ANYRES16=r0, @ANYBLOB="44a837b4012918a47d01872e42ba27df6f", @ANYRESDEC=r2, @ANYRES8=r2, @ANYRES32=r2, @ANYRES32=r2], &(0x7f0000000100)='GPL\x00', 0x5, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
fsopen(0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x1)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x0, 0x400c004)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000940)=[{{&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000280), 0x0, &(0x7f00000004c0)=""/59, 0x3b}, 0x8000}, {{&(0x7f00000005c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000640)=""/131, 0x83}, {&(0x7f0000000a00)=""/4096, 0x1000}], 0x2, &(0x7f0000000740)=""/46, 0x2e}, 0x40000000}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000780)=""/237, 0xed}, {&(0x7f0000000880)=""/78, 0x4e}], 0x2}, 0x3}], 0x3, 0x103, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x0, &(0x7f0000000100)})
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r7, 0x0, 0xb8)
semget$private(0x0, 0x4, 0x1a0)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x200000, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r8, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
writev(r3, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x1}], 0x1)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c000000100037040200"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012808000000062726964676500000c00028005002d0003000000"], 0x3c}}, 0x0)
mmap(&(0x7f00005c8000/0x4000)=nil, 0x4000, 0x1000009, 0x11, 0xffffffffffffffff, 0xa84f9000)
openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)

9.162955952s ago: executing program 5 (id=1183):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={<r1=>0x0, 0xd7, "09d2bd22a62b979423ba552e343ff3dee96fb66707243fbfb1903b4f687f66958c77ae6a7a6a9d674b65a3c3e45fdbc51073aa275fa3e27ca78fbbb9cdb34ecf7bee52e659dca1f0059d7bcd3cddc91043b9d0e0b68a239f043295bb587afab4d690e17108479b7d368fa4a6594f06c7598c2c76f84a15f05d8a271a5b8b03ef4f2d607892ce564e1f27fbcd809b054957a366ef700cb7a160bd9e766aa3f30555b6e571d1d6c4dffe012b8e33249050436e4b3cfa2513899c73794fd9eb440559a413c389e1fbb71b2c65017a77b07c839c80f3bcebb9"}, &(0x7f0000000000)=0xdf)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000040)={r1, 0xb}, &(0x7f0000000080)=0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = accept4$tipc(r0, &(0x7f00000002c0)=@id, &(0x7f0000000300)=0x10, 0x80800)
bind$tipc(r2, &(0x7f0000000340)=@id={0x1e, 0x3, 0x3, {0x4e24, 0x4}}, 0x10)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000140)='cgroup.events\x00')
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x44, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x8090)
ioctl$sock_ifreq(r3, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0xfffffffd, @sync=0x0}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="01000000050000000900000084"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r5}, 0x38)
clock_gettime(0x0, &(0x7f0000000100)={<r6=>0x0, <r7=>0x0})
mq_timedreceive(r0, 0x0, 0x0, 0x8, &(0x7f0000000280)={r6, r7+60000000})
mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x80010, r0, 0x7)

8.059867603s ago: executing program 0 (id=1495):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001700)=@newtaction={0x2f58, 0x30, 0x1, 0x0, 0x0, {}, [{0x2f44, 0x1, [@m_pedit={0x2dec, 0xd, 0x0, 0x0, {{0xa}, {0x2cf0, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xee0, 0x2, {{{0x400, 0x40, 0x0, 0x7ff, 0x40}, 0x5, 0x8, [{0xe58d, 0x4, 0x75, 0x3, 0xa3, 0x9}, {0x6, 0x5, 0xe978, 0x43e7, 0xc7, 0x1}, {0x1ff, 0x6, 0x7b4b, 0x1, 0x7ff, 0x8}, {0xf0, 0x200, 0x7, 0xffff, 0xfffffc8a, 0x20}, {0x8, 0x5, 0x9, 0x4, 0x4, 0x5}, {0x29, 0x4, 0x0, 0xb3e5, 0x4, 0x1}, {0x3, 0x5, 0xf9, 0x5, 0xcf5, 0x1}, {0xffffffff, 0x1a, 0x0, 0x0, 0x6, 0x10}]}, [{0x5, 0x3, 0x4, 0x7, 0x6, 0x3}, {0x1, 0x1, 0x5, 0x8001, 0x80000001, 0x400}, {0x5, 0xc0000, 0x1, 0x2, 0xb8, 0x1ff}, {0x4, 0x10000, 0x5, 0x4, 0x7, 0x20000}, {0x8, 0x3, 0xa3, 0xe72, 0x897, 0x8}, {0x8, 0x2, 0x5, 0x5a0a, 0xffffffff, 0x100}, {0xbe5, 0x100, 0x9, 0x5e5a, 0x8, 0x1}, {0x8, 0x8000, 0x24000, 0x7fff, 0x85c, 0x41}, {0x6, 0x6, 0x8, 0x7153, 0x7, 0x10000}, {0x8, 0xfffffeff, 0x7, 0x200, 0x1, 0x1}, {0x401, 0x2, 0x80000001, 0x49, 0x85f, 0x3}, {0xfff, 0x5, 0x7, 0x5, 0x8, 0xb80f}, {0xfffff001, 0x3, 0x5, 0x1c0000, 0x0, 0x200}, {0x0, 0x10, 0xfb, 0xfffffffb, 0x29c, 0x7}, {0x3, 0x4, 0x10000, 0x5d29, 0xe30, 0x7fffffff}, {0x10, 0x78d5, 0x200, 0x7, 0x7, 0x8}, {0x8, 0x69, 0x9eb3, 0x4, 0xd, 0x1}, {0x7, 0xfc60000, 0x5, 0xfffffffe, 0x8, 0x9}, {0xfff, 0x9, 0x80, 0x9d7, 0x4, 0xff5}, {0x800, 0xffff5b23, 0x6, 0x6, 0xf69, 0x2}, {0x7fff, 0x4, 0x0, 0x8d, 0x6, 0xe}, {0x9a1, 0x1, 0x3, 0xfffffff7, 0xfffffff9, 0x9}, {0x8a, 0x7ff, 0x9, 0x0, 0x6e9, 0x8}, {0x3, 0x3, 0x1, 0x10, 0x1, 0x10001}, {0x9, 0x4, 0x3, 0xc0, 0x40, 0x4}, {0x0, 0xd45, 0x1, 0xa, 0x6, 0x5}, {0x4d6d, 0x8, 0x93bd, 0x7, 0xd426, 0x9}, {0x9, 0xd1a3, 0x7d, 0x8, 0x7, 0xd}, {0x81, 0x1, 0x4, 0x2, 0x1000, 0x8}, {0xff, 0x1, 0x101, 0x5, 0x80000000, 0x1}, {0x1, 0x4, 0x4, 0x0, 0x24, 0x3}, {0x77, 0x6, 0x3, 0x3, 0x0, 0x40}, {0x3, 0x9, 0x9, 0x101, 0x994, 0x80000000}, {0x2, 0x6eac, 0x0, 0xb1, 0x5, 0x6d4}, {0x93, 0x5, 0x3, 0x42ba85, 0x2, 0xd}, {0x401, 0x2, 0xa, 0x4, 0xfff, 0x1}, {0x1, 0x3, 0x4, 0x0, 0x3, 0xfffffb3e}, {0xfffffffb, 0x2, 0x8000, 0x5, 0xa0c2, 0x8}, {0x2, 0x10, 0x4, 0x0, 0x4, 0x1}, {0x0, 0x9, 0x3, 0x7, 0x3}, {0x4, 0x5, 0x806c, 0x3, 0x6, 0x18000}, {0x0, 0x1, 0x0, 0x3, 0x2, 0x80000000}, {0x6, 0x80, 0x2, 0xfffff001, 0x8174, 0xdc}, {0xf0, 0x101, 0x999, 0x0, 0x2, 0x4}, {0xfffffff8, 0x0, 0x1, 0x7, 0x8, 0x8}, {0x401, 0x2, 0x0, 0x1000, 0x3ff, 0x5}, {0x0, 0x9, 0xda03, 0x0, 0x7fff, 0x7}, {0x0, 0x7fff, 0xe49, 0x1, 0x30d, 0xffff}, {0x2, 0x7f, 0xf2c, 0x4}, {0x9, 0x67, 0x7, 0xa, 0x8437, 0x7ff}, {0x39a, 0x0, 0x2, 0x7, 0x10000, 0x1}, {0x3, 0x40, 0x6, 0xd, 0xa, 0x8}, {0xb5, 0xf5, 0x7f, 0x0, 0x1, 0x4}, {0x3902, 0x7, 0x0, 0x59bb, 0x8, 0xd}, {0x1, 0x1, 0x81, 0x5, 0x2, 0x5}, {0x8001, 0x0, 0x5, 0x10, 0x2aa, 0xa}, {0xf, 0x2, 0x6, 0x3ed5, 0x0, 0xffffffff}, {0x7c, 0x10000, 0xca, 0x8, 0xfffffffa, 0x4}, {0xb, 0x2, 0x9, 0x2, 0x6}, {0x40, 0x4, 0x9, 0xfffffffb, 0x2, 0x328d5c3e}, {0x8, 0x9, 0x6, 0x7, 0x7, 0x2d3}, {0x2, 0x5, 0x0, 0x8001, 0x5, 0x3e4}, {0x7, 0x7, 0x3f3, 0x8, 0x10, 0x10000}, {0x3, 0x10001, 0x8c, 0x4a9, 0x2, 0x7}, {0x1, 0x9, 0x6, 0x5, 0x4ee56aea, 0x10000}, {0x5, 0x5, 0x4, 0x6, 0x9, 0x80000001}, {0x9a3, 0x0, 0x7, 0x0, 0xbb8d, 0x2}, {0xa, 0x6, 0x400, 0x83e0, 0x5, 0x4}, {0x5, 0xffffffff, 0x8, 0x10001, 0xffffffff, 0x4}, {0x20000000, 0x2, 0x9, 0x5, 0x3, 0x5}, {0x6, 0x1, 0xfffffff7, 0x3, 0x2, 0x7}, {0x5, 0x7ff, 0x8, 0x4, 0x3, 0x10001}, {0x7, 0x4, 0x7, 0x1a, 0x7, 0x6}, {0x6, 0x5, 0xbc0d, 0x3, 0x7fffffff}, {0x2, 0x6, 0x3, 0x9, 0x29, 0xfffffffe}, {0x6, 0x66, 0x0, 0x7, 0x1fff}, {0x1, 0x3, 0x5, 0x0, 0x1, 0x9}, {0x1, 0x5, 0x6, 0x2, 0x792, 0x33861bcf}, {0x9, 0x3f, 0x7, 0x5, 0x5, 0x4a}, {0x0, 0x2, 0x0, 0x916, 0xffffffff, 0x4}, {0x20, 0xfffffeff, 0x2, 0x2, 0x6, 0x8870}, {0xa70a, 0x80, 0x82ad, 0x8, 0x2, 0x100}, {0x2, 0x8, 0x7, 0x4, 0xfffffffe, 0x7fff}, {0x6, 0xb01, 0x3, 0x6, 0xffff8001, 0x1}, {0x6, 0x9, 0x6, 0x5, 0x4, 0x115}, {0x4, 0x2, 0x9, 0x2, 0xfffffff9, 0x3}, {0x4, 0x9, 0x80000001, 0xa1, 0x646f, 0xef}, {0x8, 0x1, 0x403, 0x7, 0x10001, 0x1}, {0x7fffffff, 0x1, 0x100, 0xff, 0x9, 0x3ff}, {0x9, 0x1, 0x6, 0x10001, 0x3ff}, {0x1, 0x3, 0x1, 0x1, 0x0, 0x10001}, {0x6, 0x3, 0x5, 0x1, 0xda93}, {0x1, 0xe, 0x7, 0x34, 0x10001, 0xe}, {0x7, 0x100, 0x0, 0x2, 0x4, 0x8}, {0x6, 0x83, 0x2, 0x2, 0x800, 0x9}, {0xf, 0x53d0, 0x8000, 0x7, 0x1, 0x6}, {0x3, 0x8001, 0x9618, 0x9, 0x5, 0x3}, {0xbc0, 0x80000001, 0x5, 0x3a551a08, 0x7, 0x8}, {0x641a, 0x0, 0xffffd805, 0x81, 0x4e8, 0x1b}, {0x4d7, 0x101, 0x3, 0x6, 0x8, 0x1}, {0x0, 0x100, 0x2, 0x7ff, 0x5, 0x6}, {0x6, 0x1, 0xb, 0x101, 0x8, 0x7e5f}, {0x3, 0xae, 0x5, 0xfffffc01, 0x2, 0x10001}, {0x4, 0x3, 0x3d9, 0xbfc, 0x8000, 0xff}, {0xb, 0x20000000, 0x8, 0x311e, 0x7, 0x6}, {0xfffffffe, 0x7, 0x5, 0x1, 0xc0000000, 0x5}, {0x40, 0x87, 0x2, 0x80, 0x1, 0x8}, {0x654, 0x0, 0xffffffff, 0x2, 0xe9, 0x4}, {0x1, 0x10001, 0x8, 0xbb0, 0x10001, 0x80000000}, {0x6, 0x5c29, 0x8, 0x3, 0x7, 0x4}, {0x4, 0x5, 0x80, 0x3, 0x7, 0xe80}, {0x7, 0xfffffffb, 0x7, 0x4, 0xfffffff1, 0x6}, {0x8, 0x5, 0x7fffffff, 0xf, 0x6, 0x101}, {0x10001, 0x0, 0x4, 0x1000, 0x371, 0x2}, {0x6, 0x5, 0x1, 0xe351, 0x8000, 0x3}, {0x7, 0xd, 0x9, 0x7, 0x80000001, 0x7}, {0x0, 0x7, 0x7, 0x8, 0x5e5, 0xa9}, {0xe, 0x8, 0x5ae, 0x7fff, 0x3, 0x1}, {0x7fff, 0xf7b, 0x40, 0xffffffff, 0x1, 0x9}, {0xd8d, 0x101, 0xa80, 0x8, 0x6, 0x10000}, {0x4, 0x3897, 0x5, 0x0, 0x3ff, 0x1}, {0x8a, 0x7, 0xffffffdd, 0x16e, 0x4, 0x4}, {0x7a3, 0x7, 0x8, 0x5e4, 0x6, 0xfffffff3}, {0xe, 0x0, 0x1, 0x8, 0xf1e, 0x7}, {0x200, 0x2, 0x8, 0x80, 0x8, 0xbbca}, {0x5, 0xf4f, 0xfffffff7, 0x58b8d8ec, 0x6, 0x9}, {0x9, 0x0, 0xc, 0x9, 0x10, 0x5}, {0x3, 0x2, 0x6, 0x3, 0x9, 0x4}], [{0x4}, {0x4, 0x1}, {0x1}, {0x2, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {0x0, 0x1}, {0x4}, {0x4}, {0x1}, {0x2}, {0x4, 0x1}, {0x5}, {0x1}, {}, {0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x2}, {0x1}, {0x5}, {0x1}, {0x2}, {0x5}, {0x4}, {0x5, 0x1}, {0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x1}, {0x5}, {0x5}, {0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x4}, {0x4, 0x1}, {0x3}, {0x0, 0x1}, {0x2}, {0x242809e1d20c4952}, {0x2, 0x1}, {0x3, 0x1}, {0x2}, {0x1}, {0x2}, {0x2}, {}, {}, {0x2, 0x1}, {0x1}, {0x0, 0x1}, {}, {0x4, 0x1}, {0x2}, {0x0, 0x1}, {}, {0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x4}, {0x2}, {0x7, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0xf388bcf4bcc42b90}, {0x3}, {}, {0x1}, {0x4}, {0x0, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {}, {0x4}, {}, {}, {0x0, 0x1}, {0x7, 0x1}, {0x1, 0x1}, {0x1}, {0x3}, {}, {0x0, 0x1}, {0x1, 0x1}, {0x4}, {0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x2}, {0x5, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {}, {0x1, 0x1}, {0x4}, {0x4}, {0x5}, {0x3, 0x1}, {0x4, 0x1}, {0x2}, {0x5}, {0x1}, {0x4, 0x1}, {0xeea68870579dca51}, {0x4, 0x1}], 0x1}}, @TCA_PEDIT_PARMS_EX={0xe80, 0x4, {{{0xf72, 0x10000, 0x3, 0x64d, 0x5}, 0x8, 0x3, [{0x5, 0x1, 0xbb99, 0xfffffc00, 0x5, 0x8}, {0x1, 0x101, 0x2, 0xff, 0xc9, 0xc75a}, {0x1, 0x6, 0x10000, 0x0, 0x8, 0x4}, {0x7312, 0x7, 0x7, 0x68000, 0x2, 0x4}]}, [{0x6, 0x80, 0x5, 0x4, 0x0, 0x1}, {0xfc, 0x9, 0xa32, 0x5, 0x8, 0x7}, {0x3, 0xf, 0x0, 0x101, 0x7, 0xa05d}, {0xc, 0x2, 0x0, 0x0, 0x3978, 0x6f3}, {0x7, 0x4a, 0x7, 0x40, 0x0, 0x461}, {0x7, 0x1, 0x1, 0xad5, 0xfffffffd, 0x1}, {0x6, 0x4, 0x6, 0x7, 0xffffdc2e, 0x8}, {0x3, 0x6, 0x3cbb, 0x5, 0xe2d3, 0x2}, {0x7, 0x8, 0x8, 0x5a0, 0x1, 0x3}, {0x7a0edb2b, 0xc, 0x4, 0x0, 0x5, 0x9}, {0x7fff, 0x4, 0xdc3, 0x7, 0x9, 0x9}, {0x1f16a9b6, 0xfd5, 0x2, 0x3, 0xa, 0x7}, {0x2, 0x8, 0x7, 0x5, 0x8, 0x9}, {0xc852, 0x4, 0x4, 0x0, 0x7, 0x8}, {0x70, 0x63, 0x1, 0x3, 0x3, 0x211}, {0x5, 0x7, 0x76, 0xf, 0xf, 0x401}, {0x3, 0x3, 0xf2f, 0x5, 0x2, 0x3}, {0xb, 0xd0, 0x10, 0xbc5, 0x4, 0x8}, {0x4, 0x3, 0x3a16, 0x9, 0x3, 0x8}, {0x7, 0x8, 0x800, 0x80000000, 0xfffffe8e, 0x4}, {0x8001, 0x6, 0xa, 0x1, 0x1, 0x9}, {0x1, 0x6, 0xc2, 0x401, 0x8, 0x9}, {0x100, 0x3, 0xfffeffff, 0x1, 0x4, 0x4}, {0x7a5, 0x33, 0x5, 0x8000, 0x9, 0xbac}, {0x3, 0x7f, 0x8, 0x9, 0x4241, 0xce9}, {0x3, 0x1, 0x6, 0x4, 0xfffeffff, 0x80000000}, {0x9, 0x775, 0x5, 0x5dd537c2, 0x4, 0x5}, {0x9, 0xb, 0xec6, 0x1000, 0x8, 0x5}, {0x9, 0x98c, 0xfffffffa, 0x0, 0xfffffff7, 0xe430}, {0x80, 0x2, 0x3, 0x0, 0x4, 0xd}, {0x3, 0x3, 0x1, 0x2, 0x59, 0x9}, {0x4, 0x0, 0xf, 0x4, 0x4, 0x6}, {0x80, 0x7, 0x400, 0x7, 0x4, 0x1}, {0x7ff, 0x3, 0x10001, 0x8, 0x79, 0xbb}, {0xffffffff, 0x8001, 0xd6e, 0x8, 0x7fffffff, 0x24}, {0x80, 0x3, 0x0, 0xd6d, 0x4, 0x33}, {0x6, 0x8, 0x6, 0x7, 0x400, 0x6}, {0x6, 0x3, 0x6, 0xfffffffa, 0x9, 0x2d9}, {0x1, 0xfffff20e, 0xc, 0x0, 0x7, 0xf1f}, {0x0, 0x7, 0x4, 0x3, 0x2, 0x1}, {0x849, 0x0, 0x4, 0x3c5, 0x5, 0x3}, {0x1, 0x9a9, 0xff, 0x8, 0x10001, 0x7ff}, {0x8, 0x1e, 0x5, 0xe, 0x0, 0xfffffff7}, {0x5, 0x1, 0x7, 0xbf, 0x4d902031, 0x1}, {0x7, 0x10, 0x7fffffff, 0x1, 0x400, 0x7}, {0x7ff, 0x0, 0x0, 0x7, 0x0, 0x9}, {0xea, 0x5, 0x57000000, 0x4, 0x40, 0x4}, {0x3, 0xffff, 0x3, 0x0, 0xffffffc0, 0x286}, {0x7fffffff, 0x1, 0x6, 0xbaa, 0x10001, 0x2}, {0x4, 0x8, 0xa815, 0x53ff, 0x7, 0x8000}, {0x7, 0x7fffffff, 0x585, 0xfffffbff, 0x0, 0x6}, {0x200, 0x0, 0x400, 0x4b, 0x3}, {0x2, 0x6, 0x3, 0x9, 0x5, 0xd7c}, {0x6, 0x401, 0x4, 0xb8, 0x556, 0x9}, {0x4c, 0x6, 0x80000001, 0x80000000, 0x7fffffff, 0x101}, {0x0, 0x9, 0xb8, 0x0, 0x101, 0x8e0}, {0xfff, 0xaf40, 0xfffffffd, 0x1, 0x6, 0x1}, {0x1, 0xeefe, 0xfff, 0x5c3c, 0x7, 0x8000}, {0xb63, 0x2, 0x1, 0xfffffff9, 0x9, 0x4}, {0x0, 0x1, 0x3, 0x1000, 0x6, 0x8}, {0x200, 0x0, 0x5, 0x7, 0x9, 0xd}, {0x101, 0x40, 0x6, 0x9, 0x101, 0x3}, {0x5, 0x0, 0x8, 0x9, 0x7ff, 0x2}, {0x8, 0x58, 0x9, 0x1, 0x7, 0x101}, {0x0, 0x7, 0x5, 0xffffffff, 0x1, 0x3}, {0xffff, 0x0, 0x9, 0x8001, 0x1, 0xaf11}, {0x0, 0x6, 0x5, 0x2, 0x3, 0x5}, {0x80000001, 0x5, 0x80000001, 0x1, 0x2, 0xfffff56b}, {0x4, 0x819e, 0xa, 0x2, 0x4, 0xe}, {0x0, 0x4, 0x2, 0x0, 0x9}, {0x0, 0x9, 0x3, 0x7, 0x849, 0x4}, {0x100, 0x9, 0x7, 0x3, 0x9, 0x3}, {0x3, 0x0, 0x5, 0x0, 0x97a, 0x6}, {0x5, 0x3ff, 0x8, 0x32d, 0x3, 0x2}, {0x10, 0x0, 0x4, 0x2, 0x2, 0x9}, {0x1000, 0x4, 0x8000000, 0x0, 0x4, 0x3}, {0x3, 0x8, 0x3, 0x6, 0x2, 0xc}, {0x3, 0xfffffeff, 0x4, 0x3ff, 0x8, 0x7}, {0xffff0001, 0x1, 0x40800, 0x3, 0x10, 0x8}, {0x2, 0x80000001, 0xd, 0x3, 0x10, 0xc}, {0x4, 0x93, 0x0, 0xf90, 0x4}, {0x1, 0x10001, 0x7, 0x101, 0xfffffffe, 0xa}, {0x8, 0x4, 0x0, 0xffc00, 0x3, 0x8000}, {0x8, 0x4, 0x40, 0x2, 0x893, 0x694}, {0x1, 0x0, 0x40a12e80, 0x7fffffff, 0x5, 0x9}, {0x9, 0x563d1f6c, 0x0, 0x0, 0x200, 0x7}, {0x9, 0xfffffffe, 0x1, 0x0, 0x40, 0x8}, {0x7fffffff, 0x5, 0x7, 0xfffffff7, 0x5, 0x4e}, {0x1ff, 0x8, 0x6, 0xf1cd, 0x8100, 0x5d4}, {0x100, 0xdf, 0x5, 0xffffffff, 0x1, 0x2}, {0x6, 0xfffffc1a, 0x40, 0x100, 0x1, 0x3}, {0x1ff, 0x2, 0x100, 0x7, 0x6963aca4, 0x7}, {0xfffffff6, 0xfffffd8c, 0x4, 0x0, 0x2, 0x1}, {0xa, 0x2, 0x2, 0x8001, 0x5, 0x8001}, {0x9c, 0x8001, 0x6, 0x0, 0x7, 0xffffa660}, {0xaf1, 0x3, 0x7, 0xffff, 0x6, 0x9}, {0xffda, 0x80, 0x400, 0x80000000, 0x1, 0x7}, {0xfffffffa, 0x3, 0x8, 0x4, 0x8, 0x7}, {0x4, 0x6, 0x5, 0x80, 0xfff, 0x5}, {0x8000, 0xa21, 0x9, 0x5, 0x1, 0xfffffff8}, {0xe0a, 0xd, 0x7, 0x6, 0x401, 0x4c8}, {0xf, 0xffff8000, 0x0, 0x10000, 0x9, 0x9}, {0x7, 0x7, 0xaf7, 0x401, 0x357e6613, 0xffff}, {0x8000, 0x5, 0x4, 0x5, 0x978, 0x6400002f}, {0x7f, 0x10001, 0x76b4, 0x5, 0xda16, 0x2}, {0x2, 0xfffffffb, 0x6, 0x7e, 0x0, 0x2}, {0xfd6d, 0x2, 0x7, 0x1ff, 0x6b, 0x219}, {0x1, 0x7, 0x1, 0x3, 0xc4, 0x7}, {0x0, 0x0, 0x12000000, 0x6, 0x6, 0x7}, {0x2, 0x1, 0x6, 0x4e, 0x4, 0x7}, {0x4, 0xb3, 0x9, 0x6, 0x7, 0x3}, {0x2, 0x9, 0x5, 0x0, 0x1ff, 0x1ff}, {0x284d, 0x3, 0x533, 0x2, 0x4, 0xc}, {0x0, 0x5c54, 0x6, 0x3, 0x1ff, 0x1}, {0x800, 0x7, 0x7, 0x8, 0x59fd, 0x80000000}, {0x6, 0x2, 0xfffffff9, 0x8, 0x400, 0x4}, {0x8, 0x400, 0x6, 0x3, 0x1ff, 0xc}, {0xfffffbe7, 0x1, 0x1, 0x8, 0x0, 0x2}, {0x5, 0x1, 0x2, 0x1, 0x63c, 0x1}, {0x7, 0xfffffff9, 0x2, 0x8, 0x6, 0x5}, {0xa, 0x3, 0x7, 0x40, 0x7fffffff, 0x6007}, {0xd8b, 0x6, 0x200, 0x1, 0x3ff, 0x24000000}, {0xe6c, 0x4, 0x5, 0x9, 0xe, 0x4}, {0x3, 0x0, 0x0, 0x6, 0xd, 0x80}, {0x10, 0x80000, 0xfffffffe, 0x0, 0x101, 0x6}, {0x6, 0xa2, 0x101, 0x4, 0xed8, 0x8}, {0x6, 0x95, 0xd28, 0x1, 0x7, 0x3}, {0x4, 0xa8, 0x3, 0x0, 0xfffffff8, 0x400000}], [{0x4}, {0x2, 0x1}, {0x2, 0x1}, {0x1}, {0x5}, {}, {0x3}, {0x2}, {0x3, 0x1}, {0x1}, {0x0, 0x1}, {0x4}, {0x2, 0x1}, {0x3}, {0x2, 0x1}, {0x2}, {0x4, 0x1}, {0x5, 0x1}, {0x3}, {0x3, 0x1}, {0x2, 0xdcf3d020cb29df1a}, {0x3}, {0x0, 0x1}, {0x4}, {0x3}, {0x1}, {}, {}, {0x5}, {0x4}, {}, {0x4}, {0x4, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x3}, {}, {0x1}, {0x4}, {0x2}, {0x4, 0x1}, {0x4, 0x1}, {0x5}, {0x1}, {0x4, 0x1}, {0x2}, {}, {}, {0x6}, {0x4, 0x1}, {}, {0x5, 0x1}, {0x2, 0x1}, {}, {0x4, 0x1}, {0xd, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x4}, {0x2}, {0x1}, {0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x3}, {0x2, 0x1}, {0x3, 0xd5175bdf0aab834c}, {0x0, 0x1}, {0x1}, {0x1}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {}, {0x0, 0x1}, {0x2, 0x1}, {0x3}, {0x3}, {0x5}, {0x3, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x2}, {0x5}, {}, {0x2, 0x1}, {0x5}, {0x4, 0x1}, {0x4}, {0x2}, {0x5, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x2}, {0x4, 0x1}, {0x1}, {0x2}, {0x5}, {0x1}, {}, {0x2}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x4}, {0x4, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {0x2}, {0x5, 0x1}, {0x2}, {0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x5}, {}, {0x1, 0x1}, {0x1}, {0x4}, {}, {0x5}, {0x3, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0xd0, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}]}, {0x4c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x6}]}, {0x2c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}]}]}, @TCA_PEDIT_KEYS_EX={0x34, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}]}, @TCA_PEDIT_PARMS_EX={0xe38, 0x4, {{{0xffffff00, 0x7, 0x5, 0x4, 0xfffffffc}, 0x5, 0x2, [{0x1000, 0x80000000, 0x1, 0x6, 0xa7, 0x1ff}]}, [{0x80000000, 0x4, 0x10, 0x3, 0x1, 0x7f}, {0x9, 0x5, 0x3, 0x6, 0x8}, {0x2, 0xffff, 0x80, 0x1, 0x1, 0x5}, {0xfffff92f, 0x1, 0x0, 0x1, 0x10000, 0x2d}, {0x2, 0xfffffff7, 0xabc6, 0xf, 0x1, 0x6}, {0x400, 0x80000001, 0x6ffb, 0x9, 0x7, 0x2}, {0x5, 0x3, 0x60000000, 0x2, 0x7f, 0xcdac}, {0x7769, 0x1, 0x2, 0x9, 0xfffffffa, 0x8}, {0xfffffffe, 0x5, 0x6, 0x800, 0xb, 0x3}, {0x4, 0x9, 0x9, 0x5, 0x0, 0x4}, {0x8000, 0x3, 0x8, 0x9, 0x684}, {0x7, 0x7fffffff, 0x9, 0x7, 0x1, 0x2}, {0x1, 0x0, 0x101, 0x4, 0x8df, 0xfffffff7}, {0xfffffffb, 0x7ff, 0x800, 0x70f1, 0x4, 0x8}, {0x7fff, 0x200, 0x0, 0x6, 0x7fffffff, 0x7017}, {0x7fffffff, 0x7, 0x6, 0x2, 0xfcf, 0x800}, {0x4, 0x5, 0x1, 0x4c5f, 0x140000, 0xd332}, {0x6, 0x200, 0x6, 0x1, 0x5, 0xae0b}, {0x3, 0x0, 0x8f, 0x1, 0x7ff, 0x6}, {0x9, 0x80, 0x1, 0x7, 0x6, 0x5}, {0x5, 0x1, 0x400, 0x7, 0x4, 0x4}, {0x4, 0x7, 0x7, 0xfffffff7, 0xffff, 0xf9a}, {0xa44, 0x6, 0x3, 0x4, 0x9, 0x6}, {0x8, 0x23, 0x7, 0x6, 0x4, 0xf}, {0x7, 0xe43, 0x7, 0x6, 0x8, 0x7fffffff}, {0x4, 0x400, 0x9, 0x8, 0x100, 0x959}, {0x7, 0xe, 0x1, 0xa4, 0x354dafab, 0x7}, {0x10000, 0x2, 0x7fffffff, 0x9, 0x9, 0x9}, {0x0, 0x5, 0x1, 0x0, 0x6, 0x400}, {0x3, 0xe91, 0x3, 0x5, 0x3, 0x7}, {0x3, 0xf, 0xffffffff, 0x532f, 0x1, 0x4800000}, {0x7fffffff, 0x8, 0x6, 0x9, 0x10001, 0x9}, {0x6, 0xfa7, 0x400, 0x3, 0xe2, 0x331}, {0x3ef, 0xa97, 0x0, 0xfff, 0x7fff, 0x4}, {0x5, 0x0, 0xf, 0x800, 0x2e6b, 0x8}, {0xfffffffd, 0x2, 0x2, 0x2, 0x2, 0x8001}, {0xf7ee, 0x7fff, 0x9, 0x1, 0x2, 0xc}, {0x4000000, 0xe5, 0x2, 0x1, 0x0, 0x6}, {0x401, 0x77ad, 0x7fffffff, 0x4, 0x3, 0x8}, {0x1, 0x4, 0xb6800000, 0x4, 0x6, 0x100}, {0x8000, 0x1, 0x989, 0x80000001, 0x4, 0x1}, {0x9, 0x9, 0xb, 0xee, 0xfff, 0x1000}, {0x4, 0x101, 0xefe, 0x2, 0x3, 0x4}, {0xfffffffd, 0xe5c2, 0xb4, 0xc, 0xba6, 0xc0}, {0x5, 0x5, 0x44, 0x1, 0x0, 0x1}, {0x0, 0xbe, 0x5, 0x4, 0xf, 0x56}, {0x945, 0x8, 0x10001, 0x52b, 0x2, 0x7f}, {0xffff, 0xa, 0x5, 0x8, 0x7f, 0x7}, {0x7e, 0x5, 0x7, 0xfffffff3, 0x6, 0x2}, {0x8, 0x9, 0x9, 0x7, 0x0, 0x401}, {0x8, 0x2, 0x9, 0x7, 0x1, 0x4}, {0xfffffbff, 0x9, 0x3ff0, 0x3, 0x0, 0xa}, {0x1, 0x2, 0x400, 0x2, 0x9, 0x5bcd}, {0x8000, 0x200, 0x98, 0xa1, 0x7437f190, 0x6}, {0x9, 0xfffffff7, 0x9, 0x8001, 0x1a, 0x5}, {0x200, 0x5, 0x5, 0x1, 0x8, 0x2}, {0x5, 0xa, 0x6, 0x9b, 0x7, 0x8}, {0x4, 0xb9a0, 0x1, 0x5, 0x6, 0x9}, {0x1, 0x0, 0x8001, 0x0, 0xffff}, {0xfffffffc, 0x10000, 0x9, 0x4, 0x5, 0x3ff}, {0x8, 0x1, 0x2, 0x5, 0x3ff, 0x5}, {0x1, 0x2, 0x10000, 0xff26, 0x0, 0x3}, {0x1, 0x5, 0x4, 0x3, 0x9, 0x1}, {0x20000000, 0xfffffffe, 0x5, 0x3, 0xa, 0x80}, {0x9, 0x2, 0xfffffff9, 0x4, 0x0, 0x3}, {0x1, 0x5, 0x8, 0x5, 0xd30, 0xfffffffd}, {0x10001, 0xffff256e, 0x2, 0x10000, 0x6, 0x4}, {0x129, 0x100, 0xeda, 0x0, 0xffffffff, 0x7}, {0x4, 0xa18e, 0xfffffff2, 0x81, 0xc7d8, 0x4}, {0x1, 0x9, 0x751cb436, 0x0, 0x80, 0x9}, {0x4, 0xfffffffe, 0x1, 0x7, 0xffff, 0x40}, {0x7, 0x6, 0xfffffffe, 0x2, 0x50000000, 0xf}, {0x4019, 0x8, 0x18b, 0x4, 0x7f, 0x9}, {0x8d4d, 0xfffff001, 0x100, 0x3711, 0x1, 0x6}, {0x80000001, 0x4, 0x9, 0x3, 0x5, 0x93c}, {0x1, 0x6, 0x2, 0x3, 0xb, 0xfffffffe}, {0xfffffffa, 0x700000, 0x6, 0x7, 0x67, 0x4}, {0xffffffe7, 0x4, 0x8, 0x5, 0x2, 0x56}, {0x0, 0x8, 0x2b3, 0x3, 0xfffffffd, 0x2000000}, {0x4, 0xff, 0x4, 0x2, 0x5, 0x3ff}, {0x5, 0x3, 0x0, 0xb9, 0x53f9dba6, 0xc}, {0x4, 0xfff, 0xda65, 0x0, 0x101, 0xffff}, {0x9, 0x9, 0x4, 0xffffffff, 0x3ff, 0xffffffff}, {0x6, 0x3, 0x9, 0x4, 0x3}, {0xfffffff8, 0xe951, 0x58c4, 0x30, 0x4, 0x80000000}, {0x1, 0x0, 0x1000, 0x8, 0xc65, 0x8}, {0x5, 0x6, 0x6, 0x9, 0x1, 0x6}, {0xd, 0x7, 0x9, 0x6, 0x5, 0x9}, {0x2, 0x3, 0x8, 0x5, 0x8001, 0x7}, {0x6, 0x6, 0x0, 0x1, 0x0, 0x7}, {0x1, 0x3, 0x74c5, 0x834, 0x4, 0x7}, {0x5, 0x81, 0x5, 0xfffffff8, 0xfffffff8, 0x8a1b}, {0xd7b, 0x4, 0x1ff, 0x81, 0x7fff, 0x4}, {0x27c, 0x4f, 0x6, 0xfffffffc, 0x3, 0x2}, {0x7ff, 0x0, 0x6e, 0x67, 0x3, 0x10000}, {0x4, 0x1, 0x3, 0x1, 0x2, 0xcae}, {0x6, 0x1, 0x9, 0x3, 0x1, 0x3}, {0x7f, 0xeb6d, 0xffffffff, 0x2, 0x5, 0x6}, {0x55, 0xc2, 0x3, 0x6000000, 0x4, 0x36}, {0x4, 0x6, 0x6, 0x57e6, 0x80, 0x2}, {0x8, 0xc0000, 0x8, 0x8, 0x8, 0x6}, {0x1, 0x4, 0x8, 0xeb2, 0x7, 0xf}, {0x7, 0x100, 0x1, 0x10, 0x2, 0x1ff}, {0x8, 0x6, 0x38000, 0x1, 0x4, 0x43796532}, {0x0, 0x8, 0x8, 0x6, 0x8001, 0x44}, {0x7fffffff, 0x2, 0xf, 0x2, 0x91e, 0x7}, {0x4, 0x2, 0x7, 0x3, 0x6, 0x1}, {0x8, 0x20fc, 0x3, 0x1, 0x36, 0x4f5}, {0x3, 0xf7, 0x0, 0x5, 0x200, 0x7fffffff}, {0x2, 0x7de, 0xd33f, 0x2, 0xcc57, 0x8001}, {0xc2d, 0xa2e, 0x7, 0x6, 0xffff8001, 0x4}, {0xc54, 0x2, 0x101, 0x464, 0x2, 0x6}, {0xbb8f, 0x0, 0x1, 0x658, 0xe7, 0x1d1}, {0x5, 0x7, 0x7, 0xd, 0xfffff42e, 0xddcf}, {0xff, 0xca, 0x2, 0xad88, 0x0, 0x9}, {0xfffffff9, 0x4, 0x6, 0x9, 0x383a, 0x7}, {0x80, 0x80000000, 0x8, 0x7, 0xff, 0x2}, {0xda, 0x1, 0x55df, 0x98, 0xffffffff, 0x7}, {0x3, 0x3, 0x6, 0x5, 0x15a, 0x6f}, {0x2, 0x7, 0x2f, 0x34c, 0x9, 0x80000000}, {0x0, 0x1, 0x3, 0x400, 0x2800000}, {0x1, 0x2400, 0x7, 0x4, 0x3, 0x4}, {0x8, 0x8, 0x6, 0xc7, 0x7, 0x378e}, {0x5, 0x88d, 0x5, 0x8, 0x400, 0x5}, {0x0, 0x1, 0x3, 0x5, 0x7f, 0x2}, {0x81, 0x4, 0x1, 0x5f8f, 0x6, 0xff}, {0x6, 0x2, 0x4, 0x3, 0x80000000, 0x3}, {0x100, 0x5c65, 0x8, 0xfffffbff, 0xfffffff7, 0x9c80}], [{0x4, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x5}, {0x4}, {0x1, 0x1}, {0x4}, {0x5}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x5}, {0x4, 0x1}, {0x4}, {0x3, 0x1}, {0x2}, {0x4}, {0x3, 0x1}, {0x5, 0x1}, {0x5}, {}, {0x0, 0x1}, {0x4}, {0x3}, {0x3}, {0x4, 0x1}, {0x1, 0x1}, {0x5}, {0x2, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {}, {0x3, 0x1}, {}, {0x0, 0x1}, {}, {0x5}, {0x2, 0x1}, {}, {0x0, 0x1}, {0x3}, {0x2, 0x1}, {0x2, 0x1}, {0x2}, {0x0, 0xa83b0e8f0f2c9caf}, {}, {0x5, 0x1}, {0x4}, {0x4}, {0x4}, {0x3, 0x1}, {0x1}, {0x5, 0x1}, {0x1}, {0x1, 0x1}, {0x6}, {0x2}, {0x5}, {0x2, 0x1}, {0x1, 0x1}, {0x4, 0xf3734babb7b2df90}, {0x5}, {}, {0x1, 0x1}, {0x4, 0x1}, {0x3}, {0x3}, {0x2, 0x1}, {0x4, 0x1}, {0x1}, {0x4}, {0x3, 0x1}, {0x3, 0x1}, {0x4}, {0x3}, {0x2}, {0x1}, {0x2}, {0x0, 0x1}, {0x5}, {0x3, 0x1}, {0x4, 0x1}, {}, {}, {0x5, 0x1}, {0x1}, {0x4, 0x1}, {0x219557562159e10d, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x4}, {0x1}, {0x0, 0x1}, {0x4}, {0x1, 0x1}, {0x5}, {0x2}, {0x5}, {0x2}, {0x5, 0x1}, {}, {0x4}, {0x4}, {0x3}, {0x0, 0x1}, {0x2, 0x1}, {0x3}, {0x2}, {0x2}, {0x3}, {0x2, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x3}, {0x3}, {0x3}, {0x3, 0x1}, {0x2}, {0x4, 0x1}, {0x4}, {0x3, 0x1}, {0x1}, {0x0, 0x1}, {0x1}, {0x1}, {0x0, 0x1}, {0x2}, {0x1}]}}, @TCA_PEDIT_KEYS_EX={0x4c, 0x5, 0x0, 0x1, [{0x3c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}]}]}, @TCA_PEDIT_KEYS_EX={0x4}]}, {0xd4, 0x6, "4a43a296cbb90da4de2d959bcff286c8d40310e4d00ccf78c4d228656ab387d396319b9438c9f2e2a6469709343374fb9a78ce05192e66110e860da3bb31f980d2ef311c2d0384196ff556c4e5ecac02c0e059f29b6428ceb7b8a184046025a519ed981029c927dc42b69d84750ab192e0d0ae0d4f44aa8221483dbcc6b1aa5286c28b241baf1913afa43254fcc6e84a8adb7134dec272bd6b27b73b121a827120971ce2912feb12c8aee722504d8ee5f87fbf87ad87faba58a1b4a0b910bef3c88d4bfc4b0090337790747a28d2ff96"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x154, 0x3ffe, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x10f, 0x6, "62b9fb776082786e1cc9c247d68e7b07f7aa56fb29cb3326117be7131487d283fbe55f29e05a27351af44663c8d3e23ef6adeb70f9d6a6123f101f9c7af9eb2a9f40d0b1bb3a3ede111ca19dba72bb519ee424369aa9d02703881ce60c8d92edbe385399f93dc41b6a0f33b135eaae9dc0bc56f95fdf4615221e0dc1a6fec9a84488eb962102cc6546a6415a5dded7d436e40db74624d97b635ffd28cf9631c25f251ade5acbc740c0ff4d0a54aa86a55058951bdb8f7f74e34ca8bf6ac069a090c723fb8556d113c454aa8e9ccf111a04380a837f4a71d02de1d9c5b293583d7aa086ec8c11bb7c0baae03ea639cda03c5e0b814ac3fa4495adf3776ae494fa28098acf959e2a3c61e5eb"}, {0xc}, {0xc}}}]}]}, 0x2f58}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000540), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000e40)={0x990a23})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'rose0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
read(r4, &(0x7f0000000340)=""/4096, 0x1000)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r6], 0x20}}, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = dup(r8)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r10, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
unlink(0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000001340)={0xa, 0x4e25, 0xfffffffe, @local, 0x3}, 0x1c)

5.922584342s ago: executing program 0 (id=1501):
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x0, 0x100000, 0x9, 0x0, 0x0, {}, {0x0, 0x0, 0x800000}, {}, {0x0, 0xfffff90d, 0x1}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x8080, 0x0, 0x9, 0x200000, 0xe, 0x1, 0x0, 0x3, 0x1})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r2}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r5}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e23}, 0xfffffffffffffe81)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000340)=0x2)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000004c0)={{0x1, 0xffffffffffffffff, 0x0, 0x0, 0xee00, 0x1cb, 0x2e2}, 0x0, 0x0, 0xb7, 0xda, 0x4, 0x2, 0x8, 0x2, 0x101a, 0xd7df, r0})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r7 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0)
pwrite64(r7, &(0x7f0000000000)="a5", 0xfffffe8c, 0x2)
ioctl$BLKRRPART(r7, 0x125f, 0x1f)

4.967372857s ago: executing program 0 (id=1503):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x4, 0x10058, 0x0, 0x0, 0xa84}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r3 = dup2(r2, r0)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x8081)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000000000000000000000000ffff"}})

4.788794372s ago: executing program 0 (id=1504):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000002000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x40010, r0, 0xee19d000)

4.422781761s ago: executing program 0 (id=1505):
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x405c5504, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = socket$isdn(0x22, 0x2, 0x11)
close(r3)
syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000380))
r4 = syz_io_uring_setup(0x5e0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x3, 0x2f9}, &(0x7f0000000140), &(0x7f0000000180))
io_uring_enter(r4, 0xa3d, 0x0, 0x79, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$alg(r5, 0x0, 0x0, 0x0)
r6 = mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x3a, &(0x7f0000000300)={0x0, 0x1, 0x7, 0xfffffffe})
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcca)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r8 = socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x114, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x4}, {}, {0x5, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0xe4, 0x2, [@TCA_FLOW_EMATCHES={0xe0, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0xd4, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0xbc, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_LVALUE={0x19, 0x2, [@TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="98", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR]}, @TCA_EM_META_RVALUE={0x2b, 0x3, [@TCF_META_TYPE_VAR="d6e4e11092a01182f5", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="701b6d97ca7c9c4969", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR='h', @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0x8, 0x2}, {0x2, 0x5}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9a0, 0x0, 0x2}, {0x2, 0x3, 0x1}}}, @TCA_EM_META_RVALUE={0x8, 0x3, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_LVALUE={0xc, 0x2, [@TCF_META_TYPE_VAR="6bf5cdf3c2cdd6b6"]}, @TCA_EM_META_RVALUE={0x38, 0x3, [@TCF_META_TYPE_VAR="7284f49f1c9b", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_VAR="bb46a15d27de", @TCF_META_TYPE_VAR="f4f227a8fefd13980a5a", @TCF_META_TYPE_VAR="f1", @TCF_META_TYPE_VAR="4d85", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR='\r', @TCF_META_TYPE_VAR="e823de60294a51b6", @TCF_META_TYPE_VAR="8b9b961c2ab1d030706b"]}]}}]}]}]}}]}, 0x114}}, 0x20040054)

4.355112239s ago: executing program 35 (id=1505):
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x405c5504, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = socket$isdn(0x22, 0x2, 0x11)
close(r3)
syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000380))
r4 = syz_io_uring_setup(0x5e0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x3, 0x2f9}, &(0x7f0000000140), &(0x7f0000000180))
io_uring_enter(r4, 0xa3d, 0x0, 0x79, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$alg(r5, 0x0, 0x0, 0x0)
r6 = mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x3a, &(0x7f0000000300)={0x0, 0x1, 0x7, 0xfffffffe})
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcca)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r8 = socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x114, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x4}, {}, {0x5, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0xe4, 0x2, [@TCA_FLOW_EMATCHES={0xe0, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0xd4, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0xbc, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_LVALUE={0x19, 0x2, [@TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="98", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR]}, @TCA_EM_META_RVALUE={0x2b, 0x3, [@TCF_META_TYPE_VAR="d6e4e11092a01182f5", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="701b6d97ca7c9c4969", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR='h', @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0x8, 0x2}, {0x2, 0x5}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9a0, 0x0, 0x2}, {0x2, 0x3, 0x1}}}, @TCA_EM_META_RVALUE={0x8, 0x3, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_LVALUE={0xc, 0x2, [@TCF_META_TYPE_VAR="6bf5cdf3c2cdd6b6"]}, @TCA_EM_META_RVALUE={0x38, 0x3, [@TCF_META_TYPE_VAR="7284f49f1c9b", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_VAR="bb46a15d27de", @TCF_META_TYPE_VAR="f4f227a8fefd13980a5a", @TCF_META_TYPE_VAR="f1", @TCF_META_TYPE_VAR="4d85", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR='\r', @TCF_META_TYPE_VAR="e823de60294a51b6", @TCF_META_TYPE_VAR="8b9b961c2ab1d030706b"]}]}}]}]}]}}]}, 0x114}}, 0x20040054)

4.214083553s ago: executing program 6 (id=1507):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2, 0x2, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x4, 0x3, 0x100000, 0x2000, &(0x7f000000f000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000fd3000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x271a, 0x0, 0xdddd0000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0xfb7f, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})

4.025032202s ago: executing program 6 (id=1508):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101701)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
ioctl$TCSBRKP(r2, 0x5425, 0x0)
r3 = io_uring_setup(0x28d5, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x211})
close(r3)
ioctl$TCSETSW2(r2, 0x5425, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
close(r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioperm(0x3, 0x2c3, 0xbc)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r4=>r0, {0x9}}, './file0\x00'})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000003c0)={0x1, 0x4, 0x2, 0x0, 0xe})
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/profiling', 0x141b82, 0x180)
write$cgroup_int(r5, &(0x7f0000000040)=0x9, 0x12)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x64, 0x18, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x7c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0x48, 0x6, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x30, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xb}]}}}]}]}]}]}], {0x14, 0x10}}, 0x144}}, 0x0)

3.372236934s ago: executing program 6 (id=1509):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)={0x1d})
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f00000000c0)={0x0, 0xe39}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000001a40)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x12}}, @in={0x2, 0x0, @local}], 0x20)
r5 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
fchdir(r6)
mkdir(&(0x7f0000000000)='./file0\x00', 0x103)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x32)
lseek(r2, 0x2, 0x1)
getdents64(r7, 0x0, 0x22)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='./file2\x00')
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)

2.918538914s ago: executing program 4 (id=1235):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000180)='./file0\x00', 0x8e)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0)

1.800294209s ago: executing program 6 (id=1510):
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xaaa, &(0x7f0000000240)="23591363adf94c4a3525c373b8be3e8d2672540e4fff5fe79b18763b68b5c8cde0045f31e73285632c09da90f5451b7f64f1faee49a0d8fa57fb52ecde3cb94c60c97e8a9a4b9e8b8a625ef77381a7fed894b680d2bf18225baa8ac2279e4966b3bc0adb5332c5ecbc6c3da241c9215cfc3c563c3bc0291d5f45f8d56d583cff127e3373ade7df08cc06d94780975eeaf693ffb533a47e615651192042ea01b4f8ef2332d798ff7da5ad85ffcb7bf1c66705a1d0c2dded41131fbd3372527cd58da0761821c610c916e7126d0d9f38da2ea2df4048a4c222ffe5949556b16efbc4c824fda8e92f0647858a31f0cebc12f0a4e88ae8d5d6689e499301a23a6d4452da35cb0e51b1b9dd6be08b7e3430b77a1143db66bd7b77995b08262510df7aa578cb52ccae69b26f74ea7a2f5d38e0e49412165b94b6da07a4e82c25dea5ad36d9517e9b7152d01c9fbed0ff5dcd8a1ffbef5a2bddee07d7369e517b0d42d3815015334fe2e9e81c4c9b4e6215b236030bc9c4b806fa70175d7ce4268448e3599265549b96df63550df8bbc692c84ac97293998f3351766e93112904c8a80a5045d57e827b561127040a09b3025320a51965ce5c4ff115fa8ce879045cb290abe97641435585c7bb98be38985ea23e58d2ad96499a5f0842eee3c7a263ca47809ce99ef11208b7260ea0a3848634c82a47405e9075ea05098752817d682ae52df079d32116ee458586118ca243767cf986b3e89d6470df859f910256a723062a88441e992d2a9b9fa1dadaeac1c630dc17497404323653cb9a5355f88b6aa6fe714f0723b6938d7ebcac44fe717f0084bc34e5f86980520bad4e6ae4b173f1e4325f9c547828232c9aaa560fb99b6946d65f6532afca8501938703042be2933b633db1f63e692679f1ee71294204acd45480aff57491375fa7f9d7f880de291348fd2ee42dbfdbd8cc8b84aaacc6809e06c5a73e9a9db1bbb2c731a8fd6807ddb0f5b900213bae81372e2a4325b9aecc0125b2016c72e40db36d2c91d55eb5bc8c455b7e29a32c0f1b36645e004dc0db7f521c436f735e09402fe38d853a2db74d7a18f68ff28fb38e861efd6f2f92ebcfc13bb10e57026443ba84df1e18041d6f9fd4aead2e87c6980d9fa28e8251a809c88dc25b4f29813436318b59bc8bf80115f15e33387ed955cc4423b49d5a4ae6fb37ddfa1e31d712bd4e7f6cb5d2dbba874337aa235dbeeb38cd9f1469ee02270dc55acfefc27f35c0d067ef3341e111282c139c623af9eb0eb7613c0cc7284e7a9945ad1870cb621e1350cfef3a8526d21b214745aed61d78f834c60afe2403a3280bd2349612761d0692ed8048d1b33a158a2882bafd56012a465a336c12a675adbffa91530cfe1b55ae8b0813403256c148e0d0c7f1056f34be5a1f28275025d48fcf9f12bf21453b2c060a9d05b0fed49799809b631349e2e5e1a6e0461d1cd667e8a4ec1b9b088b7bb0ffda7b6110049036d6139a227c53e3825d71d6cb06e96f0eb67076aa5faf026cd603ee91a7ba9fcb13763721d7bbb7c021e7d2395fa566483942052bd74aac4e9acb4bc3ba1d4ecc3fa4b8e99f5f91f6e9ae598ea225a7a889a8fd50ed8e75c21a93764745a7f2846b8f63590fab912d1f10582a862d5e4af02dd44c410642cce20a3877559d4fd83b962d78a61c84cfcf74f6ba0ccb85a19a505b24875daaa7b7ee3083a0f7a034f66031bdcd2dbf2d56c61e30186dc555ad834d855a055529ee6ecf50586ceb29210b44fa704498b238dd68c1e14b36da172f6febdd67b49d833370247e0a024eab77de4aa5efe7f387a9a4cb573c6e344a3c4d2a45f1df4ee883913bd61cf7a39626244ac64cb0345fccdca1131171031be3c6084e0d2941371afd1c268512133ac68cac0ebdb0502db18340adea29132a1cb667056541f2edd8354d52563458d8ecd18c49d5b9dbe0859a0cff6c2ba5cfa4e8736e7e7eaafa061ef86351d3d52f50410aef8f1df813c29d3fd4080242adecc39a8b9b054eb818116d1ce46096c8c983a09164bbe0262df134af33986e0a12a9eac6268939a1ab2e7efd4376a8ff583b93f226711395b9163e49fbc790f67596f28d341cf36e37d7475c2b09278fa66f5b3cbb4161f017bc49e99d19039aed6d620dc01487ecbe043add02927b88ed4de8e3112ebf9ba837134d8adc36e4beeefc5037dc683b585cdee1e265f1ee47934f558c4c13bafb2a06e9951789f6a2243fa074d7b9489ffe32625cf141cb0ce9353c0c6849695f6a23f1b554b225f9e7d1e73bc4bbee326181144584aaae8e2f004aea46e8d334f65123b93fd945f487d917c485b8b65ce7aa1090a301b96ac664c65101db1bd1d224e1d25f8946a5faa0baf1fcf3fb015445f974d415b8e50e9b55435b26358b517112822d99d9cdf45aea3db255ab72f1ac51fd00d812c2fc484a581c72e8fa39d0a3a5ecff51fca9292267e98ca70b005be53b7f32205acfa59d1f623c03c6625d74ba76f95464f3b0617f87246c298e12e73876549ac765147f928fe3fce378100663a32ccbe312d5458db8e5aecc2bd70bedbfd397157bbc291065332e5988744ba63712753bcded54aab53b82894b8272d5be38943b9c948438271097b061e07e983709703af8c69df1aaeb7cda83e92df304002a03438dc0cf2e4b6492feb9be8379cee7fcb874f22a392e6b6470cc6d1b5dd500693e4d26c8f9e48492fdfabb8294bee57f721572ef9239f519eef9a9f4e59950d252095e6a4229a57e4202302388fe316f4d1300973549ff6bd8a3c747db0686aa5a3e30a41993db467ef0197da3cf7cfa356bc7c802177906f39d22777b1b4f930798b83f5ffc4f444ad564e87e2d1fe4f45a40a36e1b5515347f42d5513ec3d70584151d60ae515e5e3e467fa6816744b22c3a08cc318e2a6176547d0ca285067605fbb6a14e9fc40a74d2d27eb5492d0709f04603d36a05a0e4a055cdc7b9e5970aa9960ba6523fd234208cd95926029daa5498bf14ce9beb3fe31113bff7bd22dbd8ccb04593b3edd074092ae8be18ff94c59d376aa4c070e09b237568167a4b0d003e3df329966b5a6285a4547824a9dec2fd82428483c55f57adc35fcbcfb5af22da38fc98603cdfaffea70b9337a339442226305c06005747b4cd368c616f97fe467f087df5bcfc5d072120fa0d837103b65cd0efc2f08f81bc7e5c39435ffcbcc9a41ee94b2bd5708100c1c14a34c28ab5335bfea389444a38fe36132d7f4a9d9cc9a4a6a78646016f6f2a0cb832f0c2c8720c20430aaf3c4658b943648cfd84577ab42cc8fb051c407c5e9f2e2f996ce542485aa020f0b052059e0f18d3a5295383079acd63159f164f222bac96f98a30bb78d0e152b96d97e074208b171c3ce47cbcf747acf2a2873ddea30992686990b15e11bf8bf8be33ddc2fe3ad429a42ad065c32d35bc86d336eaa4e368a0b8b679c07c7419de2f21bd398f15b92d16e90e19f2e66343f88eb6349ac39553a0ccc6b5d61c4a69d3b3ffd10ed7c56408726e8ac25ac0bfdac182b53345d661c13775eb6deec22a17bbdd2189385baa39fc9be062ecbdac11157b64dcac58d1eb4f029a37d744d5c9551b51941353922dccded9da40a5b967513730a6604180e1d3e5c80f7f4a4e8edd75f5d466f66394dc5c4e529e33242ce016d4b479cf54c5876ff4bb1f651d7c975cccf1a7c7e8d9cce2918ca47684d92e7f258204731448986ed81dce4ca5eaf05512f93031ab16eadf0dd62e209839141847b8d2b7512508160be659be016faf2ac3e51a0e8e1f0bde51231c345dcb3ce926f00544c570a8fe3b6b6412d612549aefcf3bee1137c45dccff4ea9396a087ae33b2cbf0ec6d6fedcb5de2546540b4dadf2bd9f6d1f51125969c4ecbf73fd9bbee90e6b8a0240dd124b333a5ce34f29992f7f53d7a0ff2a9f81d84824afbc0f554532171ea8bb3e1f63274c1459d5744633925c7aac244b9bfb74b6f3d47060ae88374d97b553fc3adfda97ed6d3509c39115f740c760dc63becb7ba856affd700358d7f919f0ac4b10432eb5e0ab3c501713758b1d6aa6583fe7f5d59f7d591e172669519d0d27e03516e8c0bdd7659352024e11b0123c157fa4154e15591a61ca2c20f47489f6ff50e1de5cdf91cd5cac45cf3ca9a0bd42d3e25fda42ec0ec9f215b37b74615338f1430de5b0d1dbf83ec3ab6e19f3b09809cf79b1ed6176c59c66357842f23c2dad510816d14a7d9b6f5249fcf24393f62462d0c8ce92eaf0b7852509fed1b02419f4bdabf250c09af9be3710b4d3a6a03f81f0c12f193acd7d98200b8e1abfa7149ab677466df59e6bff602e08b6d53106c76b44a30f090e0ac9e6fd4772da22b745dd8aa7d3426f864d9c560a23ddbf95a09a72aef0ea3d096877b9773c4c495180f6926333d087a85e0211f6b4d10f38ceef3fca5c1019fc70e561db2004dd3084bcbe2bbbceed316ab8961e7ce60121dbcf5092f4070cf3948230e495da4c94caf3a32b8b4eefc7c18fb4d0d0d7499e83050b3cf56682d57b9995c31894786239ffdc729fb9ff70b9fd8c4856f3dfdd67c8e6142ff65dfcb2d7f40687ccce66557564a1427470f6cd124b6321ff125ccde9422ae992356d27a46f05094e7950e2634078f856d00bc6144414dd23d3404e5288e8db77b09f3e84a8b9b30e120551570215c9090a096ba957cfebe6bef5bdd42180c15131cb2b0d270506928a0f2c0ec050f0bdfbcbaa37064e59cc43e6a405518742922b7df2d89e96e73528f2d0fc7ec2d78a1abc5c3f17b9a2dbcd2299a5a64e738816bac07caacd35d4353784e248143fa244ac59ea918627bb0051e678912f8c6a57257f016de91ab6c5dcb9c93d859cb89822ebd44991c0f998170f73495229fb51479ebba8a57d1ce88ccc38e6b679457e964b07b6006971d45f570f9f", 0x0, 0xdb2})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x2, r2})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000400), r4)
sendmsg$NLBL_CIPSOV4_C_LIST(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)={0x1c, r5, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}}, 0x2000040)
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, r5, 0x2, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x4008041)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0xfffff000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.63964785s ago: executing program 6 (id=1511):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)={0x1d})
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f00000000c0)={0x0, 0xe39}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000001a40)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x12}}, @in={0x2, 0x0, @local}], 0x20)
r5 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
fchdir(r6)
mkdir(&(0x7f0000000000)='./file0\x00', 0x103)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x32)
lseek(r2, 0x2, 0x1)
getdents64(r7, 0x0, 0x22)
sendto$inet(r4, &(0x7f0000000180)="217aae", 0x3, 0x4040845, &(0x7f00000001c0)={0x2, 0x4e22, @remote}, 0x10)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)

717.55762ms ago: executing program 6 (id=1512):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x60b03, 0x0)
fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
socket(0x10, 0x3, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000900)=""/72, 0x48}], 0x1, &(0x7f0000000200)=[@cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0xc}}, @cred={{0x18}}], 0x84}}, {{0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000140)=""/34, 0x22}, {&(0x7f0000000680)=""/66, 0x42}, {&(0x7f00000002c0)}, {&(0x7f0000000bc0)=""/151, 0x97}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000001c80)=""/30, 0x1e}, {&(0x7f0000001cc0)=""/179, 0xb3}], 0x7}}, {{&(0x7f0000000740), 0x6e, &(0x7f0000000980), 0x0, &(0x7f0000001dc0)=[@cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0xc}}, @cred={{0x18}}], 0xe4}}], 0x3, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0x11, 0x148, 0x0, 0x10, 0x20c, 0x2a8, 0x2a8, 0x20c, 0x2a8, 0xac, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'sit0\x00'}, 0x10, 0xf4, 0x13c, 0x1c, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'irc-20000\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00', {0x2}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x0, 0x5, 0x7, 0x6, 0x1], 0x5, 0x3}, {0x3, [0x2, 0x2, 0x3, 0x6, 0x2, 0x3], 0x2, 0x3}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x2fc)
r3 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e00000001300000000000000000000007374726565626f673531322d67656e6572696300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009e540000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/224], 0xe0}}, 0x0)
sendmsg$nl_crypto(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0)
mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x1)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000100)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000040)={{@local, 0x200001}, @local, 0x8, 0x6, 0x347, 0x80000004, 0x24b, 0x10001, 0x9})

621.45393ms ago: executing program 7 (id=1506):
socket(0x1d, 0xa, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x40002, 0xaf, &(0x7f0000000140)=""/175, 0x41100, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
prlimit64(0x0, 0x4, &(0x7f0000000280)={0x2000009, 0x1087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
setrlimit(0x0, &(0x7f0000000100)={0x3, 0xa})
sched_setaffinity(0x0, 0xfffffffffffffc9a, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0x8, &(0x7f0000000440)={0x5, 0x3}, &(0x7f0000000480))
sendmsg$IPCTNL_MSG_EXP_NEW(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028005000100000000002c0001801400030000000000000000000000ffffac1414bb1400040000000000000000000000ffff000000003c0003800c00028005000100000000002c00018014000300fc00000000000000000000000000000014000400fe8000000000000000000000000000bb3c0002800c00028005000100000000002c00018014000300fc02000000000000000000000000000014000400fe8000000000000000000000000000aab5fb91a4fc73b36849c8a9be678e5df8b0291c0daa0a59ee301d2a30c7e3"], 0xc8}}, 0x0)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r4, &(0x7f0000000900)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000640)=ANY=[@ANYRES8=0x0, @ANYRES16=r4, @ANYRESHEX=r1, @ANYBLOB="2046d5188f8f3b121ef6f71df37510ed68317db2e31726e0870aca1fee2b193541fd7173bb1af05c6d26f065ffb81ebb4332b25ea4a98a4fb5744ea3344cf574e732ffa1567d4f38c2f570aad3f4a9f8b4d2dfb1913c3ee0d0f8d7c5f46dfaf2714b02102a30b0d8487c2bded716d5d62762f96c5604c83ef05575261f8c777d97cac5c512ec95a4d7cbecc3135ffb99d1189624851c9a0bda0bd409b0165ccfe14017d0044b4c13678ec4ff79ea081457ed47280c07803e11db8469d5f7a5775cb46ca88f7c52b12631472ffa495af829d06e", @ANYRES32=r5, @ANYRES64=r0], 0xb0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = dup(0xffffffffffffffff)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x0, 0x80600})
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r7, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(r7, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
unshare(0x40020000)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x42)

0s ago: executing program 5 (id=1183):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={<r1=>0x0, 0xd7, "09d2bd22a62b979423ba552e343ff3dee96fb66707243fbfb1903b4f687f66958c77ae6a7a6a9d674b65a3c3e45fdbc51073aa275fa3e27ca78fbbb9cdb34ecf7bee52e659dca1f0059d7bcd3cddc91043b9d0e0b68a239f043295bb587afab4d690e17108479b7d368fa4a6594f06c7598c2c76f84a15f05d8a271a5b8b03ef4f2d607892ce564e1f27fbcd809b054957a366ef700cb7a160bd9e766aa3f30555b6e571d1d6c4dffe012b8e33249050436e4b3cfa2513899c73794fd9eb440559a413c389e1fbb71b2c65017a77b07c839c80f3bcebb9"}, &(0x7f0000000000)=0xdf)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000040)={r1, 0xb}, &(0x7f0000000080)=0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = accept4$tipc(r0, &(0x7f00000002c0)=@id, &(0x7f0000000300)=0x10, 0x80800)
bind$tipc(r2, &(0x7f0000000340)=@id={0x1e, 0x3, 0x3, {0x4e24, 0x4}}, 0x10)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000140)='cgroup.events\x00')
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x44, r4, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x8090)
ioctl$sock_ifreq(r3, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0xfffffffd, @sync=0x0}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="01000000050000000900000084"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r5}, 0x38)
clock_gettime(0x0, &(0x7f0000000100)={<r6=>0x0, <r7=>0x0})
mq_timedreceive(r0, 0x0, 0x0, 0x8, &(0x7f0000000280)={r6, r7+60000000})
mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x80010, r0, 0x7)

kernel console output (not intermixed with test programs):

ile:23424kB inactive_file:44020kB unevictable:3536kB writepending:1028kB present:1048432kB managed:948276kB mlocked:0kB bounce:0kB free_pcp:4144kB local_pcp:252kB free_cma:0kB
[  242.123729][T11296] lowmem_reserve[]: 0 0 0 0 0
[  242.123762][T11296] Node 0 DMA: 35*4kB (UE) 25*8kB (UE) 15*16kB (UE) 18*32kB (UE) 5*64kB (UE) 3*128kB (E) 2*256kB (E) 1*512kB (E) 0*1024kB 0*2048kB 
[  242.126384][T11163] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  242.127043][T11296] 0*4096kB 
[  242.128871][T11163] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  242.130358][T11296] = 2884kB
[  242.130369][T11296] Node 0 
[  242.264856][T11300] program syz.6.1388 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  242.275483][T11296] DMA32: 35*4kB (UMH) 109*8kB (UEH) 47*16kB (UEH) 51*32kB (UMEH) 59*64kB (UME) 25*128kB (UME) 14*256kB (UM) 5*512kB (UM) 2*1024kB (UM) 0*2048kB 0*4096kB = 18564kB
[  242.329824][T11296] Node 1 DMA32: 51*4kB (UEH) 94*8kB (EH) 347*16kB (UMEH) 698*32kB (UMEH) 414*64kB (UMEH) 192*128kB (UMEH) 59*256kB (UME) 31*512kB (UME) 29*1024kB (UM) 15*2048kB (UM) 3*4096kB (M) = 183596kB
[  242.337751][T11296] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  242.340748][T11296] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  242.344130][T11296] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  242.347119][T11296] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  242.349949][T11296] 22855 total pagecache pages
[  242.349957][T11296] 568 pages in swap cache
[  242.349961][T11296] Free swap  = 118456kB
[  242.349965][T11296] Total swap = 124996kB
[  242.349970][T11296] 524155 pages RAM
[  242.349974][T11296] 0 pages HighMem/MovableOnly
[  242.349978][T11296] 209009 pages reserved
[  242.349982][T11296] 0 pages cma reserved
[  242.382461][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.385916][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.394188][T11303] FAULT_INJECTION: forcing a failure.
[  242.394188][T11303] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  242.399222][T11303] CPU: 0 UID: 0 PID: 11303 Comm: syz.0.1389 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  242.399246][T11303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.399258][T11303] Call Trace:
[  242.399264][T11303]  <TASK>
[  242.399270][T11303]  dump_stack_lvl+0x16c/0x1f0
[  242.399296][T11303]  should_fail_ex+0x512/0x640
[  242.399326][T11303]  should_fail_alloc_page+0xe7/0x130
[  242.399352][T11303]  prepare_alloc_pages+0x3c2/0x610
[  242.399381][T11303]  ? rcu_is_watching+0x12/0xc0
[  242.399407][T11303]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  242.399427][T11303]  ? should_fail_alloc_page+0xee/0x130
[  242.399451][T11303]  ? rcu_is_watching+0x12/0xc0
[  242.399473][T11303]  ? trace_mm_page_alloc+0x11f/0x1a0
[  242.399521][T11303]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  242.399545][T11303]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  242.399569][T11303]  ? is_bpf_text_address+0x8a/0x1a0
[  242.399588][T11303]  ? bpf_ksym_find+0x124/0x1c0
[  242.399612][T11303]  ? is_bpf_text_address+0x94/0x1a0
[  242.399625][T11303]  ? __kernel_text_address+0xd/0x40
[  242.399639][T11303]  ? unwind_get_return_address+0x59/0xa0
[  242.399659][T11303]  alloc_pages_bulk_noprof+0x71c/0x1410
[  242.399672][T11303]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  242.399686][T11303]  ? policy_nodemask+0xea/0x4e0
[  242.399703][T11303]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  242.399716][T11303]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  242.399737][T11303]  kasan_populate_vmalloc+0xf1/0x1f0
[  242.399752][T11303]  alloc_vmap_area+0x963/0x28f0
[  242.399774][T11303]  ? __pfx_alloc_vmap_area+0x10/0x10
[  242.399794][T11303]  __get_vm_area_node+0x1ca/0x330
[  242.399814][T11303]  __vmalloc_node_range_noprof+0x277/0x1520
[  242.399825][T11303]  ? vhost_task_create+0x1d2/0x2e0
[  242.399842][T11303]  ? vhost_task_create+0x1d2/0x2e0
[  242.399857][T11303]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  242.399867][T11303]  ? __memcg_slab_post_alloc_hook+0x500/0x9c0
[  242.399888][T11303]  ? vhost_task_create+0x1d2/0x2e0
[  242.399899][T11303]  __vmalloc_node_noprof+0xad/0xf0
[  242.399909][T11303]  ? vhost_task_create+0x1d2/0x2e0
[  242.399922][T11303]  copy_process+0x2f03/0x9170
[  242.399932][T11303]  ? kasan_save_stack+0x42/0x60
[  242.399943][T11303]  ? kasan_save_stack+0x33/0x60
[  242.399954][T11303]  ? kasan_save_track+0x14/0x30
[  242.399965][T11303]  ? __kasan_kmalloc+0xaa/0xb0
[  242.399975][T11303]  ? vhost_task_create+0xe5/0x2e0
[  242.399985][T11303]  ? kvm_mmu_post_init_vm+0x1b7/0x370
[  242.399998][T11303]  ? kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  242.400009][T11303]  ? kvm_vcpu_ioctl+0x5e9/0x1680
[  242.400020][T11303]  ? kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  242.400031][T11303]  ? __ia32_compat_sys_ioctl+0x23f/0x370
[  242.400047][T11303]  ? __do_fast_syscall_32+0x7c/0x3a0
[  242.400065][T11303]  ? do_fast_syscall_32+0x32/0x80
[  242.400077][T11303]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.400097][T11303]  ? __pfx_copy_process+0x10/0x10
[  242.400116][T11303]  ? lockdep_init_map_type+0x5c/0x280
[  242.400129][T11303]  ? lockdep_init_map_type+0x5c/0x280
[  242.400140][T11303]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  242.400155][T11303]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  242.400173][T11303]  vhost_task_create+0x1d2/0x2e0
[  242.400185][T11303]  ? __pfx_vhost_task_create+0x10/0x10
[  242.400197][T11303]  ? kvm_mmu_post_init_vm+0xb4/0x370
[  242.400213][T11303]  ? __pfx_vhost_task_fn+0x10/0x10
[  242.400232][T11303]  kvm_mmu_post_init_vm+0x1b7/0x370
[  242.400246][T11303]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  242.400258][T11303]  ? kvm_vcpu_ioctl+0x14c2/0x1680
[  242.400273][T11303]  kvm_vcpu_ioctl+0x5e9/0x1680
[  242.400287][T11303]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  242.400299][T11303]  ? tomoyo_path_number_perm+0x18d/0x580
[  242.400313][T11303]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  242.400325][T11303]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  242.400338][T11303]  ? do_vfs_ioctl+0x523/0x1a60
[  242.400354][T11303]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  242.400382][T11303]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  242.400395][T11303]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  242.400410][T11303]  ? security_file_ioctl_compat+0xd1/0x240
[  242.400424][T11303]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  242.400437][T11303]  __ia32_compat_sys_ioctl+0x23f/0x370
[  242.400455][T11303]  __do_fast_syscall_32+0x7c/0x3a0
[  242.400469][T11303]  do_fast_syscall_32+0x32/0x80
[  242.400483][T11303]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.400495][T11303] RIP: 0023:0xf70ae579
[  242.400505][T11303] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.400515][T11303] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  242.400526][T11303] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80
[  242.400549][T11303] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  242.400556][T11303] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  242.400562][T11303] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  242.400568][T11303] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.400582][T11303]  </TASK>
[  242.402664][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.578954][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.770286][T11306] program syz.6.1390 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  243.104368][   T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.344187][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  243.347895][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  243.350663][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  243.355396][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  243.358176][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  243.457174][T11315] chnl_net:caif_netlink_parms(): no params data found
[  243.541374][T11315] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.544922][T11315] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.547196][T11315] bridge_slave_0: entered allmulticast mode
[  243.549845][T11315] bridge_slave_0: entered promiscuous mode
[  243.553214][T11315] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.555479][T11315] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.557782][T11315] bridge_slave_1: entered allmulticast mode
[  243.560441][T11315] bridge_slave_1: entered promiscuous mode
[  243.598757][T11315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.603614][T11315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.638922][T11315] team0: Port device team_slave_0 added
[  243.643558][T11315] team0: Port device team_slave_1 added
[  243.675028][T11315] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.677260][T11315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.685288][T11315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.689937][T11315] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.692048][T11315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.700057][T11315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.776110][T11315] hsr_slave_0: entered promiscuous mode
[  243.778352][T11315] hsr_slave_1: entered promiscuous mode
[  243.780327][T11315] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.782867][T11315] Cannot create hsr debugfs directory
[  243.809706][   T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.869427][T11331] FAULT_INJECTION: forcing a failure.
[  243.869427][T11331] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  243.873678][T11331] CPU: 2 UID: 0 PID: 11331 Comm: syz.0.1395 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  243.873693][T11331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  243.873699][T11331] Call Trace:
[  243.873703][T11331]  <TASK>
[  243.873707][T11331]  dump_stack_lvl+0x16c/0x1f0
[  243.873725][T11331]  should_fail_ex+0x512/0x640
[  243.873743][T11331]  _copy_from_user+0x2e/0xd0
[  243.873765][T11331]  memdup_user+0x6b/0xe0
[  243.873779][T11331]  kvm_arch_vcpu_ioctl+0xefc/0x51c0
[  243.873797][T11331]  ? is_bpf_text_address+0x94/0x1a0
[  243.873811][T11331]  ? kernel_text_address+0x8d/0x100
[  243.873825][T11331]  ? __kernel_text_address+0xd/0x40
[  243.873840][T11331]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  243.873862][T11331]  ? stack_trace_save+0x8e/0xc0
[  243.873880][T11331]  ? __lock_acquire+0xb8a/0x1c90
[  243.873893][T11331]  ? kasan_save_stack+0x42/0x60
[  243.873905][T11331]  ? kasan_save_track+0x14/0x30
[  243.873918][T11331]  ? __mutex_trylock_common+0xe9/0x250
[  243.873930][T11331]  ? __pfx___mutex_trylock_common+0x10/0x10
[  243.873943][T11331]  ? __pfx___might_resched+0x10/0x10
[  243.873959][T11331]  ? rcu_is_watching+0x12/0xc0
[  243.873974][T11331]  ? trace_contention_end+0xdd/0x130
[  243.873985][T11331]  ? __mutex_lock+0x1ca/0xb90
[  243.874000][T11331]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  243.874013][T11331]  ? __pfx___mutex_lock+0x10/0x10
[  243.874032][T11331]  ? kasan_quarantine_put+0x10a/0x240
[  243.874046][T11331]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  243.874057][T11331]  kvm_vcpu_ioctl+0x1232/0x1680
[  243.874071][T11331]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  243.874083][T11331]  ? tomoyo_path_number_perm+0x18d/0x580
[  243.874098][T11331]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  243.874109][T11331]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  243.874123][T11331]  ? do_vfs_ioctl+0x523/0x1a60
[  243.874140][T11331]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  243.874168][T11331]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  243.874181][T11331]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  243.874194][T11331]  ? __fget_files+0x20e/0x3c0
[  243.874204][T11331]  ? __fput_deferred+0x370/0x370
[  243.874220][T11331]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  243.874233][T11331]  __ia32_compat_sys_ioctl+0x23f/0x370
[  243.874251][T11331]  __do_fast_syscall_32+0x7c/0x3a0
[  243.874266][T11331]  do_fast_syscall_32+0x32/0x80
[  243.874279][T11331]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  243.874294][T11331] RIP: 0023:0xf70ae579
[  243.874303][T11331] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  243.874313][T11331] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  243.874324][T11331] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004008ae89
[  243.874331][T11331] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  243.874337][T11331] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  243.874343][T11331] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  243.874350][T11331] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.874364][T11331]  </TASK>
[  243.989595][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  243.999897][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  244.003837][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  244.004636][   T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.008354][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  244.012244][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  244.106999][T11341] FAULT_INJECTION: forcing a failure.
[  244.106999][T11341] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.110967][T11341] CPU: 3 UID: 0 PID: 11341 Comm: syz.0.1397 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  244.110982][T11341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.110988][T11341] Call Trace:
[  244.110992][T11341]  <TASK>
[  244.110996][T11341]  dump_stack_lvl+0x16c/0x1f0
[  244.111013][T11341]  should_fail_ex+0x512/0x640
[  244.111031][T11341]  _copy_from_user+0x2e/0xd0
[  244.111049][T11341]  generic_map_update_batch+0x3e9/0x610
[  244.111069][T11341]  ? __pfx_generic_map_update_batch+0x10/0x10
[  244.111087][T11341]  ? __pfx_generic_map_update_batch+0x10/0x10
[  244.111102][T11341]  bpf_map_do_batch+0x5b1/0x680
[  244.111114][T11341]  __sys_bpf+0x15f3/0x4d80
[  244.111130][T11341]  ? __pfx___sys_bpf+0x10/0x10
[  244.111145][T11341]  ? ksys_write+0x190/0x250
[  244.111159][T11341]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  244.111182][T11341]  ? fput+0x70/0xf0
[  244.111195][T11341]  ? ksys_write+0x1ac/0x250
[  244.111206][T11341]  ? __pfx_ksys_write+0x10/0x10
[  244.111220][T11341]  __ia32_sys_bpf+0x76/0xe0
[  244.111235][T11341]  __do_fast_syscall_32+0x7c/0x3a0
[  244.111250][T11341]  do_fast_syscall_32+0x32/0x80
[  244.111263][T11341]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  244.111277][T11341] RIP: 0023:0xf70ae579
[  244.111286][T11341] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  244.111297][T11341] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  244.111307][T11341] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000dc0
[  244.111314][T11341] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  244.111321][T11341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  244.111327][T11341] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  244.111333][T11341] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  244.111347][T11341]  </TASK>
[  244.166158][T11328] ALSA: mixer_oss: invalid OSS volume 'MONIT'
[  244.182426][   T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.191540][T11333] chnl_net:caif_netlink_parms(): no params data found
[  244.274064][T11333] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.277200][T11333] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.279459][T11333] bridge_slave_0: entered allmulticast mode
[  244.282071][T11333] bridge_slave_0: entered promiscuous mode
[  244.286372][T11333] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.288554][T11333] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.290686][T11333] bridge_slave_1: entered allmulticast mode
[  244.293445][T11333] bridge_slave_1: entered promiscuous mode
[  244.314952][T11351] tmpfs: Unknown parameter 'grpquota 0
[  244.314952][T11351] '
[  244.318373][T11351] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1406'.
[  244.360130][T11333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.379664][T11333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.425662][T11333] team0: Port device team_slave_0 added
[  244.429302][T11333] team0: Port device team_slave_1 added
[  244.431407][   T13] bridge_slave_1: left allmulticast mode
[  244.433204][   T13] bridge_slave_1: left promiscuous mode
[  244.435533][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.438956][   T13] bridge_slave_0: left allmulticast mode
[  244.440750][   T13] bridge_slave_0: left promiscuous mode
[  244.442581][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.535671][T11355] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1399'.
[  244.705421][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  244.710576][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  244.714744][   T13] bond0 (unregistering): Released all slaves
[  244.796686][T11333] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.798849][T11333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.807092][T11333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.813033][T11333] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.815587][T11333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.824767][T11333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.889820][T11333] hsr_slave_0: entered promiscuous mode
[  244.892279][T11333] hsr_slave_1: entered promiscuous mode
[  244.895064][T11333] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.897809][T11333] Cannot create hsr debugfs directory
[  245.050069][   T13] hsr_slave_0: left promiscuous mode
[  245.052118][   T13] hsr_slave_1: left promiscuous mode
[  245.054385][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  245.056726][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  245.059354][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  245.061636][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  245.084270][   T13] veth1_macvtap: left promiscuous mode
[  245.086008][   T13] veth0_macvtap: left promiscuous mode
[  245.087757][   T13] veth1_vlan: left promiscuous mode
[  245.089387][   T13] veth0_vlan: left promiscuous mode
[  245.174124][T11358] vivid-007: disconnect
[  245.267220][T11361] ALSA: seq fatal error: cannot create timer (-16)
[  245.279279][T11356] vivid-007: reconnect
[  245.364674][T11374] FAULT_INJECTION: forcing a failure.
[  245.364674][T11374] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  245.368613][T11374] CPU: 3 UID: 0 PID: 11374 Comm: syz.0.1404 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  245.368630][T11374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  245.368637][T11374] Call Trace:
[  245.368642][T11374]  <TASK>
[  245.368647][T11374]  dump_stack_lvl+0x16c/0x1f0
[  245.368663][T11374]  should_fail_ex+0x512/0x640
[  245.368682][T11374]  should_fail_alloc_page+0xe7/0x130
[  245.368698][T11374]  prepare_alloc_pages+0x3c2/0x610
[  245.368718][T11374]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  245.368731][T11374]  ? should_fail_alloc_page+0xee/0x130
[  245.368746][T11374]  ? rcu_is_watching+0x12/0xc0
[  245.368762][T11374]  ? trace_mm_page_alloc+0x11f/0x1a0
[  245.368778][T11374]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  245.368793][T11374]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  245.368807][T11374]  ? is_bpf_text_address+0x8a/0x1a0
[  245.368820][T11374]  ? bpf_ksym_find+0x124/0x1c0
[  245.368837][T11374]  ? is_bpf_text_address+0x94/0x1a0
[  245.368850][T11374]  ? __kernel_text_address+0xd/0x40
[  245.368863][T11374]  ? unwind_get_return_address+0x59/0xa0
[  245.368883][T11374]  alloc_pages_bulk_noprof+0x71c/0x1410
[  245.368896][T11374]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  245.368911][T11374]  ? policy_nodemask+0xea/0x4e0
[  245.368926][T11374]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  245.368944][T11374]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  245.368964][T11374]  kasan_populate_vmalloc+0xf1/0x1f0
[  245.368979][T11374]  alloc_vmap_area+0x963/0x28f0
[  245.369001][T11374]  ? __pfx_alloc_vmap_area+0x10/0x10
[  245.369020][T11374]  __get_vm_area_node+0x1ca/0x330
[  245.369040][T11374]  __vmalloc_node_range_noprof+0x277/0x1520
[  245.369051][T11374]  ? bpf_check+0x1e4/0xb4f0
[  245.369063][T11374]  ? rcu_read_unlock+0x17/0x60
[  245.369079][T11374]  ? bpf_check+0x1e4/0xb4f0
[  245.369089][T11374]  ? rcu_is_watching+0x12/0xc0
[  245.369103][T11374]  ? ___kmalloc_large_node+0x183/0x1e0
[  245.369119][T11374]  ? lockdep_hardirqs_on+0x7c/0x110
[  245.369132][T11374]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  245.369143][T11374]  ? rcu_is_watching+0x12/0xc0
[  245.369158][T11374]  ? rcu_is_watching+0x12/0xc0
[  245.369174][T11374]  ? bpf_check+0x1e4/0xb4f0
[  245.369183][T11374]  __vmalloc_node_noprof+0xad/0xf0
[  245.369193][T11374]  ? bpf_check+0x1e4/0xb4f0
[  245.369205][T11374]  bpf_check+0x1e4/0xb4f0
[  245.369214][T11374]  ? __mutex_trylock_common+0xe9/0x250
[  245.369229][T11374]  ? __mutex_trylock_common+0xe9/0x250
[  245.369246][T11374]  ? __pfx_bpf_check+0x10/0x10
[  245.369259][T11374]  ? css_rstat_updated+0x9d/0xd30
[  245.369276][T11374]  ? __lock_acquire+0xb8a/0x1c90
[  245.369294][T11374]  ? find_held_lock+0x2b/0x80
[  245.369309][T11374]  ? rcu_is_watching+0x12/0xc0
[  245.369323][T11374]  ? ktime_get_with_offset+0x26e/0x3b0
[  245.369341][T11374]  ? __asan_memset+0x23/0x50
[  245.369351][T11374]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  245.369366][T11374]  bpf_prog_load+0xe41/0x2490
[  245.369383][T11374]  ? __pfx_bpf_prog_load+0x10/0x10
[  245.369410][T11374]  __sys_bpf+0x433c/0x4d80
[  245.369425][T11374]  ? __pfx___sys_bpf+0x10/0x10
[  245.369440][T11374]  ? ksys_write+0x190/0x250
[  245.369467][T11374]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  245.369489][T11374]  ? fput+0x70/0xf0
[  245.369502][T11374]  ? ksys_write+0x1ac/0x250
[  245.369513][T11374]  ? __pfx_ksys_write+0x10/0x10
[  245.369527][T11374]  __ia32_sys_bpf+0x76/0xe0
[  245.369542][T11374]  __do_fast_syscall_32+0x7c/0x3a0
[  245.369557][T11374]  do_fast_syscall_32+0x32/0x80
[  245.369570][T11374]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  245.369584][T11374] RIP: 0023:0xf70ae579
[  245.369593][T11374] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  245.369604][T11374] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  245.369614][T11374] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000200
[  245.369621][T11374] RDX: 0000000000000052 RSI: 0000000000000000 RDI: 0000000000000000
[  245.369627][T11374] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  245.369634][T11374] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  245.369640][T11374] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  245.369654][T11374]  </TASK>
[  245.403106][ T5954] Bluetooth: hci0: command tx timeout
[  245.951441][   T13] team0 (unregistering): Port device team_slave_1 removed
[  246.020717][   T13] team0 (unregistering): Port device team_slave_0 removed
[  246.043591][ T5954] Bluetooth: hci2: command tx timeout
[  246.706792][T11315] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  246.772374][T11315] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  246.776830][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  246.776841][   T40] audit: type=1800 audit(1748726439.374:150): pid=11386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.6.1409" name="/" dev="sockfs" ino=42421 res=0 errno=0
[  246.829257][T11333] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.838013][T11315] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  246.843797][T11315] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  246.995014][T11333] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.031565][T11315] 8021q: adding VLAN 0 to HW filter on device bond0
[  247.044890][T11315] 8021q: adding VLAN 0 to HW filter on device team0
[  247.063814][ T1134] Bluetooth: hci4: Frame reassembly failed (-84)
[  247.102467][T11333] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.151825][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.154118][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.164636][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.166942][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.184983][T11333] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.365983][   T13] bridge_slave_1: left allmulticast mode
[  247.367850][   T13] bridge_slave_1: left promiscuous mode
[  247.369676][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.376153][   T13] bridge_slave_0: left allmulticast mode
[  247.377969][   T13] bridge_slave_0: left promiscuous mode
[  247.379758][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.565406][ T5950] Bluetooth: hci0: command tx timeout
[  247.773969][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  247.780018][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  247.787687][   T13] bond0 (unregistering): Released all slaves
[  247.828162][T11333] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  247.843142][T11333] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  247.848022][T11333] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  247.853962][T11333] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  247.886571][T11315] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.920117][T11333] 8021q: adding VLAN 0 to HW filter on device bond0
[  247.945864][T11333] 8021q: adding VLAN 0 to HW filter on device team0
[  247.953994][   T91] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.956225][   T91] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.959331][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.961537][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.056080][T11315] veth0_vlan: entered promiscuous mode
[  248.062546][T11315] veth1_vlan: entered promiscuous mode
[  248.097879][   T13] hsr_slave_0: left promiscuous mode
[  248.100153][   T13] hsr_slave_1: left promiscuous mode
[  248.102114][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  248.104871][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  248.108505][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  248.110758][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  248.122762][ T5950] Bluetooth: hci2: command tx timeout
[  248.133961][   T13] veth1_macvtap: left promiscuous mode
[  248.135687][   T13] veth0_macvtap: left promiscuous mode
[  248.137445][   T13] veth1_vlan: left promiscuous mode
[  248.139091][   T13] veth0_vlan: left promiscuous mode
[  248.244012][T11404] /dev/nbd6: Can't open blockdev
[  248.760467][   T13] team0 (unregistering): Port device team_slave_1 removed
[  248.838548][   T13] team0 (unregistering): Port device team_slave_0 removed
[  249.082862][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  249.082905][ T5950] Bluetooth: hci4: command 0x1003 tx timeout
[  249.351662][T11315] veth0_macvtap: entered promiscuous mode
[  249.356884][T11315] veth1_macvtap: entered promiscuous mode
[  249.362161][T11333] 8021q: adding VLAN 0 to HW filter on device batadv0
[  249.378075][T11315] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.391807][T11315] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.424204][T11315] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  249.427399][T11315] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.430816][T11315] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  249.434747][T11315] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.500735][   T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.512833][   T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.524193][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.526612][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.598804][T11333] veth0_vlan: entered promiscuous mode
[  249.604418][T11333] veth1_vlan: entered promiscuous mode
[  249.626602][T11333] veth0_macvtap: entered promiscuous mode
[  249.630224][T11333] veth1_macvtap: entered promiscuous mode
[  249.639246][T11333] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.643601][T11333] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.647254][T11333] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  249.649928][T11333] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.652532][T11333] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  249.657031][T11333] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.669779][T11423] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1412'.
[  249.698373][   T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.700779][   T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.715813][   T91] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.718331][   T91] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.338987][T11430] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1414'.
[  251.040289][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.445596][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  251.448961][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  251.452214][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  251.456511][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  251.459204][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  251.557312][T11439] chnl_net:caif_netlink_parms(): no params data found
[  251.629131][T11439] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.631377][T11439] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.633785][T11439] bridge_slave_0: entered allmulticast mode
[  251.636399][T11439] bridge_slave_0: entered promiscuous mode
[  251.639610][T11439] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.641895][T11439] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.646327][T11439] bridge_slave_1: entered allmulticast mode
[  251.648945][T11439] bridge_slave_1: entered promiscuous mode
[  251.681655][T11439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  251.687273][T11439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  251.721596][T11439] team0: Port device team_slave_0 added
[  251.725765][T11439] team0: Port device team_slave_1 added
[  251.756264][T11439] batman_adv: batadv0: Adding interface: batadv_slave_0
[  251.758391][T11439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  251.767794][T11439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  251.771975][T11439] batman_adv: batadv0: Adding interface: batadv_slave_1
[  251.774252][T11439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  251.782041][T11439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  251.821040][T11439] hsr_slave_0: entered promiscuous mode
[  251.823436][T11439] hsr_slave_1: entered promiscuous mode
[  251.825623][T11439] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  251.827919][T11439] Cannot create hsr debugfs directory
[  252.008388][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.146391][T11450] random: crng reseeded on system resumption
[  252.185847][ T5954] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  252.191054][ T5954] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  252.196212][ T5954] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  252.199500][ T5954] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  252.202085][ T5954] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  252.319551][T11455] chnl_net:caif_netlink_parms(): no params data found
[  252.367058][T11468] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1419'.
[  252.370099][T11468] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1419'.
[  252.375544][T11468] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1419'.
[  252.379346][T11468] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1419'.
[  252.383947][T11468] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1419'.
[  252.390644][T11468] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1419'.
[  252.395838][T11455] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.398453][T11455] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.400900][T11455] bridge_slave_0: entered allmulticast mode
[  252.404012][T11455] bridge_slave_0: entered promiscuous mode
[  252.407305][T11455] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.409593][T11455] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.411774][T11455] bridge_slave_1: entered allmulticast mode
[  252.415183][T11455] bridge_slave_1: entered promiscuous mode
[  252.461759][T11455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  252.466311][T11455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  252.500731][T11455] team0: Port device team_slave_0 added
[  252.504568][T11455] team0: Port device team_slave_1 added
[  252.534007][T11455] batman_adv: batadv0: Adding interface: batadv_slave_0
[  252.536195][T11455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  252.544375][T11455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  252.548734][T11455] batman_adv: batadv0: Adding interface: batadv_slave_1
[  252.550915][T11455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  252.559315][T11455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  252.598770][T11455] hsr_slave_0: entered promiscuous mode
[  252.600996][T11455] hsr_slave_1: entered promiscuous mode
[  252.603396][T11455] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  252.605802][T11455] Cannot create hsr debugfs directory
[  252.719094][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.847080][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.973739][   T13] bridge_slave_1: left allmulticast mode
[  252.975586][   T13] bridge_slave_1: left promiscuous mode
[  252.977467][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.981626][   T13] bridge_slave_0: left allmulticast mode
[  252.984509][   T13] bridge_slave_0: left promiscuous mode
[  252.986362][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.269471][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  253.274160][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  253.277687][   T13] bond0 (unregistering): Released all slaves
[  253.375790][T11482] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1422'.
[  253.419785][T11480] syzkaller0: entered promiscuous mode
[  253.421543][T11480] syzkaller0: entered allmulticast mode
[  253.492738][ T5954] Bluetooth: hci0: command tx timeout
[  254.296743][ T5954] Bluetooth: hci2: command tx timeout
[  254.775252][T11455] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.830480][   T13] hsr_slave_0: left promiscuous mode
[  254.834335][   T13] hsr_slave_1: left promiscuous mode
[  254.836320][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.838668][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.841371][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.844556][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.871403][   T13] veth1_macvtap: left promiscuous mode
[  254.878268][   T13] veth0_macvtap: left promiscuous mode
[  254.880586][   T13] veth1_vlan: left promiscuous mode
[  254.882323][   T13] veth0_vlan: left promiscuous mode
[  255.176676][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  255.178707][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  255.327438][T11525] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1432'.
[  255.563536][ T5954] Bluetooth: hci0: command tx timeout
[  255.650607][   T13] team0 (unregistering): Port device team_slave_1 removed
[  255.742755][   T13] team0 (unregistering): Port device team_slave_0 removed
[  256.033380][T11529] FAULT_INJECTION: forcing a failure.
[  256.033380][T11529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.037435][T11529] CPU: 2 UID: 0 PID: 11529 Comm: syz.0.1434 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  256.037451][T11529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  256.037458][T11529] Call Trace:
[  256.037463][T11529]  <TASK>
[  256.037469][T11529]  dump_stack_lvl+0x16c/0x1f0
[  256.037487][T11529]  should_fail_ex+0x512/0x640
[  256.037506][T11529]  _copy_from_user+0x2e/0xd0
[  256.037523][T11529]  generic_map_update_batch+0x3e9/0x610
[  256.037543][T11529]  ? __pfx_generic_map_update_batch+0x10/0x10
[  256.037560][T11529]  ? __pfx_generic_map_update_batch+0x10/0x10
[  256.037586][T11529]  bpf_map_do_batch+0x5b1/0x680
[  256.037601][T11529]  __sys_bpf+0x15f3/0x4d80
[  256.037617][T11529]  ? __pfx___sys_bpf+0x10/0x10
[  256.037631][T11529]  ? ksys_write+0x190/0x250
[  256.037646][T11529]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  256.037669][T11529]  ? fput+0x70/0xf0
[  256.037682][T11529]  ? ksys_write+0x1ac/0x250
[  256.037693][T11529]  ? __pfx_ksys_write+0x10/0x10
[  256.037707][T11529]  __ia32_sys_bpf+0x76/0xe0
[  256.037722][T11529]  __do_fast_syscall_32+0x7c/0x3a0
[  256.037737][T11529]  do_fast_syscall_32+0x32/0x80
[  256.037750][T11529]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  256.037765][T11529] RIP: 0023:0xf70ae579
[  256.037774][T11529] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  256.037785][T11529] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  256.037795][T11529] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000dc0
[  256.037802][T11529] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  256.037809][T11529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  256.037815][T11529] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  256.037821][T11529] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  256.037834][T11529]  </TASK>
[  256.362777][ T5954] Bluetooth: hci2: command tx timeout
[  256.397447][T11455] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.406944][T11527] bridge0: port 3(syz_tun) entered blocking state
[  256.409263][T11527] bridge0: port 3(syz_tun) entered disabled state
[  256.412370][T11527] syz_tun: entered allmulticast mode
[  256.417686][T11527] syz_tun: entered promiscuous mode
[  256.420224][T11527] bridge0: port 3(syz_tun) entered blocking state
[  256.422405][T11527] bridge0: port 3(syz_tun) entered forwarding state
[  256.492382][T11540] netlink: 'syz.0.1437': attribute type 1 has an invalid length.
[  256.520154][T11455] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.559816][T11540] 8021q: adding VLAN 0 to HW filter on device bond2
[  256.566043][T11540] bond1: (slave bond2): making interface the new active one
[  256.568765][T11540] bond1: (slave bond2): Enslaving as an active interface with an up link
[  256.585448][T11455] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.598330][T11540] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[  256.609362][T11540] 8021q: adding VLAN 0 to HW filter on device bond1
[  256.747569][T11455] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  256.756587][T11455] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  256.763873][T11455] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  256.784457][T11455] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  256.811660][T11439] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  256.817295][T11439] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  256.821471][T11439] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  256.828928][T11439] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  256.875793][T11455] 8021q: adding VLAN 0 to HW filter on device bond0
[  256.896697][T11455] 8021q: adding VLAN 0 to HW filter on device team0
[  256.906570][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.909331][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.925891][   T13] bridge_slave_1: left allmulticast mode
[  256.928172][   T13] bridge_slave_1: left promiscuous mode
[  256.930615][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.936021][   T13] bridge_slave_0: left allmulticast mode
[  256.937864][   T13] bridge_slave_0: left promiscuous mode
[  256.939680][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.286312][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  257.290930][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  257.294805][   T13] bond0 (unregistering): Released all slaves
[  257.323846][T11439] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.345071][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.348111][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.362478][T11439] 8021q: adding VLAN 0 to HW filter on device team0
[  257.381511][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.384349][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.399881][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.402149][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.504538][T11560] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1441'.
[  257.642853][ T5954] Bluetooth: hci0: command tx timeout
[  257.671477][T11455] 8021q: adding VLAN 0 to HW filter on device batadv0
[  257.711174][T11439] 8021q: adding VLAN 0 to HW filter on device batadv0
[  257.726848][   T13] hsr_slave_0: left promiscuous mode
[  257.732823][   T13] hsr_slave_1: left promiscuous mode
[  257.734868][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.737571][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  257.746028][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.749167][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  257.779834][   T13] veth1_macvtap: left promiscuous mode
[  257.781694][   T13] veth0_macvtap: left promiscuous mode
[  257.784563][   T13] veth1_vlan: left promiscuous mode
[  257.786395][   T13] veth0_vlan: left promiscuous mode
[  258.243820][T11582] FAULT_INJECTION: forcing a failure.
[  258.243820][T11582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.248931][T11582] CPU: 1 UID: 0 PID: 11582 Comm: syz.6.1445 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  258.248957][T11582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.248969][T11582] Call Trace:
[  258.248977][T11582]  <TASK>
[  258.248985][T11582]  dump_stack_lvl+0x16c/0x1f0
[  258.249012][T11582]  should_fail_ex+0x512/0x640
[  258.249040][T11582]  _copy_from_user+0x2e/0xd0
[  258.249067][T11582]  generic_map_update_batch+0x380/0x610
[  258.249098][T11582]  ? __pfx_generic_map_update_batch+0x10/0x10
[  258.249125][T11582]  ? __pfx_generic_map_update_batch+0x10/0x10
[  258.249148][T11582]  bpf_map_do_batch+0x5b1/0x680
[  258.249169][T11582]  __sys_bpf+0x15f3/0x4d80
[  258.249195][T11582]  ? __pfx___sys_bpf+0x10/0x10
[  258.249217][T11582]  ? ksys_write+0x190/0x250
[  258.249241][T11582]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  258.249277][T11582]  ? fput+0x70/0xf0
[  258.249299][T11582]  ? ksys_write+0x1ac/0x250
[  258.249316][T11582]  ? __pfx_ksys_write+0x10/0x10
[  258.249339][T11582]  __ia32_sys_bpf+0x76/0xe0
[  258.249363][T11582]  __do_fast_syscall_32+0x7c/0x3a0
[  258.249387][T11582]  do_fast_syscall_32+0x32/0x80
[  258.249407][T11582]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.249424][T11582] RIP: 0023:0xf7f86579
[  258.249432][T11582] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  258.249443][T11582] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  258.249454][T11582] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000dc0
[  258.249461][T11582] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  258.249467][T11582] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  258.249473][T11582] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  258.249479][T11582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  258.249493][T11582]  </TASK>
[  258.443126][ T5954] Bluetooth: hci2: command tx timeout
[  258.544234][   T13] team0 (unregistering): Port device team_slave_1 removed
[  258.614598][   T13] team0 (unregistering): Port device team_slave_0 removed
[  259.200683][T11596] netlink: 'syz.6.1447': attribute type 1 has an invalid length.
[  259.251077][T11596] 8021q: adding VLAN 0 to HW filter on device bond2
[  259.254101][T11596] bond1: (slave bond2): making interface the new active one
[  259.256598][T11596] bond1: (slave bond2): Enslaving as an active interface with an up link
[  259.276428][T11596] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[  259.324184][T11596] 8021q: adding VLAN 0 to HW filter on device bond1
[  259.376077][T11455] veth0_vlan: entered promiscuous mode
[  259.380337][T11455] veth1_vlan: entered promiscuous mode
[  259.391714][T11439] veth0_vlan: entered promiscuous mode
[  259.401392][T11439] veth1_vlan: entered promiscuous mode
[  259.429366][T11455] veth0_macvtap: entered promiscuous mode
[  259.438031][T11455] veth1_macvtap: entered promiscuous mode
[  259.453680][T11439] veth0_macvtap: entered promiscuous mode
[  259.459398][T11455] batman_adv: batadv0: Interface activated: batadv_slave_0
[  259.464791][T11439] veth1_macvtap: entered promiscuous mode
[  259.470786][T11455] batman_adv: batadv0: Interface activated: batadv_slave_1
[  259.475364][T11455] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.478096][T11455] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.480783][T11455] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.484413][T11455] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.566091][T11604] block device autoloading is deprecated and will be removed.
[  259.723027][ T5954] Bluetooth: hci0: command tx timeout
[  259.768879][T11439] batman_adv: batadv0: Interface activated: batadv_slave_0
[  259.775363][T11439] batman_adv: batadv0: Interface activated: batadv_slave_1
[  259.794522][T11439] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.798131][T11439] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.801550][T11439] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.806695][T11439] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.836337][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.838829][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.867190][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.871188][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.896810][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.899958][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.929744][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.934687][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.937177][T11608] program syz.6.1448 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  260.174565][T11612] delete_channel: no stack
[  260.497055][   T60] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.034816][   T60] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.075531][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  261.078934][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  261.081923][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  261.086213][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  261.088907][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  261.247113][T11620] chnl_net:caif_netlink_parms(): no params data found
[  261.342304][T11620] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.344859][T11620] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.347671][T11620] bridge_slave_0: entered allmulticast mode
[  261.351235][T11620] bridge_slave_0: entered promiscuous mode
[  261.356069][T11620] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.358791][T11620] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.361524][T11620] bridge_slave_1: entered allmulticast mode
[  261.364681][T11620] bridge_slave_1: entered promiscuous mode
[  261.403390][T11620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  261.408416][T11620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  261.445597][T11620] team0: Port device team_slave_0 added
[  261.458903][   T60] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.467235][T11620] team0: Port device team_slave_1 added
[  261.504207][T11620] batman_adv: batadv0: Adding interface: batadv_slave_0
[  261.506459][T11620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.514858][T11620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  261.519222][T11620] batman_adv: batadv0: Adding interface: batadv_slave_1
[  261.521437][T11620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.529757][T11620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  261.587110][T11620] hsr_slave_0: entered promiscuous mode
[  261.590205][T11620] hsr_slave_1: entered promiscuous mode
[  261.593023][T11620] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  261.595446][T11620] Cannot create hsr debugfs directory
[  261.680156][   T60] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.878592][   T60] bridge_slave_1: left allmulticast mode
[  261.880407][   T60] bridge_slave_1: left promiscuous mode
[  261.882250][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.891201][   T60] bridge_slave_0: left allmulticast mode
[  261.894178][   T60] bridge_slave_0: left promiscuous mode
[  261.896023][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.923166][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  261.929109][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  261.932514][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  261.945405][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  261.950377][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  261.989774][T11636] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1453'.
[  262.107101][T11643] FAULT_INJECTION: forcing a failure.
[  262.107101][T11643] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  262.110842][T11643] CPU: 3 UID: 0 PID: 11643 Comm: syz.0.1456 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  262.110858][T11643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  262.110864][T11643] Call Trace:
[  262.110869][T11643]  <TASK>
[  262.110873][T11643]  dump_stack_lvl+0x16c/0x1f0
[  262.110890][T11643]  should_fail_ex+0x512/0x640
[  262.110908][T11643]  should_fail_alloc_page+0xe7/0x130
[  262.110924][T11643]  prepare_alloc_pages+0x3c2/0x610
[  262.110944][T11643]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  262.110957][T11643]  ? should_fail_alloc_page+0xee/0x130
[  262.110972][T11643]  ? rcu_is_watching+0x12/0xc0
[  262.110988][T11643]  ? trace_mm_page_alloc+0x11f/0x1a0
[  262.111005][T11643]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  262.111019][T11643]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  262.111034][T11643]  ? is_bpf_text_address+0x8a/0x1a0
[  262.111046][T11643]  ? bpf_ksym_find+0x124/0x1c0
[  262.111063][T11643]  ? is_bpf_text_address+0x94/0x1a0
[  262.111076][T11643]  ? __kernel_text_address+0xd/0x40
[  262.111090][T11643]  ? unwind_get_return_address+0x59/0xa0
[  262.111110][T11643]  alloc_pages_bulk_noprof+0x71c/0x1410
[  262.111122][T11643]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  262.111137][T11643]  ? policy_nodemask+0xea/0x4e0
[  262.111152][T11643]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  262.111166][T11643]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  262.111186][T11643]  kasan_populate_vmalloc+0xf1/0x1f0
[  262.111201][T11643]  alloc_vmap_area+0x963/0x28f0
[  262.111223][T11643]  ? __pfx_alloc_vmap_area+0x10/0x10
[  262.111243][T11643]  __get_vm_area_node+0x1ca/0x330
[  262.111262][T11643]  __vmalloc_node_range_noprof+0x277/0x1520
[  262.111273][T11643]  ? bpf_prog_calc_tag+0x110/0x700
[  262.111284][T11643]  ? unwind_get_return_address+0x59/0xa0
[  262.111297][T11643]  ? arch_stack_walk+0xa6/0x100
[  262.111314][T11643]  ? bpf_prog_calc_tag+0x110/0x700
[  262.111327][T11643]  ? stack_trace_save+0x8e/0xc0
[  262.111343][T11643]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  262.111359][T11643]  ? bpf_prog_calc_tag+0x110/0x700
[  262.111370][T11643]  __vmalloc_node_noprof+0xad/0xf0
[  262.111380][T11643]  ? bpf_prog_calc_tag+0x110/0x700
[  262.111393][T11643]  bpf_prog_calc_tag+0x110/0x700
[  262.111407][T11643]  ? __pfx_bpf_prog_calc_tag+0x10/0x10
[  262.111419][T11643]  ? __sort_r+0x4d/0x660
[  262.111439][T11643]  ? __pfx_cmp_subprogs+0x10/0x10
[  262.111454][T11643]  ? sort+0x97/0xd0
[  262.111470][T11643]  resolve_pseudo_ldimm64+0xd3/0x1a90
[  262.111485][T11643]  ? find_containing_subprog+0x175/0x1d0
[  262.111503][T11643]  ? __pfx_resolve_pseudo_ldimm64+0x10/0x10
[  262.111519][T11643]  ? check_subprogs+0x5e2/0x850
[  262.111538][T11643]  bpf_check+0x610c/0xb4f0
[  262.111549][T11643]  ? __mutex_trylock_common+0xe9/0x250
[  262.111569][T11643]  ? __pfx_bpf_check+0x10/0x10
[  262.111582][T11643]  ? css_rstat_updated+0x9d/0xd30
[  262.111603][T11643]  ? __lock_acquire+0xb8a/0x1c90
[  262.111620][T11643]  ? find_held_lock+0x2b/0x80
[  262.111636][T11643]  ? rcu_is_watching+0x12/0xc0
[  262.111650][T11643]  ? ktime_get_with_offset+0x26e/0x3b0
[  262.111668][T11643]  ? __asan_memset+0x23/0x50
[  262.111678][T11643]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  262.111693][T11643]  bpf_prog_load+0xe41/0x2490
[  262.111709][T11643]  ? __pfx_bpf_prog_load+0x10/0x10
[  262.111737][T11643]  __sys_bpf+0x433c/0x4d80
[  262.111752][T11643]  ? __pfx___sys_bpf+0x10/0x10
[  262.111767][T11643]  ? ksys_write+0x190/0x250
[  262.111781][T11643]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  262.111803][T11643]  ? fput+0x70/0xf0
[  262.111816][T11643]  ? ksys_write+0x1ac/0x250
[  262.111827][T11643]  ? __pfx_ksys_write+0x10/0x10
[  262.111840][T11643]  __ia32_sys_bpf+0x76/0xe0
[  262.111856][T11643]  __do_fast_syscall_32+0x7c/0x3a0
[  262.111870][T11643]  do_fast_syscall_32+0x32/0x80
[  262.111883][T11643]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  262.111897][T11643] RIP: 0023:0xf70ae579
[  262.111906][T11643] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  262.111917][T11643] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  262.111927][T11643] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000200
[  262.111934][T11643] RDX: 0000000000000052 RSI: 0000000000000000 RDI: 0000000000000000
[  262.111940][T11643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  262.111946][T11643] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  262.111953][T11643] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  262.111966][T11643]  </TASK>
[  262.112000][T11643] warn_alloc: 2 callbacks suppressed
[  262.112006][T11643] syz.0.1456: vmalloc error: size 128, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  262.249268][T11643] CPU: 0 UID: 0 PID: 11643 Comm: syz.0.1456 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  262.249283][T11643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  262.249290][T11643] Call Trace:
[  262.249295][T11643]  <TASK>
[  262.249300][T11643]  dump_stack_lvl+0x16c/0x1f0
[  262.249317][T11643]  warn_alloc+0x248/0x3a0
[  262.249332][T11643]  ? __pfx_warn_alloc+0x10/0x10
[  262.249345][T11643]  ? kfree+0x2b4/0x4d0
[  262.249359][T11643]  ? __get_vm_area_node+0x208/0x330
[  262.249379][T11643]  __vmalloc_node_range_noprof+0xd32/0x1520
[  262.249390][T11643]  ? unwind_get_return_address+0x59/0xa0
[  262.249405][T11643]  ? arch_stack_walk+0xa6/0x100
[  262.249422][T11643]  ? bpf_prog_calc_tag+0x110/0x700
[  262.249436][T11643]  ? stack_trace_save+0x8e/0xc0
[  262.249452][T11643]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  262.249468][T11643]  ? bpf_prog_calc_tag+0x110/0x700
[  262.249479][T11643]  __vmalloc_node_noprof+0xad/0xf0
[  262.249489][T11643]  ? bpf_prog_calc_tag+0x110/0x700
[  262.249502][T11643]  bpf_prog_calc_tag+0x110/0x700
[  262.249516][T11643]  ? __pfx_bpf_prog_calc_tag+0x10/0x10
[  262.249528][T11643]  ? __sort_r+0x4d/0x660
[  262.249549][T11643]  ? __pfx_cmp_subprogs+0x10/0x10
[  262.249564][T11643]  ? sort+0x97/0xd0
[  262.249580][T11643]  resolve_pseudo_ldimm64+0xd3/0x1a90
[  262.249595][T11643]  ? find_containing_subprog+0x175/0x1d0
[  262.249613][T11643]  ? __pfx_resolve_pseudo_ldimm64+0x10/0x10
[  262.249629][T11643]  ? check_subprogs+0x5e2/0x850
[  262.249653][T11643]  bpf_check+0x610c/0xb4f0
[  262.249663][T11643]  ? __mutex_trylock_common+0xe9/0x250
[  262.249684][T11643]  ? __pfx_bpf_check+0x10/0x10
[  262.249697][T11643]  ? css_rstat_updated+0x9d/0xd30
[  262.249715][T11643]  ? __lock_acquire+0xb8a/0x1c90
[  262.249733][T11643]  ? find_held_lock+0x2b/0x80
[  262.249748][T11643]  ? rcu_is_watching+0x12/0xc0
[  262.249763][T11643]  ? ktime_get_with_offset+0x26e/0x3b0
[  262.249780][T11643]  ? __asan_memset+0x23/0x50
[  262.249791][T11643]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  262.249806][T11643]  bpf_prog_load+0xe41/0x2490
[  262.249823][T11643]  ? __pfx_bpf_prog_load+0x10/0x10
[  262.249850][T11643]  __sys_bpf+0x433c/0x4d80
[  262.249865][T11643]  ? __pfx___sys_bpf+0x10/0x10
[  262.249880][T11643]  ? ksys_write+0x190/0x250
[  262.249894][T11643]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  262.249916][T11643]  ? fput+0x70/0xf0
[  262.249929][T11643]  ? ksys_write+0x1ac/0x250
[  262.249940][T11643]  ? __pfx_ksys_write+0x10/0x10
[  262.249954][T11643]  __ia32_sys_bpf+0x76/0xe0
[  262.249969][T11643]  __do_fast_syscall_32+0x7c/0x3a0
[  262.249984][T11643]  do_fast_syscall_32+0x32/0x80
[  262.249997][T11643]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  262.250011][T11643] RIP: 0023:0xf70ae579
[  262.250019][T11643] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  262.250030][T11643] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  262.250041][T11643] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000200
[  262.250047][T11643] RDX: 0000000000000052 RSI: 0000000000000000 RDI: 0000000000000000
[  262.250053][T11643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  262.250059][T11643] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  262.250065][T11643] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  262.250079][T11643]  </TASK>
[  262.250083][T11643] Mem-Info:
[  262.374130][T11643] active_anon:4804 inactive_anon:5560 isolated_anon:0
[  262.374130][T11643]  active_file:5962 inactive_file:11079 isolated_file:0
[  262.374130][T11643]  unevictable:1768 dirty:151 writeback:0
[  262.374130][T11643]  slab_reclaimable:6119 slab_unreclaimable:78535
[  262.374130][T11643]  mapped:31940 shmem:5273 pagetables:1093
[  262.374130][T11643]  sec_pagetables:312 bounce:0
[  262.374130][T11643]  kernel_misc_reclaimable:0
[  262.374130][T11643]  free:53859 free_pcp:704 free_cma:0
[  262.390712][T11643] Node 0 active_anon:1324kB inactive_anon:284kB active_file:424kB inactive_file:224kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:4612kB dirty:0kB writeback:0kB shmem:3608kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8656kB pagetables:1184kB sec_pagetables:1152kB all_unreclaimable? yes Balloon:0kB
[  262.403041][T11643] Node 1 active_anon:17892kB inactive_anon:21956kB active_file:23424kB inactive_file:44092kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:123148kB dirty:604kB writeback:0kB shmem:17484kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4688kB pagetables:3188kB sec_pagetables:96kB all_unreclaimable? no Balloon:0kB
[  262.415388][T11643] Node 0 DMA free:2884kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:68kB local_pcp:24kB free_cma:0kB
[  262.425904][T11643] lowmem_reserve[]: 0 289 289 289 289
[  262.427839][T11643] Node 0 DMA32 free:18656kB boost:2048kB min:15380kB low:18712kB high:22044kB reserved_highatomic:4096KB active_anon:1324kB inactive_anon:280kB active_file:424kB inactive_file:216kB unevictable:3536kB writepending:0kB present:1032196kB managed:296948kB mlocked:0kB bounce:0kB free_pcp:752kB local_pcp:108kB free_cma:0kB
[  262.438266][T11643] lowmem_reserve[]: 0 0 0 0 0
[  262.440231][T11643] Node 1 DMA32 free:193640kB boost:14336kB min:61480kB low:73264kB high:85048kB reserved_highatomic:2048KB active_anon:17892kB inactive_anon:21956kB active_file:23424kB inactive_file:44092kB unevictable:3536kB writepending:604kB present:1048432kB managed:948276kB mlocked:0kB bounce:0kB free_pcp:2152kB local_pcp:312kB free_cma:0kB
[  262.451562][T11643] lowmem_reserve[]: 0 0 0 0 0
[  262.453337][T11643] Node 0 DMA: 35*4kB (UE) 25*8kB (UE) 15*16kB (UE) 18*32kB (UE) 5*64kB (UE) 3*128kB (E) 2*256kB (E) 1*512kB (E) 0*1024kB 0*2048kB 0*4096kB = 2884kB
[  262.459096][T11643] Node 0 DMA32: 56*4kB (MH) 120*8kB (UMEH) 56*16kB (UMEH) 40*32kB (UMEH) 51*64kB (UME) 26*128kB (UME) 12*256kB (UM) 5*512kB (UM) 3*1024kB (UM) 0*2048kB 0*4096kB = 18656kB
[  262.465395][T11643] Node 1 DMA32: 284*4kB (UMEH) 913*8kB (UMEH) 341*16kB (UMEH) 501*32kB (UMEH) 358*64kB (UMEH) 243*128kB (UMEH) 78*256kB (UME) 31*512kB (UME) 30*1024kB (UM) 15*2048kB (UM) 3*4096kB (M) = 193512kB
[  262.472382][T11643] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  262.475433][T11643] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  262.478468][T11643] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  262.481306][T11643] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  262.484917][T11643] 22888 total pagecache pages
[  262.486835][T11643] 578 pages in swap cache
[  262.488499][T11643] Free swap  = 118456kB
[  262.490237][T11643] Total swap = 124996kB
[  262.491971][T11643] 524155 pages RAM
[  262.493545][T11643] 0 pages HighMem/MovableOnly
[  262.495531][T11643] 209009 pages reserved
[  262.497300][T11643] 0 pages cma reserved
[  262.509371][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  262.515070][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  262.518861][   T60] bond0 (unregistering): Released all slaves
[  262.760150][T11634] chnl_net:caif_netlink_parms(): no params data found
[  262.768801][   T40] audit: type=1800 audit(2000000011.310:151): pid=11657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1458" name="dmabuf" dev="dmabuf" ino=2 res=0 errno=0
[  262.949804][T11634] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.952048][T11634] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.958106][T11634] bridge_slave_0: entered allmulticast mode
[  262.961836][T11634] bridge_slave_0: entered promiscuous mode
[  262.966753][T11634] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.969004][T11634] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.971306][T11634] bridge_slave_1: entered allmulticast mode
[  262.973989][T11634] bridge_slave_1: entered promiscuous mode
[  262.997923][   T60] hsr_slave_0: left promiscuous mode
[  263.000158][   T60] hsr_slave_1: left promiscuous mode
[  263.002107][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  263.006230][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  263.008975][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  263.011498][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  263.040050][   T60] veth1_macvtap: left promiscuous mode
[  263.042145][   T60] veth0_macvtap: left promiscuous mode
[  263.044610][   T60] veth1_vlan: left promiscuous mode
[  263.046613][   T60] veth0_vlan: left promiscuous mode
[  263.117195][T11666] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  263.120098][T11666] netlink: 72 bytes leftover after parsing attributes in process `syz.6.1461'.
[  263.162852][ T5950] Bluetooth: hci0: command tx timeout
[  263.786282][   T60] team0 (unregistering): Port device team_slave_1 removed
[  263.803127][ T1463] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  263.859300][   T60] team0 (unregistering): Port device team_slave_0 removed
[  263.957246][ T1463] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  263.960450][ T1463] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  263.963414][ T1463] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  263.966025][ T5950] Bluetooth: hci2: command tx timeout
[  263.966178][ T1463] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.967925][ T1463] usb 5-1: config 0 descriptor??
[  263.975226][ T1463] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  263.978185][ T1463] dvb-usb: bulk message failed: -22 (3/0)
[  263.996530][ T1463] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  264.005220][ T1463] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  264.010449][ T1463] usb 5-1: media controller created
[  264.024609][ T1463] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  264.090262][ T1463] dvb-usb: bulk message failed: -22 (6/0)
[  264.092383][ T1463] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  264.096376][ T1463] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input17
[  264.103432][ T1463] dvb-usb: schedule remote query interval to 150 msecs.
[  264.105648][ T1463] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  264.265274][ T6207] dvb-usb: bulk message failed: -22 (1/0)
[  264.267445][ T6207] dvb-usb: error while querying for an remote control event.
[  264.473065][ T6207] dvb-usb: bulk message failed: -22 (1/0)
[  264.474901][ T6207] dvb-usb: error while querying for an remote control event.
[  264.594668][T11683] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1466'.
[  264.620959][T11634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.633050][T11634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.701684][T11634] team0: Port device team_slave_0 added
[  264.715294][T11634] team0: Port device team_slave_1 added
[  264.773715][T11620] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  264.779260][T11634] batman_adv: batadv0: Adding interface: batadv_slave_0
[  264.781402][T11634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.788772][ T6207] dvb-usb: bulk message failed: -22 (1/0)
[  264.789490][T11634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.791375][ T6207] dvb-usb: error while querying for an remote control event.
[  264.795543][T11634] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.799468][T11634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.808231][T11634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.814814][T11620] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  264.818983][T11620] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  264.846504][T11620] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  264.886860][T11634] hsr_slave_0: entered promiscuous mode
[  264.889426][T11634] hsr_slave_1: entered promiscuous mode
[  264.892132][T11634] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  264.897632][T11634] Cannot create hsr debugfs directory
[  264.953039][ T1463] dvb-usb: bulk message failed: -22 (1/0)
[  264.954891][ T1463] dvb-usb: error while querying for an remote control event.
[  265.042765][T11634] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.085091][T11620] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.107161][T11620] 8021q: adding VLAN 0 to HW filter on device team0
[  265.112249][   T91] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.115132][   T91] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.117629][   T53] dvb-usb: bulk message failed: -22 (1/0)
[  265.119442][   T53] dvb-usb: error while querying for an remote control event.
[  265.128800][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.131185][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.147954][T11634] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.243120][ T5950] Bluetooth: hci0: command tx timeout
[  265.259023][T11634] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.275709][ T1463] dvb-usb: bulk message failed: -22 (1/0)
[  265.278105][ T1463] dvb-usb: error while querying for an remote control event.
[  265.286054][T11620] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.364563][T11634] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.433456][ T1463] dvb-usb: bulk message failed: -22 (1/0)
[  265.435905][ T1463] dvb-usb: error while querying for an remote control event.
[  265.459578][   T60] bridge_slave_1: left allmulticast mode
[  265.461991][   T60] bridge_slave_1: left promiscuous mode
[  265.467927][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.476362][   T60] bridge_slave_0: left allmulticast mode
[  265.477949][T11706] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1467'.
[  265.478135][   T60] bridge_slave_0: left promiscuous mode
[  265.483266][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.602724][ T1463] dvb-usb: bulk message failed: -22 (1/0)
[  265.604694][ T1463] dvb-usb: error while querying for an remote control event.
[  265.740063][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  265.745685][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  265.749902][   T60] bond0 (unregistering): Released all slaves
[  265.759119][T11620] veth0_vlan: entered promiscuous mode
[  265.763798][   T53] dvb-usb: bulk message failed: -22 (1/0)
[  265.765627][   T53] dvb-usb: error while querying for an remote control event.
[  265.791398][T11620] veth1_vlan: entered promiscuous mode
[  265.799544][T11634] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  265.805115][T11634] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  265.809005][T11634] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  265.822140][T11634] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  265.843711][T11620] veth0_macvtap: entered promiscuous mode
[  265.849188][T11620] veth1_macvtap: entered promiscuous mode
[  265.860629][T11620] batman_adv: batadv0: Interface activated: batadv_slave_0
[  265.886551][T11620] batman_adv: batadv0: Interface activated: batadv_slave_1
[  265.892055][T11620] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  265.895464][T11620] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.898183][T11620] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  265.900889][T11620] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  265.922751][   T53] dvb-usb: bulk message failed: -22 (1/0)
[  265.925524][   T53] dvb-usb: error while querying for an remote control event.
[  265.931634][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  265.936094][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  265.981763][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  265.983398][T11634] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.985247][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  265.995597][T11634] 8021q: adding VLAN 0 to HW filter on device team0
[  266.000625][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.002909][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.009181][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.012175][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.042827][ T5950] Bluetooth: hci2: command tx timeout
[  266.086059][   T60] hsr_slave_0: left promiscuous mode
[  266.089081][   T60] hsr_slave_1: left promiscuous mode
[  266.091720][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.092767][   T53] dvb-usb: bulk message failed: -22 (1/0)
[  266.095057][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.098430][   T53] dvb-usb: error while querying for an remote control event.
[  266.117601][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.119940][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.147624][   T60] veth1_macvtap: left promiscuous mode
[  266.149464][   T60] veth0_macvtap: left promiscuous mode
[  266.151240][   T60] veth1_vlan: left promiscuous mode
[  266.153036][   T60] veth0_vlan: left promiscuous mode
[  266.252789][   T53] dvb-usb: bulk message failed: -22 (1/0)
[  266.255243][   T53] dvb-usb: error while querying for an remote control event.
[  266.412759][   T53] dvb-usb: bulk message failed: -22 (1/0)
[  266.414592][   T53] dvb-usb: error while querying for an remote control event.
[  266.582770][   T53] dvb-usb: bulk message failed: -22 (1/0)
[  266.584649][   T53] dvb-usb: error while querying for an remote control event.
[  266.650464][   T29] usb 5-1: USB disconnect, device number 4
[  266.687537][   T29] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  266.833324][   T60] team0 (unregistering): Port device team_slave_1 removed
[  266.900602][   T60] team0 (unregistering): Port device team_slave_0 removed
[  267.481606][T11634] 8021q: adding VLAN 0 to HW filter on device batadv0
[  267.611399][T11634] veth0_vlan: entered promiscuous mode
[  267.617553][T11634] veth1_vlan: entered promiscuous mode
[  267.630619][T11634] veth0_macvtap: entered promiscuous mode
[  267.634839][T11634] veth1_macvtap: entered promiscuous mode
[  267.650965][T11634] batman_adv: batadv0: Interface activated: batadv_slave_0
[  267.657885][T11634] batman_adv: batadv0: Interface activated: batadv_slave_1
[  267.663031][T11634] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.666402][T11634] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.669763][T11634] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.673937][T11634] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.704929][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.707376][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.719555][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.722069][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.918999][   T60] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.270454][T11729] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1470'.
[  268.316626][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  268.320230][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  268.326111][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  268.332181][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  268.335117][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  268.371059][T11742] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1475'.
[  268.458311][T11737] chnl_net:caif_netlink_parms(): no params data found
[  268.535806][T11754] FAULT_INJECTION: forcing a failure.
[  268.535806][T11754] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.540046][T11754] CPU: 0 UID: 0 PID: 11754 Comm: syz.6.1477 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  268.540061][T11754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  268.540068][T11754] Call Trace:
[  268.540072][T11754]  <TASK>
[  268.540076][T11754]  dump_stack_lvl+0x16c/0x1f0
[  268.540094][T11754]  should_fail_ex+0x512/0x640
[  268.540112][T11754]  _copy_from_user+0x2e/0xd0
[  268.540130][T11754]  generic_map_update_batch+0x380/0x610
[  268.540160][T11754]  ? __pfx_generic_map_update_batch+0x10/0x10
[  268.540180][T11754]  ? __pfx_generic_map_update_batch+0x10/0x10
[  268.540195][T11754]  bpf_map_do_batch+0x5b1/0x680
[  268.540208][T11754]  __sys_bpf+0x15f3/0x4d80
[  268.540224][T11754]  ? __pfx___sys_bpf+0x10/0x10
[  268.540239][T11754]  ? ksys_write+0x190/0x250
[  268.540252][T11754]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  268.540275][T11754]  ? fput+0x70/0xf0
[  268.540303][T11754]  ? ksys_write+0x1ac/0x250
[  268.540316][T11754]  ? __pfx_ksys_write+0x10/0x10
[  268.540331][T11754]  __ia32_sys_bpf+0x76/0xe0
[  268.540346][T11754]  __do_fast_syscall_32+0x7c/0x3a0
[  268.540361][T11754]  do_fast_syscall_32+0x32/0x80
[  268.540374][T11754]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  268.540388][T11754] RIP: 0023:0xf7f86579
[  268.540397][T11754] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  268.540408][T11754] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  268.540419][T11754] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000dc0
[  268.540426][T11754] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  268.540432][T11754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  268.540438][T11754] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  268.540445][T11754] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  268.540458][T11754]  </TASK>
[  268.635657][   T60] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.673191][T11737] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.675579][T11737] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.677930][T11737] bridge_slave_0: entered allmulticast mode
[  268.680731][T11737] bridge_slave_0: entered promiscuous mode
[  268.686505][T11737] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.688740][T11737] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.691028][T11737] bridge_slave_1: entered allmulticast mode
[  268.694290][T11737] bridge_slave_1: entered promiscuous mode
[  268.728088][T11756] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1476'.
[  268.738673][T11737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.743312][T11737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.781503][T11737] team0: Port device team_slave_0 added
[  268.785623][T11737] team0: Port device team_slave_1 added
[  268.816883][T11737] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.819097][T11737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.828840][T11737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.836342][T11737] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.838979][T11737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.847678][T11737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.886848][T11737] hsr_slave_0: entered promiscuous mode
[  268.889109][T11737] hsr_slave_1: entered promiscuous mode
[  268.891182][T11737] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  268.893974][T11737] Cannot create hsr debugfs directory
[  269.053038][   T60] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.345104][   T60] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.491848][   T60] bridge_slave_1: left allmulticast mode
[  269.494421][   T60] bridge_slave_1: left promiscuous mode
[  269.496368][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.499938][   T60] bridge_slave_0: left allmulticast mode
[  269.501682][   T60] bridge_slave_0: left promiscuous mode
[  269.504553][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.643921][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  269.653917][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  269.657034][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  269.659976][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  269.663434][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  269.807216][T11768] program syz.6.1479 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  269.823939][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  269.828317][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  269.832262][   T60] bond0 (unregistering): Released all slaves
[  270.034725][T11764] chnl_net:caif_netlink_parms(): no params data found
[  270.145256][T11764] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.147619][T11764] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.149920][T11764] bridge_slave_0: entered allmulticast mode
[  270.152557][T11764] bridge_slave_0: entered promiscuous mode
[  270.155937][T11764] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.158204][T11764] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.160453][T11764] bridge_slave_1: entered allmulticast mode
[  270.165161][T11764] bridge_slave_1: entered promiscuous mode
[  270.192270][   T60] hsr_slave_0: left promiscuous mode
[  270.194965][   T60] hsr_slave_1: left promiscuous mode
[  270.197330][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  270.200424][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.204539][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  270.207476][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  270.234376][   T60] veth1_macvtap: left promiscuous mode
[  270.236816][   T60] veth0_macvtap: left promiscuous mode
[  270.239249][   T60] veth1_vlan: left promiscuous mode
[  270.241045][   T60] veth0_vlan: left promiscuous mode
[  270.444132][ T5954] Bluetooth: hci0: command tx timeout
[  270.487293][T11787] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1481'.
[  270.914431][   T60] team0 (unregistering): Port device team_slave_1 removed
[  271.001965][   T60] team0 (unregistering): Port device team_slave_0 removed
[  271.156830][T11794] FAULT_INJECTION: forcing a failure.
[  271.156830][T11794] name failslab, interval 1, probability 0, space 0, times 0
[  271.162079][T11794] CPU: 2 UID: 0 PID: 11794 Comm: syz.0.1484 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  271.162103][T11794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  271.162113][T11794] Call Trace:
[  271.162119][T11794]  <TASK>
[  271.162125][T11794]  dump_stack_lvl+0x16c/0x1f0
[  271.162150][T11794]  should_fail_ex+0x512/0x640
[  271.162174][T11794]  ? __kvmalloc_node_noprof+0x122/0x620
[  271.162196][T11794]  should_failslab+0xc2/0x120
[  271.162218][T11794]  __kvmalloc_node_noprof+0x135/0x620
[  271.162236][T11794]  ? bpf_opcode_in_insntable+0xf/0x50
[  271.162258][T11794]  ? resolve_pseudo_ldimm64+0x716/0x1a90
[  271.162279][T11794]  ? check_cfg+0xb1/0xab0
[  271.162306][T11794]  ? check_cfg+0xb1/0xab0
[  271.162328][T11794]  check_cfg+0xb1/0xab0
[  271.162357][T11794]  bpf_check+0x61f5/0xb4f0
[  271.162374][T11794]  ? __mutex_trylock_common+0xe9/0x250
[  271.162408][T11794]  ? __pfx_bpf_check+0x10/0x10
[  271.162430][T11794]  ? css_rstat_updated+0x9d/0xd30
[  271.162457][T11794]  ? __lock_acquire+0xb8a/0x1c90
[  271.162485][T11794]  ? find_held_lock+0x2b/0x80
[  271.162509][T11794]  ? rcu_is_watching+0x12/0xc0
[  271.162532][T11794]  ? ktime_get_with_offset+0x26e/0x3b0
[  271.162564][T11794]  ? __asan_memset+0x23/0x50
[  271.162581][T11794]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  271.162619][T11794]  bpf_prog_load+0xe41/0x2490
[  271.162646][T11794]  ? __pfx_bpf_prog_load+0x10/0x10
[  271.162690][T11794]  __sys_bpf+0x433c/0x4d80
[  271.162715][T11794]  ? __pfx___sys_bpf+0x10/0x10
[  271.162738][T11794]  ? ksys_write+0x190/0x250
[  271.162759][T11794]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  271.162794][T11794]  ? fput+0x70/0xf0
[  271.162815][T11794]  ? ksys_write+0x1ac/0x250
[  271.162831][T11794]  ? __pfx_ksys_write+0x10/0x10
[  271.162854][T11794]  __ia32_sys_bpf+0x76/0xe0
[  271.162878][T11794]  __do_fast_syscall_32+0x7c/0x3a0
[  271.162901][T11794]  do_fast_syscall_32+0x32/0x80
[  271.162920][T11794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  271.162942][T11794] RIP: 0023:0xf70ae579
[  271.162954][T11794] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  271.162971][T11794] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  271.162986][T11794] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000200
[  271.162999][T11794] RDX: 0000000000000052 RSI: 0000000000000000 RDI: 0000000000000000
[  271.163008][T11794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  271.163016][T11794] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  271.163028][T11794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  271.163049][T11794]  </TASK>
[  271.632766][   T29] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  271.670772][T11764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  271.675423][T11764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  271.723098][ T5954] Bluetooth: hci2: command tx timeout
[  271.754911][T11764] team0: Port device team_slave_0 added
[  271.760447][T11764] team0: Port device team_slave_1 added
[  271.808122][T11764] batman_adv: batadv0: Adding interface: batadv_slave_0
[  271.810431][T11764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.818775][T11764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.822752][   T29] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  271.825799][   T29] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  271.827622][T11764] batman_adv: batadv0: Adding interface: batadv_slave_1
[  271.829397][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 114, changing to 10
[  271.831519][T11764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.835728][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 1262, setting to 1024
[  271.845873][T11764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.847160][   T29] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  271.851445][T11737] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  271.855753][   T29] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  271.860024][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.867436][T11737] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  271.877987][   T29] usb 5-1: config 0 descriptor??
[  271.882248][T11737] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  271.883114][T11799] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  271.893290][T11737] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  271.933298][T11764] hsr_slave_0: entered promiscuous mode
[  271.935485][T11764] hsr_slave_1: entered promiscuous mode
[  271.937532][T11764] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  271.939861][T11764] Cannot create hsr debugfs directory
[  272.078135][T11764] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.098369][T11737] 8021q: adding VLAN 0 to HW filter on device bond0
[  272.118629][T11737] 8021q: adding VLAN 0 to HW filter on device team0
[  272.128621][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.130972][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.137116][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.139477][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.172047][T11764] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.266974][T11821] xt_CT: You must specify a L4 protocol and not use inversions on it
[  272.288991][T11764] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.298707][   T29] plantronics 0003:047F:FFFF.0004: reserved main item tag 0xd
[  272.302120][T11737] 8021q: adding VLAN 0 to HW filter on device batadv0
[  272.373384][   T29] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  272.388915][T11764] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.403484][   T29] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  272.454349][T11737] veth0_vlan: entered promiscuous mode
[  272.459412][T11737] veth1_vlan: entered promiscuous mode
[  272.474820][T11737] veth0_macvtap: entered promiscuous mode
[  272.478807][T11737] veth1_macvtap: entered promiscuous mode
[  272.494321][T11737] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.505674][T11737] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.509895][ T1137] bridge_slave_1: left allmulticast mode
[  272.511671][ T1137] bridge_slave_1: left promiscuous mode
[  272.514187][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.517547][ T1137] bridge_slave_0: left allmulticast mode
[  272.519305][ T1137] bridge_slave_0: left promiscuous mode
[  272.521126][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.523703][ T5954] Bluetooth: hci0: command tx timeout
[  272.572157][T11799] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1486'.
[  272.575827][T11799] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1486'.
[  272.579341][T11799] netlink: 'syz.0.1486': attribute type 11 has an invalid length.
[  272.779847][ T1137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.784858][ T1137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.789183][ T1137] bond0 (unregistering): Released all slaves
[  272.796774][T11737] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.799385][T11737] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.802161][T11737] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.805039][T11737] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.820229][ T1258] usb 5-1: USB disconnect, device number 5
[  272.930306][T11764] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  272.936992][T11764] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  272.941132][T11764] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  272.946288][T11764] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  272.950089][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.952555][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.995578][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.998074][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.026412][T11764] 8021q: adding VLAN 0 to HW filter on device bond0
[  273.060950][ T1137] hsr_slave_0: left promiscuous mode
[  273.064191][ T1137] hsr_slave_1: left promiscuous mode
[  273.066223][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  273.068524][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  273.071102][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  273.076053][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  273.101250][ T1137] veth1_macvtap: left promiscuous mode
[  273.103226][ T1137] veth0_macvtap: left promiscuous mode
[  273.104972][ T1137] veth1_vlan: left promiscuous mode
[  273.106688][ T1137] veth0_vlan: left promiscuous mode
[  273.416314][T11838] delete_channel: no stack
[  273.714145][ T1137] team0 (unregistering): Port device team_slave_1 removed
[  273.803487][ T5954] Bluetooth: hci2: command tx timeout
[  273.819610][ T1137] team0 (unregistering): Port device team_slave_0 removed
[  273.837564][T11842] delete_channel: no stack
[  274.392276][T11764] 8021q: adding VLAN 0 to HW filter on device team0
[  274.408614][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.410967][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  274.414666][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.416991][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.576284][T11764] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.718068][T11764] veth0_vlan: entered promiscuous mode
[  274.723708][T11764] veth1_vlan: entered promiscuous mode
[  274.737558][T11764] veth0_macvtap: entered promiscuous mode
[  274.741425][T11764] veth1_macvtap: entered promiscuous mode
[  274.752383][T11764] batman_adv: batadv0: Interface activated: batadv_slave_0
[  274.761115][T11764] batman_adv: batadv0: Interface activated: batadv_slave_1
[  274.766406][T11764] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.769346][T11764] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.772357][T11764] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.777234][T11764] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.807283][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.809945][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.822404][ T1237] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.825497][ T1237] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.876850][ T1134] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.394741][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  275.400272][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  275.404908][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  275.408132][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  275.412186][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  275.452722][T11863] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1493'.
[  275.577793][T11864] chnl_net:caif_netlink_parms(): no params data found
[  275.654893][T11864] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.657213][T11864] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.659516][T11864] bridge_slave_0: entered allmulticast mode
[  275.662202][T11864] bridge_slave_0: entered promiscuous mode
[  275.669965][T11864] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.672299][T11864] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.674905][T11864] bridge_slave_1: entered allmulticast mode
[  275.677569][T11864] bridge_slave_1: entered promiscuous mode
[  275.722717][T11864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.727119][T11864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.765684][T11864] team0: Port device team_slave_0 added
[  275.769112][T11864] team0: Port device team_slave_1 added
[  275.800808][T11864] batman_adv: batadv0: Adding interface: batadv_slave_0
[  275.803997][T11864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.811862][T11864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  275.816494][T11864] batman_adv: batadv0: Adding interface: batadv_slave_1
[  275.818891][T11864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.828179][T11864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  275.869208][T11864] hsr_slave_0: entered promiscuous mode
[  275.871886][T11864] hsr_slave_1: entered promiscuous mode
[  275.874599][T11864] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  275.876972][T11864] Cannot create hsr debugfs directory
[  275.982971][ T1134] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.106490][T11858] ALSA: mixer_oss: invalid OSS volume ''
[  276.234282][ T1134] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.313271][ T1134] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.425080][ T1134] bridge_slave_1: left allmulticast mode
[  276.427034][ T1134] bridge_slave_1: left promiscuous mode
[  276.428937][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.433059][ T1134] bridge_slave_0: left allmulticast mode
[  276.434841][ T1134] bridge_slave_0: left promiscuous mode
[  276.436552][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.755512][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  276.759856][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  276.763748][ T1134] bond0 (unregistering): Released all slaves
[  277.079048][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  277.085097][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  277.088388][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  277.091369][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  277.095203][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  277.128766][ T1134] hsr_slave_0: left promiscuous mode
[  277.131659][ T1134] hsr_slave_1: left promiscuous mode
[  277.136111][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  277.138841][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0
[  277.142007][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  277.147818][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1
[  277.168427][ T1134] veth1_macvtap: left promiscuous mode
[  277.170194][ T1134] veth0_macvtap: left promiscuous mode
[  277.171966][ T1134] veth1_vlan: left promiscuous mode
[  277.175086][ T1134] veth0_vlan: left promiscuous mode
[  277.492760][ T5954] Bluetooth: hci0: command tx timeout
[  277.539144][T11906] syz.6.1498: attempt to access beyond end of device
[  277.539144][T11906] nbd6: rw=4096, sector=0, nr_sectors = 1 limit=0
[  277.545310][T11906] XFS (nbd6): SB validate failed with error -5.
[  278.053450][ T1134] team0 (unregistering): Port device team_slave_1 removed
[  278.138339][ T1134] team0 (unregistering): Port device team_slave_0 removed
[  278.719445][T11914] FAULT_INJECTION: forcing a failure.
[  278.719445][T11914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.730822][T11914] CPU: 0 UID: 0 PID: 11914 Comm: syz.6.1499 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  278.730841][T11914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  278.730847][T11914] Call Trace:
[  278.730852][T11914]  <TASK>
[  278.730857][T11914]  dump_stack_lvl+0x16c/0x1f0
[  278.730873][T11914]  should_fail_ex+0x512/0x640
[  278.730892][T11914]  _copy_from_user+0x2e/0xd0
[  278.730910][T11914]  generic_map_update_batch+0x380/0x610
[  278.730930][T11914]  ? __pfx_generic_map_update_batch+0x10/0x10
[  278.730947][T11914]  ? __pfx_generic_map_update_batch+0x10/0x10
[  278.730962][T11914]  bpf_map_do_batch+0x5b1/0x680
[  278.730975][T11914]  __sys_bpf+0x15f3/0x4d80
[  278.730990][T11914]  ? __pfx___sys_bpf+0x10/0x10
[  278.731005][T11914]  ? ksys_write+0x190/0x250
[  278.731019][T11914]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  278.731042][T11914]  ? fput+0x70/0xf0
[  278.731056][T11914]  ? ksys_write+0x1ac/0x250
[  278.731066][T11914]  ? __pfx_ksys_write+0x10/0x10
[  278.731080][T11914]  __ia32_sys_bpf+0x76/0xe0
[  278.731096][T11914]  __do_fast_syscall_32+0x7c/0x3a0
[  278.731111][T11914]  do_fast_syscall_32+0x32/0x80
[  278.731124][T11914]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  278.731138][T11914] RIP: 0023:0xf7f86579
[  278.731147][T11914] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  278.731158][T11914] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  278.731169][T11914] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000dc0
[  278.731176][T11914] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  278.731183][T11914] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  278.731189][T11914] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  278.731195][T11914] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  278.731209][T11914]  </TASK>
[  278.963568][T11864] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  278.973141][T11864] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  278.978191][T11864] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  278.986582][T11864] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  279.005876][T11890] chnl_net:caif_netlink_parms(): no params data found
[  279.144787][T11890] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.147304][T11890] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.149886][T11890] bridge_slave_0: entered allmulticast mode
[  279.153310][T11890] bridge_slave_0: entered promiscuous mode
[  279.162696][ T5954] Bluetooth: hci2: command tx timeout
[  279.172672][T11890] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.175246][T11890] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.179173][T11890] bridge_slave_1: entered allmulticast mode
[  279.186262][T11890] bridge_slave_1: entered promiscuous mode
[  279.239571][T11890] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.246809][T11864] 8021q: adding VLAN 0 to HW filter on device bond0
[  279.251545][T11890] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.294003][T11890] team0: Port device team_slave_0 added
[  279.301057][T11864] 8021q: adding VLAN 0 to HW filter on device team0
[  279.316123][T11890] team0: Port device team_slave_1 added
[  279.348528][T11890] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.350768][T11890] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.358796][T11890] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.368039][ T1237] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.370372][ T1237] bridge0: port 1(bridge_slave_0) entered forwarding state
[  279.374147][T11890] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.376353][T11890] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.384923][T11890] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.395767][T11926] batman_adv: batadv0: Adding interface: dummy0
[  279.397714][T11926] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.405576][T11926] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  279.416301][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.418569][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  279.438949][ T1137] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.492748][T11890] hsr_slave_0: entered promiscuous mode
[  279.495547][T11890] hsr_slave_1: entered promiscuous mode
[  279.497936][T11890] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  279.500652][T11890] Cannot create hsr debugfs directory
[  279.523365][ T1137] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.568047][ T5954] Bluetooth: hci0: command tx timeout
[  279.586516][ T1137] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.649010][ T1137] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.746572][T11864] 8021q: adding VLAN 0 to HW filter on device batadv0
[  279.927187][T11864] veth0_vlan: entered promiscuous mode
[  280.012907][T11864] veth1_vlan: entered promiscuous mode
[  280.027211][T11864] veth0_macvtap: entered promiscuous mode
[  280.036867][ T1137] bridge_slave_1: left allmulticast mode
[  280.038665][ T1137] bridge_slave_1: left promiscuous mode
[  280.040461][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.064400][ T1137] bridge_slave_0: left allmulticast mode
[  280.066622][ T1137] bridge_slave_0: left promiscuous mode
[  280.068919][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.096102][T11960] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1502'.
[  280.389650][ T1137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  280.395533][ T1137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  280.399639][ T1137] bond0 (unregistering): Released all slaves
[  280.453746][T11864] veth1_macvtap: entered promiscuous mode
[  280.472393][T11864] batman_adv: batadv0: Interface activated: batadv_slave_0
[  280.477952][T11864] batman_adv: batadv0: Interface activated: batadv_slave_1
[  280.483302][T11864] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.486151][T11864] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  280.489968][T11864] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  280.493970][T11864] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.593850][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  280.599466][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.636683][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  280.639055][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.763844][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  280.766737][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  280.769644][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  280.778401][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  280.780939][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  280.796243][ T1137] hsr_slave_0: left promiscuous mode
[  280.798355][ T1137] hsr_slave_1: left promiscuous mode
[  280.800446][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.805018][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.807863][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.810265][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.835387][ T1137] veth1_macvtap: left promiscuous mode
[  280.837177][ T1137] veth0_macvtap: left promiscuous mode
[  280.838931][ T1137] veth1_vlan: left promiscuous mode
[  280.840700][ T1137] veth0_vlan: left promiscuous mode
[  281.242785][ T5950] Bluetooth: hci2: command tx timeout
[  281.731333][ T1137] team0 (unregistering): Port device team_slave_1 removed
[  281.814800][ T1137] team0 (unregistering): Port device team_slave_0 removed
[  282.484325][T11890] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  282.493379][T11890] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  282.512083][T11890] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  282.524565][T11890] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  282.607564][T11973] chnl_net:caif_netlink_parms(): no params data found
[  282.703770][T11973] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.706029][T11973] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.708240][T11973] bridge_slave_0: entered allmulticast mode
[  282.710751][T11973] bridge_slave_0: entered promiscuous mode
[  282.714772][T11973] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.716981][T11973] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.719150][T11973] bridge_slave_1: entered allmulticast mode
[  282.721661][T11973] bridge_slave_1: entered promiscuous mode
[  282.758113][T11973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.765917][T11973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  282.805629][T11973] team0: Port device team_slave_0 added
[  282.811421][T11973] team0: Port device team_slave_1 added
[  282.839123][T11890] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.844018][ T5950] Bluetooth: hci0: command tx timeout
[  282.859773][T11973] batman_adv: batadv0: Adding interface: batadv_slave_0
[  282.861977][T11973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.870225][T11973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  282.875680][T11973] batman_adv: batadv0: Adding interface: batadv_slave_1
[  282.878423][T11973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.888945][T11973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  282.910125][T11890] 8021q: adding VLAN 0 to HW filter on device team0
[  282.931536][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.934178][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.958658][T11973] hsr_slave_0: entered promiscuous mode
[  282.961355][T11973] hsr_slave_1: entered promiscuous mode
[  282.963494][T11973] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  282.965775][T11973] Cannot create hsr debugfs directory
[  282.971693][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.974602][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.996193][ T1137] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.141895][T11973] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  283.147725][T11973] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  283.152042][T11973] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  283.156363][T11973] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  283.196107][T11973] 8021q: adding VLAN 0 to HW filter on device bond0
[  283.207622][T11973] 8021q: adding VLAN 0 to HW filter on device team0
[  283.214973][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.217239][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state
[  283.224780][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.228029][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  283.260000][T11890] 8021q: adding VLAN 0 to HW filter on device batadv0
[  283.322549][ T5954] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  283.324945][ T5947] Bluetooth: hci2: command tx timeout
[  283.329086][ T5954] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  283.331828][ T5954] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  283.334836][ T5954] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  283.337180][ T5954] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  283.401505][T11973] 8021q: adding VLAN 0 to HW filter on device batadv0
[  283.514818][T11890] veth0_vlan: entered promiscuous mode
[  283.522682][T11890] veth1_vlan: entered promiscuous mode
[  283.525012][T12021] chnl_net:caif_netlink_parms(): no params data found
[  283.577380][T11890] veth0_macvtap: entered promiscuous mode
[  283.585764][T11890] veth1_macvtap: entered promiscuous mode
[  283.675890][T11890] batman_adv: batadv0: Interface activated: batadv_slave_0
[  283.679280][T12021] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.682136][T12021] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.685467][T12021] bridge_slave_0: entered allmulticast mode
[  283.691774][T12021] bridge_slave_0: entered promiscuous mode
[  283.714902][ T1137] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.724970][T12021] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.727249][T12021] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.729439][T12021] bridge_slave_1: entered allmulticast mode
[  283.731974][T12021] bridge_slave_1: entered promiscuous mode
[  283.794166][T11890] batman_adv: batadv0: Interface activated: batadv_slave_1
[  283.801800][T12021] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  283.818811][T11973] veth0_vlan: entered promiscuous mode
[  283.825391][T12021] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  283.882396][T11973] veth1_vlan: entered promiscuous mode
[  283.886900][T11890] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.889582][T11890] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.892237][T11890] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.896135][T11890] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.901913][T12021] team0: Port device team_slave_0 added
[  283.907372][T12021] team0: Port device team_slave_1 added
[  283.947746][T12021] batman_adv: batadv0: Adding interface: batadv_slave_0
[  283.949859][T12021] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.958224][T12021] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  283.962294][T12021] batman_adv: batadv0: Adding interface: batadv_slave_1
[  283.964468][T12021] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.972467][T12021] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  284.025265][T12021] hsr_slave_0: entered promiscuous mode
[  284.027515][T12021] hsr_slave_1: entered promiscuous mode
[  284.029661][T12021] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  284.032312][T12021] Cannot create hsr debugfs directory
[  284.104624][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.107508][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.125625][T11973] veth0_macvtap: entered promiscuous mode
[  284.156136][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.157754][T11973] veth1_macvtap: entered promiscuous mode
[  284.158564][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.190915][T11973] batman_adv: batadv0: Interface activated: batadv_slave_0
[  284.201142][T11973] batman_adv: batadv0: Interface activated: batadv_slave_1
[  284.206081][T11973] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  284.208924][T11973] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  284.211868][T11973] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  284.215540][T11973] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  284.308324][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.310712][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.328774][   T91] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.331108][   T91] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.355978][ T1137] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.435743][ T1137] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.541518][T12051] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1512'.
[  284.605408][ T1137] bridge_slave_1: left allmulticast mode
[  284.607564][ T1137] bridge_slave_1: left promiscuous mode
[  284.609426][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.613186][ T1137] bridge_slave_0: left allmulticast mode
[  284.614943][ T1137] bridge_slave_0: left promiscuous mode
[  284.616730][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.932707][ T5954] Bluetooth: hci0: command tx timeout
[  284.979414][ T1137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  284.986128][ T1137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  284.990925][ T1137] bond0 (unregistering): Released all slaves
[  285.402897][ T5954] Bluetooth: hci1: command tx timeout
[  285.433801][ T1137] hsr_slave_0: left promiscuous mode
[  285.436476][ T1137] hsr_slave_1: left promiscuous mode
[  285.438471][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.440842][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.444834][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.447707][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.479129][ T1137] veth1_macvtap: left promiscuous mode
[  285.481307][ T1137] veth0_macvtap: left promiscuous mode
[  285.483921][ T1137] veth1_vlan: left promiscuous mode
[  285.486163][ T1137] veth0_vlan: left promiscuous mode
[  285.538397][ T1137] 
[  285.539730][ T1137] =============================
[  285.541786][ T1137] WARNING: suspicious RCU usage
[  285.543923][ T1137] 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 Not tainted
[  285.547861][ T1137] -----------------------------
[  285.550154][ T1137] net/ipv6/ip6_fib.c:2076 suspicious rcu_dereference_protected() usage!
[  285.553654][ T1137] 
[  285.553654][ T1137] other info that might help us debug this:
[  285.553654][ T1137] 
[  285.557691][ T1137] 
[  285.557691][ T1137] rcu_scheduler_active = 2, debug_locks = 1
[  285.561030][ T1137] 6 locks held by kworker/u32:7/1137:
[  285.563370][ T1137]  #0: ffff88801c68f948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  285.567528][ T1137]  #1: ffffc90006f2fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  285.571524][ T1137]  #2: ffffffff9012dc90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890
[  285.575429][ T1137]  #3: ffffffff90143ce8 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  285.579498][ T1137]  #4: ffffffff8e3c2600 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  285.583475][ T1137]  #5: ffff8880645e8830 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  285.587397][ T1137] 
[  285.587397][ T1137] stack backtrace:
[  285.589894][ T1137] CPU: 2 UID: 0 PID: 1137 Comm: kworker/u32:7 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  285.589918][ T1137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.589930][ T1137] Workqueue: netns cleanup_net
[  285.589955][ T1137] Call Trace:
[  285.589961][ T1137]  <TASK>
[  285.589970][ T1137]  dump_stack_lvl+0x16c/0x1f0
[  285.589992][ T1137]  lockdep_rcu_suspicious+0x166/0x260
[  285.590026][ T1137]  fib6_del+0xcf2/0x1770
[  285.590059][ T1137]  ? __pfx_fib6_del+0x10/0x10
[  285.590081][ T1137]  ? finish_task_switch.isra.0+0x221/0xc10
[  285.590105][ T1137]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.590129][ T1137]  ? fib6_ifdown+0xcd/0x8f0
[  285.590158][ T1137]  fib6_clean_node+0x424/0x5b0
[  285.590185][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.590208][ T1137]  ? register_lock_class+0x41/0x4c0
[  285.590236][ T1137]  fib6_walk_continue+0x44f/0x8d0
[  285.590263][ T1137]  fib6_walk+0x182/0x370
[  285.590286][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.590308][ T1137]  fib6_clean_tree+0xd4/0x110
[  285.590330][ T1137]  ? __pfx_fib6_clean_tree+0x10/0x10
[  285.590350][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.590376][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.590400][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.590430][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.590452][ T1137]  __fib6_clean_all+0x107/0x2d0
[  285.590481][ T1137]  rt6_disable_ip+0x2ec/0x990
[  285.590500][ T1137]  ? __mutex_trylock_common+0xe9/0x250
[  285.590520][ T1137]  ? __pfx___mutex_trylock_common+0x10/0x10
[  285.590541][ T1137]  ? __pfx_rt6_disable_ip+0x10/0x10
[  285.590561][ T1137]  ? rcu_is_watching+0x12/0xc0
[  285.590590][ T1137]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  285.590619][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.590645][ T1137]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  285.590687][ T1137]  addrconf_notify+0x220/0x19e0
[  285.590715][ T1137]  ? ip6mr_device_event+0x1bc/0x230
[  285.590738][ T1137]  notifier_call_chain+0xbc/0x410
[  285.590764][ T1137]  ? __pfx_addrconf_notify+0x10/0x10
[  285.590797][ T1137]  call_netdevice_notifiers_info+0xbe/0x140
[  285.590826][ T1137]  dev_close_many+0x319/0x630
[  285.590856][ T1137]  ? __pfx_dev_close_many+0x10/0x10
[  285.590890][ T1137]  unregister_netdevice_many_notify+0x578/0x26f0
[  285.590920][ T1137]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.590940][ T1137]  ? batadv_tt_local_event+0x455/0x7f0
[  285.590965][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  285.590993][ T1137]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  285.591026][ T1137]  ? unregister_netdevice_queue+0x22e/0x3f0
[  285.591051][ T1137]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  285.591076][ T1137]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  285.591107][ T1137]  default_device_exit_batch+0x853/0xaf0
[  285.591139][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.591164][ T1137]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  285.591192][ T1137]  ? __pfx___might_resched+0x10/0x10
[  285.591219][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.591246][ T1137]  ops_undo_list+0x360/0xab0
[  285.591275][ T1137]  ? __pfx_ops_undo_list+0x10/0x10
[  285.591301][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  285.591330][ T1137]  cleanup_net+0x408/0x890
[  285.591357][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  285.591383][ T1137]  ? rcu_is_watching+0x12/0xc0
[  285.591411][ T1137]  process_one_work+0x9cf/0x1b70
[  285.591441][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  285.591464][ T1137]  ? __pfx_process_one_work+0x10/0x10
[  285.591495][ T1137]  ? assign_work+0x1a0/0x250
[  285.591517][ T1137]  worker_thread+0x6c8/0xf10
[  285.591551][ T1137]  ? __pfx_worker_thread+0x10/0x10
[  285.591573][ T1137]  kthread+0x3c2/0x780
[  285.591594][ T1137]  ? __pfx_kthread+0x10/0x10
[  285.591615][ T1137]  ? rcu_is_watching+0x12/0xc0
[  285.591639][ T1137]  ? __pfx_kthread+0x10/0x10
[  285.591660][ T1137]  ret_from_fork+0x5d4/0x6f0
[  285.591684][ T1137]  ? __pfx_kthread+0x10/0x10
[  285.591703][ T1137]  ret_from_fork_asm+0x1a/0x30
[  285.591737][ T1137]  </TASK>
[  285.591745][ T1137] 
[  285.750243][ T1137] =============================
[  285.752295][ T1137] WARNING: suspicious RCU usage
[  285.754432][ T1137] 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 Not tainted
[  285.757251][ T1137] -----------------------------
[  285.759291][ T1137] net/ipv6/ip6_fib.c:2088 suspicious rcu_dereference_protected() usage!
[  285.762842][ T1137] 
[  285.762842][ T1137] other info that might help us debug this:
[  285.762842][ T1137] 
[  285.767011][ T1137] 
[  285.767011][ T1137] rcu_scheduler_active = 2, debug_locks = 1
[  285.770255][ T1137] 6 locks held by kworker/u32:7/1137:
[  285.772508][ T1137]  #0: ffff88801c68f948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  285.776854][ T1137]  #1: ffffc90006f2fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  285.780797][ T1137]  #2: ffffffff9012dc90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890
[  285.784642][ T1137]  #3: ffffffff90143ce8 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  285.788755][ T1137]  #4: ffffffff8e3c2600 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  285.792806][ T1137]  #5: ffff8880645e8830 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  285.796718][ T1137] 
[  285.796718][ T1137] stack backtrace:
[  285.799142][ T1137] CPU: 2 UID: 0 PID: 1137 Comm: kworker/u32:7 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  285.799165][ T1137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.799178][ T1137] Workqueue: netns cleanup_net
[  285.799203][ T1137] Call Trace:
[  285.799210][ T1137]  <TASK>
[  285.799218][ T1137]  dump_stack_lvl+0x16c/0x1f0
[  285.799242][ T1137]  lockdep_rcu_suspicious+0x166/0x260
[  285.799275][ T1137]  fib6_del+0x2ef/0x1770
[  285.799307][ T1137]  ? __pfx_fib6_del+0x10/0x10
[  285.799330][ T1137]  ? finish_task_switch.isra.0+0x221/0xc10
[  285.799353][ T1137]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.799376][ T1137]  ? fib6_ifdown+0xcd/0x8f0
[  285.799405][ T1137]  fib6_clean_node+0x424/0x5b0
[  285.799432][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.799453][ T1137]  ? register_lock_class+0x41/0x4c0
[  285.799483][ T1137]  fib6_walk_continue+0x44f/0x8d0
[  285.799510][ T1137]  fib6_walk+0x182/0x370
[  285.799533][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.799555][ T1137]  fib6_clean_tree+0xd4/0x110
[  285.799576][ T1137]  ? __pfx_fib6_clean_tree+0x10/0x10
[  285.799596][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.799623][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.799647][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.799683][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.799706][ T1137]  __fib6_clean_all+0x107/0x2d0
[  285.799734][ T1137]  rt6_disable_ip+0x2ec/0x990
[  285.799752][ T1137]  ? __mutex_trylock_common+0xe9/0x250
[  285.799771][ T1137]  ? __pfx___mutex_trylock_common+0x10/0x10
[  285.799791][ T1137]  ? __pfx_rt6_disable_ip+0x10/0x10
[  285.799812][ T1137]  ? rcu_is_watching+0x12/0xc0
[  285.799840][ T1137]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  285.799868][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.799894][ T1137]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  285.799930][ T1137]  addrconf_notify+0x220/0x19e0
[  285.799957][ T1137]  ? ip6mr_device_event+0x1bc/0x230
[  285.799979][ T1137]  notifier_call_chain+0xbc/0x410
[  285.800004][ T1137]  ? __pfx_addrconf_notify+0x10/0x10
[  285.800037][ T1137]  call_netdevice_notifiers_info+0xbe/0x140
[  285.800067][ T1137]  dev_close_many+0x319/0x630
[  285.800096][ T1137]  ? __pfx_dev_close_many+0x10/0x10
[  285.800130][ T1137]  unregister_netdevice_many_notify+0x578/0x26f0
[  285.800179][ T1137]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.800199][ T1137]  ? batadv_tt_local_event+0x455/0x7f0
[  285.800225][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  285.800252][ T1137]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  285.800285][ T1137]  ? unregister_netdevice_queue+0x22e/0x3f0
[  285.800310][ T1137]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  285.800336][ T1137]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  285.800365][ T1137]  default_device_exit_batch+0x853/0xaf0
[  285.800395][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.800421][ T1137]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  285.800449][ T1137]  ? __pfx___might_resched+0x10/0x10
[  285.800475][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.800502][ T1137]  ops_undo_list+0x360/0xab0
[  285.800530][ T1137]  ? __pfx_ops_undo_list+0x10/0x10
[  285.800556][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  285.800584][ T1137]  cleanup_net+0x408/0x890
[  285.800610][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  285.800636][ T1137]  ? rcu_is_watching+0x12/0xc0
[  285.800662][ T1137]  process_one_work+0x9cf/0x1b70
[  285.800699][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  285.800724][ T1137]  ? __pfx_process_one_work+0x10/0x10
[  285.800752][ T1137]  ? assign_work+0x1a0/0x250
[  285.800775][ T1137]  worker_thread+0x6c8/0xf10
[  285.800809][ T1137]  ? __pfx_worker_thread+0x10/0x10
[  285.800831][ T1137]  kthread+0x3c2/0x780
[  285.800851][ T1137]  ? __pfx_kthread+0x10/0x10
[  285.800873][ T1137]  ? rcu_is_watching+0x12/0xc0
[  285.800894][ T1137]  ? __pfx_kthread+0x10/0x10
[  285.800915][ T1137]  ret_from_fork+0x5d4/0x6f0
[  285.800933][ T1137]  ? __pfx_kthread+0x10/0x10
[  285.800959][ T1137]  ret_from_fork_asm+0x1a/0x30
[  285.800990][ T1137]  </TASK>
[  285.801001][ T1137] 
[  285.954273][ T1137] =============================
[  285.955763][ T1137] WARNING: suspicious RCU usage
[  285.957260][ T1137] 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 Not tainted
[  285.959268][ T1137] -----------------------------
[  285.960795][ T1137] net/ipv6/ip6_fib.c:1974 suspicious rcu_dereference_protected() usage!
[  285.963347][ T1137] 
[  285.963347][ T1137] other info that might help us debug this:
[  285.963347][ T1137] 
[  285.966351][ T1137] 
[  285.966351][ T1137] rcu_scheduler_active = 2, debug_locks = 1
[  285.968733][ T1137] 6 locks held by kworker/u32:7/1137:
[  285.970373][ T1137]  #0: ffff88801c68f948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  285.973584][ T1137]  #1: ffffc90006f2fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  285.976570][ T1137]  #2: ffffffff9012dc90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890
[  285.979372][ T1137]  #3: ffffffff90143ce8 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  285.982439][ T1137]  #4: ffffffff8e3c2600 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  285.985389][ T1137]  #5: ffff8880645e8830 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  285.988310][ T1137] 
[  285.988310][ T1137] stack backtrace:
[  285.990104][ T1137] CPU: 2 UID: 0 PID: 1137 Comm: kworker/u32:7 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  285.990119][ T1137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.990128][ T1137] Workqueue: netns cleanup_net
[  285.990144][ T1137] Call Trace:
[  285.990149][ T1137]  <TASK>
[  285.990155][ T1137]  dump_stack_lvl+0x16c/0x1f0
[  285.990169][ T1137]  lockdep_rcu_suspicious+0x166/0x260
[  285.990189][ T1137]  fib6_del+0x1084/0x1770
[  285.990209][ T1137]  ? __pfx_fib6_del+0x10/0x10
[  285.990223][ T1137]  ? finish_task_switch.isra.0+0x221/0xc10
[  285.990238][ T1137]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.990252][ T1137]  ? fib6_ifdown+0xcd/0x8f0
[  285.990270][ T1137]  fib6_clean_node+0x424/0x5b0
[  285.990286][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.990300][ T1137]  ? register_lock_class+0x41/0x4c0
[  285.990316][ T1137]  fib6_walk_continue+0x44f/0x8d0
[  285.990332][ T1137]  fib6_walk+0x182/0x370
[  285.990346][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.990360][ T1137]  fib6_clean_tree+0xd4/0x110
[  285.990373][ T1137]  ? __pfx_fib6_clean_tree+0x10/0x10
[  285.990385][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.990402][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  285.990417][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.990435][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  285.990450][ T1137]  __fib6_clean_all+0x107/0x2d0
[  285.990466][ T1137]  rt6_disable_ip+0x2ec/0x990
[  285.990477][ T1137]  ? __mutex_trylock_common+0xe9/0x250
[  285.990489][ T1137]  ? __pfx___mutex_trylock_common+0x10/0x10
[  285.990501][ T1137]  ? __pfx_rt6_disable_ip+0x10/0x10
[  285.990513][ T1137]  ? rcu_is_watching+0x12/0xc0
[  285.990531][ T1137]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  285.990548][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  285.990563][ T1137]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  285.990590][ T1137]  addrconf_notify+0x220/0x19e0
[  285.990607][ T1137]  ? ip6mr_device_event+0x1bc/0x230
[  285.990620][ T1137]  notifier_call_chain+0xbc/0x410
[  285.990636][ T1137]  ? __pfx_addrconf_notify+0x10/0x10
[  285.990656][ T1137]  call_netdevice_notifiers_info+0xbe/0x140
[  285.990674][ T1137]  dev_close_many+0x319/0x630
[  285.990692][ T1137]  ? __pfx_dev_close_many+0x10/0x10
[  285.990712][ T1137]  unregister_netdevice_many_notify+0x578/0x26f0
[  285.990731][ T1137]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.990743][ T1137]  ? batadv_tt_local_event+0x455/0x7f0
[  285.990759][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  285.990776][ T1137]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  285.990796][ T1137]  ? unregister_netdevice_queue+0x22e/0x3f0
[  285.990812][ T1137]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  285.990828][ T1137]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  285.990846][ T1137]  default_device_exit_batch+0x853/0xaf0
[  285.990865][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.990880][ T1137]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  285.990899][ T1137]  ? __pfx___might_resched+0x10/0x10
[  285.990915][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  285.990931][ T1137]  ops_undo_list+0x360/0xab0
[  285.990948][ T1137]  ? __pfx_ops_undo_list+0x10/0x10
[  285.990964][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  285.990982][ T1137]  cleanup_net+0x408/0x890
[  285.990998][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  285.991014][ T1137]  ? rcu_is_watching+0x12/0xc0
[  285.991030][ T1137]  process_one_work+0x9cf/0x1b70
[  285.991048][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  285.991063][ T1137]  ? __pfx_process_one_work+0x10/0x10
[  285.991081][ T1137]  ? assign_work+0x1a0/0x250
[  285.991094][ T1137]  worker_thread+0x6c8/0xf10
[  285.991114][ T1137]  ? __pfx_worker_thread+0x10/0x10
[  285.991127][ T1137]  kthread+0x3c2/0x780
[  285.991139][ T1137]  ? __pfx_kthread+0x10/0x10
[  285.991152][ T1137]  ? rcu_is_watching+0x12/0xc0
[  285.991166][ T1137]  ? __pfx_kthread+0x10/0x10
[  285.991178][ T1137]  ret_from_fork+0x5d4/0x6f0
[  285.991191][ T1137]  ? __pfx_kthread+0x10/0x10
[  285.991202][ T1137]  ret_from_fork_asm+0x1a/0x30
[  285.991220][ T1137]  </TASK>
[  285.991225][ T1137] 
[  286.111092][ T1137] =============================
[  286.112675][ T1137] WARNING: suspicious RCU usage
[  286.114197][ T1137] 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 Not tainted
[  286.116269][ T1137] -----------------------------
[  286.117756][ T1137] net/ipv6/ip6_fib.c:1983 suspicious rcu_dereference_protected() usage!
[  286.120287][ T1137] 
[  286.120287][ T1137] other info that might help us debug this:
[  286.120287][ T1137] 
[  286.123451][ T1137] 
[  286.123451][ T1137] rcu_scheduler_active = 2, debug_locks = 1
[  286.125953][ T1137] 6 locks held by kworker/u32:7/1137:
[  286.127623][ T1137]  #0: ffff88801c68f948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  286.130763][ T1137]  #1: ffffc90006f2fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  286.133779][ T1137]  #2: ffffffff9012dc90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890
[  286.136612][ T1137]  #3: ffffffff90143ce8 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  286.139671][ T1137]  #4: ffffffff8e3c2600 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  286.142580][ T1137]  #5: ffff8880645e8830 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  286.145592][ T1137] 
[  286.145592][ T1137] stack backtrace:
[  286.147420][ T1137] CPU: 2 UID: 0 PID: 1137 Comm: kworker/u32:7 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  286.147435][ T1137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.147443][ T1137] Workqueue: netns cleanup_net
[  286.147458][ T1137] Call Trace:
[  286.147463][ T1137]  <TASK>
[  286.147468][ T1137]  dump_stack_lvl+0x16c/0x1f0
[  286.147482][ T1137]  lockdep_rcu_suspicious+0x166/0x260
[  286.147502][ T1137]  fib6_del+0xfef/0x1770
[  286.147521][ T1137]  ? __pfx_fib6_del+0x10/0x10
[  286.147535][ T1137]  ? finish_task_switch.isra.0+0x221/0xc10
[  286.147550][ T1137]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  286.147565][ T1137]  ? fib6_ifdown+0xcd/0x8f0
[  286.147586][ T1137]  fib6_clean_node+0x424/0x5b0
[  286.147603][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  286.147617][ T1137]  ? register_lock_class+0x41/0x4c0
[  286.147633][ T1137]  fib6_walk_continue+0x44f/0x8d0
[  286.147649][ T1137]  fib6_walk+0x182/0x370
[  286.147663][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  286.147676][ T1137]  fib6_clean_tree+0xd4/0x110
[  286.147689][ T1137]  ? __pfx_fib6_clean_tree+0x10/0x10
[  286.147702][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  286.147717][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  286.147732][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  286.147751][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  286.147765][ T1137]  __fib6_clean_all+0x107/0x2d0
[  286.147782][ T1137]  rt6_disable_ip+0x2ec/0x990
[  286.147793][ T1137]  ? __mutex_trylock_common+0xe9/0x250
[  286.147805][ T1137]  ? __pfx___mutex_trylock_common+0x10/0x10
[  286.147817][ T1137]  ? __pfx_rt6_disable_ip+0x10/0x10
[  286.147829][ T1137]  ? rcu_is_watching+0x12/0xc0
[  286.147847][ T1137]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  286.147865][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  286.147880][ T1137]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  286.147902][ T1137]  addrconf_notify+0x220/0x19e0
[  286.147919][ T1137]  ? ip6mr_device_event+0x1bc/0x230
[  286.147932][ T1137]  notifier_call_chain+0xbc/0x410
[  286.147948][ T1137]  ? __pfx_addrconf_notify+0x10/0x10
[  286.147968][ T1137]  call_netdevice_notifiers_info+0xbe/0x140
[  286.147986][ T1137]  dev_close_many+0x319/0x630
[  286.148004][ T1137]  ? __pfx_dev_close_many+0x10/0x10
[  286.148025][ T1137]  unregister_netdevice_many_notify+0x578/0x26f0
[  286.148043][ T1137]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.148054][ T1137]  ? batadv_tt_local_event+0x455/0x7f0
[  286.148071][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  286.148088][ T1137]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  286.148108][ T1137]  ? unregister_netdevice_queue+0x22e/0x3f0
[  286.148123][ T1137]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  286.148155][ T1137]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  286.148173][ T1137]  default_device_exit_batch+0x853/0xaf0
[  286.148192][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  286.148208][ T1137]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  286.148226][ T1137]  ? __pfx___might_resched+0x10/0x10
[  286.148242][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  286.148258][ T1137]  ops_undo_list+0x360/0xab0
[  286.148275][ T1137]  ? __pfx_ops_undo_list+0x10/0x10
[  286.148291][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  286.148309][ T1137]  cleanup_net+0x408/0x890
[  286.148325][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  286.148341][ T1137]  ? rcu_is_watching+0x12/0xc0
[  286.148357][ T1137]  process_one_work+0x9cf/0x1b70
[  286.148375][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  286.148389][ T1137]  ? __pfx_process_one_work+0x10/0x10
[  286.148407][ T1137]  ? assign_work+0x1a0/0x250
[  286.148421][ T1137]  worker_thread+0x6c8/0xf10
[  286.148440][ T1137]  ? __pfx_worker_thread+0x10/0x10
[  286.148453][ T1137]  kthread+0x3c2/0x780
[  286.148465][ T1137]  ? __pfx_kthread+0x10/0x10
[  286.148478][ T1137]  ? rcu_is_watching+0x12/0xc0
[  286.148492][ T1137]  ? __pfx_kthread+0x10/0x10
[  286.148504][ T1137]  ret_from_fork+0x5d4/0x6f0
[  286.148515][ T1137]  ? __pfx_kthread+0x10/0x10
[  286.148527][ T1137]  ret_from_fork_asm+0x1a/0x30
[  286.148546][ T1137]  </TASK>
[  286.148551][ T1137] 
[  286.269540][ T1137] =============================
[  286.271067][ T1137] WARNING: suspicious RCU usage
[  286.272656][ T1137] 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 Not tainted
[  286.274770][ T1137] -----------------------------
[  286.276333][ T1137] net/ipv6/ip6_fib.c:2028 suspicious rcu_dereference_protected() usage!
[  286.278881][ T1137] 
[  286.278881][ T1137] other info that might help us debug this:
[  286.278881][ T1137] 
[  286.281994][ T1137] 
[  286.281994][ T1137] rcu_scheduler_active = 2, debug_locks = 1
[  286.284548][ T1137] 7 locks held by kworker/u32:7/1137:
[  286.286222][ T1137]  #0: ffff88801c68f948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  286.289402][ T1137]  #1: ffffc90006f2fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  286.292436][ T1137]  #2: ffffffff9012dc90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890
[  286.295363][ T1137]  #3: ffffffff90143ce8 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  286.298561][ T1137]  #4: ffffffff8e3c2600 (rcu_read_lock){....}-{1:3}, at: __fib6_clean_all+0x3a/0x2d0
[  286.301421][ T1137]  #5: ffff8880645e8830 (&tb->tb6_lock){+.-.}-{3:3}, at: __fib6_clean_all+0xeb/0x2d0
[  286.304447][ T1137]  #6: ffff88806d6c4eb8 (&net->ipv6.fib6_walker_lock){++..}-{3:3}, at: fib6_del+0x880/0x1770
[  286.307607][ T1137] 
[  286.307607][ T1137] stack backtrace:
[  286.309425][ T1137] CPU: 2 UID: 0 PID: 1137 Comm: kworker/u32:7 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  286.309441][ T1137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.309448][ T1137] Workqueue: netns cleanup_net
[  286.309465][ T1137] Call Trace:
[  286.309470][ T1137]  <TASK>
[  286.309475][ T1137]  dump_stack_lvl+0x16c/0x1f0
[  286.309490][ T1137]  lockdep_rcu_suspicious+0x166/0x260
[  286.309510][ T1137]  fib6_del+0x1281/0x1770
[  286.309530][ T1137]  ? __pfx_fib6_del+0x10/0x10
[  286.309544][ T1137]  ? finish_task_switch.isra.0+0x221/0xc10
[  286.309559][ T1137]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  286.309574][ T1137]  ? fib6_ifdown+0xcd/0x8f0
[  286.309593][ T1137]  fib6_clean_node+0x424/0x5b0
[  286.309609][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  286.309623][ T1137]  ? register_lock_class+0x41/0x4c0
[  286.309639][ T1137]  fib6_walk_continue+0x44f/0x8d0
[  286.309655][ T1137]  fib6_walk+0x182/0x370
[  286.309669][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  286.309682][ T1137]  fib6_clean_tree+0xd4/0x110
[  286.309695][ T1137]  ? __pfx_fib6_clean_tree+0x10/0x10
[  286.309707][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  286.309725][ T1137]  ? __pfx_fib6_clean_node+0x10/0x10
[  286.309739][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  286.309758][ T1137]  ? __pfx_fib6_ifdown+0x10/0x10
[  286.309772][ T1137]  __fib6_clean_all+0x107/0x2d0
[  286.309788][ T1137]  rt6_disable_ip+0x2ec/0x990
[  286.309800][ T1137]  ? __mutex_trylock_common+0xe9/0x250
[  286.309812][ T1137]  ? __pfx___mutex_trylock_common+0x10/0x10
[  286.309824][ T1137]  ? __pfx_rt6_disable_ip+0x10/0x10
[  286.309836][ T1137]  ? rcu_is_watching+0x12/0xc0
[  286.309854][ T1137]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  286.309871][ T1137]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  286.309887][ T1137]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  286.309908][ T1137]  addrconf_notify+0x220/0x19e0
[  286.309925][ T1137]  ? ip6mr_device_event+0x1bc/0x230
[  286.309938][ T1137]  notifier_call_chain+0xbc/0x410
[  286.309955][ T1137]  ? __pfx_addrconf_notify+0x10/0x10
[  286.309975][ T1137]  call_netdevice_notifiers_info+0xbe/0x140
[  286.309993][ T1137]  dev_close_many+0x319/0x630
[  286.310011][ T1137]  ? __pfx_dev_close_many+0x10/0x10
[  286.310032][ T1137]  unregister_netdevice_many_notify+0x578/0x26f0
[  286.310050][ T1137]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.310061][ T1137]  ? batadv_tt_local_event+0x455/0x7f0
[  286.310078][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  286.310094][ T1137]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  286.310115][ T1137]  ? unregister_netdevice_queue+0x22e/0x3f0
[  286.310130][ T1137]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  286.310146][ T1137]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[  286.310164][ T1137]  default_device_exit_batch+0x853/0xaf0
[  286.310183][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  286.310198][ T1137]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  286.310216][ T1137]  ? __pfx___might_resched+0x10/0x10
[  286.310233][ T1137]  ? __pfx_default_device_exit_batch+0x10/0x10
[  286.310249][ T1137]  ops_undo_list+0x360/0xab0
[  286.310266][ T1137]  ? __pfx_ops_undo_list+0x10/0x10
[  286.310282][ T1137]  ? __local_bh_enable_ip+0xa4/0x120
[  286.310300][ T1137]  cleanup_net+0x408/0x890
[  286.310319][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  286.310335][ T1137]  ? rcu_is_watching+0x12/0xc0
[  286.310352][ T1137]  process_one_work+0x9cf/0x1b70
[  286.310370][ T1137]  ? __pfx_cleanup_net+0x10/0x10
[  286.310385][ T1137]  ? __pfx_process_one_work+0x10/0x10
[  286.310402][ T1137]  ? assign_work+0x1a0/0x250
[  286.310416][ T1137]  worker_thread+0x6c8/0xf10
[  286.310436][ T1137]  ? __pfx_worker_thread+0x10/0x10
[  286.310449][ T1137]  kthread+0x3c2/0x780
[  286.310461][ T1137]  ? __pfx_kthread+0x10/0x10
[  286.310474][ T1137]  ? rcu_is_watching+0x12/0xc0
[  286.310488][ T1137]  ? __pfx_kthread+0x10/0x10
[  286.310500][ T1137]  ret_from_fork+0x5d4/0x6f0
[  286.310512][ T1137]  ? __pfx_kthread+0x10/0x10
[  286.310523][ T1137]  ret_from_fork_asm+0x1a/0x30
[  286.310542][ T1137]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  286.527328][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  286.530798][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  286.533698][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  286.545421][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  286.548099][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  286.599352][T12068] ==================================================================
[  286.601796][T12068] BUG: KASAN: slab-use-after-free in binderfs_evict_inode+0x335/0x340
[  286.604308][T12068] Write of size 8 at addr ffff88802411dc08 by task syz.6.1514/12068
[  286.606710][T12068] 
[  286.607457][T12068] CPU: 0 UID: 0 PID: 12068 Comm: syz.6.1514 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  286.607471][T12068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.607478][T12068] Call Trace:
[  286.607482][T12068]  <TASK>
[  286.607487][T12068]  dump_stack_lvl+0x116/0x1f0
[  286.607502][T12068]  print_report+0xcd/0x680
[  286.607516][T12068]  ? __virt_addr_valid+0x81/0x610
[  286.607531][T12068]  ? __phys_addr+0xe8/0x180
[  286.607546][T12068]  ? binderfs_evict_inode+0x335/0x340
[  286.607556][T12068]  kasan_report+0xe0/0x110
[  286.607570][T12068]  ? binderfs_evict_inode+0x335/0x340
[  286.607582][T12068]  ? __pfx_binderfs_evict_inode+0x10/0x10
[  286.607597][T12068]  binderfs_evict_inode+0x335/0x340
[  286.607608][T12068]  evict+0x3e6/0x920
[  286.607621][T12068]  ? __pfx_evict+0x10/0x10
[  286.607635][T12068]  ? iput+0x519/0x880
[  286.607649][T12068]  iput+0x521/0x880
[  286.607663][T12068]  dentry_unlink_inode+0x29c/0x480
[  286.607676][T12068]  __dentry_kill+0x1d0/0x600
[  286.607689][T12068]  ? shrink_dentry_list+0x11a/0x5d0
[  286.607704][T12068]  shrink_dentry_list+0x140/0x5d0
[  286.607730][T12068]  ? shrink_dcache_parent+0x22/0x530
[  286.607747][T12068]  shrink_dcache_parent+0xe1/0x530
[  286.607762][T12068]  ? __pfx_shrink_dcache_parent+0x10/0x10
[  286.607778][T12068]  ? d_walk+0x44c/0xa60
[  286.607793][T12068]  shrink_dcache_for_umount+0xa5/0x3e0
[  286.607810][T12068]  generic_shutdown_super+0x6c/0x390
[  286.607826][T12068]  kill_litter_super+0x70/0xa0
[  286.607842][T12068]  binderfs_kill_super+0x3b/0xa0
[  286.607852][T12068]  deactivate_locked_super+0xc1/0x1a0
[  286.607862][T12068]  deactivate_super+0xde/0x100
[  286.607872][T12068]  cleanup_mnt+0x225/0x450
[  286.607889][T12068]  task_work_run+0x150/0x240
[  286.607902][T12068]  ? __pfx_task_work_run+0x10/0x10
[  286.607914][T12068]  ? switch_task_namespaces+0xeb/0x100
[  286.607933][T12068]  do_exit+0xae2/0x2c70
[  286.607944][T12068]  ? __pfx___might_resched+0x10/0x10
[  286.607961][T12068]  ? __pfx_do_exit+0x10/0x10
[  286.607971][T12068]  ? do_raw_spin_lock+0x12c/0x2b0
[  286.607984][T12068]  ? find_held_lock+0x2b/0x80
[  286.607999][T12068]  do_group_exit+0xd3/0x2a0
[  286.608010][T12068]  get_signal+0x2673/0x26d0
[  286.608027][T12068]  ? rcu_is_watching+0x12/0xc0
[  286.608042][T12068]  ? __pfx_get_signal+0x10/0x10
[  286.608059][T12068]  arch_do_signal_or_restart+0x8f/0x790
[  286.608076][T12068]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  286.608094][T12068]  ? xfd_validate_state+0x61/0x180
[  286.608105][T12068]  ? __pfx___ia32_compat_sys_sched_setaffinity+0x10/0x10
[  286.608123][T12068]  exit_to_user_mode_loop+0x84/0x110
[  286.608153][T12068]  __do_fast_syscall_32+0x2ac/0x3a0
[  286.608167][T12068]  do_fast_syscall_32+0x32/0x80
[  286.608180][T12068]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.608194][T12068] RIP: 0023:0xf7f86579
[  286.608202][T12068] Code: Unable to access opcode bytes at 0xf7f8654f.
[  286.608207][T12068] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  286.608218][T12068] RAX: 0000000000010106 RBX: 0000000000000004 RCX: 00000000800000c0
[  286.608224][T12068] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  286.608231][T12068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  286.608237][T12068] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  286.608243][T12068] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  286.608253][T12068]  </TASK>
[  286.608257][T12068] 
[  286.716900][T12068] Allocated by task 1134:
[  286.718197][T12068]  kasan_save_stack+0x33/0x60
[  286.719609][T12068]  kasan_save_track+0x14/0x30
[  286.721051][T12068]  __kasan_kmalloc+0xaa/0xb0
[  286.722495][T12068]  __kmalloc_noprof+0x223/0x510
[  286.724019][T12068]  fib6_info_alloc+0x40/0x160
[  286.725503][T12068]  ip6_route_info_create+0x14c/0x870
[  286.727097][T12068]  ip6_route_add+0x26/0x1d0
[  286.728454][T12068]  addrconf_prefix_route+0x2fd/0x510
[  286.730041][T12068]  addrconf_add_linklocal+0x329/0x500
[  286.731688][T12068]  addrconf_addr_gen+0x36d/0x3c0
[  286.733219][T12068]  addrconf_init_auto_addrs+0x4b9/0x8f0
[  286.734872][T12068]  addrconf_notify+0x6e2/0x19e0
[  286.736338][T12068]  notifier_call_chain+0xbc/0x410
[  286.737820][T12068]  call_netdevice_notifiers_info+0xbe/0x140
[  286.739562][T12068]  netif_state_change+0x165/0x3b0
[  286.741079][T12068]  linkwatch_do_dev+0x12b/0x160
[  286.742554][T12068]  __linkwatch_run_queue+0x2aa/0x8a0
[  286.744154][T12068]  linkwatch_event+0x8f/0xc0
[  286.745546][T12068]  process_one_work+0x9cf/0x1b70
[  286.747052][T12068]  worker_thread+0x6c8/0xf10
[  286.748438][T12068]  kthread+0x3c2/0x780
[  286.749668][T12068]  ret_from_fork+0x5d4/0x6f0
[  286.751116][T12068]  ret_from_fork_asm+0x1a/0x30
[  286.752565][T12068] 
[  286.753332][T12068] Freed by task 11969:
[  286.754541][T12068]  kasan_save_stack+0x33/0x60
[  286.756023][T12068]  kasan_save_track+0x14/0x30
[  286.757498][T12068]  kasan_save_free_info+0x3b/0x60
[  286.759029][T12068]  __kasan_slab_free+0x51/0x70
[  286.760524][T12068]  kfree+0x2b4/0x4d0
[  286.761738][T12068]  rcu_core+0x799/0x14e0
[  286.763050][T12068]  handle_softirqs+0x216/0x8e0
[  286.764535][T12068]  __irq_exit_rcu+0x109/0x170
[  286.765962][T12068]  irq_exit_rcu+0x9/0x30
[  286.767262][T12068]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  286.768945][T12068]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  286.770745][T12068] 
[  286.771486][T12068] Last potentially related work creation:
[  286.773263][T12068]  kasan_save_stack+0x33/0x60
[  286.774719][T12068]  kasan_record_aux_stack+0xa7/0xc0
[  286.776383][T12068]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  286.778206][T12068]  fib6_del+0xf3c/0x1770
[  286.779532][T12068]  fib6_clean_node+0x424/0x5b0
[  286.781047][T12068]  fib6_walk_continue+0x44f/0x8d0
[  286.782656][T12068]  fib6_walk+0x182/0x370
[  286.783993][T12068]  fib6_clean_tree+0xd4/0x110
[  286.785476][T12068]  __fib6_clean_all+0x107/0x2d0
[  286.787007][T12068]  rt6_disable_ip+0x2ec/0x990
[  286.788518][T12068]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  286.790239][T12068]  addrconf_notify+0x220/0x19e0
[  286.791779][T12068]  notifier_call_chain+0xbc/0x410
[  286.793390][T12068]  call_netdevice_notifiers_info+0xbe/0x140
[  286.795219][T12068]  dev_close_many+0x319/0x630
[  286.796717][T12068]  unregister_netdevice_many_notify+0x578/0x26f0
[  286.798682][T12068]  default_device_exit_batch+0x853/0xaf0
[  286.800434][T12068]  ops_undo_list+0x360/0xab0
[  286.801866][T12068]  cleanup_net+0x408/0x890
[  286.803281][T12068]  process_one_work+0x9cf/0x1b70
[  286.804835][T12068]  worker_thread+0x6c8/0xf10
[  286.806290][T12068]  kthread+0x3c2/0x780
[  286.807581][T12068]  ret_from_fork+0x5d4/0x6f0
[  286.809084][T12068]  ret_from_fork_asm+0x1a/0x30
[  286.810594][T12068] 
[  286.811361][T12068] The buggy address belongs to the object at ffff88802411dc00
[  286.811361][T12068]  which belongs to the cache kmalloc-512 of size 512
[  286.815656][T12068] The buggy address is located 8 bytes inside of
[  286.815656][T12068]  freed 512-byte region [ffff88802411dc00, ffff88802411de00)
[  286.819761][T12068] 
[  286.820519][T12068] The buggy address belongs to the physical page:
[  286.822491][T12068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802411e000 pfn:0x2411c
[  286.825601][T12068] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  286.828231][T12068] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  286.830648][T12068] page_type: f5(slab)
[  286.831895][T12068] raw: 00fff00000000040 ffff88801b442c80 0000000000000000 dead000000000001
[  286.834560][T12068] raw: ffff88802411e000 000000000010000d 00000000f5000000 0000000000000000
[  286.837147][T12068] head: 00fff00000000040 ffff88801b442c80 0000000000000000 dead000000000001
[  286.839776][T12068] head: ffff88802411e000 000000000010000d 00000000f5000000 0000000000000000
[  286.842448][T12068] head: 00fff00000000002 ffffea0000904701 00000000ffffffff 00000000ffffffff
[  286.845121][T12068] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  286.847597][T12068] page dumped because: kasan: bad access detected
[  286.849566][T12068] page_owner tracks the page as allocated
[  286.851298][T12068] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 6056, tgid 6056 (syz.3.14), ts 51577886926, free_ts 50222988694
[  286.857122][T12068]  post_alloc_hook+0x1c0/0x230
[  286.858616][T12068]  get_page_from_freelist+0x135c/0x3950
[  286.860318][T12068]  __alloc_frozen_pages_noprof+0x58b/0x23f0
[  286.862161][T12068]  new_slab+0x94/0x330
[  286.863469][T12068]  ___slab_alloc+0xd9c/0x1940
[  286.864962][T12068]  __slab_alloc.constprop.0+0x56/0xb0
[  286.866647][T12068]  __kmalloc_node_noprof+0x2ed/0x500
[  286.868315][T12068]  alloc_slab_obj_exts+0x41/0xa0
[  286.869877][T12068]  __memcg_slab_post_alloc_hook+0x297/0x9c0
[  286.871733][T12068]  kmem_cache_alloc_noprof+0x307/0x3b0
[  286.873477][T12068]  __anon_vma_prepare+0xae/0x5e0
[  286.875038][T12068]  __vmf_anon_prepare+0x11c/0x240
[  286.876638][T12068]  __handle_mm_fault+0x2881/0x5450
[  286.878248][T12068]  handle_mm_fault+0x3fe/0xad0
[  286.879758][T12068]  do_user_addr_fault+0x60c/0x1370
[  286.881371][T12068]  exc_page_fault+0x5c/0xb0
[  286.882809][T12068] page last free pid 12 tgid 12 stack trace:
[  286.884697][T12068]  __free_frozen_pages+0x7fe/0x1180
[  286.886330][T12068]  qlist_free_all+0x4d/0x120
[  286.887882][T12068]  kasan_quarantine_reduce+0x195/0x1e0
[  286.890051][T12068]  __kasan_slab_alloc+0x69/0x90
[  286.891962][T12068]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  286.894392][T12068]  __alloc_skb+0x2b2/0x380
[  286.896250][T12068]  mld_newpack.isra.0+0x18e/0xa20
[  286.898256][T12068]  add_grhead+0x299/0x340
[  286.899924][T12068]  add_grec+0x112a/0x1680
[  286.901596][T12068]  mld_send_initial_cr.part.0+0xe2/0x260
[  286.903860][T12068]  ipv6_mc_dad_complete+0x22c/0x2b0
[  286.905985][T12068]  addrconf_dad_completed+0xd8a/0x10d0
[  286.908223][T12068]  addrconf_dad_work+0x84d/0x14e0
[  286.910287][T12068]  process_one_work+0x9cf/0x1b70
[  286.912317][T12068]  worker_thread+0x6c8/0xf10
[  286.914236][T12068]  kthread+0x3c2/0x780
[  286.915913][T12068] 
[  286.916919][T12068] Memory state around the buggy address:
[  286.919163][T12068]  ffff88802411db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  286.922397][T12068]  ffff88802411db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  286.925851][T12068] >ffff88802411dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.929446][T12068]                       ^
[  286.931221][T12068]  ffff88802411dc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.934410][T12068]  ffff88802411dd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.937506][T12068] ==================================================================
[  286.940920][T12068] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  286.943735][T12068] CPU: 0 UID: 0 PID: 12068 Comm: syz.6.1514 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  286.948256][T12068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.952507][T12068] Call Trace:
[  286.953865][T12068]  <TASK>
[  286.955027][T12068]  dump_stack_lvl+0x3d/0x1f0
[  286.956856][T12068]  panic+0x71c/0x800
[  286.958394][T12068]  ? __pfx_panic+0x10/0x10
[  286.959753][T12068]  ? mark_held_locks+0x49/0x80
[  286.961217][T12068]  ? preempt_schedule_thunk+0x16/0x30
[  286.962875][T12068]  ? binderfs_evict_inode+0x335/0x340
[  286.964505][T12068]  ? preempt_schedule_common+0x44/0xc0
[  286.966134][T12068]  ? check_panic_on_warn+0x1f/0xb0
[  286.967679][T12068]  ? binderfs_evict_inode+0x335/0x340
[  286.969301][T12068]  check_panic_on_warn+0xab/0xb0
[  286.970875][T12068]  end_report+0x107/0x170
[  286.972188][T12068]  kasan_report+0xee/0x110
[  286.973575][T12068]  ? binderfs_evict_inode+0x335/0x340
[  286.975211][T12068]  ? __pfx_binderfs_evict_inode+0x10/0x10
[  286.977003][T12068]  binderfs_evict_inode+0x335/0x340
[  286.978548][T12068]  evict+0x3e6/0x920
[  286.979775][T12068]  ? __pfx_evict+0x10/0x10
[  286.981117][T12068]  ? iput+0x519/0x880
[  286.982351][T12068]  iput+0x521/0x880
[  286.983537][T12068]  dentry_unlink_inode+0x29c/0x480
[  286.985110][T12068]  __dentry_kill+0x1d0/0x600
[  286.986514][T12068]  ? shrink_dentry_list+0x11a/0x5d0
[  286.988107][T12068]  shrink_dentry_list+0x140/0x5d0
[  286.989673][T12068]  ? shrink_dcache_parent+0x22/0x530
[  286.991262][T12068]  shrink_dcache_parent+0xe1/0x530
[  286.992886][T12068]  ? __pfx_shrink_dcache_parent+0x10/0x10
[  286.994685][T12068]  ? d_walk+0x44c/0xa60
[  286.996037][T12068]  shrink_dcache_for_umount+0xa5/0x3e0
[  286.997755][T12068]  generic_shutdown_super+0x6c/0x390
[  286.999414][T12068]  kill_litter_super+0x70/0xa0
[  287.000943][T12068]  binderfs_kill_super+0x3b/0xa0
[  287.002513][T12068]  deactivate_locked_super+0xc1/0x1a0
[  287.004220][T12068]  deactivate_super+0xde/0x100
[  287.005729][T12068]  cleanup_mnt+0x225/0x450
[  287.007152][T12068]  task_work_run+0x150/0x240
[  287.008623][T12068]  ? __pfx_task_work_run+0x10/0x10
[  287.010165][T12068]  ? switch_task_namespaces+0xeb/0x100
[  287.011825][T12068]  do_exit+0xae2/0x2c70
[  287.013143][T12068]  ? __pfx___might_resched+0x10/0x10
[  287.014756][T12068]  ? __pfx_do_exit+0x10/0x10
[  287.016190][T12068]  ? do_raw_spin_lock+0x12c/0x2b0
[  287.017745][T12068]  ? find_held_lock+0x2b/0x80
[  287.019206][T12068]  do_group_exit+0xd3/0x2a0
[  287.020639][T12068]  get_signal+0x2673/0x26d0
[  287.022052][T12068]  ? rcu_is_watching+0x12/0xc0
[  287.023527][T12068]  ? __pfx_get_signal+0x10/0x10
[  287.025043][T12068]  arch_do_signal_or_restart+0x8f/0x790
[  287.026739][T12068]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  287.028617][T12068]  ? xfd_validate_state+0x61/0x180
[  287.030155][T12068]  ? __pfx___ia32_compat_sys_sched_setaffinity+0x10/0x10
[  287.032290][T12068]  exit_to_user_mode_loop+0x84/0x110
[  287.033902][T12068]  __do_fast_syscall_32+0x2ac/0x3a0
[  287.035511][T12068]  do_fast_syscall_32+0x32/0x80
[  287.037064][T12068]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  287.038976][T12068] RIP: 0023:0xf7f86579
[  287.040242][T12068] Code: Unable to access opcode bytes at 0xf7f8654f.
[  287.042236][T12068] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  287.044888][T12068] RAX: 0000000000010106 RBX: 0000000000000004 RCX: 00000000800000c0
[  287.047313][T12068] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  287.050032][T12068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  287.052367][T12068] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  287.054779][T12068] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  287.057115][T12068]  </TASK>
[  287.058661][T12068] Kernel Offset: disabled
[  287.059961][T12068] Rebooting in 86400 seconds..

VM DIAGNOSIS:
21:17:02  Registers:
info registers vcpu 0

CPU#0
RAX=00000000004d437b RBX=0000000000000000 RCX=ffffffff8b789419 RDX=0000000000000000
RSI=ffffffff8dc007ba RDI=ffffffff8bf51c00 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e08
R8 =0000000000000001 R9 =ffffed100564663d R10=ffff88802b2331eb R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90878250 R15=0000000000000000
RIP=ffffffff8b787f7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809777b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f89858ddff8 CR3=00000000296df000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000562174db6c50 0000562174db6c50
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffec5473b80 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 39302d72656c6c61 6b7a79732d302e35 312e36205d373331 3154205b5d333239
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 746361706d692064 6c756f6320686369 6877203272657961 6c206e6f20646574
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e656d6761726620 6562206c6c697720 656361667265746e 6920736968742072
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65766f20676e696f 67207374656b6361 50202e7374656b63 6170207664612d6e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 616d74616220666f 2074726f70736e61 7274206568742065 6c646e6168206f74
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000096ff55 RBX=0000000000000001 RCX=ffffffff8b789419 RDX=0000000000000000
RSI=ffffffff8dc007ba RDI=ffffffff8bf51c00 RBP=ffffed1003b5d488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed100566663d R10=ffff88802b3331eb R11=0000000000000001
R12=0000000000000001 R13=ffff88801daea440 R14=ffffffff90878250 R15=0000000000000000
RIP=ffffffff8b787f7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809787b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005593585dd078 CR3=00000000296df000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000562174db6c50 0000562174db6c50
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffec5473b80 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 68746576205d3733 313154205b5d3730 333138342e353832 20205b203a6c656e
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 746361706d692064 6c756f6320686369 6877203272657961 6c206e6f20646574
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e656d6761726620 6562206c6c697720 656361667265746e 6920736968742072
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65766f20676e696f 67207374656b6361 50202e7374656b63 6170207664612d6e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 616d74616220666f 2074726f70736e61 7274206568742065 6c646e6168206f74
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffffffffffdfc000 RBX=0000000000000000 RCX=0000000000000016 RDX=0000000000000000
RSI=0000000000000004 RDI=ffffffff93b017f4 RBP=ffff88802287bec0 RSP=ffffc90000538f38
R8 =0000000000000001 R9 =fffff520000a71d5 R10=0000000000000003 R11=0000000000000001
R12=0000000000204000 R13=0000000000000016 R14=ffff88802287bf00 R15=dffffc0000000000
RIP=ffffffff8168966e RFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809797b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f3410113000 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 0000ff0000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100000000 000000ffffffffff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e322e325f434249 4c4700352e322e32
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000002e322e32
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c4700362e322e32 5f4342494c470035
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000018
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3410116b20 00007f3410117050
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000336cd7 RBX=0000000000000003 RCX=ffffffff8b789419 RDX=0000000000000000
RSI=ffffffff8dc007ba RDI=ffffffff8bf51c00 RBP=ffffed10037e5000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a663d R10=ffff88802b5331eb R11=0000000000000001
R12=0000000000000003 R13=ffff88801bf28000 R14=ffffffff90878250 R15=0000000000000000
RIP=ffffffff8b787f7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097a7b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000056348e45c950 CR3=000000005fc6e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c4c0c004 Opmask01=0000000000000001 Opmask02=000000003b3f3ffb Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00752f3a6e69622f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000002a2e 2573257325003a25
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ff0f0e0d0c0b0a09
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 752f3a6e69622f3a 6e6962732f727375
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff00ff ffff000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000ff0000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056348e00662d 000056348e46d048 000056348e46d068 6c69665f70006d72
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056348e00662d 000056348e46d048 000056348e46d068 6c69665f70006d72
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000561b8e004902 0000561b8e46d048 0000561b8e46d047 4346495f5f00425d
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056348e4692f8 0000000000000000 000000000000000f 000056348e00873d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056348e463b58 0000000000000000 000000000000000f 0000000000875d81
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000