last executing test programs:

6m13.976466634s ago: executing program 1 (id=1750):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000001c00010002803f428b73e291792413eb00cc31b46b19d4941b54d7eb000000400007000000", @ANYRES32=r2, @ANYBLOB="0300e60b0a000200aaaaaaaaaa1b0000"], 0x28}, 0x1, 0x0, 0x0, 0x26044094}, 0x2000c0c4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000006, 0x20010, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0414"], 0x9)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
io_submit(0x0, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x1008, r3, &(0x7f0000000000)="98", 0x3e8000072a, 0x7000000, 0x0, 0x10}])
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r6 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r6, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
setsockopt$MRT6_FLUSH(r6, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x238, 0x0, &(0x7f0000000180)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_setup(0x49f, &(0x7f0000000400)={0x0, 0xe7a8, 0x400, 0x8000, 0x40024e}, &(0x7f0000000340)=<r11=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r11, 0x4, 0x0, 0x0, 0x4)
dup(0xffffffffffffffff)
ioctl$TUNSETCARRIER(r8, 0x400454e2, &(0x7f0000000200))
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x8, 0x2004, @fd_index=0x1, 0xe, 0x0, 0x0, 0x2})
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
time(&(0x7f0000000080))

6m13.324113216s ago: executing program 1 (id=1752):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x0, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r3, &(0x7f0000000040)={0x18, 0x2, {0xfffc, @initdev={0xac, 0x1e, 0x5, 0x0}}}, 0x1e)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.kill\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7000001, 0x12, r5, 0x0)
r6 = userfaultfd(0x1)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
write$UHID_CREATE2(r5, &(0x7f0000000340)={0xb, {'syz1\x00', 'syz0\x00', 'syz1\x00', 0x0, 0x4, 0x10, 0x5, 0x10, 0x100}}, 0x118)
ioctl$UFFDIO_ZEROPAGE(r6, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socket$inet6(0xa, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xc03, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20503, 0x12004}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x80}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

6m11.963925262s ago: executing program 1 (id=1761):
socket$nl_route(0x10, 0x3, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
preadv(r0, 0x0, 0x0, 0x20, 0x0)

6m11.963660735s ago: executing program 1 (id=1762):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b5012, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020)

6m11.903197775s ago: executing program 1 (id=1763):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f00000002c0)={<r1=>0xffffffffffffffff}, 0x0)
splice(r1, 0x0, r0, &(0x7f00000001c0), 0x4, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, &(0x7f0000000080)={0x10, 0x0, 0xffffffff, 0x1}, 0xc)
r6 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0)

6m11.784214625s ago: executing program 1 (id=1766):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r1, 0x3304)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x11)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = epoll_create1(0x0)
r4 = fcntl$dupfd(r3, 0x2, 0xffffffffffffffff)
fanotify_mark(0xffffffffffffffff, 0x2, 0x8000020, r4, 0x0)
connect$phonet_pipe(r4, 0x0, 0x0)
r5 = openat$sndseq(0xffffff9c, &(0x7f0000000000), 0x101202)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r5, 0xc058534f, &(0x7f0000000040)={{0xc, 0x5}, 0x0, 0xffffffff, 0x1, {0x6a, 0x8}, 0x3, 0x8000})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r6, r7, 0x6, 0x0, @val=@iter={0x0}}, 0x20)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r6, r7, 0x6, 0x0, @val=@tracing}, 0x40)
openat$zero(0xffffffffffffff9c, &(0x7f0000000300), 0x100, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r9 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
write$apparmor_exec(r9, &(0x7f0000000600)={'stack ', '#(%#{//(@\\)//&@},[\'%%&\\#*\x00'}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

6m11.73846639s ago: executing program 32 (id=1766):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r1, 0x3304)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x11)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = epoll_create1(0x0)
r4 = fcntl$dupfd(r3, 0x2, 0xffffffffffffffff)
fanotify_mark(0xffffffffffffffff, 0x2, 0x8000020, r4, 0x0)
connect$phonet_pipe(r4, 0x0, 0x0)
r5 = openat$sndseq(0xffffff9c, &(0x7f0000000000), 0x101202)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r5, 0xc058534f, &(0x7f0000000040)={{0xc, 0x5}, 0x0, 0xffffffff, 0x1, {0x6a, 0x8}, 0x3, 0x8000})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r6, r7, 0x6, 0x0, @val=@iter={0x0}}, 0x20)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r6, r7, 0x6, 0x0, @val=@tracing}, 0x40)
openat$zero(0xffffffffffffff9c, &(0x7f0000000300), 0x100, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r9 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
write$apparmor_exec(r9, &(0x7f0000000600)={'stack ', '#(%#{//(@\\)//&@},[\'%%&\\#*\x00'}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

3m37.122578261s ago: executing program 2 (id=2793):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f00000000c0)="91685102d300000013000010888e", 0xe, 0x0, &(0x7f0000000080)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) (fail_nth: 2)

3m37.122227278s ago: executing program 2 (id=2794):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x29, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632177fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x10a, 0x0, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9"}, 0x4c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x14, 0x2, 0x1, 0x101, 0x0, 0x0, {0x3}}, 0x14}}, 0x0)

3m37.106872277s ago: executing program 2 (id=2795):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NG_DREG={0x8}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x81}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x4040)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x4, @random="bb7fb37b9489", 'bond0\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000002340)=[{{0x0, 0x5ea, 0x0}}], 0x3e8, 0x0)

3m37.037241158s ago: executing program 2 (id=2796):
r0 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = fsmount(r0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
unshare(0x30000)
setsockopt$inet_int(r4, 0x0, 0x1, &(0x7f0000000040)=0xb, 0x4)
setsockopt$inet_int(r4, 0x0, 0x18, 0x0, 0x0)
setresuid(0x0, r3, 0x0)
r5 = openat$cgroup(r1, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000000000)={0x200000000, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)

3m36.962355289s ago: executing program 2 (id=2798):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x4, 0x400000)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0)
sendfile(r2, r2, 0x0, 0x4800000009)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, <r5=>r4}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x73dc}}, './file1\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f00000007c0)={0x9c, r7, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7, 0x51}}}}, [@NL80211_ATTR_HIDDEN_SSID={0xa, 0x7e, @default_ap_ssid}, @NL80211_ATTR_CONTROL_PORT, @NL80211_ATTR_HANDLE_DFS, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0xc, 0x2, 0x5, 0x0, {0xf0, 0x8, 0x0, 0x5, 0x0, 0x1, 0x1, 0x3}, 0x6, 0xa, 0x25}}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xc252}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x22}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x15c}, @NL80211_ATTR_CHANNEL_WIDTH={0x41, 0x9f, 0x4}]]}, 0x9c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10000)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000001c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRESOCT=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r8, @ANYRES8=r1, @ANYRES16=0x0], 0x40}}, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r9 = open(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
open_by_handle_at(r9, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000200010004"], 0x51b402)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000780), 0xffffffffffffffff)
r10 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r11=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r11, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', r11, 0xffffffffffffffff, 0x4, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

3m36.962194735s ago: executing program 2 (id=2799):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x30, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000280)=ANY=[@ANYBLOB="50000000080211000001ffffffffffff0802110000000000000000000000000064000100000602020202020201010b"], 0x48)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f00000021c0)=ANY=[@ANYBLOB="b00000000802110000010802110000000802110000001000000002"], 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000440)=ANY=[@ANYBLOB="10000000080211000001080211000000080211000000200004a000000c0001"], 0x3c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000980)={0xa4, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TDLS_ACTION={0x5}, @NL80211_ATTR_IE={0x62, 0x2a, [@fast_bss_trans={0x37, 0x52, {0x0, 0x0, "62ecb7730deefe2fc8353f157e039fb4", "12740b5db13d0d698b68e55e578af549952f0a2531d2dda999169c51611ebb52", "f80c2f2f66049bd069ed4da13a2edbae15c15541a3bc8dd32e9216bd6568ffdb"}}, @peer_mgmt={0x75, 0x8, {0x0, 0xfffa, @val=0xb07, @val=0x2b, @void}}]}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000000}, 0x8010)

3m21.606076629s ago: executing program 33 (id=2799):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x30, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000280)=ANY=[@ANYBLOB="50000000080211000001ffffffffffff0802110000000000000000000000000064000100000602020202020201010b"], 0x48)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f00000021c0)=ANY=[@ANYBLOB="b00000000802110000010802110000000802110000001000000002"], 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000440)=ANY=[@ANYBLOB="10000000080211000001080211000000080211000000200004a000000c0001"], 0x3c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000980)={0xa4, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TDLS_ACTION={0x5}, @NL80211_ATTR_IE={0x62, 0x2a, [@fast_bss_trans={0x37, 0x52, {0x0, 0x0, "62ecb7730deefe2fc8353f157e039fb4", "12740b5db13d0d698b68e55e578af549952f0a2531d2dda999169c51611ebb52", "f80c2f2f66049bd069ed4da13a2edbae15c15541a3bc8dd32e9216bd6568ffdb"}}, @peer_mgmt={0x75, 0x8, {0x0, 0xfffa, @val=0xb07, @val=0x2b, @void}}]}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000000}, 0x8010)

5.084982143s ago: executing program 0 (id=4082):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r0)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1a00fe00000000bda100000000000007010000f8ffffffb702000008000000b70300000000000085000000760000009500000000000000d36b59ac17a572d7444fe29366d8bcacdf913a8e7588905bf6cca226529c4362b31459e7b4279afff4c2694ae6af0673360f5f96ef5a1ac0e05bc659ad42bbdb9ecb3c42ce5d05a416ac7e0ad3d191a0ccfc5c1cdea3b39fff977ac70ddc8bc224914807ac6f395547937f1fd63808af7b878a45cc9f3f2ea2b4bd64c17cb7076455af28b648efe74fae79b4394cdf4768329b12814da8aa9f56b174939daf3acad3c84504be68ce1c75805911cb0e7f9ceb7780c1ca316381ccd0"], &(0x7f0000000180)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x5d4, 0x0, 0xec, 0x0, 0x3fc, 0x1c4, 0x50c, 0x50c, 0x50c, 0x50c, 0x50c, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xc8, 0xec, 0x0, {0x7a00000000000000}, [@inet=@rpfilter={{0x24}}]}, @HL={0x24}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'syzkaller0\x00', 'team_slave_1\x00'}, 0x0, 0xa4, 0xd8}, @common=@inet=@SET3={0x34, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}, {}, 0xf3dd}}}, {{@ipv6={@mcast1, @remote, [], [], '\x00', 'dummy0\x00'}, 0x0, 0x130, 0x154, 0x0, {}, [@common=@srh1={{0x8c}, {0x8, 0x0, 0x0, 0x0, 0x0, @dev, @local, @empty}}]}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0xa4, 0xe4}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x0, 0x0, 0x0, 0x0, 0x9]}}}, {{@uncond, 0x0, 0xec, 0x110, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@eui64={{0x24}}]}, @unspec=@CHECKSUM={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x630)
openat$cdrom(0xffffff9c, &(0x7f00000012c0), 0x42880, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d4400fffff00000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_usbip_server_init(0x3)
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580)='X', 0x1, 0xfffffffffffffffe)
lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500))
add_key$user(0x0, &(0x7f00000005c0), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)

3.180866041s ago: executing program 0 (id=4095):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r3, &(0x7f00000001c0)="a6e2976b", 0x4, 0x840, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x604ab000)
sendmmsg$inet6(r3, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)="2ec15575afe867fdba546430ca1a47eb15c41b179f8897fc1fbbfc164b92054405964c6c9d2f2ca1430c84c3ceb4810d0311a5c28fa9c1eb7511923f6ae5d4c7cdf4890a373d318f0a00"/91, 0x5b}, {&(0x7f0000000380)="63ce2e88626ff019a592a1faaa30606614baeaef770465257840ae8f02ce892875a9f6e5f40cd87b765acf2da11a69bb49199b4edf44d31a3c9d73f67dc2d7c7453d1dc43b8b74d96e30f7b67032c3611f017ebd3962c42f64174f91f244d50f57873444282103a1ee59b8fb29c92b148600ea95964445f7a6180d38e7834d0732189b9263648675d4332c8253af6aaef3fe5d2dacfef7e832f5efc1b7a32b6332ae5ddc7c943cef2f1c9d9187347f285bfe5577b8caa751a2fc09349166bc23453dbfacd515ac06ddfbc2118d3b887ef740f6ea6a1e81d4642d3f", 0xdb}, {&(0x7f0000005000)="53b8c2d5be56e67c56bc6ba517142e0e5c88bf78f2600f83c387b644cd011bb6e24103b176b650f48db465e8f6c57218cdfbf6c24726f66067ba83eb416ad27b43c53c80c2b4b46cda1fcdeac25bff93d7fa3184315899dab8b948a087c6ebb34abbaa0d735a3737baed4da46e5825509654dd04db80199e4b0a56c8d60f8da1ffb8d955d495fc9f5351cb92d4e25fd2f0bde65a6f896b4fff8beb0e66dc321f74efce9eeaee0930f2b65876e34ab7c1a636fbc68253a4e2209d2278faaacef19373a5bcab59dd685cc05025777b7342585d80458b6c8578ee39a1b4d5d7b87e2b0ba1e200afadcfa6e35072609ac4f3b77cc276a8fcab4d7b7acdbdd8b7ef5fd193caf3587e858f70d206e028ae625ef3df2b2e7456a3c37c433001d9371598fef30c19a7b3b68532abefb3fe22664b81fd89eec63b45e9d66f0fb3030e65fbb0c91bb1be5d728866abbf1938ad0702a7e4084805858269eee823de8f85eaa855c270421771c37e64029f01ce1b9c52bdbe407bafa17f2242f22b7f3378eb5e2cf9220b8d3df009b7f09cf8c38040ed081472c4454c9962c5cb917a22d6b1e8fa6567dd40649643ca75e6ba3c08f79bdabe0969ecca33dc4b2e54cb6d600c8e89eb74188abdde19bc8ece1a2e6bdd9152b275237ae5bba198c0d7a0b669bf4851b0e4b58ab38e8819dd9259affea0e493b20b8b7796f4f3c64cfc5eaa481d12fae9955e090b6031c250adfa3f2b675a0ec4922720047c7c77a3c7f5a1e0518ec2258d880af1ebe0b2ab60cd93606c95c059f262915f7d5dd6d5a8f9e89088226fc63a499a9c51f2efb36ad2c4914aee7aa70a129c297bf45ccad9ff662de25aba6ab9c79eeb02d8255a8d3af2be934731143b63a326f486061a466d02e9d27f94c06fb73100960dd7a7da2144a691b85a22bb6a32839e58c33adcdd6395fb83b244953478f9b9748192b554d6216a88e32cea9836da3e4ffc12166e8028bc425785cb7cc32402eeca98d3c22393b1a2e366f05099a35c29231357a429bb0cdd492c084ab976850ff26353ac83153cb006380a543ef6038d1404ecf935e21d14d46150f57a80c6e6aa1ec3dfa86209c349f5b017b1adee80cfe4c8a7a40d1dfaceb3803d80fd6dd83dc8c83e711522aaeb426b18f58f69d919535f35a54cde98a0613cf2123f2f244127470893ac84409f323de24545e9cc6cbd70438ab4f11b81449a639021b8ecc663aa02adc98cd639e6982e1d42ae7e1b565b66720857913a3d2ee21659ab2732f5ce458f6935537c1dae36f377e96c7de75ade2faaa2418275d479c7a40b04038354148b6a97a368bb8d9abafa62a75ca47145d9c0cac04b536e0109f958a2519c13e48a1d7a790098007b1e434644e0f517063b0ff1de9c06727d8e8aad141ac00c1a2569a914f1bbf14d9753d94adb84de758234fd37166d154bb8d539cd03fbbf28012d7df8d3ddca3dbfad5d1215feea3140b5f193afbd0e3ad590c7ab0f9dfff612829e6fad44d7fa233c9f059915687ea8305e745ad0f7f6cb831883b7abad0f334630724aabedb3890632f6713d85f250b1bf7e2a349046eea677ac1c19b7b06ef10effdf146cba680c9e2f8f8d594ce2ff574efcc66ea21f0922612a7b24eec6df9e17eb2ca0c04294b781fcdaefb7d5178ca41ab66649d24469d920e8ba1e6f79981de88d8871a3439868cedd82bb426dc5520d22832b86bcd38801e9df64046c07fbd587b61128fd805fbd980916cd5c9d0f3a7050327bb5501eebba175cadccc74c015770a4002ce2714ff79d6fb020ed5c5986f06a4750c75add91d8b497edbde06301064b25f72436e019694050be6fd57d9e5a8d61c19b27aae8c10ec4f257d4f99f0ea8de31baeabe664228b21f60e89cb58e9071a84c9269ecc1ec93e5e164ac652536eccf112c88a3a4e3f2515a05d39aa1673350eddd14351d2e545a750874da4b41f4dd274690e5c15cbd8bebdcb35f51edb8d5e5dbf858ccca6105aa439167df643289e23cb589b1c93aa5773e79271fb2ff72b9f8a843e3826459572bd65799ac8ebc10d696902b44d260951a6282f118925b305fcb79df2f84ce43ff38a550a06d343beede5c50526d5bfe4239036acd6bd324b3558cdd988002b0192ce9a643a96521ce05459846064f0d4ac1d6d138490b30e5f4a30b29da47c45517e621ab65a9f824ff4ed7b17561ad0834d1030f457e9a76d2f4fdf45dcb376f6d7d1a79d1a8067b1cc1effd1db6d0f3da6b1c9c328b46d4aacb8167925b3451a38e0326e40b269c142747cca6106f492ee29ed86115906202dbff665de345ed24c6831420d1bc8836e48fdcd3de5cfb98208a5a752a58db7ef060d675fbbf790414885eabe74a0c99e76399e50f6a17c1ea67daa8b832682a362e35343323d8815f669e885205682def4d409a35e160742ece3d5925318bc0ed24c5c12fdc1c3fc6a74870a99096656a024b16310b73e96fd9c3ac622254218d4443b2af0ca7cad093327987133e41b7bf6408c09e6df6d84a47747be273ffc2765e4d979f99d1779a12a7683832f90edeb3db1e7d5d828febe32b0dc6dd580edb0bcb50fbdb71e0bdaf962e22c6f136331d9cc9e502d14b4b101cc914fc95cb483a31887fb78dd894f84a76aba5d0b9eefcf931dd717ff8d80dd6d5305c7c2e91871d648045c7cc3d2c3a23b0b80ceb9d0d2a503b1ae6c3d42bf2528ba6479d26b88ef23e44984eaf1bcc1d76ea456bb14c695bdc24256a39bf4a7af977943d8c468b366a6feb5c8cce0ef8a60f7d60535d8a8ea92b4c5caaa89365794cf913b1a9fe2621be13d480bbf62f0a0c8318baee27c7d91fada7a50b7af98ccc4cef1bcb85bca849ed108f8cc31f1c1bfd6471c7a70c07387e22693fc03598e9d5d2e304376955b8cf79c962d9d0ab413f78a2a6e31bda9fd177c83b80dca32710565e3020371cc09786f9b84ffe327932e4ec738bce0114075a860059fb50f0cc37ce7a24ecd72fc4a71d835a28f9faf139d77115794dd5cf74fa405df46ed0a41e90a0715bdfe5a651fbe8535570a72e712c85e5e99cf0b245e6b6fde2292cd5ceda9a2be1202ff552df715d7e986050121e8e4aea2690e82651d6ff16109e018dcdf56dfa77d4f6e71c17cb70160d9fdb093357fb8098528a35eee39f5ba9eb7cc6b140d07bcdf1d070cb7a4feeb03089ef84885a21badf9e2ef5e64e0a89fde4ee2fe9e640de34360550f3c40526b4af8800dbf0d36a3454eb3844f58747512c9aa5fbcae48997e4c1f292c69ec5d922137d3918c9cae69db722880a5c6b2e633e64d6bf381a6578bf39e51073089113a275622baa062f704aa61b7153530777279f239876cce49b8d00886c3a91a88b9cd73bc259cd080eee92ff3c9cf9bd68972508b4131e4c6a86a1a8962668de83d26cbeeeb86275913427f51933c8b6097cf8d6e0c40ed070f57de520a81b6309eb776410e3f27a4063fc3a727b2d2c984d5017caa2b4697c1f9b4cabbce058f089c6274a6cf7cdcff5f3edfccc933c30632798d740476590b66f1194576794888af1017bea6290c5fb631d06f6364d57417e77c69fb9088fb9fb135c3950f5ae31588bc60b65496df650cbec3b9a6441f513374660bfc7c123fa31eb0405a7a4892533a4f531e5428d55570c1397d88acc12a35bd7dc9e6659ad519317df83e952652bafdfe5c20b84393272ddbff7addf27310b759717bffc0dc5378c51b8783eceab2ad0f4ee4edb4e36205610648b8fd340917b2847d171c863aa7edb715f0f7a41e354e59515a5077e4cbd37bf3db4f2a3dbae4fe86f4a8325279266aca27d07c6d8f5cb6957714e783511745231840f633b40a79998c4bd24336d6d66040a62ca649f712963bd7d8fbb7b60ffe990fb2206301248c9b748485da3fb0468b6481034c8f38c4c47b4513bc12c356f23b5d222aae0b4703659e2b56646486ce58c689e5787e05965b91123fb3addc3a49e53029a024d6585c1c1e2fada766d744c0fb7deb349fdaf06998c94ef826d56caf5af71e601560d07a446bc4320c80f546cc515b67bcd5c3ffb5c1c15c472193c4c6b8d131bc85b77fe3898916e80aeba180476aaec02f741034d7ede7e531d399990b467d9b0406d14d4e52f337709c9ec095b62c6fef4f9d3bf16ad3fafc3e53a79feb95d544e8b17f1554f4a61b2161d4ee1dec0331565f5787b99ddd441a19f3ca4d967f658f9bbb3c7b900ee09bfd2bc0948b6882ac3f9c02c2ad5fe291217dd82ecdbaf056613b6245ae3d1564feada68a6a37df0ac617b26590581608d29d442986482c92cd4fa56243621e687c6b6142520186c70cc5ee392df96bdfd560a53c004fff5b265cd04542a678acce9c0f967d1425873bd8e75360bd9950c244fff4443006cc09bf1f329780d5f5746e01102acfdb92a0d9a7c0a9a6246871b0b7f1e4535c86f9c34ac12c4f5cba40257d1d781111926633ad2fcd36494e50078c43d6b0ffc282c07522683077851de8fc299aa66059879276cbebaff89ac25c3e6fac920ab458ceb9e9a969115ef94195fc0c4e28e81fdf5b04dfd2989e32193e6f89dbd40db9d82ca33111ca3edcb6f31932842448e1911c32b4490c249514ee4501a27508d6d779c9e8ae4796af66bc2180181b783b2d1ede49798c4fa2a982a5115ee0015d4f3e1d3fc828827651ea0acefd5d04262e56ea856ba3149c2065eadbde4d591a439cb4a96e9f88761f57c7c24c17d856ee12e043dba62acd21ad24131898aa1d061897a9fc222a541ec438c908ab4befb5c1e29989bc33179f0c0c673e3569ce074e1c57680eeaf2672935f78aaeeda93986f8ad568941ea69d591e3c06d3da085e14496a47b0a39ddf2c0d3b1a1696b4c1f7d594d9d26d004f76c3efb86daade366b8c87c953f6713b7961c8255fa7a2a900620cafcd615a222d7a8920598cba96861ecdabe4a1e8973dd2fb95ff43281c6048862f563c7e80d70a4469af5963ff41f6a34d5aae53acb0ab4f0e20234d8424db4e4ec9b3e4f425206d500dce74072037464aaee1480c77ea842b53f68e4f8dbfa73d2328640af807a248cf8cf5299f6f975f790305cc4f1435e8a7ce52d163a048c0fc0f64e4e1572c2927903b923b12d6930a4c863bc176be2136ec1cf7bb8efbff4f4b798485a70e59b789b85181544b7f2389e88e16e1dee05422fac307c15b337d45b97933975f6d5c54a897ec99f15f347edea0052b60957991697e942022ff54d5f39c236f0da7dab187a8ea70e2f331184e115222c0a9e27b455b4005efcd516f02f159bf969194fcdc4ebbc458d753cf00"/3782, 0xec6}], 0x3}}], 0x1, 0x884)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r4 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r4, &(0x7f0000000180)=[{&(0x7f0000000340)='L', 0x1e}], 0x1, 0x8, 0x7, 0x17)

3.180593395s ago: executing program 0 (id=4096):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @flow_dissector=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCGETA(r2, 0x5405, &(0x7f0000000000))
r3 = socket$alg(0x26, 0x5, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000000c0)={'syz0\x00', {0xfff7, 0xc, 0x100, 0x81}, 0x1d, [0x7b, 0xb7e2, 0x3, 0x9, 0x100, 0x3, 0x1, 0x7, 0x9, 0x2, 0x7, 0xa, 0x3, 0x0, 0x7f, 0xc, 0x7fff, 0x6, 0x6, 0x5, 0x6, 0x6, 0x7, 0x6, 0xff, 0x2, 0xfffff5ee, 0x401, 0x0, 0xfc75, 0x8, 0x9, 0x4, 0x2, 0xffffffff, 0x81, 0xfffff765, 0x2, 0x3, 0xfffffff9, 0xa, 0xffffffff, 0x5, 0x0, 0x3ff, 0x6, 0x7, 0x4c, 0xfffffffd, 0x80, 0x8, 0x9, 0x9, 0x7, 0x8000101, 0xc3c, 0x1733, 0x7fff, 0x7ffc, 0x1, 0x6, 0x5, 0x1, 0x4], [0x8, 0x3, 0x8, 0x8, 0x0, 0x8, 0x4, 0x0, 0x25, 0x10, 0x6, 0x7, 0x8, 0xe62, 0xffffff73, 0x1000, 0x6, 0x13e5, 0x3, 0x3, 0x1000, 0x7, 0x1, 0x3b40, 0x4, 0x1000, 0x5, 0xe4, 0x8, 0x5a, 0xffff2503, 0x7fffffff, 0x6995, 0x1, 0x80000000, 0x8, 0xdaa, 0x5, 0x2, 0x76c4, 0xfffffffd, 0x5, 0x4, 0x10000, 0xd, 0x2, 0x9, 0x10, 0x4000e, 0x9, 0x7, 0xa, 0x9, 0xffffffff, 0x8, 0x3, 0x2, 0x3a6, 0x27f8, 0xc0d, 0xfffffffd, 0x9, 0x9, 0xfffffffb], [0x8a3, 0x6, 0x3, 0x9, 0x1000, 0x0, 0x80000000, 0x5, 0x7f, 0xa, 0x100, 0x1000, 0xf1, 0x6, 0xc, 0x10000, 0x72, 0xc, 0x633, 0xd, 0x7, 0x6, 0x80000000, 0x6, 0x0, 0x7, 0x8, 0x2ef3adcb, 0x10, 0x2, 0x8, 0x8, 0x74, 0x4, 0x7, 0x7ff, 0xfffffff2, 0x63, 0x7, 0x2, 0x3, 0x3, 0x20a7fd9e, 0xfffffffd, 0x2, 0xa1, 0x0, 0x9d, 0x7, 0xa8a, 0x2, 0x6, 0x77, 0x8, 0x1ff, 0x7, 0x7, 0x2, 0x0, 0x2, 0x8, 0x2, 0x3, 0x5], [0x4, 0x4, 0x5, 0x7ffe, 0x493e, 0x3, 0x35ff4447, 0x7, 0x5, 0x4, 0x7fff, 0x5, 0x5, 0x3ff, 0xb88f, 0xffff0000, 0x9, 0xf7df, 0x2, 0x10, 0x8, 0xffffffff, 0xff, 0x6, 0x4, 0x4, 0x0, 0x0, 0x7, 0x4e6, 0x8, 0x6, 0x5ef, 0x8000, 0xc, 0x4, 0x401, 0x1, 0x5, 0x0, 0x9a8, 0x99f, 0x231, 0x3ff, 0x8, 0x1, 0xffff0001, 0x1, 0x1, 0x10, 0x8, 0x5396, 0x6161, 0x9, 0x101, 0x1ff, 0x8, 0x431, 0x6, 0x5, 0x4, 0x7b, 0x7fc, 0x9]}, 0x45c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000040)={{'fd', 0x3d, r5}})
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000140)=@x86={0x3, 0x4, 0x0, 0x0, 0xc, 0x4, 0xd, 0x3, 0xb8, 0x4, 0x2, 0x5, 0x0, 0x8, 0x1, 0x3, 0x9, 0x6d, 0x81, '\x00', 0x2, 0xfff})
ioctl$KVM_SET_IRQCHIP(r6, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x200, 0x20003, 0x10020f5b, 0x0, [{0x0, 0x9}, {}, {}, {0x0, 0x35, 0xff}, {0x20, 0xa, 0xfc}, {0x0, 0x0, 0x6, '\x00', 0x7}, {0x20}, {0x2, 0x2, 0x7}, {0x0, 0x0, 0x8}, {0x0, 0x1, 0x2}, {0x0, 0x0, 0xfe, '\x00', 0x1}, {0x0, 0x0, 0x0, '\x00', 0x3}, {}, {0x0, 0xfc}, {0x7, 0x0, 0x0, '\x00', 0x39}, {0x0, 0x0, 0x0, '\x00', 0x8}, {0x0, 0x8, 0x0, '\x00', 0xff}, {0x0, 0x75, 0xfa}, {0x0, 0x0, 0x0, '\x00', 0x20}, {}, {0x6, 0x0, 0x0, '\x00', 0x1}, {0x0, 0x0, 0x0, '\x00', 0xfc}, {0x0, 0x5, 0x0, '\x00', 0x1}, {0x0, 0xfc}]}})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
bind$alg(r3, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r8 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$unix(r8, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="c5140c", 0x3}], 0x1}}], 0x1, 0x400c080)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x10, 0x38, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2.070491439s ago: executing program 4 (id=4102):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x0, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r2, &(0x7f0000000040)={0x18, 0x2, {0xfffc, @initdev={0xac, 0x1e, 0x5, 0x0}}}, 0x1e)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.kill\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7000001, 0x12, r4, 0x0)
r5 = userfaultfd(0x1)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000080))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
write$UHID_CREATE2(r4, &(0x7f0000000340)={0xb, {'syz1\x00', 'syz0\x00', 'syz1\x00', 0x0, 0x4, 0x10, 0x5, 0x10, 0x100}}, 0x118)
ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}}) (fail_nth: 1)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$inet6(0xa, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xc03, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20503, 0x12004}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x80}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.914090069s ago: executing program 0 (id=4104):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r0)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1a00fe00000000bda100000000000007010000f8ffffffb702000008000000b70300000000000085000000760000009500000000000000d36b59ac17a572d7444fe29366d8bcacdf913a8e7588905bf6cca226529c4362b31459e7b4279afff4c2694ae6af0673360f5f96ef5a1ac0e05bc659ad42bbdb9ecb3c42ce5d05a416ac7e0ad3d191a0ccfc5c1cdea3b39fff977ac70ddc8bc224914807ac6f395547937f1fd63808af7b878a45cc9f3f2ea2b4bd64c17cb7076455af28b648efe74fae79b4394cdf4768329b12814da8aa9f56b174939daf3acad3c84504be68ce1c75805911cb0e7f9ceb7780c1ca316381ccd0"], &(0x7f0000000180)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x5d4, 0x0, 0xec, 0x0, 0x3fc, 0x1c4, 0x50c, 0x50c, 0x50c, 0x50c, 0x50c, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xc8, 0xec, 0x0, {0x7a00000000000000}, [@inet=@rpfilter={{0x24}}]}, @HL={0x24}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'syzkaller0\x00', 'team_slave_1\x00'}, 0x0, 0xa4, 0xd8}, @common=@inet=@SET3={0x34, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}, {}, 0xf3dd}}}, {{@ipv6={@mcast1, @remote, [], [], '\x00', 'dummy0\x00'}, 0x0, 0x130, 0x154, 0x0, {}, [@common=@srh1={{0x8c}, {0x8, 0x0, 0x0, 0x0, 0x0, @dev, @local, @empty}}]}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0xa4, 0xe4}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x0, 0x0, 0x0, 0x0, 0x9]}}}, {{@uncond, 0x0, 0xec, 0x110, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@eui64={{0x24}}]}, @unspec=@CHECKSUM={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x630)
openat$cdrom(0xffffff9c, &(0x7f00000012c0), 0x42880, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000100620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_usbip_server_init(0x3)
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580)='X', 0x1, 0xfffffffffffffffe)
lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500))
add_key$user(0x0, &(0x7f00000005c0), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)

1.646366514s ago: executing program 3 (id=4105):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@private0={0xfc, 0x0, '\x00', 0x2}, 0x8000000, 0x1, 0x2, 0x1}, 0x20) (async)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@private0={0xfc, 0x0, '\x00', 0x2}, 0x8000000, 0x1, 0x2, 0x1}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x4000, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@index_off}]})

1.644860817s ago: executing program 3 (id=4106):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000180)=[{&(0x7f0000000340)='L', 0x1e}], 0x1, 0x8, 0x7, 0x17) (fail_nth: 14)

1.470177553s ago: executing program 3 (id=4109):
syz_emit_ethernet(0x66, &(0x7f0000000780)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x6c, 0x0, @private}}}}}, 0x0)
r0 = open(&(0x7f0000000280)='.\x00', 0x80, 0x28)
fcntl$notify(r0, 0x402, 0x8000003d)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000040)=@security={'security\x00', 0xe, 0x4, 0x46c, 0xffffffff, 0xc8, 0xc8, 0x264, 0xffffffff, 0xffffffff, 0x3a4, 0x3a4, 0x3a4, 0xffffffff, 0x4, &(0x7f0000000000), {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x31}, @empty, [0xff000000, 0xffffffff, 0x0, 0xff], [0xff, 0xffffffff, 0xffffffff, 0xffffff00], 'veth1_to_batadv\x00', 'veth0\x00', {}, {0xff}, 0x32, 0x5d, 0x3, 0x12}, 0x0, 0xa4, 0xc8}, @common=@unspec=@AUDIT={0x24, 'AUDIT\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0x154, 0x19c, 0x0, {}, [@common=@srh1={{0x8c}, {0x3c, 0x1, 0x54, 0xf9, 0x9, @dev={0xfe, 0x80, '\x00', 0x25}, @rand_addr=' \x01\x00', @private1={0xfc, 0x1, '\x00', 0x1}, [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], [0xff, 0xffffff00, 0xffffffff, 0xffffff00], [0xff, 0xffffffff, 0xffffff00, 0xffffffff], 0x8, 0x1d09}}, @common=@mh={{0x24}, {"430e", 0x1}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x1, {0x2}}}}, {{@uncond, 0x0, 0xd4, 0x140, 0x0, {}, [@common=@ah={{0x30}, {[0x4d3, 0x4d5], 0x6, 0x3, 0x3}}]}, @common=@unspec=@NFLOG={0x6c, 'NFLOG\x00', 0x0, {0x7fffffff, 0x6, 0x1, 0x1, 0x0, "fd8e98f7931e5ed3ad87c83416737ac028ea90ecbc408f8a224b11d41e5d8a348cc98b40df34003064bf91f36e880a403c62c0fdfa70dc87bb0ce1334b6223fe"}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x4c8)

1.348974127s ago: executing program 4 (id=4112):
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x40080, 0x8a)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)=ANY=[], 0x14}}, 0x0)
r6 = syz_open_dev$vbi(&(0x7f00000000c0), 0x2, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r6, 0x402c5639, &(0x7f0000000100)={0x5, 0x2, 0x8})
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r7, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newlink={0x54, 0x10, 0xffffff1f, 0x70bd29, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e20}, @IFLA_GRE_FWMARK={0x8, 0x14, 0xf3a}, @IFLA_GRE_REMOTE={0x8, 0x7, @rand_addr=0x64010101}]}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x54}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x59)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getqdisc={0x44, 0x26, 0x400, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r8, {0xc, 0xfff1}, {0xe, 0xd}, {0xc, 0x10}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x44}}, 0x0)
mkdirat(r0, &(0x7f00000000c0)='./file0\x00', 0x84)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r11, 0x0, 0x10, &(0x7f00000000c0)="170000000200020000ffbe8c5ee17688a2006c00030100000077fc5ad90200fb6a880000d6c9db0000db15d088bd8b7000000000d9ce9bc7e28db3000200ff01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c8e365d00b5033bf79ac2dfc061f15003901dee2000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f02d8e9e90539062a80e605007f71174ab498ff0b3e5a1b47b6df7b23de8caa000000", 0xb8)
sendmsg$nl_generic(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004"], 0x328}}, 0x84)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r9)

1.248075584s ago: executing program 3 (id=4113):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x0, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r2, &(0x7f0000000040)={0x18, 0x2, {0xfffc, @initdev={0xac, 0x1e, 0x5, 0x0}}}, 0x1e)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.kill\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7000001, 0x12, r4, 0x0)
r5 = userfaultfd(0x1)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000080))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
write$UHID_CREATE2(r4, &(0x7f0000000340)={0xb, {'syz1\x00', 'syz0\x00', 'syz1\x00', 0x0, 0x4, 0x10, 0x5, 0x10, 0x100}}, 0x118)
ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$inet6(0xa, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xc03, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20503, 0x12004}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x80}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.247649571s ago: executing program 5 (id=4114):
r0 = socket(0x32, 0x6, 0x1)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r1=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000140)={r1, 0x7}, &(0x7f00000002c0)=0x8)
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000640)=ANY=[@ANYBLOB="20000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="000000000000000030284d1badd0be5e118cc1103d7a7b7a8935366eb9ea103e32ca47f3479d731a6ea630f78201785e187b460159d8573427c452898d9b7673116517d07131d14ef9d24765b0f7c53676a0ef28aef3daa557ead5cdc974d5365ef23c97f122c6aa195e65ed7c780c03c03247211543184197b423a6ba5c82f8a4020e0cb558a99501abc07b6817c3e7d07e"], 0x20}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r5, @ANYBLOB="ff0f5b7f747b5400400000002015a50f34518e55aa0b3db4eadb1783078028fbecb21a37e54edc40f3bb760abe688637b065764532c4c3cfaa2be2c7bab1f984b80778522f00000000000000ef"], 0x28}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="05000000000083227c00"/25, @ANYRES32=r9, @ANYBLOB="0800050002000000"], 0x24}}, 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r10, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x14c}, 0x137)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[], 0x0, 0x30, 0x0, 0x2, 0x0, 0x0, @void, @value}, 0x28)
r11 = fsopen(&(0x7f0000000180)='hfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r11, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
r12 = openat$vicodec0(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0185647, &(0x7f0000000100)={0xf030000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x9d0903, 0x3, '\x00', @p_u16=&(0x7f00000005c0)=0x3}})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYRESOCT=r1, @ANYRESDEC=r10, @ANYBLOB="f19dd93aa38a22d939c838d8c5ae1bbe4af1be13ed11cd97c6a141adaadf1e3e269c5bb4c802f70d296d79957f41611f1614adfc61d19edc97c9314be2a5ded4b70a", @ANYRESHEX, @ANYRES16=r12])
chmod(&(0x7f0000000280)='./file0\x00', 0x180)
r13 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r13, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r13, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r13, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)

1.201000899s ago: executing program 4 (id=4115):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r3=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000240)={r3, 0xa49a, 0x30}, 0xc)
unshare(0x62040200)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="438cd3d159d08fd293e34a3a70c11c000000", @ANYRES16=0x0, @ANYBLOB="02002dbd7000fedbdf255a00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20040088}, 0x20044810)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r4 = socket$inet(0x2, 0x2, 0x1)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2, &(0x7f0000000380), 0x4)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
syz_emit_vhci(&(0x7f0000001280)=ANY=[@ANYBLOB="043e320d"], 0x35)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB="e1ffffff", @ANYRES16=r7, @ANYBLOB="01002abd7000fddbdf252600000008000300", @ANYRES32=r8, @ANYBLOB="04003400"], 0x20}, 0x1, 0x0, 0x0, 0x814}, 0x20000040)
r9 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x5a, 0x0)
r10 = dup(r1)
r11 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0xdaf1, 0x10100, 0x0, 0x0, 0x0, r10}, &(0x7f0000000140)=<r12=>0x0, &(0x7f00000001c0)=<r13=>0x0)
syz_io_uring_submit(r12, r13, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r9, 0x0, 0x0, 0x0, {}, 0x1})
ioctl$BTRFS_IOC_FS_INFO(r9, 0x8400941f, &(0x7f0000000880))
io_uring_enter(r11, 0x685f, 0x4800, 0x2, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x72601, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
epoll_create1(0x0)

1.140737309s ago: executing program 5 (id=4116):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x2f9, 0x543, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632177fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x6000, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)

1.040394632s ago: executing program 5 (id=4117):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="20000000140001000000000000000000020000ff", @ANYRES32=r3, @ANYBLOB="1fac5eef758c7c9ffaec50d34a9553a3"], 0x20}}, 0x0)
socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000740)=[{0x0}, {&(0x7f0000000340)=""/116, 0x74}, {&(0x7f00000003c0)=""/122, 0x7a}, {&(0x7f00000004c0)=""/214, 0xd6}, {&(0x7f0000000780)=""/132, 0x84}, {&(0x7f0000000680)=""/181, 0xb5}], 0x6)
socket(0x400000000010, 0x3, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
fcntl$getflags(r4, 0xb)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00'})
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x2d, 0xa00, @val=@iter={0x0}}, 0x18)
syz_open_dev$usbfs(0x0, 0x2, 0x20000)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x2000)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000100)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x41100, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
write$bt_hci(r8, 0x0, 0xa)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)

980.621837ms ago: executing program 4 (id=4118):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000180)=[{&(0x7f0000000340)='L', 0x1e}], 0x1, 0x8, 0x7, 0x17) (fail_nth: 15)

910.536742ms ago: executing program 5 (id=4119):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38})
openat$hpet(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
close_range(r0, 0xffffffffffffffff, 0x0)

900.548572ms ago: executing program 4 (id=4120):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async, rerun: 32)
r1 = socket(0x10, 0x3, 0x0) (rerun: 32)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8607}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000001600010a00000000007bea89220000000a0000000400000008000a0016000000"], 0x20}}, 0x0) (async)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c) (async)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r2, &(0x7f0000000040)=[{&(0x7f0000000200)=""/218, 0xda}], 0x1, 0x10, 0x0) (async)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)
sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)='h', 0x34000}], 0x1}, 0x0)
writev(r0, &(0x7f00000000c0), 0x0)
sendmsg$NFQNL_MSG_VERDICT(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000580)={0x2e4, 0x1, 0x3, 0x201, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFQA_CT={0x264, 0xb, 0x0, 0x1, [@CTA_TUPLE_MASTER={0x78, 0xe, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_LABELS={0x14, 0x16, 0x1, 0x0, [0x7, 0x7fff, 0x2, 0xffffffff]}, @CTA_TUPLE_MASTER={0xa0, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xe}}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0xc}}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x18}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @private=0xa010102}}}]}, @CTA_SEQ_ADJ_REPLY={0x2c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x803}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0xb4, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00'}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @broadcast}}}]}, @CTA_LABELS={0x2c, 0x16, 0x1, 0x0, [0x8, 0x2, 0x101, 0x2, 0x0, 0x9, 0x6, 0x6, 0x2, 0x5]}, @CTA_NAT_SRC={0x28, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @mcast2}, @CTA_NAT_V4_MINIP={0x8, 0x1, @loopback}, @CTA_NAT_V4_MINIP={0x8, 0x1, @loopback}]}]}, @NFQA_VLAN={0x24, 0x13, 0x0, 0x1, [@NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x7}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x4}]}, @NFQA_EXP={0xc, 0xf, 0x0, 0x1, [@CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x41}]}, @NFQA_CT={0x3c, 0xb, 0x0, 0x1, [@CTA_SEQ_ADJ_REPLY={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1}]}, @CTA_SYNPROXY={0x2c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x7ff}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x80000001}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x8}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0xb719}]}]}]}, 0x2e4}, 0x1, 0x0, 0x0, 0x90}, 0x20000000)

839.256433ms ago: executing program 5 (id=4121):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)
r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000100)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
read$alg(r2, &(0x7f0000000080)=""/123, 0xffffffffffffff26)
keyctl$revoke(0x3, r0)
keyctl$read(0xb, r0, 0x0, 0x0)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, r0)
r3 = userfaultfd(0x80801)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000140)={{&(0x7f000081f000/0x1000)=nil, 0x1000}, 0x4})

752.288835ms ago: executing program 5 (id=4122):
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0x8000, 0x0, 0x0, 0x1, 0x0, "000100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x1)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x2, 0x20000000, 0x0, 0xc}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0xdf}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
fchmodat(r1, &(0x7f0000000180)='./file0\x00', 0x80)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
mount(0x0, &(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)='gfs2\x00', 0x10, 0x0)
quotactl$Q_GETFMT(0xffffffff80000402, &(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, 0xffffffffffffffff, 0x0)
unshare(0x6a040000)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r7, 0x40186f40, &(0x7f0000000440)=0x1f)
ioctl$FS_IOC_SETFLAGS(r6, 0x40046f41, &(0x7f0000000440)=0x10)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)

690.124204ms ago: executing program 4 (id=4123):
r0 = openat$vimc2(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
fremovexattr(r0, &(0x7f0000000040)=@known='user.incfs.size\x00')
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
r1 = memfd_create(&(0x7f00000005c0)=' \xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00r\xbb\xdd\xe8\x87\x05=\xfb\x8b}\xfc\x1d\x03\xe1\xfcm\x9b\xf7fo\"i\xa1hk\x1f\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94T\x81@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\x00\x00\x00\x00\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x9d\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8U\x1e\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xcf+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18l\xc1\x81\x8e8L\xcb*S_\xd0:\xa4V\xbd\xf1\xa4\x955\xa9\x9d\xe0\x9b\xd3\x95\xc88n:\x89>?2\xc8\xe7kovd\xa4\x1bl+\x14\x17\x14\x17C2! U\x04:\xd93F\xb9\xfc\x1b\xfd}\x05\xf9\x11\xf3)>q\x10\xd3\xf0\xaf>\xf8t(bX\xe3g\x05\xfe\b\xbcy\x95*\xca\a\xaf\xbb\xf9\xc3Y\xa2\x91\x90.\xc8\xbe\xb0\xa6\xbd\xbd\xfd\xfaf*\xb2&\x82\xa0\x17\xe7)\xf5\xa2\xccv\n\x1b\xd4\xf4\x11*\xc9\xc6*\xa4.\x94[$\xb8\xb3Q\xde\xd8A\xa4~c,`\x02\xb8\x01r\x89\x82\x13\xd0}C7\xfb\xf2\tM\x1e\xe9\xa5\v\xc5\xba(\x89\xb0l\x92H\x1cR\x1f>\xc4ie\xe0B\xf0[\xe2\xe1\x12\x1d\x8fR&\xd1\xa6#\xda.\x0f\xd7\xd7\xa4\x90\x14\x92I\xf82&\x16<\xf2RR\xc2\x02.Q\xef\x85\xef\xf9\xe5\x00\xe9\xca\xb1\x8c\x11\x11l\x9f\xc8\b\xf7A\xa6\x81\xad\xdc\x95\xc8\xef\x102\xa8\x87\x01\x00\\\xfee \n0F\xbc\x85\xc5C\xd0\x99\xe4\t\xab`\'t\xc2\xe9\x13\xcag\xea\xb3\xb5\x92\x00J\xc6y\x05\xcc\xde\xa0\xf6\xb9 \xe5\xdd\f\x18\xfc\xe0\xc3(\xd8\xeb\x1a6\xe6\xfa\x93\xc07R\x0f-\x9e\xf3\x87E\xa3\xd5o\x1bA\x88L/\xe7>45Q?\be\x7f\xa9\x9a\xcae\xd8Y\xdf]\x1bS\x825\xcb\x00\xa4}\x97\x84T\xad\x9b\x1e!\x8a\xbc\x02+#Q\xa9 \xe9\x05r\xe1\xec\x0f\xa7\xe6Of\x95\x02{', 0x4)
ftruncate(r1, 0x400000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
get_robust_list(0x0, 0x0, 0x0)
write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f00000004c0)='./file1\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000280)={0xfff9, 0x9, 0x5e, 0x44f, 0x15, "d98237273365e6af"})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
finit_module(r1, 0x0, 0x0)

259.997125ms ago: executing program 0 (id=4124):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0xb0}, 0x1, 0x7}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000000000000000000000000850000002e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newtaction={0x120, 0x30, 0x1, 0x0, 0x0, {}, [{0x10c, 0x1, [@m_ct={0xc0, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x7f, 0x6, "1c54e5b8f9cd683a6512bb947907f6b3617fb024382868926cf498ce77d4e0769f2c8fb81a59e2edaca5f47b61042f99285cd95b3cfe1db741c8658f94d66e163bbe26ac9985c08527961eb6ccb199f61e9f2686ff4c130f049b1996d0b316de8fcd218f3507d5cfeb45c6d022c342f87dfb56d6d83166397ff72b"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x6, 0x5, 0x40000000}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r1 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = fsopen(&(0x7f0000000100)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) (async)
r5 = fsmount(r4, 0x0, 0xf)
fsconfig$FSCONFIG_SET_FLAG(r5, 0x0, &(0x7f0000000000)='nomand\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x7, 0x0, 0x0, 0x0) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
write$FUSE_LK(r5, &(0x7f0000000300)={0x28, 0x0, 0x0, {{0x9, 0x8, 0x2, r1}}}, 0x28)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, 0x0) (async)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)

107.811498ms ago: executing program 3 (id=4125):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x2f9, 0x543, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632177fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0xeb02, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)

710.541µs ago: executing program 3 (id=4126):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00'}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
times(0xffffffffffffffff) (async)
syslog(0x3, &(0x7f0000000880), 0x0) (async)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$chown(0x4, r2, 0xee00, 0x0)
keyctl$setperm(0x5, r2, 0x1100100) (async)
keyctl$chown(0x6, r2, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$sock_int(r3, 0x1, 0x2d, 0x0, &(0x7f0000000040)) (async)
syz_usb_connect(0x3, 0x2d, &(0x7f0000001040)={{0x12, 0x1, 0x200, 0x29, 0x63, 0x90, 0x10, 0x1a86, 0x752d, 0x2d4d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1, 0x0, 0x1, 0xe9, 0x11, 0xbd, 0x0, [], [{{0x9, 0x5, 0xc, 0x3, 0x10, 0x3, 0xf, 0x2}}]}}]}}]}}, 0x0) (async)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x2c, r1, 0x401, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}]}, 0x2c}}, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) (async)
r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
accept4$bt_l2cap(r4, 0x0, 0x0, 0x800) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r6, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) (async)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000001a000100ffffff1f00000a0080bab2a2b98d6ccaf5da29558e624787b648aefe2d3db8005efcdff41f95c137075614bddf701aea77b8c35b84b67e9f9224320da90eef9f4340c7762844d64a653d", @ANYRES64=r5, @ANYRESDEC=0x0, @ANYRESHEX=r5], 0x38}, 0x1, 0x0, 0x0, 0x88895}, 0x0) (async)
madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xd) (async)
r7 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r7, &(0x7f0000000100)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x8, 0x3a, 'skcipher\x00', 0x3a, 'skcipher\x00', 0x3a, './file0', 0x3a, [0x43, 0x50]}, 0x3b) (async)
ioctl$FS_IOC_GETFSMAP(r7, 0xc0c0583b, &(0x7f0000000400)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x40, 0x2, 0x9, 0x0, 0x7, 0x3}, {0x335, 0x400, 0x3f7e, 0x5, 0x101, 0x2}], ['\x00', '\x00']}) (async)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)

0s ago: executing program 0 (id=4127):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x2d, &(0x7f0000000600)=ANY=[@ANYRESHEX=r0, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000002a0700000000000076678103b0ddeafb0040b430000400000085000000b300100018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800001d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000085100000faffffff18110000", @ANYRES32, @ANYRES8=r0, @ANYRES32, @ANYRES8=r0], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='contention_end\x00', r1}, 0x18) (async)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='memory.swap.events\x00', 0x275a, 0x0) (async)
userfaultfd(0x80801)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x20400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
syz_usb_control_io$uac1(0xffffffffffffffff, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="001f020005000000"]}, 0x0)
r5 = userfaultfd(0x800)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4}) (async)
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, 0x0) (async)
ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000240)=ANY=[@ANYBLOB="9f6033eedabaf47a0eba280ed26b257b10dcdf29bb2e7fe2f8b669ca7766b92ad0e80bdcc673b4064c095b4a61f6a7652ac7813e02efb1d09b2827007a9286e5e0ad0617af48f2b2aaeba72f7bb2fe0ea7", @ANYRESHEX=0x0, @ANYRES8=r0])
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4048aecb, &(0x7f0000000140)) (async)
r6 = syz_open_dev$dri(&(0x7f00000005c0), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, 0x0) (async)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a) (async)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r6, 0xc04064aa, 0x0)
setresuid(0x0, 0xee00, 0xee00) (async)
r7 = fsopen(&(0x7f0000000000)='erofs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r7, 0x2, &(0x7f0000000040)='dax\x00', &(0x7f00000004c0), 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mlockall(0x3) (async)
io_setup(0x6, &(0x7f0000001380)) (async)
arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, 0x0) (async)
r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x5452, 0x0) (async)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r8, 0x4008af23, &(0x7f0000000040)={0x0, 0xb}) (async)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

0 has no interfaces?
[  548.464005][   T59] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  548.473133][   T59] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.495699][   T59] usb 9-1: config 0 descriptor??
[  550.540668][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  550.540678][   T40] audit: type=1326 audit(1748097581.600:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17593 comm="syz.0.3279" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0
[  550.873445][T17604] netlink: 'syz.3.3282': attribute type 11 has an invalid length.
[  550.956882][  T835] usb 9-1: USB disconnect, device number 12
[  551.120663][T14430] vhci_hcd: vhci_device speed not set
[  551.243888][T17615] Invalid ELF header magic: != ELF
[  551.543707][T13947] usb 8-1: new high-speed USB device number 42 using dummy_hcd
[  551.691579][T17636] random: crng reseeded on system resumption
[  551.703915][T13947] usb 8-1: Using ep0 maxpacket: 8
[  551.725808][T13947] usb 8-1: config 0 has no interfaces?
[  551.728601][T13947] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  551.732145][T13947] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.761832][T13947] usb 8-1: config 0 descriptor??
[  551.840848][   T40] audit: type=1400 audit(1748097582.900:1062): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17635 comm="syz.0.3294"
[  552.619805][   T40] audit: type=1326 audit(1748097583.680:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17643 comm="syz.0.3295" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0
[  553.230144][T17652] Invalid ELF header magic: != ELF
[  554.362661][   T34] usb 8-1: USB disconnect, device number 42
[  554.439939][T13947] kernel read not supported for file /sequencer (pid: 13947 comm: kworker/2:1)
[  555.309725][T17689] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3307'.
[  555.609386][   T40] audit: type=1326 audit(1748097586.670:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17695 comm="syz.3.3311" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x0
[  556.477927][T17713] (unnamed net_device) (uninitialized): peer notification delay (512) is not a multiple of miimon (5), value rounded to 510 ms
[  556.618448][T17719] 9pnet_fd: Insufficient options for proto=fd
[  556.648229][T17720] Invalid ELF header magic: != ELF
[  556.704439][T17722] FAULT_INJECTION: forcing a failure.
[  556.704439][T17722] name failslab, interval 1, probability 0, space 0, times 0
[  556.709981][T17722] CPU: 0 UID: 0 PID: 17722 Comm: syz.0.3318 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  556.709997][T17722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  556.710004][T17722] Call Trace:
[  556.710008][T17722]  <TASK>
[  556.710012][T17722]  dump_stack_lvl+0x16c/0x1f0
[  556.710033][T17722]  should_fail_ex+0x512/0x640
[  556.710051][T17722]  should_failslab+0xc2/0x120
[  556.710065][T17722]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  556.710079][T17722]  ? skb_clone+0x190/0x3f0
[  556.710094][T17722]  skb_clone+0x190/0x3f0
[  556.710108][T17722]  netlink_deliver_tap+0xabd/0xd30
[  556.710125][T17722]  netlink_unicast+0x6b2/0x7f0
[  556.710140][T17722]  ? __pfx_netlink_unicast+0x10/0x10
[  556.710154][T17722]  ? __pfx_nf_tables_abort+0x10/0x10
[  556.710169][T17722]  netlink_ack+0x696/0xb80
[  556.710187][T17722]  nfnetlink_rcv_batch+0x1431/0x2350
[  556.710209][T17722]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  556.710224][T17722]  ? consume_skb+0xcc/0x100
[  556.710238][T17722]  ? find_held_lock+0x2b/0x80
[  556.710250][T17722]  ? __local_bh_enable_ip+0xa4/0x120
[  556.710262][T17722]  ? lockdep_hardirqs_on+0x7c/0x110
[  556.710284][T17722]  ? __pfx___dev_queue_xmit+0x10/0x10
[  556.710309][T17722]  ? __nla_parse+0x40/0x60
[  556.710321][T17722]  nfnetlink_rcv+0x3c1/0x430
[  556.710336][T17722]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  556.710355][T17722]  netlink_unicast+0x53d/0x7f0
[  556.710370][T17722]  ? __pfx_netlink_unicast+0x10/0x10
[  556.710388][T17722]  netlink_sendmsg+0x8d1/0xdd0
[  556.710404][T17722]  ? __pfx_netlink_sendmsg+0x10/0x10
[  556.710419][T17722]  ? __import_iovec+0x1c8/0x660
[  556.710432][T17722]  ____sys_sendmsg+0xa95/0xc70
[  556.710450][T17722]  ? __pfx_____sys_sendmsg+0x10/0x10
[  556.710465][T17722]  ? get_compat_msghdr+0x11a/0x170
[  556.710483][T17722]  ___sys_sendmsg+0x134/0x1d0
[  556.710497][T17722]  ? __pfx____sys_sendmsg+0x10/0x10
[  556.710526][T17722]  __sys_sendmsg+0x16d/0x220
[  556.710539][T17722]  ? __pfx___sys_sendmsg+0x10/0x10
[  556.710557][T17722]  ? rcu_is_watching+0x12/0xc0
[  556.710570][T17722]  __do_fast_syscall_32+0x73/0x120
[  556.710587][T17722]  do_fast_syscall_32+0x32/0x80
[  556.710602][T17722]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  556.710616][T17722] RIP: 0023:0xf7f84579
[  556.710625][T17722] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  556.710635][T17722] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  556.710645][T17722] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  556.710652][T17722] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  556.710657][T17722] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  556.710663][T17722] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  556.710669][T17722] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  556.710681][T17722]  </TASK>
[  556.810937][T14131] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  556.816407][T17724] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3319'.
[  556.821722][T17724] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3319'.
[  556.868574][T17726] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3320'.
[  556.983764][T14131] usb 9-1: Using ep0 maxpacket: 8
[  556.986817][T14131] usb 9-1: config 0 has no interfaces?
[  556.988677][T14131] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  556.991407][T14131] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.995616][T14131] usb 9-1: config 0 descriptor??
[  557.430696][T17737] FAULT_INJECTION: forcing a failure.
[  557.430696][T17737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  557.443143][T17737] CPU: 1 UID: 0 PID: 17737 Comm: syz.5.3322 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  557.443170][T17737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  557.443181][T17737] Call Trace:
[  557.443189][T17737]  <TASK>
[  557.443197][T17737]  dump_stack_lvl+0x16c/0x1f0
[  557.443227][T17737]  should_fail_ex+0x512/0x640
[  557.443256][T17737]  _copy_from_user+0x2e/0xd0
[  557.443273][T17737]  drm_ioctl+0x4fb/0xc30
[  557.443296][T17737]  ? __pfx_drm_mode_getplane_res+0x10/0x10
[  557.443320][T17737]  ? __pfx_drm_ioctl+0x10/0x10
[  557.443357][T17737]  drm_compat_ioctl+0x327/0x460
[  557.443383][T17737]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  557.443407][T17737]  __ia32_compat_sys_ioctl+0x24f/0x360
[  557.443436][T17737]  __do_fast_syscall_32+0x73/0x120
[  557.443464][T17737]  do_fast_syscall_32+0x32/0x80
[  557.443490][T17737]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  557.443511][T17737] RIP: 0023:0xf712e579
[  557.443525][T17737] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  557.443542][T17737] RSP: 002b:00000000f50dc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  557.443560][T17737] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c01064b5
[  557.443569][T17737] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  557.443578][T17737] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  557.443587][T17737] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  557.443596][T17737] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  557.443618][T17737]  </TASK>
[  557.500797][    C1] vkms_vblank_simulate: vblank timer overrun
[  557.690630][T17741] random: crng reseeded on system resumption
[  557.904175][   T40] audit: type=1400 audit(1748097588.930:1065): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17740 comm="syz.3.3324"
[  558.143722][  T834] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  558.307748][  T834] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  558.314029][  T834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  558.319617][  T834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  558.325893][  T834] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  558.330237][  T834] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  558.333223][  T834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.354409][  T834] usb 5-1: config 0 descriptor??
[  558.904606][  T834] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[  559.264893][  T834] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  559.533958][  T834] usb 9-1: USB disconnect, device number 13
[  559.560316][   T40] audit: type=1326 audit(1748097590.620:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17763 comm="syz.4.3330" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x0
[  560.403928][  T834] usb 5-1: reset high-speed USB device number 29 using dummy_hcd
[  560.442567][T17782] random: crng reseeded on system resumption
[  560.619522][   T40] audit: type=1400 audit(1748097591.680:1067): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17780 comm="syz.4.3335"
[  560.687188][T17785] [U] ³•¯1WT`8ºÁÍÇÚH$Ô0©·ÑÃÝ9\
[  560.689390][T17785] [U] ;2}U‚˜GVÏÄ¥ËÚ#ÈO9ÏÔÕ¥>-ƒÊß´ÜS…Ý¢šÕP
[  561.492713][T17798] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3339'.
[  561.704739][T13947] usb 5-1: USB disconnect, device number 29
[  562.102789][T17810] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  562.105240][T17810] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  562.108024][T17810] vhci_hcd vhci_hcd.0: Device attached
[  562.254399][T13947] usb 8-1: new high-speed USB device number 43 using dummy_hcd
[  562.336254][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  562.376171][T17817] random: crng reseeded on system resumption
[  562.413763][ T6047] usb 47-1: new high-speed USB device number 4 using vhci_hcd
[  562.508415][   T40] audit: type=1400 audit(1748097593.570:1068): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17816 comm="syz.0.3344"
[  562.544225][T13947] usb 8-1: Using ep0 maxpacket: 8
[  562.762737][T17811] vhci_hcd: connection reset by peer
[  562.767778][   T65] vhci_hcd: stop threads
[  562.771038][   T65] vhci_hcd: release socket
[  562.773733][   T65] vhci_hcd: disconnect device
[  562.956955][T13947] usb 8-1: config 0 has no interfaces?
[  563.263735][T13947] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  563.267320][T13947] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.275506][T13947] usb 8-1: config 0 descriptor??
[  563.953729][T13947] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  564.105033][T13947] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  564.117143][T13947] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  564.120664][T13947] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  564.124074][T13947] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  564.127982][T13947] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  564.130616][T13947] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.134444][T13947] usb 10-1: config 0 descriptor??
[  564.217681][T17843] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  564.234209][T17843] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12)
[  564.236292][T17843] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  564.256256][T17843] vhci_hcd vhci_hcd.0: Device attached
[  564.524341][T14430] usb 45-1: new high-speed USB device number 13 using vhci_hcd
[  564.758640][T17837] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3349'.
[  564.761748][T17837] netlink: 96 bytes leftover after parsing attributes in process `syz.5.3349'.
[  564.765136][T17837] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3349'.
[  564.768386][T17837] vlan1: entered allmulticast mode
[  564.770363][T17837] veth0_vlan: entered allmulticast mode
[  564.811713][T17848] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3351'.
[  564.934318][T17844] vhci_hcd: connection reset by peer
[  564.936500][T12991] vhci_hcd: stop threads
[  564.938275][T12991] vhci_hcd: release socket
[  564.941149][T12991] vhci_hcd: disconnect device
[  565.028595][  T834] usb 8-1: USB disconnect, device number 43
[  565.290421][T17858] vlan0: entered promiscuous mode
[  565.301835][T17858] team0: Port device vlan0 added
[  565.670148][T17868] random: crng reseeded on system resumption
[  565.894530][   T40] audit: type=1400 audit(1748097596.960:1069): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17867 comm="syz.4.3359"
[  566.105121][   T40] audit: type=1400 audit(1748097597.170:1070): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17872 comm="syz.3.3360"
[  566.729762][   T40] audit: type=1400 audit(1748097597.760:1071): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17877 comm="syz.0.3361"
[  566.784904][T13947] usbhid 10-1:0.0: can't add hid device: -71
[  566.786933][T13947] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  566.976598][T17888] FAULT_INJECTION: forcing a failure.
[  566.976598][T17888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  566.980731][T17888] CPU: 0 UID: 0 PID: 17888 Comm: syz.3.3366 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  566.980746][T17888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  566.980752][T17888] Call Trace:
[  566.980757][T17888]  <TASK>
[  566.980761][T17888]  dump_stack_lvl+0x16c/0x1f0
[  566.980780][T17888]  should_fail_ex+0x512/0x640
[  566.980799][T17888]  _copy_from_user+0x2e/0xd0
[  566.980810][T17888]  move_addr_to_kernel+0x65/0x170
[  566.980828][T17888]  __get_compat_msghdr+0x3f1/0x4d0
[  566.980843][T17888]  get_compat_msghdr+0xd2/0x170
[  566.980855][T17888]  ? __pfx_get_compat_msghdr+0x10/0x10
[  566.980868][T17888]  ? __pfx__kstrtoull+0x10/0x10
[  566.980883][T17888]  ___sys_sendmsg+0x1ae/0x1d0
[  566.980897][T17888]  ? __pfx____sys_sendmsg+0x10/0x10
[  566.980917][T17888]  ? find_held_lock+0x2b/0x80
[  566.980936][T17888]  __sys_sendmmsg+0x2f9/0x420
[  566.980951][T17888]  ? __pfx___sys_sendmmsg+0x10/0x10
[  566.980968][T17888]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  566.980990][T17888]  ? fput+0x70/0xf0
[  566.981003][T17888]  ? ksys_write+0x1b9/0x240
[  566.981014][T17888]  ? __pfx_ksys_write+0x10/0x10
[  566.981026][T17888]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  566.981039][T17888]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  566.981056][T17888]  __do_fast_syscall_32+0x73/0x120
[  566.981073][T17888]  do_fast_syscall_32+0x32/0x80
[  566.981089][T17888]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  566.981102][T17888] RIP: 0023:0xf70ce579
[  566.981110][T17888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  566.981121][T17888] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  566.981131][T17888] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000080000440
[  566.981138][T17888] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  566.981143][T17888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  566.981150][T17888] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  566.981156][T17888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  566.981168][T17888]  </TASK>
[  567.172736][T17890] "syz.5.3362" (17890) uses obsolete ecb(arc4) skcipher
[  567.431729][T13947] usb 10-1: USB disconnect, device number 5
[  567.563790][ T6047] vhci_hcd: vhci_device speed not set
[  567.723838][  T835] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  567.883822][  T835] usb 5-1: Using ep0 maxpacket: 8
[  567.887796][  T835] usb 5-1: config 0 has no interfaces?
[  567.890278][  T835] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  567.894232][  T835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.901613][  T835] usb 5-1: config 0 descriptor??
[  568.433747][T17912] random: crng reseeded on system resumption
[  568.693695][   T40] audit: type=1400 audit(1748097599.670:1072): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17911 comm="syz.3.3372"
[  569.614031][T14430] vhci_hcd: vhci_device speed not set
[  570.293727][T14131] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  570.479481][T14131] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  570.490089][T14131] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  570.499491][T14131] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  570.501065][T14330] usb 5-1: USB disconnect, device number 30
[  570.506714][T14131] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  570.513730][T14131] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  570.518844][T14131] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.529121][T17938] random: crng reseeded on system resumption
[  570.539263][T14131] usb 9-1: config 0 descriptor??
[  570.710832][   T40] audit: type=1400 audit(1748097601.770:1073): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17937 comm="syz.0.3380"
[  570.955780][T14131] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[  570.957462][T17944] Invalid ELF header magic: != ELF
[  570.967618][T14131] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  571.061960][T17947] random: crng reseeded on system resumption
[  571.186247][   T40] audit: type=1400 audit(1748097602.250:1074): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=17946 comm="syz.5.3382"
[  571.271346][T17950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  571.276745][T17950] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  571.499536][T17954] program syz.0.3384 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  572.114171][T14330] kernel read not supported for file /sequencer (pid: 14330 comm: kworker/2:3)
[  572.434325][  T835] usb 9-1: reset high-speed USB device number 14 using dummy_hcd
[  572.711447][T17982] Invalid ELF header magic: != ELF
[  572.955935][T17988] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3396'.
[  572.958973][T17988] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3396'.
[  572.961989][T17988] netlink: 'syz.4.3396': attribute type 5 has an invalid length.
[  573.009480][T17990] 8021q: adding VLAN 0 to HW filter on device bond1
[  573.012440][T17990] bond0: (slave bond1): Enslaving as an active interface with a down link
[  573.219570][T18006] random: crng reseeded on system resumption
[  573.526689][T18012] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  573.528852][T18012] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  573.531409][T18012] vhci_hcd vhci_hcd.0: Device attached
[  573.647748][   T34] usb 9-1: USB disconnect, device number 14
[  573.773713][ T6047] usb 45-1: new high-speed USB device number 14 using vhci_hcd
[  573.955068][T18013] vhci_hcd: connection reset by peer
[  573.957318][T12987] vhci_hcd: stop threads
[  573.958697][T12987] vhci_hcd: release socket
[  573.961964][T12987] vhci_hcd: disconnect device
[  574.259082][T18037] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3408'.
[  574.527666][T18041] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  575.018006][T18055] netlink: 'syz.5.3415': attribute type 10 has an invalid length.
[  575.584949][T18070] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  575.599253][T18070] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(12)
[  575.601337][T18070] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  575.607553][T18070] vhci_hcd vhci_hcd.0: Device attached
[  575.806372][T18074] 9pnet_fd: Insufficient options for proto=fd
[  575.853836][T14430] usb 47-1: new high-speed USB device number 5 using vhci_hcd
[  576.348709][T18071] vhci_hcd: connection reset by peer
[  576.356899][T12991] vhci_hcd: stop threads
[  576.358450][T12991] vhci_hcd: release socket
[  576.361414][T12991] vhci_hcd: disconnect device
[  577.483717][   T34] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  577.553726][T11501] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  577.633749][   T34] usb 9-1: Using ep0 maxpacket: 8
[  577.638298][   T34] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  577.642333][   T34] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  577.646541][   T34] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  577.650169][   T34] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  577.654248][   T34] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  577.657023][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.714313][T11501] usb 5-1: Using ep0 maxpacket: 8
[  577.719709][T11501] usb 5-1: config 0 has no interfaces?
[  577.721585][T11501] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  577.725094][T11501] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.729898][T11501] usb 5-1: config 0 descriptor??
[  577.864827][   T34] usb 9-1: GET_CAPABILITIES returned 0
[  577.866583][   T34] usbtmc 9-1:16.0: can't read capabilities
[  577.936526][T18122] random: crng reseeded on system resumption
[  578.207338][T11501] usb 9-1: USB disconnect, device number 15
[  579.015199][ T6047] vhci_hcd: vhci_device speed not set
[  579.120505][T13947] kernel read not supported for file /sequencer (pid: 13947 comm: kworker/2:1)
[  580.129794][T11501] usb 5-1: USB disconnect, device number 31
[  580.242778][   T40] audit: type=1326 audit(1748097611.300:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18159 comm="syz.0.3441" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0
[  580.346951][T18148] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  580.358193][T18148] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(12)
[  580.360208][T18148] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  580.364435][T18148] vhci_hcd vhci_hcd.0: Device attached
[  580.471874][T18163] vhci_hcd: connection closed
[  580.472253][   T65] vhci_hcd: stop threads
[  580.476069][   T65] vhci_hcd: release socket
[  580.477792][   T65] vhci_hcd: disconnect device
[  580.592060][T18171] random: crng reseeded on system resumption
[  580.964063][T14430] vhci_hcd: vhci_device speed not set
[  581.518685][ T6000] kernel read not supported for file /sequencer (pid: 6000 comm: kworker/0:5)
[  582.044494][T18203] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  582.060924][T18203] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[  582.063050][T18203] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  582.065685][T18203] vhci_hcd vhci_hcd.0: Device attached
[  582.393773][T14430] usb 43-1: new high-speed USB device number 23 using vhci_hcd
[  582.533175][T18210] No source specified
[  582.535777][T18212] No source specified
[  582.567829][T18205] vhci_hcd: connection reset by peer
[  582.570300][ T1142] vhci_hcd: stop threads
[  582.571703][ T1142] vhci_hcd: release socket
[  582.573204][ T1142] vhci_hcd: disconnect device
[  582.586517][T18218] random: crng reseeded on system resumption
[  582.639394][ T6000] kernel read not supported for file /sequencer (pid: 6000 comm: kworker/0:5)
[  583.319130][T18238] can: request_module (can-proto-3) failed.
[  583.543812][T14131] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  583.693749][T14131] usb 10-1: Using ep0 maxpacket: 8
[  583.705834][T14131] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  583.718077][T14131] usb 10-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  583.732550][T14131] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  583.737609][T14131] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  583.743618][T14131] usb 10-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  583.748186][T14131] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  583.766288][T14131] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.784200][T14131] usbtmc 10-1:16.0: bulk endpoints not found
[  584.019171][T18250] xt_cluster: node mask cannot exceed total number of nodes
[  584.432468][T18264] netlink: 'syz.3.3469': attribute type 9 has an invalid length.
[  584.860640][T18274] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  584.874812][T18274] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  584.876918][T18274] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  584.879634][T18274] vhci_hcd vhci_hcd.0: Device attached
[  585.123740][ T5980] usb 37-1: new high-speed USB device number 14 using vhci_hcd
[  585.591554][T18275] vhci_hcd: connection reset by peer
[  585.593544][T12985] vhci_hcd: stop threads
[  585.595759][T12985] vhci_hcd: release socket
[  585.597236][T12985] vhci_hcd: disconnect device
[  585.954850][T14330] usb 10-1: USB disconnect, device number 6
[  585.984320][T18287] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3474'.
[  585.988878][T18288] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3474'.
[  586.883062][T18303] 9pnet_fd: Insufficient options for proto=fd
[  586.910064][T18306] 9pnet_virtio: no channels available for device syz
[  587.325593][T18308] random: crng reseeded on system resumption
[  587.535687][   T40] audit: type=1400 audit(1748097618.600:1076): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=18307 comm="syz.4.3482"
[  587.543886][T14430] vhci_hcd: vhci_device speed not set
[  587.745602][T18318] Invalid ELF header magic: != ELF
[  588.034774][T18330] random: crng reseeded on system resumption
[  588.196835][   T40] audit: type=1400 audit(1748097619.240:1077): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=18329 comm="syz.5.3489"
[  588.249877][T18335] random: crng reseeded on system resumption
[  588.397169][   T40] audit: type=1400 audit(1748097619.450:1078): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=18334 comm="syz.0.3490"
[  588.505361][ T6000] kernel read not supported for file /sequencer (pid: 6000 comm: kworker/0:5)
[  589.046711][T18345] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3494'.
[  589.387223][T18362] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  589.420605][T18362] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[  589.420646][T18362] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  589.420816][T18362] vhci_hcd vhci_hcd.0: Device attached
[  589.985831][T18365] vhci_hcd: connection closed
[  589.986340][T12987] vhci_hcd: stop threads
[  589.989478][T12987] vhci_hcd: release socket
[  589.991431][T12987] vhci_hcd: disconnect device
[  589.993735][T14430] vhci_hcd: vhci_device speed not set
[  590.155715][T18376] Invalid ELF header magic: != ELF
[  590.254066][ T5980] vhci_hcd: vhci_device speed not set
[  590.423907][T11501] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  590.593741][T11501] usb 10-1: Using ep0 maxpacket: 8
[  590.601429][T11501] usb 10-1: config 0 has no interfaces?
[  590.603983][T11501] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  590.607746][T11501] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.615266][T18386] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3504'.
[  590.635978][T11501] usb 10-1: config 0 descriptor??
[  590.680730][T18386] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  591.545469][T18402] random: crng reseeded on system resumption
[  592.531755][   T40] audit: type=1326 audit(1748097623.590:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18417 comm="syz.3.3515" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x0
[  593.191157][ T5980] usb 10-1: USB disconnect, device number 7
[  593.359773][T14430] kernel read not supported for file /sequencer (pid: 14430 comm: kworker/1:4)
[  593.411086][T18438] random: crng reseeded on system resumption
[  593.935008][   T40] audit: type=1326 audit(1748097625.000:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18461 comm="syz.0.3530" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0
[  594.073766][T11501] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  594.243808][T11501] usb 9-1: Using ep0 maxpacket: 8
[  594.247686][T11501] usb 9-1: config 0 has no interfaces?
[  594.249674][T11501] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  594.253334][T11501] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.263835][T11501] usb 9-1: config 0 descriptor??
[  594.422584][T14131] kernel read not supported for file /sequencer (pid: 14131 comm: kworker/0:0)
[  594.457221][T18484] random: crng reseeded on system resumption
[  595.077561][T18500] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  595.079706][T18500] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  595.085592][T18500] vhci_hcd vhci_hcd.0: Device attached
[  595.375890][T14430] usb 47-1: new high-speed USB device number 6 using vhci_hcd
[  596.083708][T18501] vhci_hcd: connection reset by peer
[  596.085851][ T1142] vhci_hcd: stop threads
[  596.087309][ T1142] vhci_hcd: release socket
[  596.088922][ T1142] vhci_hcd: disconnect device
[  596.848836][T11501] usb 9-1: USB disconnect, device number 16
[  597.023558][   T40] audit: type=1326 audit(1748097628.080:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18520 comm="syz.3.3551" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x0
[  597.162944][T18523] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  597.180899][T18523] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12)
[  597.182933][T18523] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  597.185479][T18523] vhci_hcd vhci_hcd.0: Device attached
[  597.454799][T18527] netlink: 'syz.0.3553': attribute type 10 has an invalid length.
[  597.507398][T18527] batman_adv: batadv0: Adding interface: team0
[  597.509403][T18527] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  597.511256][T18530] netlink: 'syz.0.3553': attribute type 10 has an invalid length.
[  597.517272][ T5980] usb 45-1: new high-speed USB device number 15 using vhci_hcd
[  597.519721][T18530] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3553'.
[  597.525323][T18527] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  597.528763][T18530] team0: entered promiscuous mode
[  597.531069][T18530] 8021q: adding VLAN 0 to HW filter on device team0
[  597.533418][T18530] batman_adv: batadv0: Interface activated: team0
[  597.537645][T18530] batman_adv: batadv0: Interface deactivated: team0
[  597.539924][T18530] batman_adv: batadv0: Removing interface: team0
[  597.563852][T18531] Invalid ELF header magic: != ELF
[  597.575738][T18530] bridge0: port 1(team0) entered blocking state
[  597.579898][T18530] bridge0: port 1(team0) entered disabled state
[  597.583298][T18530] team0: entered allmulticast mode
[  597.735101][T18524] vhci_hcd: connection reset by peer
[  597.737237][ T8767] vhci_hcd: stop threads
[  597.738646][ T8767] vhci_hcd: release socket
[  597.740129][ T8767] vhci_hcd: disconnect device
[  597.843711][T14131] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  597.987503][T18537] ptrace attach of "/syz-executor exec"[18538] was attempted by "/syz-executor exec"[18537]
[  597.993122][   T40] audit: type=1326 audit(1748097629.050:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18536 comm="syz.3.3556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  597.993829][T14131] usb 5-1: device descriptor read/64, error -71
[  598.002166][   T40] audit: type=1326 audit(1748097629.050:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18536 comm="syz.3.3556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  598.013205][   T40] audit: type=1326 audit(1748097629.060:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18536 comm="syz.3.3556" exe="/syz-executor" sig=0 arch=40000003 syscall=376 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  598.022252][   T40] audit: type=1326 audit(1748097629.060:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18536 comm="syz.3.3556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  598.030646][   T40] audit: type=1326 audit(1748097629.060:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18536 comm="syz.3.3556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  598.037268][   T40] audit: type=1326 audit(1748097629.060:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18536 comm="syz.3.3556" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  598.044100][   T40] audit: type=1326 audit(1748097629.060:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18536 comm="syz.3.3556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  598.050795][   T40] audit: type=1326 audit(1748097629.060:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18536 comm="syz.3.3556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  598.253863][T14131] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  598.321327][T18540] random: crng reseeded on system resumption
[  598.416623][T14131] usb 5-1: device descriptor read/64, error -71
[  598.524080][T14131] usb usb5-port1: attempt power cycle
[  598.653903][T14330] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  598.803779][T14330] usb 9-1: Using ep0 maxpacket: 8
[  598.810234][T14330] usb 9-1: config 0 has no interfaces?
[  598.812351][T14330] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  598.815685][T14330] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.819810][T14330] usb 9-1: config 0 descriptor??
[  598.864210][T14131] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  598.884175][T14131] usb 5-1: device descriptor read/8, error -71
[  599.123976][T14131] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  599.144246][T14131] usb 5-1: device descriptor read/8, error -71
[  599.254331][T14131] usb usb5-port1: unable to enumerate USB device
[  599.483274][T18566] lo speed is unknown, defaulting to 1000
[  599.800813][T18574] Invalid ELF header magic: != ELF
[  599.907877][T18566] netlink: 'syz.5.3565': attribute type 1 has an invalid length.
[  599.910579][T18566] netlink: 'syz.5.3565': attribute type 3 has an invalid length.
[  599.913612][T18566] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3565'.
[  599.928089][T18566] netlink: 'syz.5.3565': attribute type 10 has an invalid length.
[  600.301600][T18566] team0: Port device wlan1 added
[  600.664104][T14131] kernel read not supported for file /sequencer (pid: 14131 comm: kworker/0:0)
[  600.913874][T18587] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  600.915976][T18587] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  600.920048][T18587] vhci_hcd vhci_hcd.0: Device attached
[  601.174162][ T6047] usb 37-1: new high-speed USB device number 15 using vhci_hcd
[  601.204027][T14430] vhci_hcd: vhci_device speed not set
[  601.422339][T14330] usb 9-1: USB disconnect, device number 17
[  601.530789][T18589] vhci_hcd: connection reset by peer
[  601.532696][T12985] vhci_hcd: stop threads
[  601.534182][T12985] vhci_hcd: release socket
[  601.535675][T12985] vhci_hcd: disconnect device
[  602.003121][T18610] random: crng reseeded on system resumption
[  602.157482][   T40] kauditd_printk_skb: 44 callbacks suppressed
[  602.157499][   T40] audit: type=1400 audit(1748097633.200:1134): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=18609 comm="syz.5.3576"
[  602.434633][T18620] Invalid ELF header magic: != ELF
[  602.682097][ T5980] vhci_hcd: vhci_device speed not set
[  603.313752][T11501] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  603.463749][T11501] usb 10-1: Using ep0 maxpacket: 8
[  603.467769][T11501] usb 10-1: config 0 has no interfaces?
[  603.469791][T11501] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  603.473530][T11501] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.478446][T11501] usb 10-1: config 0 descriptor??
[  604.022736][T18654] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  604.048763][T18654] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12)
[  604.050887][T18654] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  604.054158][T18654] vhci_hcd vhci_hcd.0: Device attached
[  604.313802][ T5980] usb 45-1: new high-speed USB device number 16 using vhci_hcd
[  604.460669][T18655] vhci_hcd: connection reset by peer
[  604.464030][ T1142] vhci_hcd: stop threads
[  604.465621][ T1142] vhci_hcd: release socket
[  604.469890][ T1142] vhci_hcd: disconnect device
[  604.748444][T18671] Invalid ELF header magic: != ELF
[  605.834471][T18690] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3601'.
[  606.081971][T14330] usb 10-1: USB disconnect, device number 8
[  606.109738][T18698] random: crng reseeded on system resumption
[  606.317864][   T40] audit: type=1400 audit(1748097637.380:1135): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=18697 comm="syz.5.3605"
[  606.363783][ T6047] vhci_hcd: vhci_device speed not set
[  606.584393][T18708] fuse: Unknown parameter 'ÿÿÿÿ0x0000000000000004'
[  607.000817][T18716] FAULT_INJECTION: forcing a failure.
[  607.000817][T18716] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  607.015167][T18716] CPU: 0 UID: 0 PID: 18716 Comm: syz.5.3610 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  607.015194][T18716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  607.015205][T18716] Call Trace:
[  607.015211][T18716]  <TASK>
[  607.015218][T18716]  dump_stack_lvl+0x16c/0x1f0
[  607.015249][T18716]  should_fail_ex+0x512/0x640
[  607.015279][T18716]  _copy_from_user+0x2e/0xd0
[  607.015297][T18716]  __sys_bpf+0x21d/0x4d80
[  607.015326][T18716]  ? __pfx___sys_bpf+0x10/0x10
[  607.015352][T18716]  ? ksys_write+0x190/0x240
[  607.015381][T18716]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  607.015422][T18716]  ? fput+0x70/0xf0
[  607.015443][T18716]  ? ksys_write+0x1b9/0x240
[  607.015459][T18716]  ? __pfx_ksys_write+0x10/0x10
[  607.015482][T18716]  __ia32_sys_bpf+0x76/0xe0
[  607.015509][T18716]  __do_fast_syscall_32+0x73/0x120
[  607.015538][T18716]  do_fast_syscall_32+0x32/0x80
[  607.015565][T18716]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  607.015587][T18716] RIP: 0023:0xf712e579
[  607.015600][T18716] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  607.015617][T18716] RSP: 002b:00000000f511e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  607.015633][T18716] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[  607.015644][T18716] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  607.015654][T18716] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  607.015665][T18716] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  607.015675][T18716] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  607.015698][T18716]  </TASK>
[  607.404304][T18731] random: crng reseeded on system resumption
[  607.536655][   T40] audit: type=1400 audit(1748097638.590:1136): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=18730 comm="syz.4.3616"
[  608.001464][T18744] FAULT_INJECTION: forcing a failure.
[  608.001464][T18744] name failslab, interval 1, probability 0, space 0, times 0
[  608.007890][T18744] CPU: 1 UID: 0 PID: 18744 Comm: syz.0.3619 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  608.007905][T18744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  608.007912][T18744] Call Trace:
[  608.007927][T18744]  <TASK>
[  608.007932][T18744]  dump_stack_lvl+0x16c/0x1f0
[  608.007952][T18744]  should_fail_ex+0x512/0x640
[  608.007967][T18744]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  608.007983][T18744]  should_failslab+0xc2/0x120
[  608.007996][T18744]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  608.008009][T18744]  ? __alloc_skb+0x2b2/0x380
[  608.008023][T18744]  __alloc_skb+0x2b2/0x380
[  608.008035][T18744]  ? __pfx___alloc_skb+0x10/0x10
[  608.008046][T18744]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  608.008061][T18744]  ? lockdep_hardirqs_on+0x7c/0x110
[  608.008082][T18744]  tipc_buf_acquire+0x26/0xe0
[  608.008095][T18744]  tipc_msg_build+0x112/0x1150
[  608.008111][T18744]  ? __pfx_tipc_msg_build+0x10/0x10
[  608.008130][T18744]  __tipc_sendmsg+0xa30/0x19a0
[  608.008147][T18744]  ? __pfx___tipc_sendmsg+0x10/0x10
[  608.008158][T18744]  ? __lock_acquire+0xaa4/0x1ba0
[  608.008176][T18744]  ? __pfx___might_resched+0x10/0x10
[  608.008188][T18744]  ? __pfx_woken_wake_function+0x10/0x10
[  608.008206][T18744]  ? __local_bh_enable_ip+0xa4/0x120
[  608.008221][T18744]  tipc_sendmsg+0x4f/0x70
[  608.008233][T18744]  ____sys_sendmsg+0xa95/0xc70
[  608.008251][T18744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  608.008266][T18744]  ? get_compat_msghdr+0x11a/0x170
[  608.008281][T18744]  ? __pfx__kstrtoull+0x10/0x10
[  608.008297][T18744]  ___sys_sendmsg+0x134/0x1d0
[  608.008311][T18744]  ? __pfx____sys_sendmsg+0x10/0x10
[  608.008330][T18744]  ? find_held_lock+0x2b/0x80
[  608.008352][T18744]  __sys_sendmmsg+0x2f9/0x420
[  608.008366][T18744]  ? __pfx___sys_sendmmsg+0x10/0x10
[  608.008390][T18744]  ? fput+0x70/0xf0
[  608.008403][T18744]  ? ksys_write+0x1b9/0x240
[  608.008416][T18744]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  608.008430][T18744]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  608.008446][T18744]  __do_fast_syscall_32+0x73/0x120
[  608.008463][T18744]  do_fast_syscall_32+0x32/0x80
[  608.008479][T18744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  608.008492][T18744] RIP: 0023:0xf7f84579
[  608.008500][T18744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  608.008511][T18744] RSP: 002b:00000000f506455c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  608.008521][T18744] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080001540
[  608.008527][T18744] RDX: 0000000000000214 RSI: 0000000020000001 RDI: 0000000000000000
[  608.008533][T18744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  608.008539][T18744] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  608.008545][T18744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  608.008558][T18744]  </TASK>
[  608.108684][ T6000] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  608.254002][ T6000] usb 10-1: Using ep0 maxpacket: 8
[  608.258635][ T6000] usb 10-1: config 0 has no interfaces?
[  608.260875][ T6000] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  608.264515][ T6000] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.275023][ T6000] usb 10-1: config 0 descriptor??
[  608.541595][ T6000] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  608.845033][ T6000] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  608.847799][ T6000] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  608.850892][ T6000] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  609.133011][T14330] kernel read not supported for file /sequencer (pid: 14330 comm: kworker/2:3)
[  609.443784][ T5980] vhci_hcd: vhci_device speed not set
[  609.651375][ T6000] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  610.336916][ T6000] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  610.407254][ T6000] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  610.410127][ T6000] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  610.412591][ T6000] usb 9-1: Product: syz
[  610.414015][ T6000] usb 9-1: Manufacturer: syz
[  610.422327][ T6000] cdc_wdm 9-1:1.0: skipping garbage
[  610.424052][ T6000] cdc_wdm 9-1:1.0: skipping garbage
[  610.426840][ T6000] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  610.428710][ T6000] cdc_wdm 9-1:1.0: Unknown control protocol
[  610.690561][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.692575][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.694630][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.696620][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.698623][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.700636][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.702667][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.704652][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.706709][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.708759][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.710825][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.712870][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.715398][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.715856][T14330] usb 10-1: USB disconnect, device number 9
[  610.717726][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.722751][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.724968][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.727010][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.728953][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.730965][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  610.733175][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  610.744117][ T6000] usb 9-1: USB disconnect, device number 18
[  610.746143][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  610.748613][T18776] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3621'.
[  610.751496][T18776] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3621'.
[  610.803957][T18776] geneve0: entered promiscuous mode
[  610.806218][T18776] geneve0: entered allmulticast mode
[  610.966632][T18785] QAT: failed to copy from user cfg_data.
[  611.113765][T14330] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  611.267568][T14330] usb 10-1: Using ep0 maxpacket: 8
[  611.275987][T14330] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  611.286001][T14330] usb 10-1: config 0 has no interface number 0
[  611.288606][T14330] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  611.293057][T14330] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  611.298598][T14330] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  611.302253][T14330] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.309006][T14330] usb 10-1: config 0 descriptor??
[  611.321472][T14330] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  611.621858][T18799] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  611.624279][T18799] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  611.630758][T18799] vhci_hcd vhci_hcd.0: Device attached
[  611.858249][T18803] /dev/sr0: Can't open blockdev
[  611.861190][T18803] netlink: 'syz.5.3630': attribute type 10 has an invalid length.
[  611.863764][ T6047] usb 37-1: new high-speed USB device number 16 using vhci_hcd
[  611.874723][T18803] veth0_vlan: left promiscuous mode
[  611.880929][T18803] veth0_vlan: entered promiscuous mode
[  611.887918][T18803] team0: Device veth0_vlan failed to register rx_handler
[  612.146000][T18800] vhci_hcd: connection reset by peer
[  612.148085][T12985] vhci_hcd: stop threads
[  612.149466][T12985] vhci_hcd: release socket
[  612.150972][T12985] vhci_hcd: disconnect device
[  612.289786][T18806] lo speed is unknown, defaulting to 1000
[  612.327502][   T40] audit: type=1326 audit(1748097643.390:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18804 comm="syz.3.3637" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x0
[  612.801142][T18816] Invalid ELF header magic: != ELF
[  612.822878][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.828342][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.831022][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.833122][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.835715][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.837936][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.840118][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.842303][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.845479][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.847609][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.850005][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.852160][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.854573][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.856991][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.859134][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.861383][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.863472][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.866011][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.868205][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.871340][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.873742][T18819] 9pnet_fd: Insufficient options for proto=fd
[  612.956331][T18823] FAULT_INJECTION: forcing a failure.
[  612.956331][T18823] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  612.960236][T18823] CPU: 3 UID: 0 PID: 18823 Comm: syz.4.3642 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  612.960251][T18823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  612.960257][T18823] Call Trace:
[  612.960262][T18823]  <TASK>
[  612.960267][T18823]  dump_stack_lvl+0x16c/0x1f0
[  612.960288][T18823]  should_fail_ex+0x512/0x640
[  612.960307][T18823]  _copy_from_user+0x2e/0xd0
[  612.960318][T18823]  bpf_test_init.isra.0+0xe2/0x140
[  612.960332][T18823]  bpf_prog_test_run_skb+0x245/0x2280
[  612.960346][T18823]  ? __fget_files+0x204/0x3c0
[  612.960359][T18823]  ? __fget_files+0x20e/0x3c0
[  612.960368][T18823]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  612.960383][T18823]  ? fput+0x70/0xf0
[  612.960397][T18823]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  612.960411][T18823]  __sys_bpf+0x1485/0x4d80
[  612.960428][T18823]  ? __pfx___sys_bpf+0x10/0x10
[  612.960444][T18823]  ? ksys_write+0x190/0x240
[  612.960456][T18823]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  612.960480][T18823]  ? fput+0x70/0xf0
[  612.960492][T18823]  ? ksys_write+0x1b9/0x240
[  612.960502][T18823]  ? __pfx_ksys_write+0x10/0x10
[  612.960515][T18823]  __ia32_sys_bpf+0x76/0xe0
[  612.960531][T18823]  __do_fast_syscall_32+0x73/0x120
[  612.960549][T18823]  do_fast_syscall_32+0x32/0x80
[  612.960569][T18823]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  612.960582][T18823] RIP: 0023:0xf703e579
[  612.960591][T18823] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  612.960602][T18823] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  612.960613][T18823] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[  612.960619][T18823] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  612.960625][T18823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  612.960631][T18823] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  612.960637][T18823] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  612.960650][T18823]  </TASK>
[  613.858139][T18838] xt_cgroup: invalid path, errno=-2
[  613.906971][T14430] usb 10-1: USB disconnect, device number 10
[  613.964143][T11501] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  613.988685][   T40] audit: type=1326 audit(1748097645.050:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18839 comm="syz.5.3648" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x0
[  614.123816][T11501] usb 5-1: Using ep0 maxpacket: 8
[  614.128268][T11501] usb 5-1: config 0 has no interfaces?
[  614.130577][T11501] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  614.136394][T11501] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.146539][T11501] usb 5-1: config 0 descriptor??
[  614.454929][T18852] Invalid ELF header magic: != ELF
[  614.874042][T18857] random: crng reseeded on system resumption
[  615.013811][   T40] audit: type=1400 audit(1748097646.050:1139): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=18856 comm="syz.5.3653"
[  615.260569][T14430] kernel read not supported for file /sequencer (pid: 14430 comm: kworker/1:4)
[  615.838488][T18875] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  615.841308][T18875] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  615.847652][T18875] vhci_hcd vhci_hcd.0: Device attached
[  616.114153][T14430] usb 43-1: new high-speed USB device number 25 using vhci_hcd
[  616.400445][T18876] vhci_hcd: connection reset by peer
[  616.404892][T12987] vhci_hcd: stop threads
[  616.406383][T12987] vhci_hcd: release socket
[  616.412266][T12987] vhci_hcd: disconnect device
[  616.713616][T18888] Invalid ELF header magic: != ELF
[  616.734416][T14330] usb 5-1: USB disconnect, device number 36
[  616.763608][   T40] audit: type=1326 audit(1748097647.820:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18891 comm="syz.0.3664" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0
[  616.985466][ T6047] vhci_hcd: vhci_device speed not set
[  616.988249][T18901] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  617.023543][ T6000] kernel read not supported for file /sequencer (pid: 6000 comm: kworker/0:5)
[  617.714596][   T29] usb 8-1: new high-speed USB device number 44 using dummy_hcd
[  617.833955][T11501] kernel read not supported for file /sequencer (pid: 11501 comm: kworker/3:4)
[  617.851021][T18932] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  617.853047][T18932] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  617.858428][T18932] vhci_hcd vhci_hcd.0: Device attached
[  617.903808][   T29] usb 8-1: Using ep0 maxpacket: 8
[  617.911572][   T29] usb 8-1: config 0 has no interfaces?
[  617.913704][   T29] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  617.916549][   T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  618.025900][   T29] usb 8-1: config 0 descriptor??
[  618.143778][   T59] usb 45-1: new high-speed USB device number 17 using vhci_hcd
[  618.410454][T18934] vhci_hcd: connection reset by peer
[  618.413512][ T8767] vhci_hcd: stop threads
[  618.416258][ T8767] vhci_hcd: release socket
[  618.418723][ T8767] vhci_hcd: disconnect device
[  619.128046][T18951] Invalid ELF header magic: != ELF
[  619.588443][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3686'.
[  620.420789][T11501] usb 8-1: USB disconnect, device number 44
[  621.064449][   T40] audit: type=1326 audit(1748097652.130:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18986 comm="syz.5.3693" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x0
[  621.072635][T18985] netlink: 'syz.4.3691': attribute type 4 has an invalid length.
[  621.139053][T18988] netlink: 'syz.4.3691': attribute type 4 has an invalid length.
[  621.203800][T14430] vhci_hcd: vhci_device speed not set
[  621.625992][T19002] Invalid ELF header magic: != ELF
[  622.404251][T19014] random: crng reseeded on system resumption
[  622.519347][T19020] netlink: 80 bytes leftover after parsing attributes in process `syz.4.3701'.
[  622.536600][   T40] audit: type=1400 audit(1748097653.600:1142): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=19012 comm="syz.0.3700"
[  622.700485][T19023] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3702'.
[  623.293773][   T59] vhci_hcd: vhci_device speed not set
[  623.379735][T19032] overlayfs: missing 'lowerdir'
[  623.574831][T19040] binder: 19030:19040 ioctl c0046209 0 returned -22
[  623.586090][T19040] tipc: Started in network mode
[  623.587670][T19040] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  623.591070][T19040] tipc: Enabled bearer <eth:team0>, priority 0
[  623.785809][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  624.557932][T19058] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  624.579429][T19058] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12)
[  624.579458][T19058] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  624.583310][T19058] vhci_hcd vhci_hcd.0: Device attached
[  624.715167][T11501] tipc: Node number set to 11578026
[  624.823748][   T59] usb 45-1: new high-speed USB device number 18 using vhci_hcd
[  625.111334][T19062] random: crng reseeded on system resumption
[  625.136629][T19059] vhci_hcd: connection reset by peer
[  625.138660][ T8767] vhci_hcd: stop threads
[  625.140102][ T8767] vhci_hcd: release socket
[  625.144056][ T8767] vhci_hcd: disconnect device
[  625.251392][   T40] audit: type=1400 audit(1748097656.300:1143): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=19061 comm="syz.3.3713"
[  625.487419][T19068] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  625.639802][T19068] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  625.642567][T19068] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  625.657670][T19068] vhci_hcd vhci_hcd.0: Device attached
[  625.954490][T14430] usb 37-1: new high-speed USB device number 17 using vhci_hcd
[  626.000136][T19072] vhci_hcd: connection reset by peer
[  626.003195][   T65] vhci_hcd: stop threads
[  626.004785][   T65] vhci_hcd: release socket
[  626.006586][   T65] vhci_hcd: disconnect device
[  626.419198][T19092] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  626.421902][T19092] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  626.425414][T19092] vhci_hcd vhci_hcd.0: Device attached
[  626.547120][T19096] FAULT_INJECTION: forcing a failure.
[  626.547120][T19096] name failslab, interval 1, probability 0, space 0, times 0
[  626.550959][T19096] CPU: 2 UID: 0 PID: 19096 Comm: syz.4.3721 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  626.550974][T19096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  626.550981][T19096] Call Trace:
[  626.550986][T19096]  <TASK>
[  626.550991][T19096]  dump_stack_lvl+0x16c/0x1f0
[  626.551010][T19096]  should_fail_ex+0x512/0x640
[  626.551029][T19096]  should_failslab+0xc2/0x120
[  626.551043][T19096]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  626.551056][T19096]  ? skb_clone+0x190/0x3f0
[  626.551072][T19096]  skb_clone+0x190/0x3f0
[  626.551085][T19096]  bpf_clone_redirect+0xb2/0x3f0
[  626.551103][T19096]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  626.551113][T19096]  ? __kernel_text_address+0xd/0x40
[  626.551123][T19096]  ? unwind_get_return_address+0x59/0xa0
[  626.551138][T19096]  ? __lock_acquire+0xaa4/0x1ba0
[  626.551153][T19096]  ? __lock_acquire+0x5ca/0x1ba0
[  626.551171][T19096]  ? find_held_lock+0x2b/0x80
[  626.551183][T19096]  ? ktime_get+0x200/0x310
[  626.551194][T19096]  ? lockdep_hardirqs_on+0x7c/0x110
[  626.551210][T19096]  ? __pfx___cant_migrate+0x10/0x10
[  626.551223][T19096]  ? bpf_test_timer_continue+0x150/0x3c0
[  626.551238][T19096]  bpf_test_run+0x48c/0xa70
[  626.551254][T19096]  ? __pfx_bpf_test_run+0x10/0x10
[  626.551276][T19096]  ? __asan_memset+0x23/0x50
[  626.551288][T19096]  bpf_prog_test_run_skb+0xb92/0x2280
[  626.551306][T19096]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  626.551321][T19096]  ? fput+0x70/0xf0
[  626.551336][T19096]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  626.551349][T19096]  __sys_bpf+0x1485/0x4d80
[  626.551367][T19096]  ? __pfx___sys_bpf+0x10/0x10
[  626.551389][T19096]  ? ksys_write+0x190/0x240
[  626.551401][T19096]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  626.551425][T19096]  ? fput+0x70/0xf0
[  626.551437][T19096]  ? ksys_write+0x1b9/0x240
[  626.551447][T19096]  ? __pfx_ksys_write+0x10/0x10
[  626.551460][T19096]  __ia32_sys_bpf+0x76/0xe0
[  626.551476][T19096]  __do_fast_syscall_32+0x73/0x120
[  626.551493][T19096]  do_fast_syscall_32+0x32/0x80
[  626.551509][T19096]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  626.551523][T19096] RIP: 0023:0xf703e579
[  626.551531][T19096] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  626.551542][T19096] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  626.551552][T19096] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[  626.551558][T19096] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  626.551564][T19096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  626.551570][T19096] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  626.551576][T19096] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  626.551588][T19096]  </TASK>
[  626.641062][    C2] vkms_vblank_simulate: vblank timer overrun
[  626.762258][T19098] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3722'.
[  626.803723][ T5980] usb 43-1: new high-speed USB device number 26 using vhci_hcd
[  627.001118][T19093] vhci_hcd: connection reset by peer
[  627.003030][   T65] vhci_hcd: stop threads
[  627.004698][   T65] vhci_hcd: release socket
[  627.006204][   T65] vhci_hcd: disconnect device
[  627.222736][T19113] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3729'.
[  627.226854][T19113] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3729'.
[  628.241641][T19144] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3733'.
[  629.289819][T19211] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  629.292086][T19211] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  629.328303][T19211] vhci_hcd vhci_hcd.0: Device attached
[  629.866550][T19212] vhci_hcd: connection reset by peer
[  629.868535][   T65] vhci_hcd: stop threads
[  629.869911][   T65] vhci_hcd: release socket
[  629.875523][   T65] vhci_hcd: disconnect device
[  629.933910][   T59] vhci_hcd: vhci_device speed not set
[  630.003578][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3748'.
[  630.342603][T19231] netlink: 'syz.3.3750': attribute type 1 has an invalid length.
[  630.681084][  T835] kernel read not supported for file /sequencer (pid: 835 comm: kworker/3:2)
[  630.712838][T19248] FAULT_INJECTION: forcing a failure.
[  630.712838][T19248] name failslab, interval 1, probability 0, space 0, times 0
[  630.717002][T19248] CPU: 2 UID: 0 PID: 19248 Comm: syz.3.3755 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  630.717023][T19248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  630.717029][T19248] Call Trace:
[  630.717033][T19248]  <TASK>
[  630.717038][T19248]  dump_stack_lvl+0x16c/0x1f0
[  630.717058][T19248]  should_fail_ex+0x512/0x640
[  630.717076][T19248]  should_failslab+0xc2/0x120
[  630.717090][T19248]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  630.717104][T19248]  ? skb_clone+0x190/0x3f0
[  630.717120][T19248]  skb_clone+0x190/0x3f0
[  630.717134][T19248]  bpf_clone_redirect+0xb2/0x3f0
[  630.717151][T19248]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  630.717161][T19248]  ? __kernel_text_address+0xd/0x40
[  630.717171][T19248]  ? unwind_get_return_address+0x59/0xa0
[  630.717187][T19248]  ? __lock_acquire+0xaa4/0x1ba0
[  630.717202][T19248]  ? __lock_acquire+0x5ca/0x1ba0
[  630.717220][T19248]  ? find_held_lock+0x2b/0x80
[  630.717232][T19248]  ? ktime_get+0x200/0x310
[  630.717243][T19248]  ? lockdep_hardirqs_on+0x7c/0x110
[  630.717259][T19248]  ? __pfx___cant_migrate+0x10/0x10
[  630.717272][T19248]  ? bpf_test_timer_continue+0x150/0x3c0
[  630.717287][T19248]  bpf_test_run+0x48c/0xa70
[  630.717304][T19248]  ? __pfx_bpf_test_run+0x10/0x10
[  630.717327][T19248]  ? __asan_memset+0x23/0x50
[  630.717339][T19248]  bpf_prog_test_run_skb+0xb92/0x2280
[  630.717362][T19248]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  630.717377][T19248]  ? fput+0x70/0xf0
[  630.717391][T19248]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  630.717405][T19248]  __sys_bpf+0x1485/0x4d80
[  630.717422][T19248]  ? __pfx___sys_bpf+0x10/0x10
[  630.717437][T19248]  ? ksys_write+0x190/0x240
[  630.717449][T19248]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  630.717473][T19248]  ? fput+0x70/0xf0
[  630.717485][T19248]  ? ksys_write+0x1b9/0x240
[  630.717495][T19248]  ? __pfx_ksys_write+0x10/0x10
[  630.717508][T19248]  __ia32_sys_bpf+0x76/0xe0
[  630.717524][T19248]  __do_fast_syscall_32+0x73/0x120
[  630.717541][T19248]  do_fast_syscall_32+0x32/0x80
[  630.717557][T19248]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  630.717571][T19248] RIP: 0023:0xf70ce579
[  630.717579][T19248] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  630.717590][T19248] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  630.717600][T19248] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[  630.717607][T19248] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  630.717613][T19248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  630.717619][T19248] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  630.717625][T19248] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  630.717637][T19248]  </TASK>
[  630.813722][    C2] vkms_vblank_simulate: vblank timer overrun
[  630.999003][T19258] 9pnet_fd: Insufficient options for proto=fd
[  631.103867][T14430] vhci_hcd: vhci_device speed not set
[  631.366088][T19266] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  631.398758][T19266] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  631.401371][T19266] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  631.404823][T19266] vhci_hcd vhci_hcd.0: Device attached
[  631.923492][T14430] usb 37-1: device descriptor read/64, error -110
[  631.926875][ T5980] vhci_hcd: vhci_device speed not set
[  632.163917][T14430] usb 37-1: new high-speed USB device number 18 using vhci_hcd
[  632.304609][T19267] vhci_hcd: connection reset by peer
[  632.327732][ T8767] vhci_hcd: stop threads
[  632.329389][ T8767] vhci_hcd: release socket
[  632.344784][ T8767] vhci_hcd: disconnect device
[  632.362679][T19274] fuse: Unknown parameter 'fU&tj·0x000000000000000a'
[  632.922364][T19285] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  632.924491][T19285] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  632.927206][T19285] vhci_hcd vhci_hcd.0: Device attached
[  633.101064][T19291] random: crng reseeded on system resumption
[  633.350135][ T5980] usb 43-1: new high-speed USB device number 27 using vhci_hcd
[  633.582775][T19286] vhci_hcd: connection reset by peer
[  633.587024][   T65] vhci_hcd: stop threads
[  633.588821][   T65] vhci_hcd: release socket
[  633.592666][   T65] vhci_hcd: disconnect device
[  634.461712][T19319] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3773'.
[  634.625595][T19324] random: crng reseeded on system resumption
[  634.633740][T19324] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3775'.
[  634.705279][T19327] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  634.717952][T19327] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(12)
[  634.720081][T19327] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  634.726656][T19327] vhci_hcd vhci_hcd.0: Device attached
[  634.974038][ T1331] usb 47-1: new high-speed USB device number 7 using vhci_hcd
[  635.153713][  T835] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  635.313735][  T835] usb 9-1: Using ep0 maxpacket: 8
[  635.317491][  T835] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  635.322160][  T835] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  635.326404][  T835] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  635.330041][  T835] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  635.334879][  T835] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  635.338193][  T835] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.341755][T19328] vhci_hcd: connection reset by peer
[  635.344157][   T65] vhci_hcd: stop threads
[  635.346007][   T65] vhci_hcd: release socket
[  635.348010][   T65] vhci_hcd: disconnect device
[  635.552856][  T835] usb 9-1: GET_CAPABILITIES returned 0
[  635.554696][  T835] usbtmc 9-1:16.0: can't read capabilities
[  635.754795][T19338] CIFS mount error: No usable UNC path provided in device string!
[  635.754795][T19338] 
[  635.759519][T19338] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  635.819485][  T834] usb 9-1: USB disconnect, device number 19
[  635.910078][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.913590][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.916769][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.920281][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.927184][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.930833][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.935107][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.938054][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.941008][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.944780][T19349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.986688][T19354] program syz.5.3784 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  637.100243][T19386] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  637.162109][T19386] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  637.164935][T19386] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  637.179460][T19386] vhci_hcd vhci_hcd.0: Device attached
[  637.540891][T19407] lo speed is unknown, defaulting to 1000
[  637.701308][T19388] vhci_hcd: connection reset by peer
[  637.714185][ T1142] vhci_hcd: stop threads
[  637.717303][ T1142] vhci_hcd: release socket
[  637.718815][ T1142] vhci_hcd: disconnect device
[  637.784210][T14430] vhci_hcd: vhci_device speed not set
[  637.813916][  T834] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  637.963713][  T834] usb 10-1: Using ep0 maxpacket: 16
[  637.966769][  T834] usb 10-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  637.970286][  T834] usb 10-1: config 0 interface 0 has no altsetting 0
[  637.972410][  T834] usb 10-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  637.975312][  T834] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  637.980470][  T834] usb 10-1: config 0 descriptor??
[  637.985387][  T834] usbhid 10-1:0.0: can't add hid device: -22
[  637.987505][  T834] usbhid 10-1:0.0: probe with driver usbhid failed with error -22
[  638.080355][   T40] audit: type=1326 audit(1748097669.140:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19421 comm="syz.4.3803" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x0
[  638.186270][  T834] usb 10-1: USB disconnect, device number 11
[  638.200344][T19425] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  638.276966][T19428] syz_tun: entered allmulticast mode
[  638.278797][T19428] syz_tun: left allmulticast mode
[  638.493738][ T5980] vhci_hcd: vhci_device speed not set
[  639.612525][T19474] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3815'.
[  640.097124][ T1331] vhci_hcd: vhci_device speed not set
[  640.607421][T19490] 8021q: adding VLAN 0 to HW filter on device bond1
[  641.390433][   T40] audit: type=1804 audit(1748097672.450:1145): pid=19519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3827" name="/newroot/316/bus" dev="tmpfs" ino=1740 res=1 errno=0
[  642.004304][T14131] kernel read not supported for file /sequencer (pid: 14131 comm: kworker/0:0)
[  642.549936][T19539] netlink: 'syz.4.3832': attribute type 4 has an invalid length.
[  643.360728][T19551] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  643.433426][T19551] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  643.435551][T19551] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  643.438141][T19551] vhci_hcd vhci_hcd.0: Device attached
[  643.703793][ T1331] usb 37-1: new high-speed USB device number 19 using vhci_hcd
[  643.908166][T19556] vhci_hcd: connection reset by peer
[  643.910436][ T8767] vhci_hcd: stop threads
[  643.912266][ T8767] vhci_hcd: release socket
[  643.914359][ T8767] vhci_hcd: disconnect device
[  644.016551][T19560] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3845'.
[  644.019435][T19560] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  644.021901][T19560] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  644.333332][T19567] random: crng reseeded on system resumption
[  645.278335][T14131] kernel read not supported for file /sequencer (pid: 14131 comm: kworker/0:0)
[  645.312580][T19584] digital: digital_start_poll: Unknown protocol
[  645.317139][   T40] audit: type=1326 audit(1748097676.380:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19583 comm="syz.5.3844" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x0
[  645.342625][T19578] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3842'.
[  646.773718][T11501] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  646.933864][T11501] usb 9-1: Using ep0 maxpacket: 8
[  646.942444][T11501] usb 9-1: config 0 has no interfaces?
[  646.945412][T11501] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  646.948885][T11501] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.951185][T19623] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  646.954440][T11501] usb 9-1: config 0 descriptor??
[  646.968122][   T40] audit: type=1326 audit(1748097678.030:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19624 comm="syz.3.3858" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x0
[  646.969752][T19623] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(12)
[  646.979308][T19623] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  646.982526][T19623] vhci_hcd vhci_hcd.0: Device attached
[  647.223785][ T6047] usb 47-1: new high-speed USB device number 8 using vhci_hcd
[  647.419836][T19632] team0: Refused to change device type
[  647.519131][T19626] vhci_hcd: connection reset by peer
[  647.522034][T12987] vhci_hcd: stop threads
[  647.527166][T12987] vhci_hcd: release socket
[  647.529259][T12987] vhci_hcd: disconnect device
[  648.309977][T19645] program syz.3.3862 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  648.813768][ T1331] vhci_hcd: vhci_device speed not set
[  649.459152][T14430] kernel read not supported for file /sequencer (pid: 14430 comm: kworker/1:4)
[  649.540402][   T29] usb 9-1: USB disconnect, device number 20
[  649.606968][T19664] trusted_key: encrypted_key: insufficient parameters specified
[  649.618814][T19664] ucma_write: process 1300 (syz.0.3868) changed security contexts after opening file descriptor, this is not allowed.
[  649.624909][   T40] audit: type=1326 audit(1748097680.690:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19662 comm="syz.0.3868" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0
[  649.652958][T19669] netlink: 84 bytes leftover after parsing attributes in process `syz.5.3870'.
[  649.897133][T19674] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  649.907845][T19674] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[  649.910480][T19674] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  649.913582][T19674] vhci_hcd vhci_hcd.0: Device attached
[  649.962077][T19678] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3871'.
[  649.962093][T19679] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3871'.
[  649.965088][T19678] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3871'.
[  649.968678][T19679] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3871'.
[  650.173701][   T29] usb 43-1: new high-speed USB device number 28 using vhci_hcd
[  650.472873][T19675] vhci_hcd: connection reset by peer
[  650.476993][   T65] vhci_hcd: stop threads
[  650.478565][   T65] vhci_hcd: release socket
[  650.480053][   T65] vhci_hcd: disconnect device
[  650.483030][T19688] 9pnet_fd: Insufficient options for proto=fd
[  650.488071][T19688] netlink: 348 bytes leftover after parsing attributes in process `syz.0.3873'.
[  650.491640][T19688] netlink: 348 bytes leftover after parsing attributes in process `syz.0.3873'.
[  650.612954][T11501] kernel read not supported for file /sequencer (pid: 11501 comm: kworker/3:4)
[  650.671730][T19695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3876'.
[  650.678140][T19695] macvtap1: entered promiscuous mode
[  650.679813][T19695] mac80211_hwsim hwsim15 wlan1: entered promiscuous mode
[  650.784347][T19695] mac80211_hwsim hwsim15 wlan1: left promiscuous mode
[  650.966479][T14131] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  651.107964][T19705] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3880'.
[  651.108917][T19703] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  651.127035][T19703] batman_adv: batadv0: Adding interface: gretap1
[  651.129102][T19703] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  651.139734][T14131] usb 9-1: Using ep0 maxpacket: 8
[  651.149862][T14131] usb 9-1: config 0 has no interfaces?
[  651.152197][T14131] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  651.156947][T14131] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  651.163786][T19703] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  651.168608][T14131] usb 9-1: config 0 descriptor??
[  651.764843][T14430] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  651.926963][T14430] usb 5-1: unable to get BOS descriptor or descriptor too short
[  651.930793][T14430] usb 5-1: config 1 interface 0 altsetting 170 bulk endpoint 0x82 has invalid maxpacket 16
[  651.936018][T14430] usb 5-1: config 1 interface 0 has no altsetting 0
[  651.941013][T14430] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  651.946522][T14430] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  651.949158][T14430] usb 5-1: Product: syz
[  651.950628][T14430] usb 5-1: Manufacturer: syz
[  651.952168][T14430] usb 5-1: SerialNumber: syz
[  651.958941][T19709] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  652.260922][T14430] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[  652.277104][T14430] usb 5-1: USB disconnect, device number 37
[  652.343790][ T6047] vhci_hcd: vhci_device speed not set
[  652.525125][ T1331] kernel read not supported for file /sequencer (pid: 1331 comm: kworker/1:2)
[  652.803857][ T1331] usb 8-1: new high-speed USB device number 45 using dummy_hcd
[  652.954788][ T1331] usb 8-1: Using ep0 maxpacket: 32
[  652.958652][ T1331] usb 8-1: config 0 has an invalid interface number: 12 but max is 0
[  652.961659][ T1331] usb 8-1: config 0 has no interface number 0
[  652.966936][ T1331] usb 8-1: config 0 interface 12 has no altsetting 0
[  652.970493][T19744] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3888'.
[  652.971357][ T1331] usb 8-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  652.978211][ T1331] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  652.981127][ T1331] usb 8-1: Product: syz
[  652.982763][ T1331] usb 8-1: Manufacturer: syz
[  652.986104][ T1331] usb 8-1: SerialNumber: syz
[  652.989598][ T1331] usb 8-1: config 0 descriptor??
[  652.995005][ T1331] f81534 8-1:0.12: required endpoints missing
[  653.448176][T19740] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  653.454925][T19740] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  653.473042][T11501] usb 8-1: USB disconnect, device number 45
[  653.478227][T19762] netlink: 'syz.5.3891': attribute type 4 has an invalid length.
[  653.699785][T19762] netlink: 52 bytes leftover after parsing attributes in process `syz.5.3891'.
[  653.734312][T11501] usb 9-1: USB disconnect, device number 21
[  653.938466][T19771] netlink: 'syz.4.3892': attribute type 1 has an invalid length.
[  654.009327][T19773] netlink: 'syz.3.3894': attribute type 29 has an invalid length.
[  654.013103][T19773] netlink: 'syz.3.3894': attribute type 29 has an invalid length.
[  654.016536][T19773] netlink: 'syz.3.3894': attribute type 29 has an invalid length.
[  654.089154][T19777] lo speed is unknown, defaulting to 1000
[  654.120060][ T6047] kernel read not supported for file /sequencer (pid: 6047 comm: kworker/1:6)
[  655.303810][   T29] vhci_hcd: vhci_device speed not set
[  655.316456][  T834] kernel read not supported for file /sequencer (pid: 834 comm: kworker/2:2)
[  655.977482][T19844] Invalid ELF header magic: != ELF
[  656.261767][T19845] lo speed is unknown, defaulting to 1000
[  656.845426][   T29] kernel read not supported for file /sequencer (pid: 29 comm: kworker/1:0)
[  656.923810][T19861] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  656.932529][T19861] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3921'.
[  656.938988][T19861] netlink: 84 bytes leftover after parsing attributes in process `syz.5.3921'.
[  656.943705][T19861] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  657.193365][T19877] Invalid ELF header magic: != ELF
[  657.561928][T19882] trusted_key: encrypted_key: insufficient parameters specified
[  657.879737][T19894] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3930'.
[  659.411090][T19931] overlayfs: failed to resolve 'fowner<00000000000000000000': -2
[  659.416428][T19929] Invalid ELF header magic: != ELF
[  659.945403][T19945] random: crng reseeded on system resumption
[  659.951682][T19945] Unrecognized hibernate image header format!
[  659.954582][T19945] PM: hibernation: Image mismatch: architecture specific data
[  660.494904][T19961] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  660.496928][T19961] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  660.510656][T19961] vhci_hcd vhci_hcd.0: Device attached
[  661.029620][T19962] vhci_hcd: connection closed
[  661.029947][ T8767] vhci_hcd: stop threads
[  661.032983][ T8767] vhci_hcd: release socket
[  661.034593][ T8767] vhci_hcd: disconnect device
[  661.093903][ T6047] vhci_hcd: vhci_device speed not set
[  661.848785][T19987] trusted_key: encrypted_key: insufficient parameters specified
[  661.879028][   T40] audit: type=1326 audit(1748097692.940:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19988 comm="syz.4.3960" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703e579 code=0x0
[  661.913783][T19991] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3959'.
[  662.535134][   T40] audit: type=1326 audit(1748097693.600:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19996 comm="syz.5.3962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  662.542956][   T40] audit: type=1326 audit(1748097693.600:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19996 comm="syz.5.3962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  662.551893][   T40] audit: type=1326 audit(1748097693.600:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19996 comm="syz.5.3962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  662.571677][   T40] audit: type=1326 audit(1748097693.600:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19996 comm="syz.5.3962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  662.584216][   T40] audit: type=1326 audit(1748097693.600:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19996 comm="syz.5.3962" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf712e579 code=0x7ffc0000
[  662.604140][   T40] audit: type=1326 audit(1748097693.640:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19996 comm="syz.5.3962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  662.616796][   T40] audit: type=1326 audit(1748097693.640:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19996 comm="syz.5.3962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  662.625991][   T40] audit: type=1326 audit(1748097693.640:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19996 comm="syz.5.3962" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf712e579 code=0x7ffc0000
[  662.634823][   T40] audit: type=1326 audit(1748097693.640:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19996 comm="syz.5.3962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  662.654475][T19998] overlayfs: upper fs does not support tmpfile.
[  663.537460][T20024] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3971'.
[  664.245891][T20041] Invalid ELF header magic: != ELF
[  664.411194][T20043] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  664.431138][T20043] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  664.433652][T20043] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  664.436692][T20043] vhci_hcd vhci_hcd.0: Device attached
[  664.694156][ T6047] usb 37-1: new high-speed USB device number 21 using vhci_hcd
[  664.777949][T20056] netlink: 'syz.4.3978': attribute type 4 has an invalid length.
[  664.780396][T20056] netlink: 17 bytes leftover after parsing attributes in process `syz.4.3978'.
[  664.846916][T20044] vhci_hcd: connection reset by peer
[  664.849149][ T8767] vhci_hcd: stop threads
[  664.850548][ T8767] vhci_hcd: release socket
[  664.852932][ T8767] vhci_hcd: disconnect device
[  667.007978][  T834] kernel read not supported for file /sequencer (pid: 834 comm: kworker/2:2)
[  667.343817][  T835] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  667.493715][  T835] usb 5-1: Using ep0 maxpacket: 16
[  667.496848][  T835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  667.500247][  T835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  667.503543][  T835] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  667.507949][  T835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  667.515226][  T835] usb 5-1: config 0 descriptor??
[  667.621409][T20103] FAULT_INJECTION: forcing a failure.
[  667.621409][T20103] name failslab, interval 1, probability 0, space 0, times 0
[  667.625683][T20103] CPU: 0 UID: 0 PID: 20103 Comm: syz.5.3990 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  667.625697][T20103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  667.625704][T20103] Call Trace:
[  667.625708][T20103]  <TASK>
[  667.625713][T20103]  dump_stack_lvl+0x16c/0x1f0
[  667.625732][T20103]  should_fail_ex+0x512/0x640
[  667.625750][T20103]  should_failslab+0xc2/0x120
[  667.625765][T20103]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  667.625778][T20103]  ? skb_clone+0x190/0x3f0
[  667.625798][T20103]  skb_clone+0x190/0x3f0
[  667.625811][T20103]  bpf_clone_redirect+0xb2/0x3f0
[  667.625828][T20103]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  667.625838][T20103]  ? __kernel_text_address+0xd/0x40
[  667.625848][T20103]  ? unwind_get_return_address+0x59/0xa0
[  667.625863][T20103]  ? __lock_acquire+0xaa4/0x1ba0
[  667.625878][T20103]  ? __lock_acquire+0x5ca/0x1ba0
[  667.625896][T20103]  ? find_held_lock+0x2b/0x80
[  667.625908][T20103]  ? ktime_get+0x200/0x310
[  667.625920][T20103]  ? lockdep_hardirqs_on+0x7c/0x110
[  667.625936][T20103]  ? __pfx___cant_migrate+0x10/0x10
[  667.625949][T20103]  ? bpf_test_timer_continue+0x150/0x3c0
[  667.625963][T20103]  bpf_test_run+0x48c/0xa70
[  667.625978][T20103]  ? __pfx_bpf_test_run+0x10/0x10
[  667.626001][T20103]  ? __asan_memset+0x23/0x50
[  667.626013][T20103]  bpf_prog_test_run_skb+0xb92/0x2280
[  667.626031][T20103]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  667.626046][T20103]  ? fput+0x70/0xf0
[  667.626060][T20103]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  667.626073][T20103]  __sys_bpf+0x1485/0x4d80
[  667.626091][T20103]  ? __pfx___sys_bpf+0x10/0x10
[  667.626107][T20103]  ? ksys_write+0x190/0x240
[  667.626119][T20103]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  667.626142][T20103]  ? fput+0x70/0xf0
[  667.626154][T20103]  ? ksys_write+0x1b9/0x240
[  667.626164][T20103]  ? __pfx_ksys_write+0x10/0x10
[  667.626176][T20103]  __ia32_sys_bpf+0x76/0xe0
[  667.626192][T20103]  __do_fast_syscall_32+0x73/0x120
[  667.626209][T20103]  do_fast_syscall_32+0x32/0x80
[  667.626226][T20103]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  667.626239][T20103] RIP: 0023:0xf712e579
[  667.626247][T20103] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  667.626257][T20103] RSP: 002b:00000000f511e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  667.626268][T20103] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[  667.626274][T20103] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  667.626280][T20103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  667.626286][T20103] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  667.626292][T20103] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  667.626304][T20103]  </TASK>
[  667.842257][T20108] bridge0: port 1(bridge_slave_0) entered disabled state
[  667.847464][T20108] bridge0: port 2(bridge_slave_1) entered disabled state
[  667.933031][  T835] appleir 0003:05AC:8241.0014: unknown main item tag 0x0
[  667.935506][  T835] appleir 0003:05AC:8241.0014: unknown main item tag 0x0
[  667.937682][  T835] appleir 0003:05AC:8241.0014: unknown main item tag 0x0
[  667.940514][  T835] appleir 0003:05AC:8241.0014: unknown main item tag 0x0
[  667.943190][  T835] appleir 0003:05AC:8241.0014: unknown main item tag 0x0
[  667.946141][  T835] appleir 0003:05AC:8241.0014: No inputs registered, leaving
[  667.953180][  T835] appleir 0003:05AC:8241.0014: hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  668.153872][T20119] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3995'.
[  668.526132][T11501] usb 5-1: USB disconnect, device number 38
[  669.341594][T20155] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  669.362121][T20155] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[  669.364421][T20155] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  669.368162][T20155] vhci_hcd vhci_hcd.0: Device attached
[  669.724145][   T29] usb 43-1: new high-speed USB device number 29 using vhci_hcd
[  669.883775][T20156] vhci_hcd: connection reset by peer
[  669.886226][T12987] vhci_hcd: stop threads
[  669.888076][T12987] vhci_hcd: release socket
[  669.890337][T12987] vhci_hcd: disconnect device
[  669.932794][ T6047] vhci_hcd: vhci_device speed not set
[  670.572541][T20189] FAULT_INJECTION: forcing a failure.
[  670.572541][T20189] name failslab, interval 1, probability 0, space 0, times 0
[  670.576825][T20189] CPU: 3 UID: 0 PID: 20189 Comm: syz.0.4012 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  670.576840][T20189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  670.576847][T20189] Call Trace:
[  670.576851][T20189]  <TASK>
[  670.576856][T20189]  dump_stack_lvl+0x16c/0x1f0
[  670.576875][T20189]  should_fail_ex+0x512/0x640
[  670.576893][T20189]  should_failslab+0xc2/0x120
[  670.576907][T20189]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  670.576920][T20189]  ? skb_clone+0x190/0x3f0
[  670.576937][T20189]  skb_clone+0x190/0x3f0
[  670.576951][T20189]  bpf_clone_redirect+0xb2/0x3f0
[  670.576968][T20189]  bpf_prog_c08ef512837047f4+0x62/0x6b
[  670.576978][T20189]  ? __kernel_text_address+0xd/0x40
[  670.576989][T20189]  ? unwind_get_return_address+0x59/0xa0
[  670.577004][T20189]  ? __lock_acquire+0xaa4/0x1ba0
[  670.577019][T20189]  ? __lock_acquire+0x5ca/0x1ba0
[  670.577036][T20189]  ? find_held_lock+0x2b/0x80
[  670.577048][T20189]  ? ktime_get+0x200/0x310
[  670.577060][T20189]  ? lockdep_hardirqs_on+0x7c/0x110
[  670.577077][T20189]  ? __pfx___cant_migrate+0x10/0x10
[  670.577089][T20189]  ? bpf_test_timer_continue+0x150/0x3c0
[  670.577107][T20189]  bpf_test_run+0x48c/0xa70
[  670.577122][T20189]  ? __pfx_bpf_test_run+0x10/0x10
[  670.577145][T20189]  ? __asan_memset+0x23/0x50
[  670.577157][T20189]  bpf_prog_test_run_skb+0xb92/0x2280
[  670.577175][T20189]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  670.577190][T20189]  ? fput+0x70/0xf0
[  670.577204][T20189]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  670.577218][T20189]  __sys_bpf+0x1485/0x4d80
[  670.577236][T20189]  ? __pfx___sys_bpf+0x10/0x10
[  670.577251][T20189]  ? ksys_write+0x190/0x240
[  670.577263][T20189]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  670.577287][T20189]  ? fput+0x70/0xf0
[  670.577299][T20189]  ? ksys_write+0x1b9/0x240
[  670.577309][T20189]  ? __pfx_ksys_write+0x10/0x10
[  670.577322][T20189]  __ia32_sys_bpf+0x76/0xe0
[  670.577338][T20189]  __do_fast_syscall_32+0x73/0x120
[  670.577355][T20189]  do_fast_syscall_32+0x32/0x80
[  670.577371][T20189]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  670.577385][T20189] RIP: 0023:0xf7f84579
[  670.577393][T20189] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  670.577404][T20189] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  670.577414][T20189] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[  670.577420][T20189] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  670.577426][T20189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  670.577432][T20189] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  670.577438][T20189] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  670.577450][T20189]  </TASK>
[  670.772082][T20195] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4013'.
[  670.827889][T20198] netlink: 'syz.3.4013': attribute type 4 has an invalid length.
[  671.800203][T20210] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4014'.
[  672.422441][T20228] netlink: 'syz.0.4025': attribute type 1 has an invalid length.
[  672.425009][T20228] netlink: 236 bytes leftover after parsing attributes in process `syz.0.4025'.
[  672.673759][  T835] usb 8-1: new high-speed USB device number 46 using dummy_hcd
[  672.824647][  T835] usb 8-1: Using ep0 maxpacket: 8
[  672.828011][  T835] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  672.831337][  T835] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  672.834685][  T835] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  672.837753][  T835] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  672.841677][  T835] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  672.845651][  T835] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  673.059422][  T835] usb 8-1: GET_CAPABILITIES returned 0
[  673.061255][  T835] usbtmc 8-1:16.0: can't read capabilities
[  673.273120][T14131] usb 8-1: USB disconnect, device number 46
[  674.823793][   T29] vhci_hcd: vhci_device speed not set
[  675.335623][T20266] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  675.469392][T20266] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[  675.471572][T20266] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  675.512748][T20266] vhci_hcd vhci_hcd.0: Device attached
[  676.045670][T20275] vhci_hcd: connection closed
[  676.050585][T12989] vhci_hcd: stop threads
[  676.053893][T12989] vhci_hcd: release socket
[  676.055398][T12989] vhci_hcd: disconnect device
[  676.063896][   T29] usb 43-1: device descriptor read/64, error -110
[  676.264057][   T29] vhci_hcd: vhci_device speed not set
[  677.185277][T20317] hub 2-0:1.0: USB hub found
[  677.188067][T20317] hub 2-0:1.0: 6 ports detected
[  677.677085][T20321] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4053'.
[  677.680158][T20321] netlink: 'syz.5.4053': attribute type 7 has an invalid length.
[  677.682966][T20321] netlink: 'syz.5.4053': attribute type 8 has an invalid length.
[  677.686701][T20321] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4053'.
[  677.733724][   T29] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  677.928204][   T29] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  677.931081][   T29] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  677.933593][   T29] usb 2-1: Product: QEMU USB Tablet
[  677.943711][   T29] usb 2-1: Manufacturer: QEMU
[  677.945313][   T29] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  677.967903][   T29] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0015/input/input33
[  678.002368][T20332] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4058'.
[  678.065705][   T29] hid-generic 0003:0627:0001.0015: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  679.443837][  T834] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  679.593896][  T834] usb 5-1: Using ep0 maxpacket: 8
[  679.598076][  T834] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  679.601642][  T834] usb 5-1: config 0 has no interface number 0
[  679.607449][  T834] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  679.612126][  T834] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  679.616952][  T834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  679.620968][  T834] usb 5-1: config 0 descriptor??
[  679.628513][  T834] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  679.879388][  T835] usb 5-1: USB disconnect, device number 39
[  679.891088][T20379] binder: 20376:20379 ioctl c0306201 80000640 returned -22
[  681.143238][T20391] Invalid ELF header magic: != ELF
[  681.183146][T20393] Invalid source name
[  681.235478][T20397] FAULT_INJECTION: forcing a failure.
[  681.235478][T20397] name failslab, interval 1, probability 0, space 0, times 0
[  681.241535][T20397] CPU: 3 UID: 0 PID: 20397 Comm: syz.3.4076 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  681.241559][T20397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  681.241570][T20397] Call Trace:
[  681.241577][T20397]  <TASK>
[  681.241584][T20397]  dump_stack_lvl+0x16c/0x1f0
[  681.241613][T20397]  should_fail_ex+0x512/0x640
[  681.241637][T20397]  ? fs_reclaim_acquire+0xae/0x150
[  681.241672][T20397]  should_failslab+0xc2/0x120
[  681.241693][T20397]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  681.241713][T20397]  ? p9_tag_alloc+0x9c/0x640
[  681.241741][T20397]  p9_tag_alloc+0x9c/0x640
[  681.241763][T20397]  ? kasan_record_aux_stack+0xb8/0xd0
[  681.241789][T20397]  ? __pfx_p9_tag_alloc+0x10/0x10
[  681.241811][T20397]  ? netfs_write_folio+0x8d9/0x1780
[  681.241830][T20397]  ? netfs_end_writethrough+0x53/0x170
[  681.241848][T20397]  ? netfs_perform_write+0x1a64/0x20f0
[  681.241870][T20397]  ? netfs_file_write_iter+0x495/0x570
[  681.241892][T20397]  ? v9fs_file_write_iter+0x9b/0x100
[  681.241917][T20397]  ? do_iter_readv_writev+0x654/0x950
[  681.241940][T20397]  ? vfs_writev+0x353/0xdc0
[  681.241953][T20397]  ? do_pwritev+0x1af/0x270
[  681.241966][T20397]  ? __ia32_compat_sys_pwritev2+0x121/0x1b0
[  681.241984][T20397]  ? __do_fast_syscall_32+0x73/0x120
[  681.242008][T20397]  ? do_fast_syscall_32+0x32/0x80
[  681.242030][T20397]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  681.242054][T20397]  p9_client_prepare_req+0x19b/0x4d0
[  681.242080][T20397]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  681.242116][T20397]  p9_client_rpc+0x1c4/0xc50
[  681.242144][T20397]  ? __pfx_p9_client_rpc+0x10/0x10
[  681.242170][T20397]  ? __call_rcu_common.constprop.0+0x3e5/0x9f0
[  681.242195][T20397]  ? lockdep_hardirqs_on+0x7c/0x110
[  681.242226][T20397]  ? kmem_cache_free+0x173/0x4d0
[  681.242243][T20397]  ? p9_req_put+0x1c6/0x250
[  681.242274][T20397]  p9_client_write+0x245/0x6f0
[  681.242300][T20397]  ? __pfx_p9_client_write+0x10/0x10
[  681.242319][T20397]  ? do_raw_spin_lock+0x12c/0x2b0
[  681.242342][T20397]  ? find_held_lock+0x2b/0x80
[  681.242362][T20397]  v9fs_issue_write+0xe3/0x1b0
[  681.242387][T20397]  ? __pfx_v9fs_issue_write+0x10/0x10
[  681.242412][T20397]  ? _raw_spin_unlock+0x28/0x50
[  681.242433][T20397]  ? rcu_is_watching+0x12/0xc0
[  681.242451][T20397]  netfs_do_issue_write+0x92/0x110
[  681.242471][T20397]  netfs_write_folio+0x8d9/0x1780
[  681.242499][T20397]  ? __pfx___might_resched+0x10/0x10
[  681.242521][T20397]  netfs_end_writethrough+0x53/0x170
[  681.242542][T20397]  netfs_perform_write+0x1a64/0x20f0
[  681.242583][T20397]  ? __pfx_netfs_perform_write+0x10/0x10
[  681.242642][T20397]  ? inode_needs_update_time.part.0+0x191/0x270
[  681.242672][T20397]  netfs_file_write_iter+0x495/0x570
[  681.242699][T20397]  v9fs_file_write_iter+0x9b/0x100
[  681.242726][T20397]  do_iter_readv_writev+0x654/0x950
[  681.242754][T20397]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  681.242794][T20397]  vfs_writev+0x353/0xdc0
[  681.242817][T20397]  ? __pfx_vfs_writev+0x10/0x10
[  681.242830][T20397]  ? find_held_lock+0x2b/0x80
[  681.242867][T20397]  ? __fget_files+0x20e/0x3c0
[  681.242889][T20397]  ? do_pwritev+0x1af/0x270
[  681.242903][T20397]  do_pwritev+0x1af/0x270
[  681.242919][T20397]  ? __pfx_do_pwritev+0x10/0x10
[  681.242933][T20397]  ? fput+0x70/0xf0
[  681.242952][T20397]  ? ksys_write+0x1b9/0x240
[  681.242969][T20397]  ? __pfx_ksys_write+0x10/0x10
[  681.242988][T20397]  __ia32_compat_sys_pwritev2+0x121/0x1b0
[  681.243023][T20397]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  681.243052][T20397]  __do_fast_syscall_32+0x73/0x120
[  681.243079][T20397]  do_fast_syscall_32+0x32/0x80
[  681.243103][T20397]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  681.243123][T20397] RIP: 0023:0xf70ce579
[  681.243137][T20397] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  681.243153][T20397] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 000000000000017b
[  681.243169][T20397] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000180
[  681.243179][T20397] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 0000000000000007
[  681.243189][T20397] RBP: 0000000000000017 R08: 0000000000000000 R09: 0000000000000000
[  681.243199][T20397] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  681.243209][T20397] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  681.243232][T20397]  </TASK>
[  681.748152][T20408] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4079'.
[  682.209798][T20420] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  682.230968][T20420] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  682.233077][T20420] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  682.236405][T20420] vhci_hcd vhci_hcd.0: Device attached
[  682.341525][T20424] tipc: Resetting bearer <eth:team0>
[  682.346349][T20424] batman_adv: batadv0: Interface deactivated: dummy0
[  682.348696][T20424] batman_adv: batadv0: Removing interface: dummy0
[  682.391445][T20425] netlink: 'syz.4.4083': attribute type 23 has an invalid length.
[  682.545126][T20429] FAULT_INJECTION: forcing a failure.
[  682.545126][T20429] name failslab, interval 1, probability 0, space 0, times 0
[  682.556305][T20429] CPU: 3 UID: 0 PID: 20429 Comm: syz.3.4085 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  682.556322][T20429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  682.556329][T20429] Call Trace:
[  682.556333][T20429]  <TASK>
[  682.556337][T20429]  dump_stack_lvl+0x16c/0x1f0
[  682.556356][T20429]  should_fail_ex+0x512/0x640
[  682.556372][T20429]  ? fs_reclaim_acquire+0xae/0x150
[  682.556414][T20429]  ? p9_fcall_init+0x97/0x260
[  682.556430][T20429]  should_failslab+0xc2/0x120
[  682.556444][T20429]  __kmalloc_noprof+0xd2/0x510
[  682.556456][T20429]  ? rcu_is_watching+0x12/0xc0
[  682.556470][T20429]  p9_fcall_init+0x97/0x260
[  682.556486][T20429]  p9_tag_alloc+0x202/0x640
[  682.556503][T20429]  ? __pfx_p9_tag_alloc+0x10/0x10
[  682.556525][T20429]  p9_client_prepare_req+0x19b/0x4d0
[  682.556542][T20429]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  682.556559][T20429]  ? schedule+0x2d7/0x3a0
[  682.556573][T20429]  ? __asan_memcpy+0x3c/0x60
[  682.556585][T20429]  p9_client_rpc+0x1c4/0xc50
[  682.556604][T20429]  ? __pfx_p9_client_rpc+0x10/0x10
[  682.556620][T20429]  ? __pfx_p9pdu_readf+0x10/0x10
[  682.556631][T20429]  ? __pfx_autoremove_wake_function+0x10/0x10
[  682.556648][T20429]  ? look_up_lock_class+0x59/0x150
[  682.556664][T20429]  ? register_lock_class+0x41/0x4c0
[  682.556685][T20429]  ? mark_held_locks+0x49/0x80
[  682.556710][T20429]  p9_client_write+0x245/0x6f0
[  682.556737][T20429]  ? __pfx_p9_client_write+0x10/0x10
[  682.556757][T20429]  ? do_raw_spin_lock+0x12c/0x2b0
[  682.556782][T20429]  ? find_held_lock+0x2b/0x80
[  682.556799][T20429]  v9fs_issue_write+0xe3/0x1b0
[  682.556816][T20429]  ? __pfx_v9fs_issue_write+0x10/0x10
[  682.556832][T20429]  ? _raw_spin_unlock+0x28/0x50
[  682.556846][T20429]  ? rcu_is_watching+0x12/0xc0
[  682.556862][T20429]  netfs_do_issue_write+0x92/0x110
[  682.556876][T20429]  netfs_write_folio+0x8d9/0x1780
[  682.556893][T20429]  ? __pfx___might_resched+0x10/0x10
[  682.556907][T20429]  netfs_end_writethrough+0x53/0x170
[  682.556920][T20429]  netfs_perform_write+0x1a64/0x20f0
[  682.556945][T20429]  ? __pfx_netfs_perform_write+0x10/0x10
[  682.556980][T20429]  ? inode_needs_update_time.part.0+0x191/0x270
[  682.556996][T20429]  netfs_file_write_iter+0x495/0x570
[  682.557013][T20429]  v9fs_file_write_iter+0x9b/0x100
[  682.557031][T20429]  do_iter_readv_writev+0x654/0x950
[  682.557052][T20429]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  682.557076][T20429]  vfs_writev+0x353/0xdc0
[  682.557089][T20429]  ? __pfx_vfs_writev+0x10/0x10
[  682.557098][T20429]  ? __irq_work_queue_local+0xf4/0x450
[  682.557114][T20429]  ? irq_work_queue+0xce/0x100
[  682.557137][T20429]  ? __fget_files+0x20e/0x3c0
[  682.557151][T20429]  ? do_pwritev+0x1af/0x270
[  682.557159][T20429]  do_pwritev+0x1af/0x270
[  682.557169][T20429]  ? __pfx_do_pwritev+0x10/0x10
[  682.557179][T20429]  ? find_held_lock+0x2b/0x80
[  682.557192][T20429]  __ia32_compat_sys_pwritev2+0x121/0x1b0
[  682.557207][T20429]  __do_fast_syscall_32+0x73/0x120
[  682.557224][T20429]  do_fast_syscall_32+0x32/0x80
[  682.557241][T20429]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  682.557253][T20429] RIP: 0023:0xf70ce579
[  682.557262][T20429] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  682.557272][T20429] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 000000000000017b
[  682.557295][T20429] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000180
[  682.557302][T20429] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 0000000000000007
[  682.557308][T20429] RBP: 0000000000000017 R08: 0000000000000000 R09: 0000000000000000
[  682.557314][T20429] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  682.557320][T20429] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  682.557334][T20429]  </TASK>
[  682.755489][T20424] bond0: (slave bond1): Releasing backup interface
[  682.790723][ T1331] usb 37-1: new high-speed USB device number 22 using vhci_hcd
[  682.801292][T20422] vhci_hcd: connection reset by peer
[  682.805967][T12991] vhci_hcd: stop threads
[  682.807416][T12991] vhci_hcd: release socket
[  682.808961][T12991] vhci_hcd: disconnect device
[  683.006943][T20433] bridge0: port 3(erspan0) entered blocking state
[  683.009588][T20433] bridge0: port 3(erspan0) entered disabled state
[  683.013153][T20433] erspan0: entered allmulticast mode
[  683.016567][T20433] erspan0: entered promiscuous mode
[  683.018892][T20433] bridge0: port 3(erspan0) entered blocking state
[  683.021457][T20433] bridge0: port 3(erspan0) entered forwarding state
[  683.026680][T20433] erspan0: left allmulticast mode
[  683.028677][T20433] erspan0: left promiscuous mode
[  683.033017][T20433] bridge0: port 3(erspan0) entered disabled state
[  683.210065][   T40] kauditd_printk_skb: 51 callbacks suppressed
[  683.210082][   T40] audit: type=1326 audit(1748097714.270:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.222797][   T40] audit: type=1326 audit(1748097714.270:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.231858][   T40] audit: type=1326 audit(1748097714.270:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.237782][T20443] Invalid ELF header magic: != ELF
[  683.244247][   T40] audit: type=1326 audit(1748097714.280:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.253119][   T40] audit: type=1326 audit(1748097714.280:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.266104][   T40] audit: type=1326 audit(1748097714.280:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.275521][   T40] audit: type=1326 audit(1748097714.280:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.285589][   T40] audit: type=1326 audit(1748097714.280:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.294765][   T40] audit: type=1326 audit(1748097714.280:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.303873][   T40] audit: type=1326 audit(1748097714.280:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20436 comm="syz.3.4086" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  683.499655][T20452] /dev/ppp: Can't lookup blockdev
[  684.083385][ T6000] kernel read not supported for file /sequencer (pid: 6000 comm: kworker/0:5)
[  684.552282][T20484] fuse: Invalid rootmode
[  684.967127][T20489] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4101'.
[  685.216386][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  685.294153][T20500] FAULT_INJECTION: forcing a failure.
[  685.294153][T20500] name failslab, interval 1, probability 0, space 0, times 0
[  685.298246][T20500] CPU: 0 UID: 0 PID: 20500 Comm: syz.4.4102 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  685.298272][T20500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  685.298278][T20500] Call Trace:
[  685.298283][T20500]  <TASK>
[  685.298287][T20500]  dump_stack_lvl+0x16c/0x1f0
[  685.298307][T20500]  should_fail_ex+0x512/0x640
[  685.298323][T20500]  ? fs_reclaim_acquire+0xae/0x150
[  685.298340][T20500]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  685.298356][T20500]  should_failslab+0xc2/0x120
[  685.298370][T20500]  __kmalloc_noprof+0xd2/0x510
[  685.298381][T20500]  ? kstrtouint_from_user+0xe3/0x1d0
[  685.298398][T20500]  tomoyo_realpath_from_path+0xc2/0x6e0
[  685.298415][T20500]  ? tomoyo_profile+0x47/0x60
[  685.298426][T20500]  tomoyo_path_number_perm+0x245/0x580
[  685.298439][T20500]  ? tomoyo_path_number_perm+0x237/0x580
[  685.298454][T20500]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  685.298482][T20500]  ? find_held_lock+0x2b/0x80
[  685.298492][T20500]  ? hook_file_ioctl_common+0x145/0x410
[  685.298505][T20500]  ? __fget_files+0x204/0x3c0
[  685.298518][T20500]  ? __fget_files+0x20e/0x3c0
[  685.298526][T20500]  ? __pfx_fput+0x10/0x10
[  685.298541][T20500]  security_file_ioctl_compat+0x9b/0x240
[  685.298557][T20500]  __ia32_compat_sys_ioctl+0xc3/0x360
[  685.298574][T20500]  __do_fast_syscall_32+0x73/0x120
[  685.298591][T20500]  do_fast_syscall_32+0x32/0x80
[  685.298612][T20500]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  685.298625][T20500] RIP: 0023:0xf703e579
[  685.298634][T20500] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  685.298644][T20500] RSP: 002b:00000000f4fec55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  685.298654][T20500] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c020aa07
[  685.298661][T20500] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[  685.298667][T20500] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  685.298673][T20500] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  685.298679][T20500] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  685.298692][T20500]  </TASK>
[  685.298731][T20500] ERROR: Out of memory at tomoyo_realpath_from_path.
[  685.437224][T20505] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  685.451648][T20505] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  685.453749][T20505] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  685.456487][T20505] vhci_hcd vhci_hcd.0: Device attached
[  685.551009][  T835] kernel read not supported for file /sequencer (pid: 835 comm: kworker/3:2)
[  685.686630][T20520] netlink: 'syz.4.4112': attribute type 1 has an invalid length.
[  685.731971][T20520] bond3: (slave gretap1): making interface the new active one
[  685.736182][T20520] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  685.753520][T20520] netlink: 788 bytes leftover after parsing attributes in process `syz.4.4112'.
[  685.834400][T20526] hfs: unable to load iocharset "io#harset"
[  685.851891][T20530] lo speed is unknown, defaulting to 1000
[  685.982932][T20538] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4117'.
[  685.985892][T20506] vhci_hcd: connection closed
[  685.992446][T12986] vhci_hcd: stop threads
[  685.995352][T12986] vhci_hcd: release socket
[  685.996801][T12986] vhci_hcd: disconnect device
[  685.999444][T20538] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4117'.
[  686.392988][T20557] Invalid ELF header magic: != ELF
[  686.764873][T20559] lo speed is unknown, defaulting to 1000
[  686.797060][T20564] ubi: mtd0 is already attached to ubi31
[  687.078284][T20580] FAULT_INJECTION: forcing a failure.
[  687.078284][T20580] name failslab, interval 1, probability 0, space 0, times 0
[  687.082246][T20580] CPU: 1 UID: 0 PID: 20580 Comm: syz.3.4128 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  687.082261][T20580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  687.082268][T20580] Call Trace:
[  687.082272][T20580]  <TASK>
[  687.082277][T20580]  dump_stack_lvl+0x16c/0x1f0
[  687.082297][T20580]  should_fail_ex+0x512/0x640
[  687.082313][T20580]  ? fs_reclaim_acquire+0xae/0x150
[  687.082331][T20580]  should_failslab+0xc2/0x120
[  687.082345][T20580]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  687.082358][T20580]  ? p9_tag_alloc+0x9c/0x640
[  687.082376][T20580]  p9_tag_alloc+0x9c/0x640
[  687.082391][T20580]  ? kasan_record_aux_stack+0xb8/0xd0
[  687.082408][T20580]  ? __pfx_p9_tag_alloc+0x10/0x10
[  687.082422][T20580]  ? netfs_write_folio+0x8d9/0x1780
[  687.082435][T20580]  ? netfs_end_writethrough+0x53/0x170
[  687.082446][T20580]  ? netfs_perform_write+0x1a64/0x20f0
[  687.082461][T20580]  ? netfs_file_write_iter+0x495/0x570
[  687.082476][T20580]  ? v9fs_file_write_iter+0x9b/0x100
[  687.082491][T20580]  ? do_iter_readv_writev+0x654/0x950
[  687.082507][T20580]  ? vfs_writev+0x353/0xdc0
[  687.082515][T20580]  ? do_pwritev+0x1af/0x270
[  687.082523][T20580]  ? __ia32_compat_sys_pwritev2+0x121/0x1b0
[  687.082540][T20580]  ? __do_fast_syscall_32+0x73/0x120
[  687.082555][T20580]  ? do_fast_syscall_32+0x32/0x80
[  687.082570][T20580]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  687.082585][T20580]  p9_client_prepare_req+0x19b/0x4d0
[  687.082602][T20580]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  687.082624][T20580]  p9_client_rpc+0x1c4/0xc50
[  687.082642][T20580]  ? __pfx_p9_client_rpc+0x10/0x10
[  687.082658][T20580]  ? __call_rcu_common.constprop.0+0x3e5/0x9f0
[  687.082674][T20580]  ? lockdep_hardirqs_on+0x7c/0x110
[  687.082693][T20580]  ? kmem_cache_free+0x173/0x4d0
[  687.082704][T20580]  ? p9_req_put+0x1c6/0x250
[  687.082723][T20580]  p9_client_write+0x245/0x6f0
[  687.082739][T20580]  ? __pfx_p9_client_write+0x10/0x10
[  687.082750][T20580]  ? do_raw_spin_lock+0x12c/0x2b0
[  687.082766][T20580]  ? find_held_lock+0x2b/0x80
[  687.082777][T20580]  v9fs_issue_write+0xe3/0x1b0
[  687.082794][T20580]  ? __pfx_v9fs_issue_write+0x10/0x10
[  687.082810][T20580]  ? _raw_spin_unlock+0x28/0x50
[  687.082824][T20580]  ? rcu_is_watching+0x12/0xc0
[  687.082835][T20580]  netfs_do_issue_write+0x92/0x110
[  687.082847][T20580]  netfs_write_folio+0x8d9/0x1780
[  687.082865][T20580]  ? __pfx___might_resched+0x10/0x10
[  687.082878][T20580]  netfs_end_writethrough+0x53/0x170
[  687.082892][T20580]  netfs_perform_write+0x1a64/0x20f0
[  687.082917][T20580]  ? __pfx_netfs_perform_write+0x10/0x10
[  687.082951][T20580]  ? inode_needs_update_time.part.0+0x191/0x270
[  687.082967][T20580]  netfs_file_write_iter+0x495/0x570
[  687.082984][T20580]  v9fs_file_write_iter+0x9b/0x100
[  687.083001][T20580]  do_iter_readv_writev+0x654/0x950
[  687.083019][T20580]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  687.083042][T20580]  vfs_writev+0x353/0xdc0
[  687.083056][T20580]  ? __pfx_vfs_writev+0x10/0x10
[  687.083064][T20580]  ? find_held_lock+0x2b/0x80
[  687.083084][T20580]  ? __fget_files+0x20e/0x3c0
[  687.083098][T20580]  ? do_pwritev+0x1af/0x270
[  687.083106][T20580]  do_pwritev+0x1af/0x270
[  687.083116][T20580]  ? __pfx_do_pwritev+0x10/0x10
[  687.083125][T20580]  ? fput+0x70/0xf0
[  687.083137][T20580]  ? ksys_write+0x1b9/0x240
[  687.083147][T20580]  ? __pfx_ksys_write+0x10/0x10
[  687.083159][T20580]  __ia32_compat_sys_pwritev2+0x121/0x1b0
[  687.083171][T20580]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  687.083189][T20580]  __do_fast_syscall_32+0x73/0x120
[  687.083206][T20580]  do_fast_syscall_32+0x32/0x80
[  687.083222][T20580]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  687.083235][T20580] RIP: 0023:0xf70ce579
[  687.083244][T20580] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  687.083254][T20580] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 000000000000017b
[  687.083264][T20580] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000180
[  687.083270][T20580] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 0000000000000007
[  687.083289][T20580] RBP: 0000000000000017 R08: 0000000000000000 R09: 0000000000000000
[  687.083295][T20580] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  687.083301][T20580] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  687.083315][T20580]  </TASK>
[  687.085615][T12989] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000023: 0000 [#1] SMP KASAN NOPTI
[  687.209326][T20584] 9pnet: Could not find request transport: fÿÿrfdno=²¼:VÓtK@Š#ì?ãáj9#¬¬ÂMß:hÆnáN{N[UºÏyƒO>9Ñ…nŒ
[  687.210040][T12989] KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]
[  687.225462][T12989] CPU: 0 UID: 0 PID: 12989 Comm: kworker/u32:16 Not tainted 6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  687.229174][T12989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  687.232389][T12989] Workqueue: events_unbound netfs_write_collection_worker
[  687.234535][T12989] RIP: 0010:iov_iter_revert+0x2ec/0x5a0
[  687.236230][T12989] Code: ec 41 83 fd 1e 0f 87 3b 02 00 00 4b 8d bc 26 00 01 00 00 48 b9 00 00 00 00 00 fc ff df 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <0f> b6 04 08 38 d0 7f 08 84 c0 0f 85 02 02 00 00 47 0f b6 bc 26 00
[  687.242179][T12989] RSP: 0018:ffffc90027a3f950 EFLAGS: 00010206
[  687.244081][T12989] RAX: 0000000000000023 RBX: 0000000000000002 RCX: dffffc0000000000
[  687.246579][T12989] RDX: 0000000000000006 RSI: ffffffff84cbca80 RDI: 000000000000011e
[  687.250097][T12989] RBP: ffffc90027a3fa78 R08: 0000000000000005 R09: 0000000000000000
[  687.252840][T12989] R10: 0000000000000000 R11: ffff88801384efac R12: 000000000000001e
[  687.255286][T12989] R13: 000000000000001e R14: 0000000000000000 R15: ffff88801384ee28
[  687.257715][T12989] FS:  0000000000000000(0000) GS:ffff8880977e7000(0000) knlGS:0000000000000000
[  687.260374][T12989] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  687.262400][T12989] CR2: 0000000056ccd4c0 CR3: 000000006b296000 CR4: 0000000000352ef0
[  687.264871][T12989] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  687.267317][T12989] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  687.269772][T12989] Call Trace:
[  687.270835][T12989]  <TASK>
[  687.271773][T12989]  netfs_retry_writes+0x166d/0x1a50
[  687.273431][T12989]  ? __lock_acquire+0xaa4/0x1ba0
[  687.275004][T12989]  ? __pfx_netfs_retry_writes+0x10/0x10
[  687.276717][T12989]  ? find_held_lock+0x2b/0x80
[  687.278351][T12989]  ? register_lock_class+0x41/0x4c0
[  687.280487][T12989]  ? do_raw_spin_lock+0x12c/0x2b0
[  687.282553][T12989]  netfs_write_collection_worker+0x23fd/0x3830
[  687.284756][T12989]  process_one_work+0x9cf/0x1b70
[  687.286273][T12989]  ? __pfx_netfs_write_collection_worker+0x10/0x10
[  687.288283][T12989]  ? __pfx_process_one_work+0x10/0x10
[  687.289854][T12989]  ? assign_work+0x1a0/0x250
[  687.291299][T12989]  worker_thread+0x6c8/0xf10
[  687.292748][T12989]  ? __pfx_worker_thread+0x10/0x10
[  687.294308][T12989]  kthread+0x3c2/0x780
[  687.295557][T12989]  ? __pfx_kthread+0x10/0x10
[  687.297026][T12989]  ? __pfx_kthread+0x10/0x10
[  687.298480][T12989]  ? __pfx_kthread+0x10/0x10
[  687.299961][T12989]  ? __pfx_kthread+0x10/0x10
[  687.301454][T12989]  ? rcu_is_watching+0x12/0xc0
[  687.302952][T12989]  ? __pfx_kthread+0x10/0x10
[  687.304421][T12989]  ret_from_fork+0x48/0x80
[  687.305821][T12989]  ? __pfx_kthread+0x10/0x10
[  687.307340][T12989]  ret_from_fork_asm+0x1a/0x30
[  687.308841][T12989]  </TASK>
[  687.309791][T12989] Modules linked in:
[  687.311293][T12989] ---[ end trace 0000000000000000 ]---
[  687.314244][T12989] RIP: 0010:iov_iter_revert+0x2ec/0x5a0
[  687.316148][T12989] Code: ec 41 83 fd 1e 0f 87 3b 02 00 00 4b 8d bc 26 00 01 00 00 48 b9 00 00 00 00 00 fc ff df 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <0f> b6 04 08 38 d0 7f 08 84 c0 0f 85 02 02 00 00 47 0f b6 bc 26 00
[  687.323479][T12989] RSP: 0018:ffffc90027a3f950 EFLAGS: 00010206
[  687.326326][T12989] RAX: 0000000000000023 RBX: 0000000000000002 RCX: dffffc0000000000
[  687.329131][T12989] RDX: 0000000000000006 RSI: ffffffff84cbca80 RDI: 000000000000011e
[  687.331660][T12989] RBP: ffffc90027a3fa78 R08: 0000000000000005 R09: 0000000000000000
[  687.336012][T12989] R10: 0000000000000000 R11: ffff88801384efac R12: 000000000000001e
[  687.338879][T12989] R13: 000000000000001e R14: 0000000000000000 R15: ffff88801384ee28
[  687.341974][T12989] FS:  0000000000000000(0000) GS:ffff888097ae7000(0000) knlGS:0000000000000000
[  687.345402][T12989] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  687.347939][T12989] CR2: 00000000f502dffc CR3: 0000000073442000 CR4: 0000000000352ef0
[  687.350991][T12989] DR0: 0000000000000004 DR1: 0000000000000000 DR2: 0000000000000000
[  687.354615][T12989] DR3: 0000000000000007 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  687.357778][T12989] Kernel panic - not syncing: Fatal exception
[  687.360382][T12989] Kernel Offset: disabled
[  687.361730][T12989] Rebooting in 86400 seconds..

VM DIAGNOSIS:
14:41:58  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000056 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854c6a35 RDI=ffffffff9ade4c80 RBP=ffffffff9ade4c40 RSP=ffffc90027a3f350
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=43203a74656e7039
R12=0000000000000000 R13=0000000000000056 R14=ffffffff9ade4c40 R15=ffffffff854c69d0
RIP=ffffffff854c6a5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 000fffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 000fffff 00000000
FS =0000 0000000000000000 000fffff 00000000
GS =0000 ffff8880977e7000 000fffff 00000000
LDT=0000 0000000000000000 000fffff 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000056ccd4c0 CR3=000000006b296000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000011d835c RBX=0000000000000001 RCX=ffffffff8b69a3e9 RDX=ffffed10056665be
RSI=ffffffff8bf48e20 RDI=ffffffff81913731 RBP=ffffed1003959488 RSP=ffffc9000046fdf8
R8 =0000000000000000 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000001
R12=0000000000000001 R13=ffff88801caca440 R14=ffffffff90854e10 R15=0000000000000000
RIP=ffffffff8b698c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978e7000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50bdfac CR3=000000004a1d3000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fec2e000 Opmask01=0000000000000000 Opmask02=00000000ffff7fdf Opmask03=0000000082000020
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055ac6fd7b390
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055ac6fd8a790
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2f3a1f1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73001605121f0073 431e161e035c1810
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c1f115c435d4316 10120300161e121d
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3174726f702d3162 73752f302e313a30 2d312f316273752f 302e64313a30303a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005600051f40494c 43055c5155484005 424b4c55554c4e53 004057005b1a0f00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000524556495244 0000000000000021 0000000000000030
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 000055ac6fd9c2e0 0000000000000000 307761726469682f
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3139312c3039312c 4638312c4538312c 4238312c3938312c 3838312c3538312c
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3438312c3138312c 3937312c3737312c 3437312c4436312c 4336312c3636312c
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3336312c3136312c 3036312c30462c46 442c30442c46432c 38412c37412c4639
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000a0049000a0000 0a000a00645f205f 646d5f000a00004d 544e472000004600
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff84d47996 RDX=ffff8880235f4880
RSI=0000000000000040 RDI=0000000000000001 RBP=ffffffff8bf4db60 RSP=ffffc900038671b8
R8 =0000000000000001 R9 =0000000000000040 R10=0000000000000010 R11=0000000000000012
R12=0000000000000010 R13=0000000000000001 R14=0000000000000003 R15=ffffffff8bf4e03e
RIP=ffffffff81baa9db RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3a8267d300 ffffffff 00c00000
GS =0000 ffff8880979e7000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005646a1cfe000 CR3=000000004e85d000 CR4=00352ef0
DR0=0000000000000008 DR1=00000000000000ff DR2=fffffffffffffffb DR3=3e00000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000003000000012 0004000000080024 0000000000280034
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001027 0000001400000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00058abfe8031808 0006080020080006 006fe210000007b2 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000001010a0000 0000280a00000000 0000000000000000 0100100000001401
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 de080d80030d8002 088003088002068b 9003000800068b88 030fffffffff0206
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8b80031808000608 0020080006026fea 180800058abfe802 0100000008060601
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01c85ffffffffe08 00058abff8030008 00058abff0030004 00058abfec032004
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03000000ffffffa6 070000000000000d ffffffd803000000 ffffff9203000000
ZMM25=cfb8b89acfb8b89a cfb8b89acfb8b89a cfb8b89acfb8b89a cfb8b89acfb8b89a cfb8b89acfb8b89a cfb8b89acfb8b89a cfb8b89acfb8b89a cfb8b89acfb8b89a
ZMM26=6fa7c0216fa7c021 6fa7c0216fa7c021 6fa7c0216fa7c021 6fa7c0216fa7c021 6fa7c0216fa7c021 6fa7c0216fa7c021 6fa7c0216fa7c021 6fa7c0216fa7c021
ZMM27=2c7776672c777667 2c7776672c777667 2c7776672c777667 2c7776672c777667 2c7776672c777667 2c7776672c777667 2c7776672c777667 2c7776672c777667
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=8917000089170000 8917000089170000 8917000089170000 8917000089170000 8917000089170000 8917000089170000 8917000089170000 8917000089170000
info registers vcpu 3

CPU#3
RAX=dffffc0000000000 RBX=0000000000000000 RCX=ffffc90027828001 RDX=0000000000000000
RSI=ffffffff8bf48e20 RDI=ffff888022fb8448 RBP=ffff888022fb8000 RSP=ffffc90027827a18
R8 =0000000000000001 R9 =0000000000000000 R10=ffffc90027827ab8 R11=00000000000114b4
R12=ffff888022fb8000 R13=ffffc90027827ab8 R14=ffffc90027827eb0 R15=ffffc90027827aec
RIP=ffffffff81a14950 RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097ae7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000576ef99c CR3=00000000628bd000 CR4=00352ef0
DR0=0000000000000004 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000007 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000