last executing test programs:

6.213170853s ago: executing program 1 (id=2506):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r0 = accept4$inet6(0xffffffffffffffff, &(0x7f00000004c0)={0xa, 0x0, 0x0, @initdev}, &(0x7f00000008c0)=0x1c, 0x80000)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000900)={{{@in=@multicast1, @in6=@mcast2}}, {{@in=@broadcast}, 0x0, @in6=@local}}, &(0x7f0000000a00)=0xe8)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000440)='GPL\x00', 0xe5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90)
set_mempolicy_home_node(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r3, r2, &(0x7f0000002080)=0x3a, 0x23b)
fstat(0xffffffffffffffff, &(0x7f00000016c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0x5, 0x2}}}, 0x24}}, 0x0)
pipe(&(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_OVERHEAD={0x8}]}}]}, 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
close(r8)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r7, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r6, 0x0, r8, 0x0, 0x4ffe6, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_usb_connect(0x4, 0x46, &(0x7f0000000a40)={{0x12, 0x1, 0x250, 0x70, 0xaf, 0x95, 0x40, 0xccd, 0x36, 0x6ad2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x34, 0x1, 0x2, 0xc, 0x0, 0x4d, [{{0x9, 0x4, 0x65, 0x5, 0x2, 0x9c, 0xe4, 0x5f, 0x0, [@hid_hid={0x9, 0x21, 0x1, 0x7, 0x1, {0x22, 0xe1f}}], [{{0x9, 0x5, 0x6, 0x1d, 0x39f, 0x7, 0x7, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x5}]}}, {{0x9, 0x5, 0x6, 0x2, 0x400, 0x8, 0x3, 0x38}}]}}]}}]}}, &(0x7f0000000bc0)={0xa, &(0x7f0000000ac0)={0xa, 0x6, 0x201, 0x1, 0x4, 0x4, 0xff, 0x1}, 0x10, &(0x7f0000000c00)=ANY=[@ANYBLOB="050f1000010b100108000400000000e7ac8178869cb384c289696b30381b37cab38068d0c549eb6add76f85a1a5cd398dd2f1dcac6f2fe7f7f0e8328320b46cf74384a4395a1a8bfc8ed1bf04a9098b7b9045830241368807441cb88ec8d3e6c"], 0x2, [{0x4, &(0x7f0000000b40)=@lang_id={0x4, 0x3, 0x1001}}, {0x4, &(0x7f0000000b80)=@lang_id={0x4, 0x3, 0x140c}}]})

4.980899909s ago: executing program 2 (id=2515):
socket$kcm(0x10, 0x5, 0x10)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}], 0x18}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x17}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x7, 0x6, 0x24, 0xf06}, {0x0, 0x2b, 0x7f, 0x7fff}, {0x2, 0x8, 0x3, 0x3}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r1}, 0x45)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
r2 = socket$netlink(0x10, 0x3, 0x1)
bind$netlink(r2, &(0x7f0000514ff4), 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000000), 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x18, 0x80000, 0x0)
unshare(0x20000000)
r4 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x61)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r4, 0x84, 0x65, &(0x7f0000000340)=[@in={0x2, 0x0, @multicast1}, @in6={0xa, 0x10, 0x0, @empty, 0x1ff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x44}}, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x4c)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
unshare(0x6a040000)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000484000/0x4000)=nil, 0x4000, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)

4.08043084s ago: executing program 2 (id=2520):
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYRESHEX, @ANYRES64, @ANYRESHEX=0x0, @ANYBLOB="7fba3a14c8bd54af2fa3840e0cab09b997699c8f2bca49907304fe97e3a49b82ebcfe00c91e8f981d8c27825c780c52f06c729d70fb68417a2b8f7318facb8284f50362c4ad1973ec0dd6fa9619a83686d142a0e95c92336ccb5962f8de867396d8d57952a5241fdf852269ab1462191bb00c85d575201066d4c33865e988b393eba4322d6e0b907f46d7d2103f0d21ac757ff4faa1fd4486c2f019b45a3110696b4f872308356f2109f23ee32", @ANYRES64], 0x7d)
socket(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x10}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000000000000000004bebffec850000006d000000670000000500000095"], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x0, 0x0, 0x80, 0x0, '\x00', 0x0, 0x2}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000240)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r3 = fsopen(&(0x7f0000000100)='proc\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = fsmount(r3, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@bloom_filter={0x1e, 0x3, 0x8, 0x7ff1, 0x220, r4, 0x7fffffff, '\x00', 0x0, r4, 0x0, 0x2, 0x0, 0xc}, 0x48)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
syz_emit_vhci(0x0, 0x8a)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r6, &(0x7f0000000a00)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @remote, 0x9}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000003c0)="79408ec3004c410b00012319c6a502980fd78906f311dda17577a450cc0b218dfa636d436a5018a3e58cd13bbc", 0x2d}], 0x1, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}], 0x1, 0x8008801)
sendmmsg$inet6(r6, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000240)="21dc6244dbe91a69cba300887ccef2bb07de859a09997a5af3749e742135099e561308c80e406c6c", 0x28}], 0x1}}], 0x1, 0x0)
socket(0x0, 0xa, 0xaed)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000002c0)=@newsa={0x15c, 0x10, 0x1, 0x0, 0x0, {{@in=@local, @in6=@local, 0x200, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@mcast2, 0x0, 0x6c}, @in6=@remote, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4}, {}, 0x0, 0x0, 0x2}, [@XFRMA_IF_ID={0x8, 0x1f, 0x4}, @algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @XFRMA_IF_ID={0x8, 0x1f, 0x3}, @coaddr={0x14, 0xe, @in6=@loopback}]}, 0x15c}}, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r7, 0x0, 0x486, &(0x7f0000000140), &(0x7f0000000280)=0xc)
socket$inet6(0xa, 0x3, 0x4)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

3.890528575s ago: executing program 2 (id=2521):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r0 = accept4$inet6(0xffffffffffffffff, &(0x7f00000004c0)={0xa, 0x0, 0x0, @initdev}, &(0x7f00000008c0)=0x1c, 0x80000)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000900)={{{@in=@multicast1, @in6=@mcast2}}, {{@in=@broadcast}, 0x0, @in6=@local}}, &(0x7f0000000a00)=0xe8)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000440)='GPL\x00', 0xe5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90)
set_mempolicy_home_node(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r3, r2, &(0x7f0000002080)=0x3a, 0x23b)
fstat(0xffffffffffffffff, &(0x7f00000016c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0x5, 0x2}}}, 0x24}}, 0x0)
pipe(&(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_OVERHEAD={0x8}]}}]}, 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
close(r8)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r7, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r6, 0x0, r8, 0x0, 0x4ffe6, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

3.230999712s ago: executing program 3 (id=2523):
ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f0000000000)={0x0, 0x5, 0x8})
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000002c0)={{{@in=@loopback, @in6=@dev={0xfe, 0x80, '\x00', 0x35}, 0x4e22, 0x0, 0x4e22, 0x0, 0xa, 0x80, 0x80, 0x8, 0x0, r2}, {0x6, 0x9, 0x2, 0x401, 0x5, 0x10001, 0x9, 0xc71}, {0x3, 0x80, 0x0, 0x1}, 0x7, 0x6e6bb8, 0x0, 0x0, 0x3, 0x2}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d2, 0x2b}, 0x2, @in=@rand_addr=0x64010101, 0x3502, 0x3, 0x1, 0x6, 0x3, 0x3, 0x3}}, 0xe8)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @multicast1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000980)=ANY=[], 0x0}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r4 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$cgroup_procs(r4, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
connect$unix(r4, &(0x7f0000000680)=@file={0x1, './file0\x00'}, 0x6e)
sendmsg$nl_route(r4, &(0x7f0000000ac0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000a80)={&(0x7f0000000d80)=ANY=[@ANYBLOB="140000005200000329556f7123fd53fa870020008fd5"], 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x400c040)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x30cff28cd98764d6}, 0xc, &(0x7f0000000300)={&(0x7f0000000a00)={0x24, 0x0, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x8080)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x18, 0x15, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000001040000000000000104000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0243ab0000000000000000b70239514989ef6e2089ab6abfb9cf0000170000008500000086000000185b0000050000000000000000000000bf0600000000000000020000020000008500000085000000e8e732565eea385a4c7905d5aa6f785fe75a1a963e7fa422c2f8af387852708768b2b97f83d2b6fbe0f95c5b467cc6c335e4a0cde0c4afff6173d53549292b96aca0cba5bd0cbc4912193b2a7fd642740f52873fa63133ce85cb6eb7cca06cae422fa37acab3fa895eb2f667d40e86e228086101824f91a97502d5865237e15f91f56b79e949805ae396877e325616f68d846deef6d1545a260c8c2ec36881f5c3fdf59069bb6d26d71f477c48b333257e7624970e45524969b169bcfc41e6d7b869336f64dad18ae5d97e8abeedd11a3f91dde661d3145bc6cd95be9ad57f81def2d168"], &(0x7f0000000bc0)='syzkaller\x00', 0x3, 0x1000, &(0x7f0000002a00)=""/4096, 0x41100, 0x10, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f00000001c0)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000c40)={0x1, 0xc, 0x2, 0x5}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000c80)=[{0x3, 0x3, 0x5, 0xc}], 0x10, 0x20}, 0x90)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff})
splice(r6, 0x0, r5, 0x0, 0x1, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r7, 0x6, 0x21, &(0x7f00000000c0)="c40b1b65ab4b65dbc1fa12c74705a122", 0x10)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r7, 0x6, 0x21, &(0x7f0000000140)="5f96565e14027386aa93a303c44b5b3b", 0x10)
vmsplice(r5, &(0x7f00000013c0)=[{&(0x7f0000000140)="a6", 0x1}, {&(0x7f0000000100)="ad", 0x1}, {&(0x7f0000000200)="9f", 0x1}, {&(0x7f0000000300)='b', 0x1}], 0x4, 0x0)
ioctl$sock_SIOCINQ(r5, 0x541b, &(0x7f0000000000))
close_range(r5, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r3, 0xe0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000740)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0], 0x0, 0xce, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0x7c, 0x8, 0x8, &(0x7f0000000900)}}, 0xffffff5f)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f00000002c0), 0x208e24b)
sendmmsg$inet(r0, &(0x7f00000023c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000220000000795d40a39cc1e1827faa596fb5f9a4ca00000008606002dcfd747e40000"], 0x18}}], 0x2, 0x0)

3.130646267s ago: executing program 0 (id=2524):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000001480), 0x1, 0x0)
pwritev(r0, &(0x7f0000001600)=[{&(0x7f00000014c0)='{^%', 0x3}], 0x1, 0x80000000, 0x80000001)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
r2 = getpid()
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x2}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000100))
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe)
shutdown(r5, 0x1)
r6 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000000)=0x17)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r8=>0x0})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0x9, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r8}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
writev(r7, &(0x7f00000002c0)=[{&(0x7f00000001c0)="9a269929f8e02c5105d2456ea938be8afd73784a59e22bcadb36746db5c4e31767c99253c4038c7c9aeae4d6c923fdbdd46f0a87f79f0a61fe08a604aa19dece5a21ba73ffc699b960679bc380b72a0a0aa6487431d41fae4741542b740c3f7789f03ace58c1a8c2fcce2b4e55da85e6d338e3262c68c9f32a88a220f5049f2b9ba38b5d230b7abab7be8e8b64e541c9f24c7675483137d6bf7a21df800ed33e5bea0e957b3efeb1960e8ca89401ac", 0xaf}, {&(0x7f0000002180)="d6913a36066a4d0c19989ec30c3ed6780eb0fd4315be0daf39a01162d4c3fca5204fd24ab5f09fb16dcc52d440a36fc820f2ea90a0dd84192c40d800c22210ce850c130e231c2d4dcb5ca389d401904925f8cb384033d5d34c8de6a07fd64e5bed2178e1cc3d7010d74c5712c13cbe1ce256d22695c2612b2be8b996660f509b78e4265c69d4ea0140b1c73858e98b02ddd6556b42e54aeeb1e4f3a5cd51768d1f51e167f9e418a3e27769bccbbe378bb83a77129002c7ef6d930dbec66de57b19110580ce6cd2d8c1181f5cd3ff0693c32a51d047b8ca36cd86db0acfe63c23417e8a440a97dae7ef3f4869005aabbc3e49f0c13bfb0473a6c3d19ebb7054ca7e110ba7a19eaaa0f62c7640a81155dd5aca719a9a7c0686c72895707eb43ad3de82224a0ffe9ccce8b6a15193cd91873713915a86b0a626d312b416cb5d3f580c8aefe4c71f64fab3a8aed0c8ee22ad37060a266e5095b0339d1ab4802ac23c9c1cbf4ae5ee2433fa6d73925e95711fdc12ead6d057a31b651c887f1945c81abaad0b3b6056114319d8f7b3c6f69ef6eadd359d73a7cd5cd7f1db9643efe2bac5f6f7423ddc97e5154b0eeb85faa37b6064bf8ba0b76f16165bc1c39ff68813c22ca72dd774192fb900e7d1c153e97f66fde7cfa3cc29a747cb9816fbde61049c692efbe92587245788f9dbd169a09d8bdc410afc35a1e48d37b3793e2008f3fe927464ce7a738d63e0922a6063325198a95f608127847dd9d952a2a872058065fcea679f3aa8a12a5285b87bf96ff1916d0e863050c78e195e2bea82cba3510158f3116859ee0211e2a73054c90fd567993383e6736efc6d97caa8a75a2959b4a153174007ee59bd727492c2312705525b2a6e8386ff8708be6918b2ae67bbd5ccb29c449daa775b088c50a00c2f58ba98322468a02e11053be9c538d209ad1a060a8269d04a5630d98125bb3bbb1bfbf9cbcb8ecac33764eb9a8823a155909dd9468bc910c746626e6e82005e136a6a94523cf0389f441773974de112ef62638c5951a38dcd6a590f04f00086e13edaf1d470e1341438094b2dc72c47f7bfee6c443aef15d9845cf6f47e3876abc02d75a50567956ae021709f589745df4b629e292ecd54ff468ef93626a2ae05c8abb7cc321f6a707628055d559fb81cb0701bb1191d0a37b7ce61c82b442e87e29af2192e0dd2cc95c6e38162a0a9948de67240d52290146529e3d873b9fd388323263cee94468db58152e2f247fc04058875a6396c2053e73daa0ffde643359ecf6627384cebc47d8a101e57aedf643ce2aa7df944cc9be2b9b30cb1b45b8041b3242d79d2fe807ef44b8d024f7e785837ba44b1b9b2febda4d77df81d95c132a387af17e36c2c2d63ebee87c8c878cd1875d0b292017bb91d0e275d447f09d93f982acdf871e9a55b35a647e0e341a635d21693f0533813beb24af2f594cea433124d781929841736b3c1d0c25724aef7e4f15e2befdf1db99475c0896eecd5a37d7a80c523e1084260ac81c545494a6dccfaf6fb4712260f310504b2a232d9b3b657a68ec8fe21e02ebe3f56a88db125ad4ebfefc5ef82db064b4c2185750f57e8a880fa2f76580de1c6d3fa2c3646d3c1fca70eed3f7b8681e5bf7d9d800e8ddc293ce8b708060b5eebb7ee957296fcd68a34ae6d46689592c88a9437f7c27890913bedd56031407321bdb4ccd5162d636db3c90879835bb30cddb435e3073c6d80c0573ef068de4f337784cbb36229c738b939077c0ef030a6855096ff5623f4b58de38736ef3b8e94f82033664a9a3853c11381f406d4602f4e2c23e0491a939d43c81a7edd5a61839bfe3ca0019dc2dd10b07e151fa05a5417615f306b3ac1f5b9a48d5e4ea0b9f2882bf4023f1194b61ac4dd97785623729be329d2a39b115ac8615557161710b8e6428d93064a94eb6bdf97132be90d75b6fe4514d2ec14c227434bbbe400137cf70d4efb1b15be7d12611ba015b0a427a51e5ccb6075a015fced9de675a1292feb8828544d40ad4699b210bd655caa1708685eb124af19e0c2eb7cce0e94d9c04f6c2f2910f086fd5ed0b3b9e194e01cb54b9b3e15eb4ff48119f2ec51f644b04461d75b20f6d0b40e75d891d35b264c377d0c405a9b96e88ca177b28b0cd673dc2420fd268e70df790b6d985547ea6ef83403dd6444df05eea3cc3401b888bcb090e0470ec3ed911ec1bc650bdfa9e0fbf336f7e4b25775dbce55569317bdf0154905e7e0821d2d21e608784cd669826a56436ad2f2a49532d3e2ecbed59ba37b7523c2fc709483446dbc8afd5ef7f3fa8d785fc718980d059564af4adeabde380d22f40cb6de72ee172368757876d40565fa239e988f3e43364223e3765d25edeb68a6382d7097114400c3f6a7a62de28dba0207039854d562b1329e941bea6eb0f510d7d2fed9cf87dbfeaa15df26e2d5e13f80f89907f78e460bc6c35bb317e282e112d7e8f6036f586e72d2dcd62ee2e1e6e9fc1f0d9cc57edf9c3147dd3acdf0a23c3025ca97f9e7df471ed56008141be275b620abcc4f6b9fd8c868a822c40a1a0a48b292cff71d5090b5c56670e573e7847c43ade95db225435b132064c7a79820aceb10afe34a6446c3be4341ab485b0bd437ab11a91cf7b4db6a62a39ebd8e040b4566a8b3c7e8c01f05e9d09f566ddd8f0ed84b5feb99e45fe192f1372d79fd89f5a8bd83aa834fa532c23f973d8d2ecdac97177c7671092f6afffffa673935324fa90320cdbb7907e8f80916bd0b424a8738f8669c17db065f8c707021c04d9bef03346d76dc1bac09d1e8b3c5c8fdec95261d1a42bfffbd91d73330d0fc543e76ac68122f5cbc6aea01d273ade257b2ece5e4a055ce0f9b02c85c57372e269643b9bfac83e43b47495045997f14525611e7b613c8f67321df25cc383d2bd3fbb37f7c80084d34b8e51df3be031f055a3c33abc1e36f46a66509c7484093dd54305123c2ee858069a84a9e70080133b69477b12696d6701c369b6761a86eea7bb3b1b67f41713f9f496297a67ba1d3e310340a75e8c9a049dbb57ab0e66430ca212d9a07c4f7798d3fdd86282e112b55fed17713d93d9b0c96480b447f1e104cfbcd7e1ff5c34873b1d55642643a2bdac8817ce50c8c9014aa646e2cd8ba7cd6cdcca5b5f09a75d2f95a1ae8d0e8d9e5a9f498981cc1bbc68a41de0ba8d27edb5f833e4183b8377691973c2d546f95e37dbae2ab3512d21990d7ec3a1ae60fc74afe29e5644b75b6c9e555175a3e32beea181c70de21785631b7013baa56e75030e16e9212720b5348c1faae77be246d02aa0dc38bce108f6cfd0076a015f6ed5140a2042f5642237a94eca82e298ffc61cc17a1a28bb7c846e2188e13453159812b709906def4457d3faf82441e250a278000221f193aa5476c27a1c086e98576df2b27c5797e65af4c9bed976ae074770b8a4c2c08538caea4a42dc04fbd1666aeb5c17720005a50d7f353a08af248f80c769a17aa9fb2d5547313d168457140713544cdcdac95fe7a03c49ab54a8bae182b914ed5f95765eb914761ce72cf8e6677431c6b67ee89c9d91c99d79f2b737600b4b38de7a1759191a4678aa1e48c80dab066af19bb1299edaa465c3097ff4365c6fc4052d543395676d7a7da21c21f86924dfacd82281a6bc703a7427c774dfcb15112309c2a7cf2caabcbfc9b196bbd3c1f4839fa903f70ad58f7c8e3d236e0f8d23ff245ebd7eb23d755c0d3b521799a86ddd300188b7c97a3669c4240383f39907900d36a4a77edae181ad889a400086f53d220c53b2a2bc0c6e126b822a10e970c1fe46f7795dc8175bf11c69acd78d1ad71fbd74d14ac2ef405528e18d44b97e73d37f5b7399bc28a06a6f9ae8cb80c5649e8156cfbefb5a44c56a54ae71d0d6e16884b782aea29ca7f6cb84820f089c7633934eb13bf588d2371a105795180b778fd36940e593aa9249bf8f196f578fb009977cbd3f5df93646a660965e63df7c4c31f81c6c664c332fd64a5f8566072124b2f5d21265fb18c83165ab7a35409c158c4062513998283a100b58e80698889c23466aa463940af7955fc17f34ff162c9d27d7a8b9368be12e2fc1b454448f6bb2b41ee46620a13abecd19258bcfe3405b81ac627ee8ab7cc24afca52ab9bcd489464f8efabd3861c8397678cd77fe33f1dc6b2ca40b7b432665b26d165d9309a785b1fc306117221dedd3c6f048976b8deefdb28f15f4e877dfeb1da298c2dba77a5397db9e7952e26f9d0abd247fe91553d0dbc769e29c336d172ad968bd3c6d4e666c2550a3ef77743944df8dc5412ddd918d40e16a4891f56c7f0718112c8d52ae8aee32df11ca76f8cad9f17add6eeeadfa45e2404a5dc9b4d33b3ea8dc23e2346607bae4ee1168f37472b59c97836c0a483f4d1801aea8d9ed30ebbf84a229d23bfea39adf617016a410d512afe53c50b11d1db253cfa30ad7ea268ac7463c027c0e7c4ffbd5647c21885961e3af481b8c6ed3c2cd5ca7264e0538a815d1f23e1cacf30072e1a20601b65dc38f7c5862fa4bba86f9f8841d487d41079737e8e730ac1089b86694753f911571f1b72647ff718c6e427435878c24dd7898f445b877e8e8ea28fc0bd384154295f9704ef93e896d3c01ed227013ffea468c4cd8068ce8357c5e2e5d7e00ab9b570433d69c2e737151c059144bc66fb6ad82b5ff28647c9146832a1f4a15fd8aeb908800ec5aa38ead3eaca33289904e8ffc242eada9449ab7baaf0c3b85aa2ca72d83b690e6f2bfb1a0629367fc00f8e93fd644a80fd101842212063df1e8b87b92edf30f65e680ed4a6e8aef6e23d0eeba1ca27baeaa536458b456017eb75662cccf52a868c831ac264634e9d228a98e14d9716a817787ac042308215b9ea14e2456345377a4c52d108e3a9a0caa4ee9f6c5e6fcd68e46a22c59c9f34237837da4cf1f9190773801b7d83858c974107124a5c61aae1012c71d0f9d5b035c182dc41a90b827509455ac63e8a0fe4dd2172f4", 0xde9}, {&(0x7f0000000040)="09ef5819b9", 0x5}, {&(0x7f0000001480)="c485465c2d05fd8dcd9e4179ff2947c1af4d6223f800567301adcb4f0390528574bba9739417c2ee6011e5e7b24d7245673f996bfe7f5e3e4496a326d5bf9abe83cf53c62011a5613223936132a151145540582bde4b810daf9052528cc615f0052ca93a7dd56cff3f63179625e532326889538b299e05e6de5a29918e38ef64f84ead776bb67188323ccf2e552ed3ac268e9a07ff632620f0e823e393ebf809f88128f2801e4e5e578e939d63008e7ffcbe690614b470c75c03b5a6f49529", 0xbf}, {&(0x7f0000001540)="fd61e60563d0b0abbc7e10d70a956723e2ddf295e0101765ca3b572ce57abb27bc15b7101599a78a4102147d8d8277a76bca45beb91bed6122a50a35861a5052b4e129e8d890ac26e5a2379039606b02915f162fd070ca3f6387161257a703b619764b911e84763ef02a050650956570213448e5bdd362d6f8858d270e885f9ebbc50d986689fabd1b2ee85ea9d314e6e351502cc3c61f26962567ed3e5419178e778025db5ede28e3ade48e5e8ff16c3e4bf326dbb6a69b06812b49da7ecfd6a9942e4cf158d3ca7c106c6bd7382d40231696955e69dd87c62b9b7f332a66f4", 0xe0}], 0x5)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000340)={r9, &(0x7f0000000400), 0x0}, 0x20)
socket$packet(0x11, 0x3, 0x300)
socketpair(0x3, 0x6, 0x120, &(0x7f0000000000))

2.978258107s ago: executing program 1 (id=2525):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0))
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000080)=ANY=[@ANYRES8=<r2=>0xffffffffffffffff])
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r3, 0x4b63, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r4)
pipe(&(0x7f0000000180)={<r6=>0xffffffffffffffff})
tee(r6, 0xffffffffffffffff, 0x81, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x30, 0x0, 0x800, 0x0, 0x0, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x380000}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xc8}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x20000002)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000080)={'wpan1\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wpan3\x00', <r8=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r4, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYRES16, @ANYBLOB="4e6282993604d1f69e2a22c72ca51dcdd9369feac6fc2f12d065e436c53c1ba9abf4beece57818bb3b7d32f360b99795969c7393e223f084642111634256c8fb109d1dda2c1feded478a2f4f3342cfd614107b12bcdab9460bead9c200003cb17166ff985b0463b49c79cc53617b099a8a83b33744dcd3852d8aedace2ff6e959f6cd4da45b56289e3ce011351ac7e1a33bb8381", @ANYRESOCT=r5, @ANYRESOCT=r2, @ANYBLOB="80002f8008000100000001000c0002000200aaaaaaaaaaaa4c00038005000200030000000c000380080002000200000005000200010000000800010003000000080001000000000008000400ffffffff0c00050003000000000000000800040007000000080001000002000008000100030000000c0002000201b91a7057d82725aaaaaa", @ANYRES32=r8, @ANYRES64], 0xb0}, 0x1, 0x0, 0x0, 0x20068080}, 0x7e04e557481a6e82)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)

2.977854414s ago: executing program 3 (id=2526):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0}, 0x90)
socket$kcm(0x11, 0x0, 0x300)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='memory.swap.events\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, &(0x7f00000003c0))
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r3, &(0x7f0000000e00), 0x12)
bind$x25(r2, &(0x7f0000000080), 0x12)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, 0x0, 0x0)
r5 = socket(0x0, 0x0, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000047c0), 0x1, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000900)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000308500000005000000bca900000000000035090100000000009500500000000006b702000000000000739af0ff00000000b509020000000000dbaaf0ff000000002f8900000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018220000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000036080000000000108500000007000000b700000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a85352, &(0x7f0000000200)={{0x80}, 'port0\x00'})
r7 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000580)={'veth1_virt_wifi\x00', <r8=>0x0})
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x41, &(0x7f0000000140)=0x9de, 0x4)
bind$packet(r7, &(0x7f00000001c0)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @random="98350377d642"}, 0x14)
sendto$packet(r7, &(0x7f0000000040)="bb53a945842851722bb479853e60", 0xe, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r5, 0x810c9365, &(0x7f0000000440)={{0x4, 0x16dc}, 0x100, './file0\x00'})
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000700)={'bond0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r0}, 0x10)

2.821147045s ago: executing program 3 (id=2527):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='cmdline\x00')
socket$inet6_sctp(0xa, 0x0, 0x84)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e0400030c"], 0x7)
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
r1 = syz_io_uring_setup(0x4076, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x0, 0x0, 0x0, r0}, &(0x7f0000000380)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000700)={'raw\x00', 0x0, [0x4, 0x100, 0x5, 0x0, 0xfffff800]}, &(0x7f0000000680)=0x54)
r4 = io_uring_setup(0x5789, &(0x7f0000000040)={0x0, 0x3})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0x18, 0x20000000, r5)
r6 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r9 = dup(r8)
write$FUSE_BMAP(r9, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r9, &(0x7f00000000c0)={0x14c}, 0x137)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000800)={0x0, 0x10, 0x2, &(0x7f00000007c0)={0x17, "6b47bc9142b3d10527e2fc4a0769486fbed08f18a696f461349a37ea71c219c704"}})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r9])
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000640)={0x1, &(0x7f0000000180)=[{0x10, 0x0, 0x5, 0x7}]})
truncate(&(0x7f0000000780)='./file0\x00', 0x0)
r10 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
fdatasync(r10)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_READV=@pass_iovec={0x1, 0x30, 0x4007, @fd_index=0x7, 0x2, &(0x7f0000000100)=[{&(0x7f0000003840)=""/4099, 0x1003}, {&(0x7f00000000c0)=""/47, 0x2f}, {&(0x7f0000002840)=""/4096, 0x1000}, {&(0x7f00000002c0)=""/138, 0x8a}, {&(0x7f00000003c0)=""/149, 0x95}, {&(0x7f0000000480)=""/157, 0x9d}, {&(0x7f0000000540)=""/141, 0x8d}], 0x7, 0x18, 0x1, {0x0, r11}})
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)

2.737062751s ago: executing program 2 (id=2528):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x4, 0x101300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
getpgid(0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
shutdown(0xffffffffffffffff, 0x0)
futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000048000), 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000080)=0x6)
futex(&(0x7f000000cffc), 0x6, 0x3d, 0x0, 0x0, 0x2)
futex(0x0, 0x4, 0xffffffbe, &(0x7f0000000280)={0x77359400}, 0x0, 0x4000001)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000007, 0x10010, 0xffffffffffffffff, 0xe5050000)
r3 = syz_clone(0x0, 0x0, 0x5a, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$setregset(0x18, r3, 0x0, &(0x7f00000000c0)={0x0})
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000002440)=ANY=[@ANYBLOB="9c100000", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fbdbdf256700000008000100250000000c009900c3000000780000000800c300030000000800c400880d00000410c50058b00e25c76abecb0bc2e910185c5ab7549159394a2f11fefaa1952c471fe35e3d684afcc6298ede3d4781bd0dfadd82d90fab0248e1431e512c133bdec0a856907a17a7324b151d291bc48882864ba289d3631b6af1998c85545d4f4e033ec8c25ac3ba0c2c76c98d5ab726f839a82842769d2075fc9340a7ad52aece07a0e017a3b7fd2b4242602fd3172d91392810a3f81c812b527dbcb17f4b01fedb427a0fb18324ea981f43fbb903f5e7ac8cb85bcec7f0a429eb6375e3e65f2dcfa4b7d2e701bcd0a8c814b66e4f43f3a00c3fec029b02412b3f7568ab8dd5476c780e65dcd678591c0545378d8302fdb96c06ac03b8eb8eb3a87d547d1e607cb353de02c6d9c463be7e9c7c29629b548e02e21ac2ff6c499eee4b3dfa0e9502c725f67cf2906b5e25e537e6c2363fa2e4eb38a7086ce8828645b83bbb0774027977623f9997b0b6c9b627c953d26de52a0000b183160334b2ed01d9f2c003145d08d131017a08993166d2f70a7e982de047dca18fe8c7e993b5bf355f9d6bebfa05768e48a378d1ad280e2bb8c4fd02018035c0f735af420a5a2b6b222714f2b405626dff13f6f8c9352ca8ffc00b50ee3a3bbd4232a5fd7e4d03221ee3e2c9c4aec20547f314e4f018d412c7a6a01fa28a173103a9c9fdcd03fa39b0ab658938636274143d91f96ec9ce5699e9f1b5ebf259795aa266f606aed1bd2c7f5346a5ef5528f2ddadc5203e12dde46475639eb4ddf17b32e40da54175b07633ea8732f1a3d16b52b976731dd5dcd32a6964a5a8322546f9a70b8a3b0cd3ee9abff524af515883ea27c62e6fc4646be5d5bff6195a55414800a125febd09218422299c2e554dbfa8dd6df27ef8c4c303d95f6f155d628a3bc438ab2f60748c37c6b7113f8445ec8baef07871f206b71caa66c97cde86394bec5a14cc793b3ef3a2beab5810afd79f68fa5727834630aaa99a3d578f36d11b7de79256bb81054e0e0f8fb7fd9681fc3fd27448da5eda45dc1c72edf038a36869117831bf81657574a8bf83a1bbe901d50b402e32cd51de3c9fb148075b909569e3772a7b4da29be7ccf866010afd7f8dfe1549aa8bc12167ffd25d4a24f0e382d7b183b4f6c4449144075687c4f337028dd5baf8e400b9278a9371dea66d6d93e5b5e8858169a971d5ddb40d0efbbe53c310d0739957f19779612b5c55106e79da6fabc44183cc628813d41b202f05acbe1fc17ae76cbcd8b02c7e49184d2cf27b5c3ebcf2d35906a18565924ff2f599ea1de21523aaccd9aba349e68db1d40d343630acae0e2b1e23dd2cbc771de902b5103b95cd0dacd9ccbb480a94c6dbd31be85900760733bf07a30f8891b1d9b4af4e654dc6ff9d7cef566c588c7e48e6d287337e39fb4630d621e87b39dc1c391739875c774662787629f44399f19844df666b9955f465d0f0a514b6076e868e3219a4d27a0eadebd5073423443da37d0c4c196cc96ea3ea2bad9462921705c872ef85967b9c656334ce1f888b6ebc35d091cff4a98f65425feef6e6f3e3ff6702af833e1f6a5b5f5dc7362e68b162b55972e28d9f18aa373c68b7544f32be3499188288a9a6f82f013df0c69753141351009572f11a56430ba1d050b46a07a26699311a8f1d3cbdac49b78bd8499a01242529b604bd6ac1fe5bf5a26a77d89b3ca4fb951894e3eb153d3881fec01e8a27b4ce45b6512fd575fb1195c93da449c699e01ec37ae1932e1d007113cc751160deaedadafdc6558d2edab144182d395e437a3a3555a5acfa53006eb484c8764de3b2c29b6be82123ce3aa41b3859939b06eab2c9009e000e48344b8722ec6e2189d525d8c81cbc7b8c04caa4417c76f1542677470e4ac05d199ecc06fa811640a4ae06fbf0100d23b770da718c43c875fec49d4587cb05f4a8f65177884de2df2d2ad1e0ba512757c3c9412be73f61cba21d6d4ec180a90999b3db4432b496e51ccc784ded383d3757c4b5bacf56a2e80cf87972ab41e1d77d7f76bd22feec574e1eb284398f119a6057c687979c5d11f599c30df655e3232ab74ab3d9f0b30ae7693d18e4f66cffe95859b1046cdcaae92fb5b2722ae002f44429e2f63020a50456d3f11c80821893af50640966602e43f4d285a7d771f8d71568631926626f8ff028486174c989260f788c9d867e86897980d04744b5dc6bd8ce6af60c757bf50660b9fcbfa5a31dd1c5fc60d79bbc86d69c2575450c12e7e59149ed274efd25d25f728d3f21e24594d7a92234984fc800264d5e69873618fb09cb09d1222ee1981a92ab57bcaa095efdc0fe1780fc8400a4df8ea6272e8be60d7ecf654bade40ee6dcf2acac579efc46f249fa26856ab24814b2516c0c56df4f2377042634b800a208d8eea1cfcd63735abc8a009bdb8d3e1cdf98ecd9d18fbf78e94cf5d0f48238dcb82d924cda7f077c720d8acb8c6f12e31013f7a9efb0f0acc617bedc405c20d009b63682d244f993ea9896b9d71fe5f12dda2cccd01e879afe0a8a8658f9f990ef68d6cced7a80df3bb562076a2408bc2c4d8906c2a80d38aa28ae3254ce2fd2001dbab1ee01a20c0e40d20f5c13cadb9b8feec2a48ee4917272377a6b61b199ebcbd33bed982aa977268592775f08b518393974e2b4485c7298817c028a9b92357f8c5670bc1741259d6d281893611a30ab6604df54e61fad6d3809d2a9d86dfc4a21b433568b4efb45579fd45c56f527b209c5f56b024173603bcb3371ae3925bf74247c3050dc663f7a25f8554629d3dde349c51fdbfba79f6a2ec5ad6ef86e07efb0a212bba7b74b1798ed61d1fa5c61372c00b5c3393008f2a79804bc001b4d4a4f6ea46abf026800cad5b9cecc12ea8db30249021b92d6f0e4d789a41e813e748d2397a61f365c1c801f1b07efe6d38c0084382e59d0eec04970a83dedb2984c735f1b5911a486d397610a81a2fce01faef617e4983c2ee5d7652f04e65b1da88172f4f3eef7d3a17a6f3de658705dc3aa5155fc44cfd9951483a0a86a2ae1c360845a40e6e2f01f0af5825be2d7eb5cf82f3f270e4d9a18622f794d5edad64e83d5a45147f74829bfe06ece4eb2085d0899c4a078754a437c7234cee33448944f59cd1425750caf03cb5abe0ca2acf68d2085fc5aae886e5bbe12e7f1819087eca8c2e0d913279cee2e6a8cfc9f95367b96af918a0c02f9fca7d33ec4a608b9d52946a80d34578e5d59e1196f51885aa12ebec7e1c4299db8ca77c2a6bbb3b95a1775a3bea69372cc7116a684b66e17461ce20f8f6c2c2c100258f7c01d781f677f8bb4a0665bba4cb9838b4d01a9423c234fc72029636313f482da8a583362f2f3efabce31d2e7bdf74a2132c188e979a0fa8ff2f88259f97468ced6c14629b125d13537f932e000398c5cd4b7b3e785089292eb0f902373d924545bff919c4af9d14b354e20a97576f955e8eec899f312ba36c4ba2fc395219207ba1985444ba1c46e179efbdcbbdc7ae9e61c6ebd7703a22986bef688b28e67ecf48b2e02674a37c721f81bb187ef1f2d189de89467418fe28d464c316f9707d78847c04969d222fe8ccf63a1cd58fdc86577afcdae402c871c6d6f22c1ce071a3e2ec6acd6d17f9b2d213e4f950e11a196849efd7f7af2704b5e10c13779df0e148ca61eba58d78ac6db84c41971d452532255a51f1d43c5e5a9590253517684a79b4cf9b1e08e0fca89292d38cdc24fec74e6e6643bf50b3ea422b7bf469b69a27135150d114719c54e140279147c58b4a94e47aeea532a0626b97b51a876790e6d042747a062a43772e228857e5ac7513b1f409261dd6a886434f70ea47ae0b006974a0be805a82e975baa32d307eb7817dd3095a09d083ef034105f5b84e414c8dfcf41d144880b77dd017d34e94ac3e0e72631a6714515bc117de0013c7e07eeeb6b6a0b93d6dad6700c11dd66558a91a4c9e22e729a74d613e0140227e0fdae0cfe267b5551fd281d73ee1c8d14bceb2453cd5bceda49b6909a0da8f60323260c8ba5425acc8473fafef0a206dcaea9c221b56aea6196c9d4806cedaf98f95bdb2ace66c551f93d37b75b346be5d530f5ed2770a870d3f326e2f8af8f680aa02e41fdd9dfb4b1d117ee29d5ed202010887b31ef20d685f27b2505d20c3c752dc8b6c73a9ef39161e00634d534c47ab8b0404a966882cd9ad5f61c0758e51f849e1133820dab9c5a4cf1ee59c6ada138f010eb0577f8a0b1f1541e9aa1ddacbf418f5566d6d50170d13449ecb7599cc7b064d7d3642f989c9a51dba1894549557c322003f2a794356686f3da56256ccf87df7e244257900999052da3e5206f10d5ef6ba79d8a396fb3cebc8fec0efd6c6b8302c8a5dc10f4b1cf025508829febed8b9e0423efd2646817892cd50ea00bba73cc3525e812d0a46995f7798e236ef32cf4d7687731fa6ba2d969b51510a828896bfaeee2bf6960f986634eaa149bddccbea70bd6911242bcf0095125eda89dadbbef4a2a13c1934e6809e401acc72f43d40979e7b209b79496da255f5ecad2e8d30bff849deb633458ab59dc60c6b16120d9a5320cf7c80ec3df574559066b024d298d4b50bf120c388ac3681ed74efd21321f3c46b5b36a699bf35587fb06ef79a891dcfcbaec22ddbf65c6c7a0eff70539779ca17bc51fcf3669db8069950f94fd6e7a0cc82d742b6ebb062b031992c784cc70efecb3ccd8358e5e374d416b9009afdb7a6d801329407400d6dc3bac554651b053edf52e04ec9fcc6287121f320f4a39ace4e24818c5aaddfc8b76257f600bffbf83ddb547fb4d0420c838d65b6671dd4e44da7fa5004ab3c31ca74f05c14ceb0adcdd4e1513780b9539efaa288d82558c21ac4f64e70c744cf93443f016bbce9d0ec083f16ee592ab6fe9e4adbe6a10b0878a238146731ebb39f5a04f985cf9c2d4a2bf68c3902e0c56b3d9d1c849782532d9c0bd534861e6884768dc2cde3f1c67ae3ce125aae479a7537fed4209a42fc1dab93c75d8698350b1ce2a189c233dddc020f71184df7f77e03a8d6dbc44377771e127281b895f1e7bc991a1a90bd558b91bcef11b5d3f1c1405983e7c6d21e040d2677a133b1d78dc96d266dfb04c4ca2c9ffe19a10c886411380ba75ea4ded3fd1d08d31e921dfb9322324b7de6e126ad6236feb17ac846bf449c1b79c0958880a592d1bbd15f6b8a47df8f0ab4d0113970e910e47202e9fa918aa9d5cdfbcabdfa41e9618f683c58eaf4b7c54b9f439357c3af5ac7f076c007815fece9f4177567b6bfd09019e9cddbb16359c0b1c2a638d375c83c6e4c3619a3d7b1b6222ce2922b66da4cae9227280dd9fdb8a67efcaca0f79350a843603582656f101b0b61645c62657aba8ea2889662abbaee656719361d53634553984d92a9d390fa01118cb51eee4a630d90113339fc83cff8535c17e6e758fcb21c8f31fecf9cae764f1a6925a39358e193637b77bc223d54aaa6e5ad09a372468553f6442db6b386e7f8965a761b1b77d464cf7571765120c0f073968b152b7ef4e2f919ec3a69c879544df76161bc61732791531a688bd25613fe78b530a566148ad2cd46b18cd153dd78292e4245cdbf5ef6a5bf049d5eaafcb43eaf89f08a2f79df98429399c3d52fb2718f238f62ceb608415bd517cf7bf52c96f1dd13a74f7432df384e1e69bcf64d7eb1f9f6e33c923e72886f73f70e33d9bc102ddba944aff03322bfd37b654b2d783c52e3ec8261914f5f4ffc134a7852b59d2c6948c98e7f477db423809d8b8077f90702af5881d35235f6000c5007ffa3a5a0aabca5dacc4fb16c0438809e054fdd634fdf5d15e0961782346175076d3e1880e0679405caa84fd8f872046c353ebe8f2926edc8880b82c5966910d4427d991f10bb4093c8e8ed6f4333722c2c8d0ce8080efd89c731b601e72935a6b656f0bd8593ac51c55d7f33ba37261c1e63ec477a3eb75ac18211e16da8750ec6d87"], 0x109c}, 0x1, 0x0, 0x0, 0x20040048}, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$LOOP_SET_FD(r0, 0x4c00, r4)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f00000002c0)=ANY=[@ANYRES16=r2, @ANYRESHEX], &(0x7f0000000080)='GPL\x00', 0x5, 0xc8, &(0x7f0000000680)=""/200, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x6}, 0x90)

2.725467467s ago: executing program 3 (id=2529):
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYRESHEX, @ANYRES64, @ANYRESHEX=0x0, @ANYBLOB="7fba3a14c8bd54af2fa3840e0cab09b997699c8f2bca49907304fe97e3a49b82ebcfe00c91e8f981d8c27825c780c52f06c729d70fb68417a2b8f7318facb8284f50362c4ad1973ec0dd6fa9619a83686d142a0e95c92336ccb5962f8de867396d8d57952a5241fdf852269ab1462191bb00c85d575201066d4c33865e988b393eba4322d6e0b907f46d7d2103f0d21ac757ff4faa1fd4486c2f019b45a3110696b4f872308356f2109f23ee32", @ANYRES64], 0x7d)
socket(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x10}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000000000000000004bebffec850000006d000000670000000500000095"], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x0, 0x0, 0x80, 0x0, '\x00', 0x0, 0x2}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000240)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r3 = fsopen(&(0x7f0000000100)='proc\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = fsmount(r3, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@bloom_filter={0x1e, 0x3, 0x8, 0x7ff1, 0x220, r4, 0x7fffffff, '\x00', 0x0, r4, 0x0, 0x2, 0x0, 0xc}, 0x48)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
syz_emit_vhci(0x0, 0x8a)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r6, &(0x7f0000000a00)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @remote, 0x9}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000003c0)="79408ec3004c410b00012319c6a502980fd78906f311dda17577a450cc0b218dfa636d436a5018a3e58cd13bbc", 0x2d}], 0x1, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}], 0x1, 0x8008801)
sendmmsg$inet6(r6, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000240)="21dc6244dbe91a69cba300887ccef2bb07de859a09997a5af3749e742135099e561308c80e406c6c", 0x28}], 0x1}}], 0x1, 0x0)
socket(0x0, 0xa, 0xaed)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000002c0)=@newsa={0x15c, 0x10, 0x1, 0x0, 0x0, {{@in=@local, @in6=@local, 0x200, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@mcast2, 0x0, 0x6c}, @in6=@remote, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4}, {}, 0x0, 0x0, 0x2}, [@XFRMA_IF_ID={0x8, 0x1f, 0x4}, @algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @XFRMA_IF_ID={0x8, 0x1f, 0x3}, @coaddr={0x14, 0xe, @in6=@loopback}]}, 0x15c}}, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r7, 0x0, 0x486, &(0x7f0000000140), &(0x7f0000000280)=0xc)
socket$inet6(0xa, 0x3, 0x4)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

2.658480228s ago: executing program 1 (id=2530):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000ff7f"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x25, 0x2, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0xfffffffa)
r6 = syz_open_pts(r2, 0x0)
ioctl$TCFLSH(r6, 0x540b, 0x2)
r7 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r7, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
syz_socket_connect_nvme_tcp()
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f0000000180)={0x2, 0x7, 0xd1, &(0x7f0000000340)=""/209})
ioctl$int_in(r7, 0x5452, &(0x7f0000000040)=0x5)
ppoll(&(0x7f0000000080)=[{r7}], 0x1, &(0x7f0000000240), 0x0, 0x0)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r8, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4)
bind$llc(r8, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r9, &(0x7f0000000000), 0xffffff6a)
sendfile(r8, r9, 0x0, 0xffffffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)

1.869584706s ago: executing program 0 (id=2531):
r0 = add_key$fscrypt_v1(&(0x7f0000001000), &(0x7f0000001040)={'fscrypt:', @desc4}, &(0x7f0000001080)={0x0, "ddbccf094c5457df7a3f7457a4e81d59f6bffca5bf7c026c91255969954a3cec19ae878c0ca3fce72e29df4e4dbd001eb127ffbed6cc47890c19c3edc50daa56"}, 0x48, 0xfffffffffffffffe)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000008a06a61e9ce518bca04a06ac43000112768a6670619d2608f40001"], 0x20}}, 0x0)
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='\x00', r0)
r2 = socket$inet_sctp(0x2, 0x2aefd8f449a37af3, 0x84)
r3 = socket(0x2, 0x80805, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{0x0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
ioctl$sock_TIOCINQ(r4, 0x541b, &(0x7f0000000000))
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000080)={0xa, 0x401, 0x0, 0x1, 0x0, 0x5, 0x1, 0x4, <r5=>0x0}, &(0x7f0000000140)=0x20)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r3, 0x84, 0x23, &(0x7f0000000180)={r5, 0x10}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000004c0)={<r6=>0x0, 0x20, &(0x7f00000000c0)=[@in={0x2, 0x0, @private=0xa010101}, @in={0x2, 0x4e21, @loopback}]}, &(0x7f0000000100)=0x10)
r7 = dup2(r3, r2)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x6d, &(0x7f00000006c0)={r6, 0xc, "6a05fbbc08363aa72e0dd60d"}, &(0x7f0000000700)=0x14)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000300)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240), &(0x7f0000000200), &(0x7f00000002c0), 0xa})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0]})
pipe(&(0x7f0000000440)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = fanotify_init(0x200, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
close_range(r10, r11, 0x0)
r13 = dup(r12)
r14 = syz_open_dev$video(0x0, 0x0, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r14, 0xc0205649, 0x0)
r15 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001580)={0x11, 0x1a, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000800000020000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000b7080000000000007b8af8ff00000000b7080000040000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="006b000000006100b705000008000000a285000000a5000000c010f0ffffffffff95005000110000005d8c79db8c943bf5bfbb1e374254340c1776135732137df87cc3fb7bd8c2d15ac5783048911432709d2e95b86816e7cb00083dd3c06457e869001f3c4cc39d86d280e7bf2bdcdbce03b084643f2ad87af11aedfa09e097bfa9e56dd11348f47a44f554878261ac8793768ba641cd798b6f6a13b5a2fd45a29e810ea808"], &(0x7f0000000080)='syzkaller\x00', 0x5, 0xbd, &(0x7f0000001440)=""/189, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001500), 0x0, 0x10, 0xbd4d}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001640)={&(0x7f0000000340)='f2fs_lookup_extent_tree_start\x00', r15}, 0x10)
syz_io_uring_setup(0x724a, &(0x7f00000003c0)={0x0, 0x8, 0x10100, 0x0, 0x214}, &(0x7f0000000200)=<r16=>0x0, &(0x7f00000001c0))
syz_io_uring_submit(r16, 0x0, 0x0)
splice(r8, 0x0, r13, 0x0, 0x100, 0x0)
write$eventfd(r9, &(0x7f0000000000), 0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r3)

1.8689338s ago: executing program 3 (id=2532):
r0 = add_key$fscrypt_v1(&(0x7f0000001000), &(0x7f0000001040)={'fscrypt:', @desc4}, &(0x7f0000001080)={0x0, "ddbccf094c5457df7a3f7457a4e81d59f6bffca5bf7c026c91255969954a3cec19ae878c0ca3fce72e29df4e4dbd001eb127ffbed6cc47890c19c3edc50daa56"}, 0x48, 0xfffffffffffffffe)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000008a06a61e9ce518bca04a06ac43000112768a6670619d2608f4000100"], 0x20}}, 0x0)
request_key(0x0, &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='\x00', r0)
r2 = socket$inet_sctp(0x2, 0x2aefd8f449a37af3, 0x84)
r3 = socket(0x2, 0x80805, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{0x0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
ioctl$sock_TIOCINQ(r4, 0x541b, &(0x7f0000000000))
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000080)={0xa, 0x401, 0x0, 0x1, 0x0, 0x5, 0x1, 0x4, <r5=>0x0}, &(0x7f0000000140)=0x20)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r3, 0x84, 0x23, &(0x7f0000000180)={r5, 0x10}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000004c0)={<r6=>0x0, 0x20, &(0x7f00000000c0)=[@in={0x2, 0x0, @private=0xa010101}, @in={0x2, 0x4e21, @loopback}]}, &(0x7f0000000100)=0x10)
r7 = dup2(r3, r2)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x6d, &(0x7f00000006c0)={r6, 0xc, "6a05fbbc08363aa72e0dd60d"}, &(0x7f0000000700)=0x14)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000300)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240), &(0x7f0000000200), &(0x7f00000002c0), 0xa})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0]})
pipe(&(0x7f0000000440)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = fanotify_init(0x200, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
close_range(r10, r11, 0x0)
r13 = dup(r12)
r14 = syz_open_dev$video(0x0, 0x0, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r14, 0xc0205649, 0x0)
r15 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001580)={0x11, 0x1a, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000800000020000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000b7080000000000007b8af8ff00000000b7080000040000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="006b000000006100b705000008000000a285000000a5000000c010f0ffffffffff95005000110000005d8c79db8c943bf5bfbb1e374254340c1776135732137df87cc3fb7bd8c2d15ac5783048911432709d2e95b86816e7cb00083dd3c06457e869001f3c4cc39d86d280e7bf2bdcdbce03b084643f2ad87af11aedfa09e097bfa9e56dd11348f47a44f554878261ac8793768ba641cd798b6f6a13b5a2fd45a29e810ea808"], &(0x7f0000000080)='syzkaller\x00', 0x5, 0xbd, &(0x7f0000001440)=""/189, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001500), 0x0, 0x10, 0xbd4d}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001640)={&(0x7f0000000340)='f2fs_lookup_extent_tree_start\x00', r15}, 0x10)
syz_io_uring_setup(0x724a, &(0x7f00000003c0)={0x0, 0x8, 0x10100, 0x0, 0x214}, &(0x7f0000000200)=<r16=>0x0, &(0x7f00000001c0))
syz_io_uring_submit(r16, 0x0, 0x0)
splice(r8, 0x0, r13, 0x0, 0x100, 0x0)
write$eventfd(r9, &(0x7f0000000000), 0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r3)

1.696345326s ago: executing program 1 (id=2533):
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x620500, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$key(0xf, 0x3, 0x2)
r1 = getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000000240)=""/95, 0x5f}], 0x1, 0x0)
setreuid(0x0, 0xee01)
getpid()
mount(0x0, &(0x7f0000001580)='.\x00', 0x0, 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000180)={@private0, @mcast1, @loopback, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x10200})

1.681531322s ago: executing program 3 (id=2534):
syz_io_uring_setup(0x231, &(0x7f0000000180)={0x0, 0x7556, 0x10100}, &(0x7f0000000000)=<r0=>0x0, &(0x7f0000000100)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f00000009c0)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000300)={0x0, 0x3938700}})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'geneve0\x00'})
sendmsg$nl_xfrm(r2, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231306e53f070c0000002a9000070d00be0083"], 0x0}, 0x0)
syz_usb_connect$uac1(0x0, 0x90, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f00000004c0)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r5 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r6 = syz_open_dev$hidraw(&(0x7f0000000080), 0x4, 0x90043)
ioctl$EVIOCREVOKE(r5, 0x40044591, &(0x7f0000000140)=0x5f6)
read$hidraw(r6, &(0x7f00000000c0)=""/107, 0x6b)
syz_usb_disconnect(r5)
r7 = syz_open_dev$evdev(&(0x7f0000000200), 0x0, 0x200040)
ioctl$EVIOCREVOKE(r7, 0x40044591, &(0x7f0000000140)=0x5f6)
getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, &(0x7f0000000240), &(0x7f0000000280)=0x4)
ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x401c5820, 0x0)
read$hidraw(0xffffffffffffffff, &(0x7f00000000c0)=""/107, 0x6b)
syz_usb_disconnect(r7)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12"], 0x0)
syz_open_dev$evdev(&(0x7f00000005c0), 0x0, 0x3dd382)
r8 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x40000)
ioctl$EVIOCSKEYCODE_V2(r8, 0x40284504, &(0x7f0000000180)={0x0, 0xe, 0x0, 0x0, "d88fd87f1ad6eeb75a957fe0213b2e100af028f0030b2eff0b61e6e66b8f37ff"})
syz_usb_connect$hid(0x1, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)

1.566057363s ago: executing program 0 (id=2535):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0))
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000080)=ANY=[@ANYRES8=<r2=>0xffffffffffffffff])
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r3, 0x4b63, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r4)
pipe(&(0x7f0000000180)={<r6=>0xffffffffffffffff})
tee(r6, 0xffffffffffffffff, 0x81, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x30, 0x0, 0x800, 0x0, 0x0, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x380000}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xc8}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x20000002)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000080)={'wpan1\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wpan3\x00', <r8=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r4, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYRES16, @ANYBLOB="4e6282993604d1f69e2a22c72ca51dcdd9369feac6fc2f12d065e436c53c1ba9abf4beece57818bb3b7d32f360b99795969c7393e223f084642111634256c8fb109d1dda2c1feded478a2f4f3342cfd614107b12bcdab9460bead9c200003cb17166ff985b0463b49c79cc53617b099a8a83b33744dcd3852d8aedace2ff6e959f6cd4da45b56289e3ce011351ac7e1a33bb8381", @ANYRESOCT=r5, @ANYRESOCT=r2, @ANYBLOB="80002f8008000100000001000c0002000200aaaaaaaaaaaa4c00038005000200030000000c000380080002000200000005000200010000000800010003000000080001000000000008000400ffffffff0c00050003000000000000000800040007000000080001000002000008000100030000000c0002000201b91a7057d82725aaaaaa", @ANYRES32=r8, @ANYRES64], 0xb0}, 0x1, 0x0, 0x0, 0x20068080}, 0x7e04e557481a6e82)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)

1.563254281s ago: executing program 1 (id=2536):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000020000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
close(r0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={0x0, 0xff}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, 0x0, &(0x7f00000002c0))
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f0, &(0x7f0000000480)={'ip6tnl0\x00', &(0x7f00000005c0)={'ip6gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}})
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x64, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@rand_addr=0x64010102, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote, 0x4}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2, 0x8}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xda, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r7, 0x0)
r8 = dup(r6)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=@newtaction={0x44c, 0x30, 0x0, 0x0, 0x0, {}, [{0x438, 0x1, [@m_police={0x434, 0x0, 0x0, 0x0, {{0xb}, {0x408, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x802, 0x0, 0xa921, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}]]}, {0x4}, {0xc, 0xa}, {0xc}}}]}]}, 0x44c}}, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r9, 0xae9a)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000300)='vegas\x00', 0x6)
socket$kcm(0x2, 0x0, 0x0)

1.370109547s ago: executing program 2 (id=2537):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$media(&(0x7f00000000c0), 0x0, 0x0)
r2 = epoll_create(0xb3)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000002c0))
syz_init_net_socket$rose(0xb, 0x5, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r7 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r7, 0x40045730, &(0x7f0000000080)=0x7e)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x20, 0x1411, 0x1, 0x0, 0x3, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x0)
syz_open_dev$vcsa(&(0x7f0000000000), 0x7, 0x42080)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r8, 0x541b, &(0x7f0000000000)={<r9=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f00000000c0)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, 0x0)
setsockopt$inet6_int(r10, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="60000000100001040100"/20, @ANYRES32=0x0, @ANYBLOB="7b130000000000003800128008000100677470002c00028008000100", @ANYRES32, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB="080003000800000008000100", @ANYRES32=r10], 0x60}}, 0x0)
close_range(r9, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

880.913038ms ago: executing program 0 (id=2538):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="7472616e733d66642c6266646e6f3dcc455e5c4381000000f3b5c7b310f13207e4b9986f0bc13ed9ba27f9b1e62d370592a8953ae531e779984efda95da5e861ad76aa1794278bdf5663e17b7bf794d38953a9755297c95cb80bfdd51da3d49719450f4c71838460ef5d430090c4af91940d8a901aee46abf1df61c9ea5e74bbcf74dfbac56b2ddc21575bd6cc3378380ccf682908b7e64164d01a7fab99fcfb55ad0440594f960326f238215e13a3e8065add780020eabeddea6195a1ff063aefcc5413a52420c2a8589bc0753fe787e8e2a890cadf1b87dabffd8f27d08d698986fc07dcf0303d57413f39b1478cd155255c429b7080", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',\x00'])
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
r2 = syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0)
mmap(&(0x7f00003f7000/0x5000)=nil, 0x5000, 0x1000005, 0x110, r2, 0xffffe000)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(0xffffffffffffffff, 0x0, 0x0)
connect$l2tp6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x20)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
connect$inet(r4, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r4, 0x0, 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r5, &(0x7f0000000300)='1\x00', 0xffffff4a)
write$sysctl(r5, &(0x7f0000000040)='2\x00', 0x39)

836.064048ms ago: executing program 0 (id=2539):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000001480), 0x1, 0x0)
pwritev(r0, &(0x7f0000001600)=[{&(0x7f00000014c0)='{^%', 0x3}], 0x1, 0x80000000, 0x80000001)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
r2 = getpid()
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x2}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000100))
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe)
shutdown(r5, 0x1)
r6 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000000)=0x17)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r8=>0x0})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0x9, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r8}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
writev(r7, &(0x7f00000002c0)=[{&(0x7f00000001c0)="9a269929f8e02c5105d2456ea938be8afd73784a59e22bcadb36746db5c4e31767c99253c4038c7c9aeae4d6c923fdbdd46f0a87f79f0a61fe08a604aa19dece5a21ba73ffc699b960679bc380b72a0a0aa6487431d41fae4741542b740c3f7789f03ace58c1a8c2fcce2b4e55da85e6d338e3262c68c9f32a88a220f5049f2b9ba38b5d230b7abab7be8e8b64e541c9f24c7675483137d6bf7a21df800ed33e5bea0e957b3efeb1960e8ca89401ac", 0xaf}, {&(0x7f0000002180)="d6913a36066a4d0c19989ec30c3ed6780eb0fd4315be0daf39a01162d4c3fca5204fd24ab5f09fb16dcc52d440a36fc820f2ea90a0dd84192c40d800c22210ce850c130e231c2d4dcb5ca389d401904925f8cb384033d5d34c8de6a07fd64e5bed2178e1cc3d7010d74c5712c13cbe1ce256d22695c2612b2be8b996660f509b78e4265c69d4ea0140b1c73858e98b02ddd6556b42e54aeeb1e4f3a5cd51768d1f51e167f9e418a3e27769bccbbe378bb83a77129002c7ef6d930dbec66de57b19110580ce6cd2d8c1181f5cd3ff0693c32a51d047b8ca36cd86db0acfe63c23417e8a440a97dae7ef3f4869005aabbc3e49f0c13bfb0473a6c3d19ebb7054ca7e110ba7a19eaaa0f62c7640a81155dd5aca719a9a7c0686c72895707eb43ad3de82224a0ffe9ccce8b6a15193cd91873713915a86b0a626d312b416cb5d3f580c8aefe4c71f64fab3a8aed0c8ee22ad37060a266e5095b0339d1ab4802ac23c9c1cbf4ae5ee2433fa6d73925e95711fdc12ead6d057a31b651c887f1945c81abaad0b3b6056114319d8f7b3c6f69ef6eadd359d73a7cd5cd7f1db9643efe2bac5f6f7423ddc97e5154b0eeb85faa37b6064bf8ba0b76f16165bc1c39ff68813c22ca72dd774192fb900e7d1c153e97f66fde7cfa3cc29a747cb9816fbde61049c692efbe92587245788f9dbd169a09d8bdc410afc35a1e48d37b3793e2008f3fe927464ce7a738d63e0922a6063325198a95f608127847dd9d952a2a872058065fcea679f3aa8a12a5285b87bf96ff1916d0e863050c78e195e2bea82cba3510158f3116859ee0211e2a73054c90fd567993383e6736efc6d97caa8a75a2959b4a153174007ee59bd727492c2312705525b2a6e8386ff8708be6918b2ae67bbd5ccb29c449daa775b088c50a00c2f58ba98322468a02e11053be9c538d209ad1a060a8269d04a5630d98125bb3bbb1bfbf9cbcb8ecac33764eb9a8823a155909dd9468bc910c746626e6e82005e136a6a94523cf0389f441773974de112ef62638c5951a38dcd6a590f04f00086e13edaf1d470e1341438094b2dc72c47f7bfee6c443aef15d9845cf6f47e3876abc02d75a50567956ae021709f589745df4b629e292ecd54ff468ef93626a2ae05c8abb7cc321f6a707628055d559fb81cb0701bb1191d0a37b7ce61c82b442e87e29af2192e0dd2cc95c6e38162a0a9948de67240d52290146529e3d873b9fd388323263cee94468db58152e2f247fc04058875a6396c2053e73daa0ffde643359ecf6627384cebc47d8a101e57aedf643ce2aa7df944cc9be2b9b30cb1b45b8041b3242d79d2fe807ef44b8d024f7e785837ba44b1b9b2febda4d77df81d95c132a387af17e36c2c2d63ebee87c8c878cd1875d0b292017bb91d0e275d447f09d93f982acdf871e9a55b35a647e0e341a635d21693f0533813beb24af2f594cea433124d781929841736b3c1d0c25724aef7e4f15e2befdf1db99475c0896eecd5a37d7a80c523e1084260ac81c545494a6dccfaf6fb4712260f310504b2a232d9b3b657a68ec8fe21e02ebe3f56a88db125ad4ebfefc5ef82db064b4c2185750f57e8a880fa2f76580de1c6d3fa2c3646d3c1fca70eed3f7b8681e5bf7d9d800e8ddc293ce8b708060b5eebb7ee957296fcd68a34ae6d46689592c88a9437f7c27890913bedd56031407321bdb4ccd5162d636db3c90879835bb30cddb435e3073c6d80c0573ef068de4f337784cbb36229c738b939077c0ef030a6855096ff5623f4b58de38736ef3b8e94f82033664a9a3853c11381f406d4602f4e2c23e0491a939d43c81a7edd5a61839bfe3ca0019dc2dd10b07e151fa05a5417615f306b3ac1f5b9a48d5e4ea0b9f2882bf4023f1194b61ac4dd97785623729be329d2a39b115ac8615557161710b8e6428d93064a94eb6bdf97132be90d75b6fe4514d2ec14c227434bbbe400137cf70d4efb1b15be7d12611ba015b0a427a51e5ccb6075a015fced9de675a1292feb8828544d40ad4699b210bd655caa1708685eb124af19e0c2eb7cce0e94d9c04f6c2f2910f086fd5ed0b3b9e194e01cb54b9b3e15eb4ff48119f2ec51f644b04461d75b20f6d0b40e75d891d35b264c377d0c405a9b96e88ca177b28b0cd673dc2420fd268e70df790b6d985547ea6ef83403dd6444df05eea3cc3401b888bcb090e0470ec3ed911ec1bc650bdfa9e0fbf336f7e4b25775dbce55569317bdf0154905e7e0821d2d21e608784cd669826a56436ad2f2a49532d3e2ecbed59ba37b7523c2fc709483446dbc8afd5ef7f3fa8d785fc718980d059564af4adeabde380d22f40cb6de72ee172368757876d40565fa239e988f3e43364223e3765d25edeb68a6382d7097114400c3f6a7a62de28dba0207039854d562b1329e941bea6eb0f510d7d2fed9cf87dbfeaa15df26e2d5e13f80f89907f78e460bc6c35bb317e282e112d7e8f6036f586e72d2dcd62ee2e1e6e9fc1f0d9cc57edf9c3147dd3acdf0a23c3025ca97f9e7df471ed56008141be275b620abcc4f6b9fd8c868a822c40a1a0a48b292cff71d5090b5c56670e573e7847c43ade95db225435b132064c7a79820aceb10afe34a6446c3be4341ab485b0bd437ab11a91cf7b4db6a62a39ebd8e040b4566a8b3c7e8c01f05e9d09f566ddd8f0ed84b5feb99e45fe192f1372d79fd89f5a8bd83aa834fa532c23f973d8d2ecdac97177c7671092f6afffffa673935324fa90320cdbb7907e8f80916bd0b424a8738f8669c17db065f8c707021c04d9bef03346d76dc1bac09d1e8b3c5c8fdec95261d1a42bfffbd91d73330d0fc543e76ac68122f5cbc6aea01d273ade257b2ece5e4a055ce0f9b02c85c57372e269643b9bfac83e43b47495045997f14525611e7b613c8f67321df25cc383d2bd3fbb37f7c80084d34b8e51df3be031f055a3c33abc1e36f46a66509c7484093dd54305123c2ee858069a84a9e70080133b69477b12696d6701c369b6761a86eea7bb3b1b67f41713f9f496297a67ba1d3e310340a75e8c9a049dbb57ab0e66430ca212d9a07c4f7798d3fdd86282e112b55fed17713d93d9b0c96480b447f1e104cfbcd7e1ff5c34873b1d55642643a2bdac8817ce50c8c9014aa646e2cd8ba7cd6cdcca5b5f09a75d2f95a1ae8d0e8d9e5a9f498981cc1bbc68a41de0ba8d27edb5f833e4183b8377691973c2d546f95e37dbae2ab3512d21990d7ec3a1ae60fc74afe29e5644b75b6c9e555175a3e32beea181c70de21785631b7013baa56e75030e16e9212720b5348c1faae77be246d02aa0dc38bce108f6cfd0076a015f6ed5140a2042f5642237a94eca82e298ffc61cc17a1a28bb7c846e2188e13453159812b709906def4457d3faf82441e250a278000221f193aa5476c27a1c086e98576df2b27c5797e65af4c9bed976ae074770b8a4c2c08538caea4a42dc04fbd1666aeb5c17720005a50d7f353a08af248f80c769a17aa9fb2d5547313d168457140713544cdcdac95fe7a03c49ab54a8bae182b914ed5f95765eb914761ce72cf8e6677431c6b67ee89c9d91c99d79f2b737600b4b38de7a1759191a4678aa1e48c80dab066af19bb1299edaa465c3097ff4365c6fc4052d543395676d7a7da21c21f86924dfacd82281a6bc703a7427c774dfcb15112309c2a7cf2caabcbfc9b196bbd3c1f4839fa903f70ad58f7c8e3d236e0f8d23ff245ebd7eb23d755c0d3b521799a86ddd300188b7c97a3669c4240383f39907900d36a4a77edae181ad889a400086f53d220c53b2a2bc0c6e126b822a10e970c1fe46f7795dc8175bf11c69acd78d1ad71fbd74d14ac2ef405528e18d44b97e73d37f5b7399bc28a06a6f9ae8cb80c5649e8156cfbefb5a44c56a54ae71d0d6e16884b782aea29ca7f6cb84820f089c7633934eb13bf588d2371a105795180b778fd36940e593aa9249bf8f196f578fb009977cbd3f5df93646a660965e63df7c4c31f81c6c664c332fd64a5f8566072124b2f5d21265fb18c83165ab7a35409c158c4062513998283a100b58e80698889c23466aa463940af7955fc17f34ff162c9d27d7a8b9368be12e2fc1b454448f6bb2b41ee46620a13abecd19258bcfe3405b81ac627ee8ab7cc24afca52ab9bcd489464f8efabd3861c8397678cd77fe33f1dc6b2ca40b7b432665b26d165d9309a785b1fc306117221dedd3c6f048976b8deefdb28f15f4e877dfeb1da298c2dba77a5397db9e7952e26f9d0abd247fe91553d0dbc769e29c336d172ad968bd3c6d4e666c2550a3ef77743944df8dc5412ddd918d40e16a4891f56c7f0718112c8d52ae8aee32df11ca76f8cad9f17add6eeeadfa45e2404a5dc9b4d33b3ea8dc23e2346607bae4ee1168f37472b59c97836c0a483f4d1801aea8d9ed30ebbf84a229d23bfea39adf617016a410d512afe53c50b11d1db253cfa30ad7ea268ac7463c027c0e7c4ffbd5647c21885961e3af481b8c6ed3c2cd5ca7264e0538a815d1f23e1cacf30072e1a20601b65dc38f7c5862fa4bba86f9f8841d487d41079737e8e730ac1089b86694753f911571f1b72647ff718c6e427435878c24dd7898f445b877e8e8ea28fc0bd384154295f9704ef93e896d3c01ed227013ffea468c4cd8068ce8357c5e2e5d7e00ab9b570433d69c2e737151c059144bc66fb6ad82b5ff28647c9146832a1f4a15fd8aeb908800ec5aa38ead3eaca33289904e8ffc242eada9449ab7baaf0c3b85aa2ca72d83b690e6f2bfb1a0629367fc00f8e93fd644a80fd101842212063df1e8b87b92edf30f65e680ed4a6e8aef6e23d0eeba1ca27baeaa536458b456017eb75662cccf52a868c831ac264634e9d228a98e14d9716a817787ac042308215b9ea14e2456345377a4c52d108e3a9a0caa4ee9f6c5e6fcd68e46a22c59c9f34237837da4cf1f9190773801b7d83858c974107124a5c61aae1012c71d0f9d5b035c182dc41a90b827509455ac63e8a0fe4dd2172f4", 0xde9}, {&(0x7f0000000040)="09ef5819b9", 0x5}, {&(0x7f0000001480)="c485465c2d05fd8dcd9e4179ff2947c1af4d6223f800567301adcb4f0390528574bba9739417c2ee6011e5e7b24d7245673f996bfe7f5e3e4496a326d5bf9abe83cf53c62011a5613223936132a151145540582bde4b810daf9052528cc615f0052ca93a7dd56cff3f63179625e532326889538b299e05e6de5a29918e38ef64f84ead776bb67188323ccf2e552ed3ac268e9a07ff632620f0e823e393ebf809f88128f2801e4e5e578e939d63008e7ffcbe690614b470c75c03b5a6f49529", 0xbf}, {&(0x7f0000001540)="fd61e60563d0b0abbc7e10d70a956723e2ddf295e0101765ca3b572ce57abb27bc15b7101599a78a4102147d8d8277a76bca45beb91bed6122a50a35861a5052b4e129e8d890ac26e5a2379039606b02915f162fd070ca3f6387161257a703b619764b911e84763ef02a050650956570213448e5bdd362d6f8858d270e885f9ebbc50d986689fabd1b2ee85ea9d314e6e351502cc3c61f26962567ed3e5419178e778025db5ede28e3ade48e5e8ff16c3e4bf326dbb6a69b06812b49da7ecfd6a9942e4cf158d3ca7c106c6bd7382d40231696955e69dd87c62b9b7f332a66f4", 0xe0}], 0x5)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000340)={r9, &(0x7f0000000400), 0x0}, 0x20)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
socketpair(0x3, 0x6, 0x120, &(0x7f0000000000))

818.108588ms ago: executing program 1 (id=2540):
r0 = syz_usbip_server_init(0x3)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000100), &(0x7f00000003c0), 0x2, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020100070c000000000000000000000005000600000000000a00000000000000fc000000000000000000000005000500000000000000000000fc00"/87], 0x60}, 0x1, 0x7}, 0x0)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(r3, &(0x7f0000000000)={0x23, 0x7}, 0x10)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x2}, 0x48)
symlinkat(&(0x7f0000000240)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000500)={'ip6gre0\x00', &(0x7f0000000480)={'syztnl1\x00', 0x0, 0x4, 0x4, 0x7f, 0x8, 0x42, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @empty, 0x40, 0x700, 0x200, 0x8001}})
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000001440))
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095000000000000008fd561040125520c3dc179be8e29a91932099b649acae5cbcaf23faf564b03d5c5692de49a3ce021cf473e4d61182b1656c011967b367b137a0bf40861d11d35d37efa89a0d9e6df8bced027f828cb533f67547736d69681549e07c1d70a37d1ff7eede60d33c4c098c9602bfa7cea1b42fdcae2d289b2bc89f80b695df1ed16babf4e1af06255f408e81f6945599aa5175f546dc6c2b6637848a7d17fb01f749c9e01022072"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000680), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r8 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x0)
ioctl$I2C_SMBUS(r8, 0x720, &(0x7f00000000c0)={0x1, 0x0, 0x2, &(0x7f0000000040)={0x0, "0a0dffbff342de086d0ecd551ee7b16eab815e6234c7dece48bacf6f78c7da6647"}})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000bc0)=@newtaction={0x14c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x84, 0x1, [@m_tunnel_key={0x80, 0x1, 0x0, 0x0, {{0xf}, {0x50, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @local}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xcd5b}, 0x1}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8}]}, {0x4}, {0xc}, {0xc}}}]}, {0xb4, 0x1, [@m_tunnel_key={0xb0, 0xf, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @rand_addr=0x64010100}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x751, 0x8, 0x1, 0x3, 0x1000}, 0x2}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x6}]}, {0x49, 0x6, "3562b5ee1444960ff9555d238840bb6f0a02b9abc7771c68e2f46ff5f185d367768ac8e55a9693396157a1f88e6650195d352b74efa237ea79c5c17dad9f5604bffab00e33"}, {0xc}, {0xc}}}]}]}, 0x14c}}, 0x0)
lremovexattr(&(0x7f00000006c0)='./file0\x00', &(0x7f00000006c0)=ANY=[])
read$FUSE(r7, &(0x7f00000021c0)={0x2020, 0x0, <r10=>0x0}, 0x2020)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
write$FUSE_INIT(r7, &(0x7f0000001140)={0x50, 0x0, r10, {0x7, 0x26}}, 0x50)
utime(&(0x7f0000000e00)='./file0\x00', 0x0)
syz_fuse_handle_req(r7, &(0x7f000000c680)="1cb93735169674ab14940b0ea7d620ac109230a351b270f991f70d0269180d859141a46d60ffbe9e1465fa57c377c8fd32f9784ce31ef4796ee2ecadc06d1f66453a8ec8d5b3f3e870009bc07f435252460427d29d5aaec6893e15d91c0d1d140efea7f0fb2da0dd5ab7f183cd77b0c5a48f12f0baff61f97dbf0f99910580e694931a8b5ad2f3765acfe411329349374cd9f861dab2704603eb8e15712bfdb3abfac9765a3f287039215e58e57f038c294011d75624d3d5d61b35e624c769d9b938f1acfa4d559edc86a7bf14e9e000123fbda520c63b3e24188e31f3d1bb8ce76148e62f9bf873a184907fcbd89cc750936dcd775aea9283038ffe15aeaf0abb807d9b7275c34ec0ded259a04fb7a82b4ab549b35fd2ef978e92a331bbdaddd3bdcbf1ea87ce4fe54b45a6a9d2da904b57462f5dae299b2880f5a1dc8ac7dba3b3b87cf5ffa1f94d9de656bc25eac87b8d7c435ad80dc69f1f354bdf4a9fe5801f6790ac24fde94e42d6155e007079e41b9cf5c2035b2ec0ec258dd972947f517d6c82c366e2b27b18edd52e23530559362a38f6530e54f854f8723dc7b0428ba5efe6faa170ed4b15606dd1a38644189d78d695e8ad046f900df8a405b4082a1f075ee5bb6dc3f13af71db2c763fb2dfa81bad5084ce019c7aedf7de86ccc07e2dae6a134dfb89e2be0da93e66a076c063abad0200f3728c0b1a383ede4ec7207d13f7c10d39e0da6572c8b8b9d08000000412d6fdc90949e52e8505f23d1c4d5475b2909fd0340b1c1b8be8ef69da6d11a3235742ac8ab886239b21aa6268d3c5c2ca227403f55ba517881ba0352234bde59de8602541fd33db5b9e0b10681b3c392d9ce83215acf51641df49e2960b1c3b8431d1d8ee15b44402e6b8501bb8989fdf581a26f94ba44e805a270c779c9ca4fa1b7df509567c5ae434d899940e8ffffebe93c7f54941578b5901af746b3778d40a868f92b60ee7c7befb89443c08e730335c608bc6113db7055ca59973c0fc15d46b4ea8201d4882333adf78e4886db8dc87fa6b0fed8e173c61fb9a50044b598127ae3a42c41510690991601367d94f9f990485987189623877a0d2d84de27634fe5aaba438d7bf3f465574f8d25808e830eb8163b5d67d130603511827b68216447211bcfe3b4897a1adefeeeb749cd2ee8cc4d3c082d114fe1f6bafb09d4868dbac343e4b9662630c4bfd3a0e651cfa1d4c233f22ddd057189dd5136fd76f2abbe1bb0ed4f5f98fcddcb6d42a2ae3f116d02da2701ed1308fcd15901b8e6ac1e1ccaf0895b2173cc7d137b3246bf4f42b02dee7bbd82d32d160527bd2b5ad7f9b0dc9e8adff5c355759b17ae4324b13e92b73b02764d7deb689db0dfb551775f6486f5e1eeed4d05d51cd604bed2283ff92f036fd602ac7739072eb8807c2e9b1c77fba97016a92408ab5e95e63e5708ffc6f9049a13f58cd5b1b4790c137da7fd00d86680bd9cd790a42d34e2c3e2d112d7e5b2613f4257f09252d048fa89da63277fc51bda503efd6818eb681c9c011de64dfcaa769af48187e539a9886adc65108dfedf8b1bf63b53fe8b3a85e45a2bc86a9a1145f2c447603859e213c0ab32686085db7d3d29434eb299922680f0aeffcd71a60ded8f99849c8774d7236ad9188b3d61b407b92e8a0db52e5b0eec5e71854102dcdb761fa05e5a8b24465196d0012b317762853498b8eb5004285b1a0b88cc6701f5ba04ec4cda668641cfcd74127f42a5b902ed232639ddaad219cff9413ac9f38fbecd4ee6a153608a07908f96c81d195035117aef2db86c666b1b710b112126a7c31b4e5fd62227e6c0012b26e8811502ad20187143ed104943b0b961ec41f112663028e03cf63f0a97bc94d8b93b8473f04e7edad8abd6c30880142658a68fa070f8a3685ca1012f17e5c1138f4eb007340a83bd62cda281fa24bf98a6950313950469d7dcb39ed5ca04e60bf715053a571b96ee5ed97097ce6348a4bdedadae9d5f54d12d01b48bc812caceb0253087086e987354d041050b372654936b7203e8b0e985178ab4e8c9b0a1563fa8290d9f36f34145ab5ac61a13cac22e0937e8ec6285cfb56142b0e777caf9d72b00fdd385712fee89a698aed2a79b136c55adb5d34625df2089c9efe4bf839d5b3cc00cd148802c60a2a23a357e0a544af147663a38371b878f651647b9fcea06e47b1c5e32fca2fad46579773c2d9d35fe016b4ad0f82794646fadcaa59b50d98ff6e783072c9f0f1e7f04c7bf04aebbe7fbadf87c375b54da72df7f7cbd976f4fb3a81c56384e9af80a2fdddfc6ada2443ddce6bffcc9764b4a7ffbfd25186331dba33a319ebaa0956fe8a1e9986c37585c2ae96d673759624bfaf6e30ec0983debab067740394a9eb5a9ae5fc77826c024098f53d11cdc3a1e6b1cc425341f86683f3cae75bf9d6f0f14911a3b68849aed54006e4c23586c05f882744f9dab46602b3b151e61dce2335ee6443b9fe51990965722f9a4c5ad1172c75ee4fcc8740fdc40e1fc543b2f7528616901857a36b3e0ad2fa20c51a7f3390b36aa3ccbad767bfff2238720b0eb8022d08663ecfc9f8009ab0d63293ca432ed89bc7042ee00ee8e710ad5d2677e3ea60ce06443694dc33669a87fff992610935e8821c80b1c0c27e7a9efc8bb458d518b8ddfbd1613cff77b2d5b7580b80b5a04c748c3a5f15df45802e9dabf8efa395ce9670976980bcb1a6d94faab2d2c7c7aa3d3f0ab49aba9c446120e1c6acc0f1d3cb44f38ade34e6ed3e13b79b59b6ac1ef15292ef42f8c4cb69fbe5d35432ab46aba37321c6da8138b285e723a14fa9c12516dbff109ebeecc2594ef3a694127323c4a59e4bf800c42201568aa4529b4f461cf6d21fe2fca76c9e6cbb848981bf14f6fcb5cc0c5c5f8860923f826c9b8a8a9ae88d5e9d3ee744e6718c10703ce64b373b49ad801cea885cad097624a1ba7b264e9cf24f23999970ac1eb77da889d28c6f0a4d434b4502b5e9c5762fe2aaa3ba104761f0cb7960921a2d45b8e9eb2d213107256455f03317f2ed18d474d7694c439337202f41d2830dbf9304888a2fd46c401002eec7f964e496c59a0d4acc3f7005e1b13f7ba7db379aff4eb80295ebaec584127e0209bed80fcea48cdb4ab0403e1c93a87bd6dda45a9927b316f9159660adaee89162cea09dc304050cdceeb12d5569e46ce2cbdcd5adcfd92094aaacae9db7752262687dfea314d4fe7ca7a3604ea36c0468dbecb1158a5f02d1b22f476b05201e652040437d50dbd5010d6d80b986f3b8595f61838894105202d439cdcd5581f12cdba6d10447c536c10fad3e0d5ee202f8468fd2e7da786ba8dcbf4802647ebdd5f441b33b2d5be85659dd6cde4b531088c5ad4c4b8ccffaf257255e4234fafc3e8b015dcdf9238da7e80898b724869e723e16baef45ecdb1629064ba3c1d0f584764d50ee7b905f8e5eb47b39eae39c152fecc8813658039f02c45c49485bc76ba16d989425274a2f26ad6f98029d1d0e856320d4d76d5ac72c218d2d84467e233ee93510397427933364bc4ff32f072f0eb7903158d2ab8d744831ea1710bdbc8d7ebf9d756a166f9f5f37593a0bd643442f2abfa4e89043703271a535809a2820773667b1a94055749162302fd08a0a5af3a47618978788742f245b3acfb63e308302c322653578eec35a6c7c42544a6bdf5d6526bae90b76ade9360e2314044ec124358329be78afaedf3aff1bdb5c32afc64cccec60ef430f99693aaaeb811af52fa8e7075a85ead483fb712c3fd2a00721de0aef7ec4e331a628d40f1efb2f379cdf90f057f154b6088ac75b6a762094f4ce86f562ebed58f1ce853ff6420ee552f873d0fbcdbf4a264d14b1bc5985ceb3518e10546b502dd2d3edf2c02501628c0549aed6a71abf58ad4cd628f120ee8c3998b393fc0f74788f3ecb287c13a58d2a4ea39eeafd8a29f32992b898e4287dfe5587f0020e64d359d74c05851b43fddf3c70335093ae4f154da16767cc7b006e1ad89265fbe54f1128b13348aae8c6a88b25747639a1849e3fa7a2721b1630c2ac52f9d0259d6111d19eb4bcc85a82624a153780aed6ec8c92129beff10fd6be84860b70a7e709d45b0d70fbac862d2728a1ed7e4cc3c9205ce3043ae2ae8dc3b9491a3ecfb891e98d62491b79811b699341a07e62213f050ad6f7557b022f6757fc9934b0acc87cf985316eb7e3d0221a6f4bbcb94a274d1195c8bbef5b30efb86ed342e30d9c6b3800f0476ae39cbc751bc83c73f8d4f76a8c64fe4bbc41c1e224b4ffbd56532a7e425a9f4e71ccf7c9e831e2b08abe6362cad04868dc36b372423291bf59c3624ee10e5a068cbca3259fb716af7e0cd5e6e44a8ae84c28c53c97475f7210dbd36bbbd49650f18b39d2427bc5daa83532402fe042004b2a2f7b36a2f8be7b9babaefd643ff0cab3a62cb2b2992f6ce6ab1db7e1f8ebf30a275ada68a7c3b07c221d2c3abc5737779857c4eb70020a1739b4d517dbff410c35ceb02a51ad711f03e0131144cdf561a028fec209022a151e3bd1bcb4eac6e642247c4d171c4b573d281eeb46269f37a291067538d38fe7b788d4e1640e8e309d0e8b5e9ecc42b351f7fd26e3b11f0427f712f4ce2767090d8777e3a05e8cb1979be3d0ab6e1a21b8f679779425d89be2b24a1619b5b5e12a75e8b87b34334043ed3cc42f3bb2493393691cef3dcbc4aa947e0fe1ebd596d8240b3a8428b9ee4ab37a0b17348241fad8a7194bed64517274033e521edace18a994bcf584dd2b23fd764e7b4a433763fd68abf3f78d6568c31a219072e86eb53e678648586ec9192e2cb4b0fe02b6bde7233d0d4cd9c246978e3afc460245c9c38493f72767959270fa2ae765412b4ffaf82dc2b4b5f9876b33266403221f4eab92852c6afeb81e0312dee796733be6bce09e850f7d3930575c0cfbfe08d7e94fc40edc55fd4dbc389c871d2fed6432c509c09dfa3ba5594eebf9ab5295631044fc3809823ed2cd610141c486b940867fd0935d2179e644d93c6232cc9d1f3c8ffdcee296554fe3ef5b7ed6c67e32eabfb747605f04656ab338f97d7962ff6ad96c14fc3a6eab8d1977c0e2ff7840dee914429567b56653567ba67f001989ac774da564f83f2643972902fba861f54c6af423fb7751c4f51c3f58fef608a69a3eddb104d02e40e7ab05bbd0ea465aad963cc18cd51511eea8e533643efae8ada221ae2549759efeddeeedad1d11e5a185981ae4f8b29177d4eccff58f9a836b6feb3a3e0ddee574ce0e2bd4df9ecdbe3c1fc285f71e94e4c0b5bbfe448d1e59ae9ee97a881994940acff3c01c7a2af5158a706603cd95a571141c892747271917dcd5bfeef6616409794da71c719953235641060ef3ef0bbc330a43fe9bd77c683c857e2407bc1ab126437e8e23da475b6b43f581cdf7d0fa54945256ae35cbbfa11b55fe8f9163f611d7c5c02cc4f757f04fc61b3e9692901e45f85a0885c856ccb49122195d02472727149931c28025eed1db3d9411e89dbd42b8a1999c6b35237f583ec7a5b231d05e94a14f4c3a034bbcfec0a4d8e565baf7a7b6811e7ea8d0c0fa36b35fc558b3fc77f670e5b144cb7d9b99aaf803021c30fc77eb3a8f36329dafc223d69eee23581a38c70e70d41bef31cb6347b89eefaeaebd4e540c25c2582af4b037c3118576aa010b3af57cdb9c26544a603c1235bc49c26233fe79b981a7cda950069fabfb71da52871201459f9a75e88ddca73fdd40c92bc044f5b882abf4c701e22e8b1aa0b73a82846cf6c194fb6d481366be124187661d2a1b5a4799e2cf7a306d7171b43fbad10ac5703f158193e8e05fffbd2a5b333d09f39009d204fe0bf7a3e1d2cca1aa9ef598ea29d61b186e263eb969f3b1b86e528de4d168208d77f1340c841936e4744c127c93de6c942258fb2b5dd807a0aa15961847f76d7c21e26d36ade71ff7600792fb7638afad16b6410f22fc91702d6cfefa2075dacfee8f3c0507e96e6d27a5836a3e14f654acfe89c8804442df613d4e9510bf501c5af2be4ab099f000000a38f74f3d30069ee0a844e9a5a4e9a8ed272b00e5abe3494e1affe2d96bb813b99694ade70d4b739d796b5d4bdad304bcef96ea0c54c83e79ca99abd2a7da896f2dd5842113467149ae8ff142d36a7e3ebbb26b32a49bb05b578874fb448a0aa8fb56d3f8d7ab301e0bf307f2599d96d9abe496606034a608c5f3f9b82abe35c1588926f7322e684dedc7231f4c8237f8179bffc9cdc1ea5336285e6257486eeab77ca0268d3dd2826dfe08187ac2e12df4cca80215e5ee6335f40ec1f0a32ef7ffa5bfb6c4479c9841fcaf6ddd6813cc3e53f0435bd0c56e09fca87c4c8ecdb972fad85cc902c26cdc97495ac32cdbc39d5f1964890b83e15428f1b0ada5e2671a038694cb09e185e09fdbe79494ccd0269a9afda8a4c69a8093f64b5a5bfc6ab4964749fc343470ae30fe0f584b79da521ade9202ec7d3f00b113ec3b7971c1fb43a31fcebce32329f26ccd582e848a6a68cb010cbf7cc5840ecc13888fb44090efa0d4ec26338df4b78f1497400bd4fb8278d53e7735b5f689cfaf2236ee50056c298c18e2e09adfd7d61843455efd0beb0d83fdf3b353bb25da99dd5ec3bf6e34b61b14056bcd22a058cbe3d79c9e95987775a42c53542646ee580827fd3c6131d69b922fb7e35131ebb2a3d36fd0928eab58a0ee2da7a0b022de17476bc5749cb67e382d38f5eb81edec88d098049de746fad95cd12f010ef0447620f4e3743774bf7cd102e15d861b5ee74b9d026e8a0b19803132912307462ce6c7915e50540799e7d92a915a7f23325062355ad7ec3bcab42a492607c713cc467aa99cb9b3581d27139bdd4b5ba3d236fc0256d9e73ddc170dea2329b8e3051241d439640345f23c0da518b8dd4ce7137b691ff8a4a947799aa09ded05ec727428db1832b9697620b214bf1153d5aa7236f3ddf6ff687e54475cbb347baa8df2cca47cc2801c20ca7f3d61e3ac78adf44b8d7f71c9676aa6d450c355979bad55ee8087f569815f10e44a5f572e4947e59ef19910f79246d048288dd74afa1660e9a4c859b975dd77093c1b6ec3cf7f604f4f73617456744012707f1e49f443c4f7bb5f714e1b3438abdf4f2d09276b17674ef9b01c498aa55b3448d56c480c0206438ca81e40cf611cc9749dc2652384fa83cfb250a7536abd37248e02fb6fc12e2ba855b04904dd868725cd5111e6e9223e46ebc317d128bb04f0064d0c518829632c6a607bf8d5f883dab3059077a9df220ad40f00fea6f29835bcbf28a7330fe61db63ffe957bae0b4eceeb1544cdfe032d33015b6c62adf1156025401113e408ef119a0f272b476a76bd913902ac77571ee59d9118d03744c160bfb0013da89c2e6f12ae5390ea62557ae4ac32ed51b38c0a6e4ecfc6569a30e916cd6b7ed3fef6f54a83ab29b0d2f855bd633d6bcfd6a0b3574d73c12a6ce741395dacde240eadb8178f7a89abef931f7705d82b518650f7f8b3cf608c0ff5861b613f830493a02b96a7ebaa5d4e858ac12efbef71d6e60b4376e1ad9eb47a34b0a08c7af0cff86c68ceef70a3a322b67bef84406922c99f9cbb1251beb59834bd959807de05a28e508294b23bac527611abf39d152bc1a6658a0c2a0899b6d20922773f4b3d725edb98e8c7c183f2a4dff18919685abe09f20aa2bfb4c40305e2a75bbf678abcd08b2e728ffe7b3c711407770d264ae2d64f761635156a942f90a64b5480a0bb222b9fcd26855ffdaebd96d38c96c884c3086a17fe31784f5b6757206bb879e63573e47f71eb05bb94cec13f9272a1f5f66dc8d7e2867c0774004b560a103c9930cf7807e30e9c4083b9e751e86ba370671f82265eea7f452abb146bb6abe98bca7947c4a3aaeb5713cf5346ce84adb4a7cddd7823d2eb25d074e78fd5843a20af8120edead9aa234df43010dbba74216cc2ed1f01e112c16caacfb47bfbb8a407bad0e3be20fde2915c18acff56d7c5bec7eb27ffe67471cece1dbe09d0a1d3eff734eb18f38d2779472cb771c30aefc3062f03a60ee611f5a04fb2a73510a07e42f6d83946ea816427c9808dedbe668fe86c473d84fe71898d658fa06042b54342385c1eb8e02d99c008402a768b84ca232a36cfcebb0cbcc764c9d362b47ec4b19dd5b5f980473a70ac251e6ed5ace780e0471d630075d0d4dfd523ab61b38ff584f42f5cfd2998bd12e7cd512f2236c1e8584f27dffcf043cb150a848a029305731300b13fea29d6ee01bd7a37f3fa19491e2b4debc47de13ad22acd8b930f2b68f738f4db30d333b2434fbc24fd87ed04f21857c0fb6cab910e34da582c48ec4d66cae18432387272eb06024ca09ccb7a317fce2683fdf28babb19306f35c66a385853e7bff42edb9fd2fd0c6bd2756d8e289dd6db1e829c397a841bb775891e5afa74921ac8de524802bc9feb04d295d7896fedf1f4ef9bfd16e93903cc7028d1e82d9e7648335710294dc31f91acd5e6264a86fc236bc47478b57f8ea50531bf1f843b15fecae407e323e20be70cf644d9a8a0c9629d1cc5b9c991bb6280603704598af7189d85bed0b7e8e3803061bca0989e12cca4f0867787e1c414dc69f0eddaf257eba971747abc3194d0afd1d615489009b5170f749ba37506d67de88baf920f970933f20dd44ccb37200c8035b7da50e5f411e99cc538c4555ccffe4e7f0a49844a5440d8969e85abf4bcb129c513a26beed5cde3996ef8e1729d4802dec5b154a5351495a205f57aeb129dec76860645c743a7d9f816a01663e4844c3cc33f0bbb6183aaf521c73283a35b0e780ca0a8e474d99908bd46e067b2e0d137984d1707b67a6bf2836595f04a23a7d04f75bb622a0e37ad346b011e05fb86765e1dfe9095363c90a9647cbe08f56b1f0ee65a6f02c60e7b352ee910f45f7cea65a8a40bdf3625a494b0f9bae845d4105440a390eff67fc5d5e23c18a4b523a82f9b77afcd28f32edf3f2d67477fd5ecd88abd2362f50faba6041ddfe98d2d36ae4c03b0bfda615b89fd447fe5825962df996da4563145478a680437795cc22a87adea71c5406672d82ae7c27a558341fc0a198987059080de3eaedc4beee235d81245085db5e9ba3ced3782072f2bb7bc82f932b8e237417bbf256da2a1117ce33a13790367dcd4bb6578943334a6d1b8d2f5d5757167f79aa38bc0477ac7bd914fc4300ca389f92c884fac1f56f8cd19008df72f70358523f39b5b5a837bfbb80f6ae93ecae035b99f3d768c9323244c3a3b812dcfb0c0ac60d906dd62f0e0b128ae39c14bc9cb1b2033bb856b03e9c63945a6a7dc4d0fde987c6ae2ba2d01aecb89d6e8ff20cd88f574e9ed8adb6e2f2bbee37341a1a9ad6de53399069e5a28ee8988086ad9338db1ec2ad62e66d5d777afa1cd85932aec4460c5e01d87b3ecd7b10b2a1501fc306de8349935fc5bc899798e614bb8ed539d3fc32b6b425d3354f6c2fbfc004db2730f5ead22032ac6e2c75c18d1508c2f43c4b56a92debdc6538b2c24c5b6830db2df32edd759ebccc92e25629f2d149910c1489382b3b01b3c1d4a154e08067d469748727140db20fc3d99fdef3cf8f20dfbedf52134bd7f6ea5c20cc5133b7a9edfadf947fa0201fdd7ad9018c2f6d6d00322fad8cfe76458f69d05d7c4d187dee47d61ec02fc805a0c22125b538611fb88e59c56a39c36dd40fb2113cfd1747388c78d8a8a7d77692eb4e41fad5438891379e574003a8b2dbc5419afd24b0d292ced290426ac40825d8c4f17e50e6176a103a45007ae278e838ed8f22a27dae6ff490bb42ddbf38f67a001aadad6df6d868ce9bcdd2bf7404946b75579972d8104874301571ae8f17758b80ba72652cf53f9ebda59b277ca928736792cda8974c3a938c4f5be5634f8e25e690d41eb12ea588eb001e099b73af366c811053f81d33b9d16c4b0bb34c6a44fa6cfe6442c22e33754a718eda5049b4ee6a979e52a90021c20d9f04078a05ea443078ffaa00b814f0bc3dd3c1576da146cec7d5b4e643756a0a987b95a2d6c0e6dcf5f75139f2bf829aa6c4c458a19c69c55800f61a7a73c9424bd9cc3d4706c5798f3c50fcfe34b0885428de1536c7ec45567f47500a00d09984d75c7afe924ca707fabe730266fa839cde86c352b6b250108bf5750e10338b5dca67d664fa0217762cb54567317c52b0c57b623bc8858fe270513b49d8ee15b7f08717a80eb6f93332fd180132752b03029266b5f0ccaa3191fea39a3c7bf77e196084022f75f663dafd446838d8b0bca7a12459c3f1eb665a27f44ffa6df74f704b2f7c1a0d0f3815a548ad0063b7f6dfbb5021c6d9f73d9bca9dffa95fbdda043cba5c5245bc61442dad3f959a9f690a76a3bd87a4181858e1d97f8ba0a51c4c4d6a443ba16734ca50c5c119d38040a688ade88090294488e0a4f9cc97052a42b4286e03580921391a4bdc92a450a8740648ee48441bb2b37f898fa78dcf0fca56c64b5c1e99bf85d8f6591f62a176532e111cf7b2a9ff4fbb77bce7d12446fab2868563e3bf7767b481fdd6b8eb62c46d4324a6f4d76afecdfce3ce718ffb63a130a3d6c5ba30b513200dea2b48d9b0266feca97a8a1a0ab79419e792f00d7bfacb5445237f17eff1e334557f49b6b71fda941ccd13646aa356030406bb7020bc359fdf1b9b6e3e6a7068700fefa5ce97c0bb0cc48f64650ad4d76ab5fedf6378d3c39969a79fd4e7f5318bf8aba34d43bae032e319db2262c3362a95a898f47e15ea1a08c47c1066258340f7ebb0df98b7bf4e98afdb878c8f093654451f1b06c252d6eb27b7a721e0d6bbda260921ccca02b233c0f8db39d260dd4ed23479cb63ea35071bf177a9b2fef9b2264a957d3d873229048100cfdbb5dbaa09663aabcfad76cd0aaaf55a35fb763a2cfe1337f99d5aed72ebc864b2b6ae6f1d1430e9941b00fc5b46a25ec7fdb458065757ee9fd2f07dddb4ff3813c50f8878b628abf86d5e379a9d035dda0b047b2fde844f5d82169543fb1d65000367e0dd142e9d74d49634334029a01a878f66b770eb82f80e255efe0bbf69b4594695c7e03ce64fdce430b7cce854ad675c85c90161da3ed490339b399e788231ad8366c503d145ea563956f4c866db0c1edb54b61ff148376c0bff14c1cc4dd0b570c0399f6cee4b24ca6b38992cce28c38235218a2679a42a45ec291c587ea51516887977fb6cb7ecab1d78fb9e5d2f74e341194eafaede62980fb17938996ddee1d680e5996beabfeed894404da001939baa4402827b546fb24ba60ce5540eac060441455aff17811a79c7dc6f2cbf1eb62bde7f8b8357d0be1e29fbe18a3d538df5812337a0fecbe439c8e0100836da588b1ab1ec38b22a811ad4b165c60cbbbfaf52d6bc5343a17161b22bd97d9f320e2683d9090f522b122c36ced3ef9fb32edf779e749f7f8806acd2f9476e4ab2848c6e950a4c8334fc3d300", 0x2000, &(0x7f0000000200)={&(0x7f0000000180)={0x50, 0x0, 0x0, {0x7, 0x24}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bind$phonet(r4, &(0x7f0000000140)={0x23, 0x7}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

470.745104ms ago: executing program 2 (id=2541):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000ff7f000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x25, 0x2, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0xfffffffa)
r6 = syz_open_pts(r2, 0x0)
ioctl$TCFLSH(r6, 0x540b, 0x2)
r7 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r7, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
syz_socket_connect_nvme_tcp()
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f0000000180)={0x2, 0x7, 0xd1, &(0x7f0000000340)=""/209})
ioctl$int_in(r7, 0x5452, &(0x7f0000000040)=0x5)
ppoll(&(0x7f0000000080)=[{r7}], 0x1, &(0x7f0000000240), 0x0, 0x0)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r8, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4)
bind$llc(r8, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r9, &(0x7f0000000000), 0xffffff6a)
sendfile(r8, r9, 0x0, 0xffffffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)

0s ago: executing program 0 (id=2542):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x17)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000015000100000000000000000002000000", @ANYRES32, @ANYBLOB="14000300797a5f74756e0000000000d277ed6798"], 0x2c}}, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
syz_open_dev$media(&(0x7f0000000040), 0x8, 0x80)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x90)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8, 0x13, r2, 0xe3ffe000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r3)
r5 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r5, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x16}, 0x1}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000b80)="f400000000b5060002000000a908aa06b43919211e3f2734f65a000000000000000000007c5e982f", 0x28}], 0x1}, 0x0)
sendmsg$NFC_CMD_DISABLE_SE(r3, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000120000000800150000000000080001"], 0x24}}, 0x0)
pwritev2(r1, &(0x7f0000000000)=[{&(0x7f0000000140)='y', 0x1}], 0x1, 0x0, 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r6, &(0x7f0000000140)=0x400900, 0x12)
getgid()

kernel console output (not intermixed with test programs):

a1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  472.330088][T13418] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  472.337831][T13414] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  472.912193][   T35] usb 8-1: new high-speed USB device number 42 using dummy_hcd
[  473.094241][   T35] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  473.099971][   T35] usb 8-1: New USB device found, idVendor=056a, idProduct=0001, bcdDevice= 0.00
[  473.105002][   T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  473.115953][   T35] usb 8-1: config 0 descriptor??
[  473.118603][T13443] ALSA: mixer_oss: invalid OSS volume ''
[  473.120959][T13443] ALSA: mixer_oss: invalid OSS volume ''
[  473.123700][T13443] ALSA: mixer_oss: invalid OSS volume 'L'
[  473.129253][   T35] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  473.179662][T13445] can: request_module (can-proto-3) failed.
[  473.340666][   T56] usb 8-1: USB disconnect, device number 42
[  473.391872][   T39] kauditd_printk_skb: 14 callbacks suppressed
[  473.391883][   T39] audit: type=1326 audit(1723739954.696:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13450 comm="syz.0.2147" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5f8b799f9 code=0x0
[  474.162935][ T6462] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  474.184238][T13467] ALSA: mixer_oss: invalid OSS volume ''
[  474.186667][T13467] ALSA: mixer_oss: invalid OSS volume ''
[  474.188896][T13467] ALSA: mixer_oss: invalid OSS volume 'L'
[  474.264145][T13469] kvm: kvm [13468]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  474.347770][ T6462] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  474.358513][ T6462] usb 6-1: New USB device found, idVendor=056a, idProduct=0001, bcdDevice= 0.00
[  474.372450][ T6462] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  474.384978][ T6462] usb 6-1: config 0 descriptor??
[  474.396976][ T6462] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  474.612678][ T6462] usb 6-1: USB disconnect, device number 39
[  474.696322][   T39] audit: type=1326 audit(1723739956.006:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13481 comm="syz.2.2156" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f70d799f9 code=0x7ffc0000
[  474.710597][   T39] audit: type=1326 audit(1723739956.006:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13481 comm="syz.2.2156" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f8f70d799f9 code=0x7ffc0000
[  474.736045][   T39] audit: type=1326 audit(1723739956.006:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13481 comm="syz.2.2156" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f70d799f9 code=0x7ffc0000
[  474.752289][   T39] audit: type=1326 audit(1723739956.006:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13481 comm="syz.2.2156" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f8f70d799f9 code=0x7ffc0000
[  474.765316][   T39] audit: type=1326 audit(1723739956.006:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13481 comm="syz.2.2156" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f70d799f9 code=0x7ffc0000
[  474.779240][   T39] audit: type=1326 audit(1723739956.006:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13481 comm="syz.2.2156" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f70d799f9 code=0x7ffc0000
[  474.788440][   T39] audit: type=1326 audit(1723739956.006:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13481 comm="syz.2.2156" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8f70d78390 code=0x7ffc0000
[  474.831662][   T39] audit: type=1326 audit(1723739956.006:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13481 comm="syz.2.2156" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f70d799f9 code=0x7ffc0000
[  474.855623][   T39] audit: type=1326 audit(1723739956.006:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13481 comm="syz.2.2156" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8f70d799f9 code=0x7ffc0000
[  475.104675][T13486] xt_CT: No such helper "pptp"
[  475.144796][T13486] xt_CT: You must specify a L4 protocol and not use inversions on it
[  475.191405][T13486] netlink: 'syz.2.2158': attribute type 27 has an invalid length.
[  475.195408][T13486] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2158'.
[  475.341171][T13486] bridge0: port 2(bridge_slave_1) entered disabled state
[  475.345317][T13486] bridge0: port 1(bridge_slave_0) entered disabled state
[  475.545217][T13486] batadv_slave_0: left allmulticast mode
[  475.561431][T13486] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  475.737862][T13486] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  475.741552][T13486] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  475.746193][T13486] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  475.750569][T13486] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  475.850643][T13487] block nbd0: shutting down sockets
[  475.960274][T13503] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1674 sclass=netlink_route_socket pid=13503 comm=syz.2.2162
[  477.136345][T13533] netlink: zone id is out of range
[  477.138900][T13533] netlink: zone id is out of range
[  477.160654][T13533] netlink: set zone limit has 4 unknown bytes
[  477.567666][T13543] EXT4-fs error: 7 callbacks suppressed
[  477.567734][T13543] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  477.802256][T13545] overlayfs: failed to resolve './file1': -2
[  478.044158][T13549] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1674 sclass=netlink_route_socket pid=13549 comm=syz.3.2173
[  478.185343][T13557] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  478.194149][T13558] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  478.222586][T13562] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  478.310042][T13567] FAULT_INJECTION: forcing a failure.
[  478.310042][T13567] name failslab, interval 1, probability 0, space 0, times 0
[  478.314612][T13567] CPU: 3 UID: 0 PID: 13567 Comm: syz.1.2178 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  478.319008][T13567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  478.323734][T13567] Call Trace:
[  478.325233][T13567]  <TASK>
[  478.326358][T13567]  dump_stack_lvl+0x16c/0x1f0
[  478.327478][T13564] kvm: kvm [13563]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  478.328318][T13567]  should_fail_ex+0x497/0x5b0
[  478.328356][T13567]  ? fs_reclaim_acquire+0xae/0x160
[  478.328375][T13567]  should_failslab+0xc2/0x120
[  478.337328][T13567]  __kmalloc_noprof+0xcb/0x400
[  478.339189][T13567]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  478.342113][T13567]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  478.344456][T13567]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  478.346989][T13567]  ? security_capable+0x98/0xd0
[  478.348964][T13567]  genl_rcv_msg+0x565/0x800
[  478.350957][T13567]  ? __pfx_genl_rcv_msg+0x10/0x10
[  478.353179][T13567]  ? __pfx___lock_acquire+0x10/0x10
[  478.355348][T13567]  ? __pfx_nfc_genl_start_poll+0x10/0x10
[  478.357408][T13567]  ? __pfx___lock_acquire+0x10/0x10
[  478.359659][T13567]  netlink_rcv_skb+0x16b/0x440
[  478.361750][T13567]  ? __pfx_genl_rcv_msg+0x10/0x10
[  478.363969][T13567]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  478.366266][T13567]  ? down_read+0xc9/0x330
[  478.368080][T13567]  ? __pfx_down_read+0x10/0x10
[  478.370152][T13567]  ? netlink_deliver_tap+0x1ae/0xd90
[  478.372429][T13567]  genl_rcv+0x28/0x40
[  478.374182][T13567]  netlink_unicast+0x544/0x830
[  478.376294][T13567]  ? __pfx_netlink_unicast+0x10/0x10
[  478.378586][T13567]  netlink_sendmsg+0x8b8/0xd70
[  478.380532][T13567]  ? __pfx_netlink_sendmsg+0x10/0x10
[  478.382776][T13567]  ? __import_iovec+0x1fd/0x6e0
[  478.384782][T13567]  ____sys_sendmsg+0xab5/0xc90
[  478.386788][T13567]  ? copy_msghdr_from_user+0x10b/0x160
[  478.389136][T13567]  ? __pfx_____sys_sendmsg+0x10/0x10
[  478.391426][T13567]  ? find_held_lock+0x2d/0x110
[  478.393561][T13567]  ? __pfx___lock_acquire+0x10/0x10
[  478.395739][T13567]  ___sys_sendmsg+0x135/0x1e0
[  478.397613][T13567]  ? __pfx____sys_sendmsg+0x10/0x10
[  478.399854][T13567]  ? ksys_write+0x21c/0x260
[  478.401972][T13567]  ? __fget_light+0x173/0x210
[  478.403811][T13567]  __sys_sendmsg+0x117/0x1f0
[  478.405829][T13567]  ? __pfx___sys_sendmsg+0x10/0x10
[  478.408043][T13567]  do_syscall_64+0xcd/0x250
[  478.410031][T13567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  478.412584][T13567] RIP: 0033:0x7f2c4f3799f9
[  478.414535][T13567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  478.422755][T13567] RSP: 002b:00007f2c501f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  478.426651][T13567] RAX: ffffffffffffffda RBX: 00007f2c4f515f80 RCX: 00007f2c4f3799f9
[  478.430052][T13567] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004
[  478.433490][T13567] RBP: 00007f2c501f7090 R08: 0000000000000000 R09: 0000000000000000
[  478.436884][T13567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  478.440240][T13567] R13: 0000000000000000 R14: 00007f2c4f515f80 R15: 00007ffe0d5de218
[  478.443298][T13567]  </TASK>
[  478.444682][    C3] vkms_vblank_simulate: vblank timer overrun
[  478.533561][ T5346] Bluetooth: hci0: SCO packet for unknown connection handle 1039
[  478.675658][T13575] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  478.911726][T13578] ALSA: mixer_oss: invalid OSS volume ''
[  478.915376][T13578] ALSA: mixer_oss: invalid OSS volume ''
[  478.917992][T13578] ALSA: mixer_oss: invalid OSS volume 'L'
[  479.107192][ T5346] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  479.107207][T13585] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  479.332839][T13586] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2191'.
[  479.343219][T13586] netlink: 'syz.0.2191': attribute type 29 has an invalid length.
[  479.594239][T13591] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  479.638021][T13592] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  479.665231][T13593] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  479.674619][T13594] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  480.690168][T13608] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1674 sclass=netlink_route_socket pid=13608 comm=syz.2.2186
[  480.980850][ T5346] Bluetooth: hci2: SCO packet for unknown connection handle 1039
[  481.130824][T13621] kvm: kvm [13619]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  481.665352][T13633] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2194'.
[  481.676614][T13633] netlink: 'syz.2.2194': attribute type 29 has an invalid length.
[  482.002525][T13644] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2196'.
[  482.020977][T13644] netlink: 'syz.0.2196': attribute type 29 has an invalid length.
[  482.186913][   T39] kauditd_printk_skb: 66 callbacks suppressed
[  482.186929][   T39] audit: type=1326 audit(1723739963.496:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  482.200287][   T39] audit: type=1326 audit(1723739963.496:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  482.215391][   T39] audit: type=1326 audit(1723739963.496:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  482.228285][   T39] audit: type=1326 audit(1723739963.496:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  482.242343][   T39] audit: type=1326 audit(1723739963.496:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  482.252728][   T39] audit: type=1326 audit(1723739963.496:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  482.263912][   T39] audit: type=1326 audit(1723739963.496:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  482.274206][   T39] audit: type=1326 audit(1723739963.496:1253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2c4f378390 code=0x7ffc0000
[  482.286288][   T39] audit: type=1326 audit(1723739963.506:1254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  482.297047][   T39] audit: type=1326 audit(1723739963.506:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13654 comm="syz.1.2198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  482.352570][T13665] fuse: Bad value for 'group_id'
[  482.356160][T13665] fuse: Bad value for 'group_id'
[  482.416774][T13665] kvm: kvm [13662]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  482.449075][ T5346] Bluetooth: hci0: SCO packet for unknown connection handle 1039
[  482.947679][T13677] EXT4-fs error: 20 callbacks suppressed
[  482.947941][T13677] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  483.424873][T13683] ALSA: mixer_oss: invalid OSS volume ''
[  483.427656][T13683] ALSA: mixer_oss: invalid OSS volume ''
[  483.430314][T13683] ALSA: mixer_oss: invalid OSS volume 'L'
[  483.460276][T13684] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  483.475079][T13685] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  483.804180][T13691] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  483.942279][T13698] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  484.347358][T13705] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1674 sclass=netlink_route_socket pid=13705 comm=syz.1.2212
[  484.475804][ T5346] Bluetooth: hci2: SCO packet for unknown connection handle 1039
[  484.559122][T13711] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2213'.
[  484.574963][T13711] netlink: 'syz.1.2213': attribute type 29 has an invalid length.
[  484.654941][T13714] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  484.664391][T13715] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  484.678412][T13716] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  484.711092][T13718] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  484.745793][T13719] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  485.128354][T13729] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2216'.
[  485.159170][T13729] netlink: 'syz.2.2216': attribute type 29 has an invalid length.
[  486.665760][T13760] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1674 sclass=netlink_route_socket pid=13760 comm=syz.0.2222
[  487.934539][   T39] kauditd_printk_skb: 173 callbacks suppressed
[  487.934553][   T39] audit: type=1326 audit(1723739969.236:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13768 comm="syz.2.2224" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8f70d799f9 code=0x0
[  488.093499][T13772] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2227'.
[  488.099967][T13772] netlink: 'syz.1.2227': attribute type 29 has an invalid length.
[  488.207711][T13780] EXT4-fs error: 10 callbacks suppressed
[  488.207728][T13780] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  488.241896][T13781] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  488.254655][T13782] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  488.317459][T13784] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  488.340536][T13785] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  488.357071][T13786] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  489.080572][T13801] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  489.138613][T13798] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2231'.
[  489.144009][T13798] netlink: 'syz.1.2231': attribute type 29 has an invalid length.
[  489.229450][T13809] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  489.239471][T13810] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  489.251743][T13812] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  489.299828][T13808] ALSA: mixer_oss: invalid OSS volume ''
[  489.307586][T13808] ALSA: mixer_oss: invalid OSS volume ''
[  489.310123][T13808] ALSA: mixer_oss: invalid OSS volume 'L'
[  491.589842][T13846] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2242'.
[  491.620679][T13846] netlink: 'syz.3.2242': attribute type 29 has an invalid length.
[  492.206683][T13865] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2245'.
[  492.227128][T13865] netlink: 'syz.2.2245': attribute type 29 has an invalid length.
[  493.029793][T13881] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1037 sclass=netlink_route_socket pid=13881 comm=syz.1.2247
[  493.495387][   T39] audit: type=1326 audit(1723739974.806:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  493.506201][   T39] audit: type=1326 audit(1723739974.806:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  493.532088][   T39] audit: type=1326 audit(1723739974.806:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  493.552633][   T39] audit: type=1326 audit(1723739974.806:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  493.563447][   T39] audit: type=1326 audit(1723739974.806:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  493.574552][   T39] audit: type=1326 audit(1723739974.806:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  493.596823][   T39] audit: type=1326 audit(1723739974.806:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  493.608307][   T39] audit: type=1326 audit(1723739974.816:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f32c3178390 code=0x7ffc0000
[  493.619769][   T39] audit: type=1326 audit(1723739974.826:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  493.641947][   T39] audit: type=1326 audit(1723739974.826:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13889 comm="syz.3.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  493.777008][T13896] 9pnet_fd: Insufficient options for proto=fd
[  493.977566][T13904] EXT4-fs error: 20 callbacks suppressed
[  493.977582][T13904] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  494.056639][T13909] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  494.063553][T13901] kvm: kvm [13900]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  494.415083][T13915] 9pnet_fd: Insufficient options for proto=fd
[  494.578066][T13917] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2258'.
[  494.583957][T13917] netlink: 'syz.2.2258': attribute type 29 has an invalid length.
[  494.662377][T13926] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  494.753435][T13927] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  494.778724][T13929] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  494.789804][T13930] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  494.805166][T13931] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  494.813939][T13934] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  494.825375][T13936] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  494.860581][T13937] 9pnet_fd: Insufficient options for proto=fd
[  495.417736][T13946] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  495.599199][T13948] kvm: kvm [13947]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  495.805780][T13951] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2266'.
[  495.810710][T13951] netlink: 'syz.1.2266': attribute type 29 has an invalid length.
[  496.887374][T13980] sctp: [Deprecated]: syz.1.2272 (pid 13980) Use of struct sctp_assoc_value in delayed_ack socket option.
[  496.887374][T13980] Use struct sctp_sack_info instead
[  496.895327][T13980] FAULT_INJECTION: forcing a failure.
[  496.895327][T13980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  496.901352][T13980] CPU: 2 UID: 0 PID: 13980 Comm: syz.1.2272 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  496.905950][T13980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  496.910512][T13980] Call Trace:
[  496.911952][T13980]  <TASK>
[  496.913262][T13980]  dump_stack_lvl+0x16c/0x1f0
[  496.915304][T13980]  should_fail_ex+0x497/0x5b0
[  496.917342][T13980]  _copy_to_user+0x30/0xc0
[  496.919351][T13980]  simple_read_from_buffer+0xd0/0x160
[  496.921732][T13980]  proc_fail_nth_read+0x1b0/0x290
[  496.923882][T13980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  496.926256][T13980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  496.928611][T13980]  vfs_read+0x1d4/0xbd0
[  496.930300][T13980]  ? __fdget_pos+0xeb/0x180
[  496.932332][T13980]  ? __pfx_vfs_read+0x10/0x10
[  496.934457][T13980]  ? __pfx___mutex_lock+0x10/0x10
[  496.936684][T13980]  ? __fget_files+0x256/0x400
[  496.938762][T13980]  ksys_read+0x12f/0x260
[  496.940652][T13980]  ? __pfx_ksys_read+0x10/0x10
[  496.943096][T13980]  do_syscall_64+0xcd/0x250
[  496.945488][T13980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.948297][T13980] RIP: 0033:0x7f2c4f37843c
[  496.950809][T13980] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  496.960619][T13980] RSP: 002b:00007f2c501f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  496.964374][T13980] RAX: ffffffffffffffda RBX: 00007f2c4f515f80 RCX: 00007f2c4f37843c
[  496.968080][T13980] RDX: 000000000000000f RSI: 00007f2c501f70a0 RDI: 0000000000000004
[  496.971259][T13980] RBP: 00007f2c501f7090 R08: 0000000000000000 R09: 0000000000000000
[  496.974060][T13980] R10: 0000000020000400 R11: 0000000000000246 R12: 0000000000000001
[  496.977260][T13980] R13: 0000000000000000 R14: 00007f2c4f515f80 R15: 00007ffe0d5de218
[  496.980568][T13980]  </TASK>
[  497.171039][T13989] kvm: kvm [13988]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  497.200663][T13996] 9pnet_fd: Insufficient options for proto=fd
[  497.225804][T13994] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2277'.
[  498.255850][T14009] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2282'.
[  498.265677][T14009] netlink: 'syz.1.2282': attribute type 29 has an invalid length.
[  498.939669][   T39] kauditd_printk_skb: 72 callbacks suppressed
[  498.939776][   T39] audit: type=1400 audit(1723739980.246:1512): avc:  denied  { mount } for  pid=14020 comm="syz.2.2284" name="/" dev="rpc_pipefs" ino=51934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  498.960569][   T39] audit: type=1400 audit(1723739980.266:1513): avc:  denied  { watch } for  pid=14020 comm="syz.2.2284" path="/259/file0" dev="rpc_pipefs" ino=51934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=dir permissive=1
[  499.012369][   T39] audit: type=1400 audit(1723739980.326:1514): avc:  denied  { unmount } for  pid=9968 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  499.115405][   T39] audit: type=1400 audit(1723739980.426:1515): avc:  denied  { create } for  pid=14022 comm="syz.2.2285" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  499.125059][   T39] audit: type=1400 audit(1723739980.426:1516): avc:  denied  { map } for  pid=14022 comm="syz.2.2285" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=51959 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  499.140128][   T39] audit: type=1400 audit(1723739980.426:1517): avc:  denied  { read write } for  pid=14022 comm="syz.2.2285" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=51959 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  499.213623][T14025] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2283'.
[  499.241596][T14025] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  499.302609][   T39] audit: type=1400 audit(1723739980.606:1518): avc:  denied  { create } for  pid=14027 comm="syz.2.2286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  499.310704][T14025] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  499.315936][T14028] sctp: [Deprecated]: syz.2.2286 (pid 14028) Use of struct sctp_assoc_value in delayed_ack socket option.
[  499.315936][T14028] Use struct sctp_sack_info instead
[  499.320754][   T39] audit: type=1400 audit(1723739980.626:1519): avc:  denied  { setopt } for  pid=14027 comm="syz.2.2286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  499.380596][T14032] EXT4-fs error: 14 callbacks suppressed
[  499.380612][T14032] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  499.393933][T14034] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  499.395574][T14033] fuse: Unknown parameter '¢þY0xffffffffffffffff'
[  499.403395][T14035] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  499.415574][T14038] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  499.423623][T14039] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  499.431996][T14040] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  499.553321][T14044] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  499.627235][T14045] block nbd2: shutting down sockets
[  499.669163][T14046] ALSA: mixer_oss: invalid OSS volume ''
[  499.672240][T14046] ALSA: mixer_oss: invalid OSS volume ''
[  499.675195][T14046] ALSA: mixer_oss: invalid OSS volume 'L'
[  500.502616][T14058] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  500.747251][   T39] audit: type=1400 audit(1723739982.056:1520): avc:  denied  { connect } for  pid=14065 comm="syz.2.2297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  500.835267][   T39] audit: type=1400 audit(1723739982.146:1521): avc:  denied  { ioctl } for  pid=14065 comm="syz.2.2297" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=52025 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  501.344985][T14080] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2295'.
[  501.349906][T14080] netlink: 'syz.0.2295': attribute type 29 has an invalid length.
[  501.435484][T14082] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  501.518073][T14084] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  501.884907][T14093] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2300'.
[  501.915959][T14093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  502.009703][T14094] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  502.627445][T14105] --map-set only usable from mangle table
[  502.645749][T14105] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2303'.
[  502.961714][T14115] siw: device registration error -23
[  503.694083][T14122] 9pnet_fd: Insufficient options for proto=fd
[  503.756344][T14125] FAULT_INJECTION: forcing a failure.
[  503.756344][T14125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  503.768629][T14125] CPU: 0 UID: 0 PID: 14125 Comm: syz.1.2310 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  503.773786][T14125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  503.778474][T14125] Call Trace:
[  503.779965][T14125]  <TASK>
[  503.781294][T14125]  dump_stack_lvl+0x16c/0x1f0
[  503.783382][T14125]  should_fail_ex+0x497/0x5b0
[  503.785481][T14125]  _copy_to_user+0x30/0xc0
[  503.787429][T14125]  simple_read_from_buffer+0xd0/0x160
[  503.789736][T14125]  proc_fail_nth_read+0x1b0/0x290
[  503.792021][T14125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  503.794396][T14125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  503.796796][T14125]  vfs_read+0x1d4/0xbd0
[  503.798650][T14125]  ? __fdget_pos+0xeb/0x180
[  503.800661][T14125]  ? __pfx_vfs_read+0x10/0x10
[  503.802776][T14125]  ? __pfx___mutex_lock+0x10/0x10
[  503.804915][T14125]  ? __fget_files+0x256/0x400
[  503.806990][T14125]  ksys_read+0x12f/0x260
[  503.808855][T14125]  ? __pfx_ksys_read+0x10/0x10
[  503.810956][T14125]  do_syscall_64+0xcd/0x250
[  503.812961][T14125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  503.815569][T14125] RIP: 0033:0x7f2c4f37843c
[  503.817458][T14125] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  503.825251][T14125] RSP: 002b:00007f2c501f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  503.828841][T14125] RAX: ffffffffffffffda RBX: 00007f2c4f515f80 RCX: 00007f2c4f37843c
[  503.832275][T14125] RDX: 000000000000000f RSI: 00007f2c501f70a0 RDI: 0000000000000004
[  503.836236][T14125] RBP: 00007f2c501f7090 R08: 0000000000000000 R09: 0000000000000000
[  503.839224][T14125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  503.842582][T14125] R13: 0000000000000000 R14: 00007f2c4f515f80 R15: 00007ffe0d5de218
[  503.845989][T14125]  </TASK>
[  503.895186][T14129] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2311'.
[  503.905924][ T5346] Bluetooth: hci2: unexpected event for opcode 0x0c12
[  503.914996][T14129] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  503.955513][T14130] ALSA: mixer_oss: invalid OSS volume ''
[  503.958134][T14130] ALSA: mixer_oss: invalid OSS volume ''
[  503.961198][T14130] ALSA: mixer_oss: invalid OSS volume 'L'
[  503.981365][T14129] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  504.338616][T14136] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2315'.
[  504.345694][T14136] netlink: 'syz.1.2315': attribute type 29 has an invalid length.
[  504.432633][T14138] EXT4-fs error: 7 callbacks suppressed
[  504.432649][T14138] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  504.471617][T14140] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  504.491836][T14142] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  504.505369][T14145] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  504.537587][T14147] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  504.574633][T14150] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  504.603027][T14151] 9pnet_fd: Insufficient options for proto=fd
[  504.693903][T14153] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2319'.
[  504.698879][T14153] netlink: 'syz.2.2319': attribute type 29 has an invalid length.
[  504.946225][T14157] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  504.981901][T14159] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  505.020666][T14160] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  505.149439][T14161] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  505.361324][T14165] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2320'.
[  505.369981][T14165] netlink: 'syz.3.2320': attribute type 29 has an invalid length.
[  505.734461][   T39] kauditd_printk_skb: 82 callbacks suppressed
[  505.734476][   T39] audit: type=1326 audit(1723739987.046:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  505.762159][   T39] audit: type=1326 audit(1723739987.046:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  505.782395][   T39] audit: type=1326 audit(1723739987.056:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  505.802174][   T39] audit: type=1326 audit(1723739987.056:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  505.813637][   T39] audit: type=1326 audit(1723739987.056:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  505.825580][   T39] audit: type=1326 audit(1723739987.056:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  505.836333][   T39] audit: type=1326 audit(1723739987.056:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  505.848002][   T39] audit: type=1326 audit(1723739987.056:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  505.860344][   T39] audit: type=1326 audit(1723739987.056:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2c4f378390 code=0x7ffc0000
[  505.873755][   T39] audit: type=1326 audit(1723739987.066:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.1.2322" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  506.149343][T14190] ALSA: mixer_oss: invalid OSS volume ''
[  506.151918][T14190] ALSA: mixer_oss: invalid OSS volume ''
[  506.155037][T14190] ALSA: mixer_oss: invalid OSS volume 'L'
[  506.264244][T14193] 9pnet_fd: Insufficient options for proto=fd
[  506.364670][T14197] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2329'.
[  506.379976][T14197] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  506.439086][T14197] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  506.609530][T14200] netlink: 'syz.1.2324': attribute type 1 has an invalid length.
[  506.613307][T14200] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2324'.
[  506.720847][ T1381] ieee802154 phy1 wpan1: encryption failed: -22
[  507.332318][T14211] fuse: Unknown parameter 'group_i00000000000000000000'
[  507.357829][T14211] kvm: kvm [14210]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  507.429431][T14217] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2332'.
[  507.434139][T14217] netlink: 'syz.2.2332': attribute type 29 has an invalid length.
[  507.559651][T14226] netlink: 116 bytes leftover after parsing attributes in process `syz.0.2334'.
[  507.826967][T14229] binder: 14228:14229 ioctl c018620c 200005c0 returned -1
[  507.875655][T14231] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1674 sclass=netlink_route_socket pid=14231 comm=syz.0.2336
[  507.953677][T14233] 9pnet_fd: Insufficient options for proto=fd
[  507.983532][ T5346] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  507.987629][ T5346] Bluetooth: hci2: Injecting HCI hardware error event
[  507.992986][T11620] Bluetooth: hci2: hardware error 0x00
[  508.134833][T14245] netlink: 116 bytes leftover after parsing attributes in process `syz.2.2342'.
[  508.492391][T14264] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2346'.
[  508.516299][T14264] netlink: 'syz.1.2346': attribute type 29 has an invalid length.
[  508.602387][T14273] 9pnet_fd: Insufficient options for proto=fd
[  508.833586][T14279] FAULT_INJECTION: forcing a failure.
[  508.833586][T14279] name failslab, interval 1, probability 0, space 0, times 0
[  508.839258][T14279] CPU: 1 UID: 0 PID: 14279 Comm: syz.3.2349 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  508.846343][T14279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  508.851043][T14279] Call Trace:
[  508.852547][T14279]  <TASK>
[  508.853868][T14279]  dump_stack_lvl+0x16c/0x1f0
[  508.855946][T14279]  should_fail_ex+0x497/0x5b0
[  508.858062][T14279]  ? fs_reclaim_acquire+0xae/0x160
[  508.860285][T14279]  should_failslab+0xc2/0x120
[  508.862378][T14279]  kmem_cache_alloc_node_noprof+0x71/0x310
[  508.864969][T14279]  ? __alloc_skb+0x2b1/0x380
[  508.867050][T14279]  __alloc_skb+0x2b1/0x380
[  508.868984][T14279]  ? __pfx___alloc_skb+0x10/0x10
[  508.871227][T14279]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  508.873958][T14279]  netlink_alloc_large_skb+0x69/0x130
[  508.876442][T14279]  netlink_sendmsg+0x689/0xd70
[  508.878797][T14279]  ? __pfx_netlink_sendmsg+0x10/0x10
[  508.881283][T14279]  ? __import_iovec+0x1fd/0x6e0
[  508.884297][T14279]  ____sys_sendmsg+0xab5/0xc90
[  508.887215][T14279]  ? copy_msghdr_from_user+0x10b/0x160
[  508.889779][T14279]  ? __pfx_____sys_sendmsg+0x10/0x10
[  508.892409][T14279]  ? find_held_lock+0x2d/0x110
[  508.894535][T14279]  ? __pfx___lock_acquire+0x10/0x10
[  508.896803][T14279]  ___sys_sendmsg+0x135/0x1e0
[  508.898808][T14279]  ? __pfx____sys_sendmsg+0x10/0x10
[  508.901041][T14279]  ? ksys_write+0x21c/0x260
[  508.902868][T14279]  ? __fget_light+0x173/0x210
[  508.905095][T14279]  __sys_sendmsg+0x117/0x1f0
[  508.907010][T14279]  ? __pfx___sys_sendmsg+0x10/0x10
[  508.909286][T14279]  do_syscall_64+0xcd/0x250
[  508.912725][T14279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.915196][T14279] RIP: 0033:0x7f32c31799f9
[  508.916982][T14279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.925613][T14279] RSP: 002b:00007f32c3fc8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  508.929186][T14279] RAX: ffffffffffffffda RBX: 00007f32c3315f80 RCX: 00007f32c31799f9
[  508.932550][T14279] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000007
[  508.935663][T14279] RBP: 00007f32c3fc8090 R08: 0000000000000000 R09: 0000000000000000
[  508.939156][T14279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.942650][T14279] R13: 0000000000000000 R14: 00007f32c3315f80 R15: 00007fff71fd00d8
[  508.946156][T14279]  </TASK>
[  509.130175][T14291] netlink: 'syz.3.2353': attribute type 1 has an invalid length.
[  509.134243][T14291] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.2353'.
[  509.389507][T14303] ip6gretap0 speed is unknown, defaulting to 1000
[  509.433823][T14309] 9pnet_fd: Insufficient options for proto=fd
[  510.073685][T11620] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  510.721430][T14331] 9pnet_fd: Insufficient options for proto=fd
[  511.035105][    C1] vkms_vblank_simulate: vblank timer overrun
[  511.362594][T14336] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2365'.
[  511.371196][T14336] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  511.434461][T14337] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  511.519642][T14338] ALSA: mixer_oss: invalid OSS volume ''
[  511.522572][T14338] ALSA: mixer_oss: invalid OSS volume ''
[  511.525236][T14338] ALSA: mixer_oss: invalid OSS volume 'L'
[  511.689844][T14341] EXT4-fs error: 25 callbacks suppressed
[  511.689861][T14341] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  511.766758][T14343] 9pnet_fd: Insufficient options for proto=fd
[  512.533968][T14362] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2372'.
[  512.566769][T14362] netlink: 'syz.0.2372': attribute type 29 has an invalid length.
[  512.680354][T14369] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  512.703231][T14371] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  512.783937][T14373] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  512.800643][T14374] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  512.811143][T14375] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  512.826092][T14376] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  513.481815][T14383] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  513.680805][   T39] kauditd_printk_skb: 346 callbacks suppressed
[  513.680821][   T39] audit: type=1400 audit(1723739994.986:1960): avc:  denied  { ioctl } for  pid=14384 comm="syz.3.2376" path="socket:[56678]" dev="sockfs" ino=56678 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  513.687807][T14389] FAULT_INJECTION: forcing a failure.
[  513.687807][T14389] name failslab, interval 1, probability 0, space 0, times 0
[  513.772565][T14389] CPU: 2 UID: 0 PID: 14389 Comm: syz.1.2377 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  513.777247][T14389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  513.795203][T14389] Call Trace:
[  513.796722][T14389]  <TASK>
[  513.798075][T14389]  dump_stack_lvl+0x16c/0x1f0
[  513.800211][T14389]  should_fail_ex+0x497/0x5b0
[  513.810604][T14389]  ? fs_reclaim_acquire+0xae/0x160
[  513.812963][T14389]  should_failslab+0xc2/0x120
[  513.815256][T14389]  __kmalloc_noprof+0xcb/0x400
[  513.817756][T14389]  ? d_absolute_path+0x137/0x1b0
[  513.819861][T14389]  tomoyo_encode2+0x100/0x3e0
[  513.822061][T14389]  tomoyo_encode+0x29/0x50
[  513.824094][T14389]  tomoyo_realpath_from_path+0x19d/0x720
[  513.826882][T14389]  tomoyo_path_number_perm+0x245/0x590
[  513.829346][T14389]  ? tomoyo_path_number_perm+0x232/0x590
[  513.832173][T14389]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  513.835240][T14389]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  513.840184][T14389]  ? __fget_files+0x256/0x400
[  513.842355][T14389]  security_file_ioctl+0x75/0xc0
[  513.844507][T14389]  __x64_sys_ioctl+0xbb/0x220
[  513.846718][T14389]  do_syscall_64+0xcd/0x250
[  513.849068][T14389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.851369][T14389] RIP: 0033:0x7f2c4f3799f9
[  513.853170][T14389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.860575][T14389] RSP: 002b:00007f2c501d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  513.863429][T14389] RAX: ffffffffffffffda RBX: 00007f2c4f516058 RCX: 00007f2c4f3799f9
[  513.866113][T14389] RDX: 0000000000000002 RSI: 000000000000540a RDI: 0000000000000003
[  513.868787][T14389] RBP: 00007f2c501d6090 R08: 0000000000000000 R09: 0000000000000000
[  513.871447][T14389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  513.874454][T14389] R13: 0000000000000001 R14: 00007f2c4f516058 R15: 00007ffe0d5de218
[  513.877501][T14389]  </TASK>
[  513.896252][T14389] ERROR: Out of memory at tomoyo_realpath_from_path.
[  514.012802][T14393] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2379'.
[  514.013409][ T5346] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  514.025933][ T5346] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  514.029763][ T5346] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  514.029947][ T5353] Bluetooth: hci0: unexpected event for opcode 0x0c12
[  514.034118][ T5346] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  514.038946][T14393] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  514.039243][ T5346] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  514.046288][ T5346] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  514.088072][T14394] ip6gretap0 speed is unknown, defaulting to 1000
[  514.105653][T14396] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  514.252541][T14399] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  514.283149][T14394] chnl_net:caif_netlink_parms(): no params data found
[  514.378006][T14402] ALSA: mixer_oss: invalid OSS volume ''
[  514.380411][T14402] ALSA: mixer_oss: invalid OSS volume ''
[  514.386937][T14402] ALSA: mixer_oss: invalid OSS volume 'L'
[  514.429588][T14394] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.433660][T14394] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.437011][T14394] bridge_slave_0: entered allmulticast mode
[  514.440940][T14394] bridge_slave_0: entered promiscuous mode
[  514.446336][T14394] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.449779][T14394] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.455158][T14394] bridge_slave_1: entered allmulticast mode
[  514.458907][T14394] bridge_slave_1: entered promiscuous mode
[  514.587366][T14394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  514.594638][T14394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  514.659607][ T5346] Bluetooth: hci0: SCO packet for unknown connection handle 1039
[  514.679773][T14394] team0: Port device team_slave_0 added
[  514.726560][T14394] team0: Port device team_slave_1 added
[  514.805632][T14394] batman_adv: batadv0: Adding interface: batadv_slave_0
[  514.809131][T14394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.825113][T14394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  514.843064][T14394] batman_adv: batadv0: Adding interface: batadv_slave_1
[  514.846767][T14394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.858316][T14394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  514.947491][T14412] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  515.027609][T14394] hsr_slave_0: entered promiscuous mode
[  515.032141][T14394] hsr_slave_1: entered promiscuous mode
[  515.038701][T14394] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  515.042859][T14394] Cannot create hsr debugfs directory
[  516.142860][ T5346] Bluetooth: hci4: command tx timeout
[  516.264960][T14394] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.376938][T14394] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.403052][T14433] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2388'.
[  516.415768][T14435] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.435884][ T5346] Bluetooth: hci0: unexpected event for opcode 0x0c12
[  516.437477][T14433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  516.493608][T14394] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.505531][T14437] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  516.644759][T14394] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.811948][T14444] ALSA: mixer_oss: invalid OSS volume ''
[  516.814880][T14444] ALSA: mixer_oss: invalid OSS volume ''
[  516.817607][T14444] ALSA: mixer_oss: invalid OSS volume 'L'
[  516.885246][T14394] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  516.907788][T14394] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  516.920368][T14394] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  516.936051][T14394] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  517.058476][T14394] 8021q: adding VLAN 0 to HW filter on device bond0
[  517.079346][T14394] 8021q: adding VLAN 0 to HW filter on device team0
[  517.094050][T12123] bridge0: port 1(bridge_slave_0) entered blocking state
[  517.097203][T12123] bridge0: port 1(bridge_slave_0) entered forwarding state
[  517.136284][T14394] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  517.140679][T14394] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  517.149444][ T1109] bridge0: port 2(bridge_slave_1) entered blocking state
[  517.151509][T14450] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2393'.
[  517.152486][ T1109] bridge0: port 2(bridge_slave_1) entered forwarding state
[  517.172176][T14450] IPVS: Error joining to the multicast group
[  517.184191][T14452] EXT4-fs error: 2 callbacks suppressed
[  517.184208][T14452] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  517.198175][T14453] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  517.207883][T14454] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  517.218924][T14455] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  517.250528][T14394] 8021q: adding VLAN 0 to HW filter on device batadv0
[  517.274084][T14457] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  517.298363][T14458] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  517.309778][T14394] veth0_vlan: entered promiscuous mode
[  517.319337][T14394] veth1_vlan: entered promiscuous mode
[  517.357256][T14394] veth0_macvtap: entered promiscuous mode
[  517.368689][T14394] veth1_macvtap: entered promiscuous mode
[  517.409066][T14394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  517.417829][T14394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  517.422493][T14394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  517.427758][T14394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  517.437633][T14394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  517.449725][T14394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  517.463766][T14394] batman_adv: batadv0: Interface activated: batadv_slave_0
[  517.500554][T14394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  517.509574][T14394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  517.514031][T14394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  517.518782][T14394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  517.523376][T14394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  517.531555][T14394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  517.550479][T14394] batman_adv: batadv0: Interface activated: batadv_slave_1
[  517.604406][T14394] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  517.616303][T14394] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  517.641517][T14394] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  517.648315][T14394] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  517.954278][T12123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  517.962583][T12123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  518.062844][ T5346] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  518.066667][ T5346] Bluetooth: hci0: Injecting HCI hardware error event
[  518.071790][T11620] Bluetooth: hci0: hardware error 0x00
[  518.126514][ T1109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  518.129957][ T1109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  518.232391][ T5346] Bluetooth: hci4: command tx timeout
[  518.273255][T14470] 9pnet_fd: Insufficient options for proto=fd
[  518.431200][   T39] audit: type=1400 audit(1723739999.736:1961): avc:  denied  { bind } for  pid=14476 comm="syz.3.2399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  518.443967][T14480] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  518.452731][T14481] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  518.544635][T14485] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  518.733572][T14491] ALSA: mixer_oss: invalid OSS volume ''
[  518.736031][T14491] ALSA: mixer_oss: invalid OSS volume ''
[  518.738109][T14491] ALSA: mixer_oss: invalid OSS volume 'L'
[  519.204148][T14502] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  519.358192][T14510] 9pnet_fd: Insufficient options for proto=fd
[  519.397971][T14508] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2407'.
[  519.402108][ T1418] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  519.406400][T14508] netlink: 'syz.3.2407': attribute type 29 has an invalid length.
[  519.582273][ T1418] usb 6-1: Using ep0 maxpacket: 8
[  519.589070][ T1418] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  519.595374][ T1418] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  519.608043][ T1418] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  519.617344][ T1418] usb 6-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  519.627207][ T1418] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  519.641047][ T1418] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.661611][ T1418] usbtmc 6-1:16.0: bulk endpoints not found
[  519.705819][T14526] fuse: Bad value for 'user_id'
[  519.708173][T14526] fuse: Bad value for 'user_id'
[  520.128239][   T39] audit: type=1400 audit(1723740001.436:1962): avc:  denied  { listen } for  pid=14528 comm="syz.0.2410" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  520.138501][   T39] audit: type=1400 audit(1723740001.436:1963): avc:  denied  { accept } for  pid=14528 comm="syz.0.2410" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  520.192260][   T39] audit: type=1400 audit(1723740001.496:1964): avc:  denied  { write } for  pid=14528 comm="syz.0.2410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  520.200933][   T39] audit: type=1400 audit(1723740001.496:1965): avc:  denied  { connect } for  pid=14528 comm="syz.0.2410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  520.231748][T11620] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  520.302165][T11620] Bluetooth: hci4: command tx timeout
[  520.395796][   T39] audit: type=1326 audit(1723740001.706:1966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14536 comm="syz.3.2412" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  520.406816][   T39] audit: type=1326 audit(1723740001.706:1967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14536 comm="syz.3.2412" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  520.406865][   T39] audit: type=1326 audit(1723740001.706:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14536 comm="syz.3.2412" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  520.406920][   T39] audit: type=1326 audit(1723740001.706:1969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14536 comm="syz.3.2412" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  520.406966][   T39] audit: type=1326 audit(1723740001.706:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14536 comm="syz.3.2412" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  520.407012][   T39] audit: type=1326 audit(1723740001.706:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14536 comm="syz.3.2412" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32c31799f9 code=0x7ffc0000
[  522.122090][   T35] usb 6-1: USB disconnect, device number 40
[  522.180702][T14562] 9pnet_fd: Insufficient options for proto=fd
[  522.392491][T11620] Bluetooth: hci4: command tx timeout
[  523.323621][T14584] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2420'.
[  523.352678][T14584] netlink: 'syz.3.2420': attribute type 29 has an invalid length.
[  523.366731][T14588] EXT4-fs error: 11 callbacks suppressed
[  523.366745][T14588] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.397512][T14590] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2423'.
[  523.404060][T14590] netlink: 'syz.1.2423': attribute type 29 has an invalid length.
[  523.433097][T14591] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.476579][T14594] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.489022][T11620] Bluetooth: hci4: SCO packet for unknown connection handle 1039
[  523.491752][T14597] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.505229][T14599] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.513527][T14600] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.521710][T14601] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.592140][T14604] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.602272][T14605] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.617653][T14606] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  523.762399][ T5384] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  523.952124][ T5384] usb 7-1: Using ep0 maxpacket: 8
[  523.970089][ T5384] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  523.975167][ T5384] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  523.979778][ T5384] usb 7-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  523.985004][ T5384] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  523.991220][ T5384] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  523.995589][ T5384] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.008358][ T5384] usbtmc 7-1:16.0: bulk endpoints not found
[  525.131451][T14638] 9pnet_fd: Insufficient options for proto=fd
[  525.327571][   T39] kauditd_printk_skb: 81 callbacks suppressed
[  525.327587][   T39] audit: type=1326 audit(1723740006.636:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  525.340739][   T39] audit: type=1326 audit(1723740006.636:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  525.351322][   T39] audit: type=1326 audit(1723740006.636:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  525.360266][   T39] audit: type=1326 audit(1723740006.636:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  525.372594][   T39] audit: type=1326 audit(1723740006.636:2057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  525.384858][   T39] audit: type=1326 audit(1723740006.636:2058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  525.398494][   T39] audit: type=1326 audit(1723740006.636:2059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  525.411400][   T39] audit: type=1326 audit(1723740006.636:2060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efcd1f78390 code=0x7ffc0000
[  525.421834][   T39] audit: type=1326 audit(1723740006.646:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  525.431866][   T39] audit: type=1326 audit(1723740006.656:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.0.2433" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  525.514559][T11620] Bluetooth: hci4: SCO packet for unknown connection handle 1039
[  526.484580][ T5384] usb 7-1: USB disconnect, device number 34
[  526.497326][T14658] FAULT_INJECTION: forcing a failure.
[  526.497326][T14658] name failslab, interval 1, probability 0, space 0, times 0
[  526.512127][T14658] CPU: 0 UID: 0 PID: 14658 Comm: syz.0.2440 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  526.516790][T14658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  526.521077][T14658] Call Trace:
[  526.522283][T14658]  <TASK>
[  526.525421][T14658]  dump_stack_lvl+0x16c/0x1f0
[  526.527546][T14658]  should_fail_ex+0x497/0x5b0
[  526.529697][T14658]  ? fs_reclaim_acquire+0xae/0x160
[  526.531967][T14658]  should_failslab+0xc2/0x120
[  526.534077][T14658]  __kmalloc_noprof+0xcb/0x400
[  526.536187][T14658]  ? __pfx_lock_acquire+0x10/0x10
[  526.538468][T14658]  tomoyo_realpath_from_path+0xb9/0x720
[  526.540972][T14658]  ? tomoyo_profile+0x47/0x60
[  526.543391][T14658]  tomoyo_path_number_perm+0x245/0x590
[  526.545882][T14658]  ? tomoyo_path_number_perm+0x232/0x590
[  526.548370][T14658]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  526.550459][T14662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2441'.
[  526.551024][T14658]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  526.551055][T14658]  ? __fget_files+0x256/0x400
[  526.559533][T14658]  security_file_ioctl+0x75/0xc0
[  526.561730][T14658]  __x64_sys_ioctl+0xbb/0x220
[  526.563760][T14658]  do_syscall_64+0xcd/0x250
[  526.565780][T14658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.568326][T14658] RIP: 0033:0x7efcd1f799f9
[  526.570229][T14658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  526.578142][T14658] RSP: 002b:00007efcd2d56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  526.581741][T14658] RAX: ffffffffffffffda RBX: 00007efcd2115f80 RCX: 00007efcd1f799f9
[  526.584942][T14658] RDX: 0000000020000500 RSI: 0000000000005411 RDI: 0000000000000004
[  526.587881][T14658] RBP: 00007efcd2d56090 R08: 0000000000000000 R09: 0000000000000000
[  526.590823][T14658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  526.593928][T14658] R13: 0000000000000000 R14: 00007efcd2115f80 R15: 00007ffdbb59c4e8
[  526.596928][T14658]  </TASK>
[  526.598130][    C0] vkms_vblank_simulate: vblank timer overrun
[  526.608044][T14658] ERROR: Out of memory at tomoyo_realpath_from_path.
[  526.702281][T14667] kvm: kvm [14666]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  526.866950][T14671] bond0: (slave erspan0): Opening slave failed
[  527.749338][T14693] syz.3.2449: vmalloc error: size 24576, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  527.757069][T14693] CPU: 2 UID: 0 PID: 14693 Comm: syz.3.2449 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  527.762338][T14693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  527.767412][T14693] Call Trace:
[  527.769011][T14693]  <TASK>
[  527.770396][T14693]  dump_stack_lvl+0x16c/0x1f0
[  527.772796][T14693]  warn_alloc+0x24d/0x3a0
[  527.775070][T14693]  ? __pfx_warn_alloc+0x10/0x10
[  527.777325][T14693]  ? policy_nodemask+0xea/0x4e0
[  527.779546][T14693]  ? alloc_pages_mpol_noprof+0x2c1/0x610
[  527.782033][T14693]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  527.785806][T14693]  ? __pfx___might_resched+0x10/0x10
[  527.788375][T14693]  ? __kmalloc_node_noprof+0x22f/0x430
[  527.791136][T14693]  __vmalloc_node_range_noprof+0x12b8/0x1520
[  527.794203][T14693]  ? kernel_clone+0xfd/0x980
[  527.796758][T14693]  ? __memcg_slab_post_alloc_hook+0x511/0x9c0
[  527.799874][T14693]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  527.802795][T14693]  ? rcu_is_watching+0x12/0xc0
[  527.805199][T14693]  ? trace_kmem_cache_alloc+0x2d/0xe0
[  527.808000][T14693]  ? kmem_cache_alloc_node_noprof+0x1a2/0x310
[  527.810791][T14693]  ? kernel_clone+0xfd/0x980
[  527.813077][T14693]  copy_process+0x2f3b/0x8de0
[  527.815293][T14693]  ? kernel_clone+0xfd/0x980
[  527.817525][T14693]  ? __might_fault+0x13b/0x190
[  527.819794][T14693]  ? __pfx___lock_acquire+0x10/0x10
[  527.822224][T14693]  ? __pfx_copy_process+0x10/0x10
[  527.824538][T14693]  ? get_pid_task+0xfc/0x250
[  527.826681][T14693]  ? __pfx_lock_release+0x10/0x10
[  527.829062][T14693]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  527.831722][T14693]  ? find_held_lock+0x2d/0x110
[  527.833936][T14693]  ? find_held_lock+0x2d/0x110
[  527.836166][T14693]  kernel_clone+0xfd/0x980
[  527.838247][T14693]  ? __pfx_kernel_clone+0x10/0x10
[  527.840445][T14693]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  527.843033][T14693]  __do_sys_clone+0xba/0x100
[  527.845244][T14693]  ? __pfx___do_sys_clone+0x10/0x10
[  527.847406][T14693]  do_syscall_64+0xcd/0x250
[  527.849629][T14693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.852364][T14693] RIP: 0033:0x7f32c31799f9
[  527.854375][T14693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.862616][T14693] RSP: 002b:00007f32c3fc7fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  527.866074][T14693] RAX: ffffffffffffffda RBX: 00007f32c3315f80 RCX: 00007f32c31799f9
[  527.869179][T14693] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  527.872183][T14693] RBP: 00007f32c3fc8090 R08: 0000000000000000 R09: 0000000000000000
[  527.875261][T14693] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  527.879037][T14693] R13: 0000000000000001 R14: 00007f32c3315f80 R15: 00007fff71fd00d8
[  527.882570][T14693]  </TASK>
[  527.900725][T14693] Mem-Info:
[  527.905886][T14693] active_anon:16598 inactive_anon:0 isolated_anon:0
[  527.905886][T14693]  active_file:17727 inactive_file:3592 isolated_file:0
[  527.905886][T14693]  unevictable:1768 dirty:397 writeback:0
[  527.905886][T14693]  slab_reclaimable:10600 slab_unreclaimable:74458
[  527.905886][T14693]  mapped:19292 shmem:9292 pagetables:789
[  527.905886][T14693]  sec_pagetables:330 bounce:0
[  527.905886][T14693]  kernel_misc_reclaimable:0
[  527.905886][T14693]  free:526544 free_pcp:5405 free_cma:0
[  527.930761][T14693] Node 0 active_anon:65588kB inactive_anon:0kB active_file:70864kB inactive_file:14240kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:77136kB dirty:1592kB writeback:0kB shmem:33636kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:11248kB pagetables:3272kB sec_pagetables:1320kB all_unreclaimable? no
[  527.951689][T14693] Node 1 active_anon:0kB inactive_anon:0kB active_file:44kB inactive_file:128kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:116kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  527.970918][T14693] Node 0 DMA free:15360kB boost:0kB min:328kB low:408kB high:488kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  527.986570][T14693] lowmem_reserve[]: 0 1313 0 0 0
[  527.988771][T14693] Node 0 DMA32 free:458500kB boost:0kB min:28924kB low:36152kB high:43380kB reserved_highatomic:0KB active_anon:56288kB inactive_anon:0kB active_file:70864kB inactive_file:14240kB unevictable:3536kB writepending:1592kB present:2080628kB managed:1372136kB mlocked:0kB bounce:0kB free_pcp:19392kB local_pcp:11832kB free_cma:0kB
[  528.002321][T14693] lowmem_reserve[]: 0 0 0 0 0
[  528.004370][T14693] Node 1 Normal free:1637312kB boost:0kB min:38324kB low:47904kB high:57484kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:44kB inactive_file:128kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:6240kB local_pcp:0kB free_cma:0kB
[  528.020680][T14693] lowmem_reserve[]: 0 0 0 0 0
[  528.023008][T14693] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  528.028570][T14693] Node 0 DMA32: 175*4kB (UME) 333*8kB (UME) 311*16kB (UME) 47*32kB (UME) 433*64kB (UME) 173*128kB (UME) 61*256kB (UME) 49*512kB (UME) 30*1024kB (UME) 14*2048kB (ME) 73*4096kB (UME) = 458804kB
[  528.042220][T14693] Node 1 Normal: 22*4kB (UM) 27*8kB (UM) 27*16kB (UM) 29*32kB (UM) 21*64kB (UM) 14*128kB (UM) 9*256kB (UM) 6*512kB (UM) 5*1024kB (UM) 4*2048kB (UM) 394*4096kB (UM) = 1637312kB
[  528.050278][T14693] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  528.054714][T14693] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  528.062238][T14693] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  528.072486][T14693] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  528.085799][T14693] 30610 total pagecache pages
[  528.087915][T14693] 0 pages in swap cache
[  528.090786][T14693] Free swap  = 124112kB
[  528.093621][T14693] Total swap = 124996kB
[  528.095697][T14693] 1048443 pages RAM
[  528.102832][T14693] 0 pages HighMem/MovableOnly
[  528.105224][T14693] 256088 pages reserved
[  528.107441][T14693] 0 pages cma reserved
[  528.234828][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.238280][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.253513][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.257948][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.261638][T14702] ALSA: mixer_oss: invalid OSS volume '#!'
[  528.261879][T14702] ALSA: mixer_oss: invalid OSS volume ''
[  528.271239][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.276035][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.279404][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.283018][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.286543][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.289892][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.294857][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.310891][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.315171][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.322808][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.326127][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.330388][T14706] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2455'.
[  528.331242][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.339384][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.343867][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.347751][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.351332][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.354929][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.358197][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.362280][ T1418] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  528.362563][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.369602][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.373022][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.378582][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.383034][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.387270][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.390659][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.394372][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.397689][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.401094][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.404973][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.408025][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.410821][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.414183][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.416882][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.419364][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.422184][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.425025][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.427851][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.430582][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.433417][ T5379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  528.439142][ T5379] hid-generic 0000:0000:0000.000A: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  528.510280][T14710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2456'.
[  528.542339][ T1418] usb 6-1: Using ep0 maxpacket: 8
[  528.550752][ T1418] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  528.564192][ T1418] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  528.575210][ T1418] usb 6-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  528.580047][ T1418] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  528.586674][ T1418] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  528.591314][ T1418] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  528.608052][ T1418] usbtmc 6-1:16.0: bulk endpoints not found
[  528.669668][T14718] FAULT_INJECTION: forcing a failure.
[  528.669668][T14718] name failslab, interval 1, probability 0, space 0, times 0
[  528.675133][T14718] CPU: 3 UID: 0 PID: 14718 Comm: syz.2.2459 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  528.679499][T14718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  528.683870][T14718] Call Trace:
[  528.685254][T14718]  <TASK>
[  528.686511][T14718]  dump_stack_lvl+0x16c/0x1f0
[  528.688393][T14718]  should_fail_ex+0x497/0x5b0
[  528.690397][T14718]  ? fs_reclaim_acquire+0xae/0x160
[  528.692563][T14718]  should_failslab+0xc2/0x120
[  528.695174][T14718]  __kmalloc_noprof+0xcb/0x400
[  528.697679][T14718]  constrain_params_by_rules+0x176/0xca0
[  528.700525][T14718]  ? stack_depot_save_flags+0x28/0x8f0
[  528.703377][T14718]  ? __lock_acquire+0x1620/0x3cb0
[  528.706157][T14718]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  528.709010][T14718]  ? __pfx___lock_acquire+0x10/0x10
[  528.711335][T14718]  ? rcu_is_watching+0x12/0xc0
[  528.714127][T14718]  ? trace_hw_interval_param+0x195/0x210
[  528.717000][T14718]  snd_pcm_hw_refine+0x7ef/0xad0
[  528.720446][T14718]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  528.724006][T14718]  ? __pfx___might_resched+0x10/0x10
[  528.726711][T14718]  ? __might_fault+0xe3/0x190
[  528.728443][T14718]  ? __asan_memcpy+0x3c/0x60
[  528.730778][T14718]  snd_pcm_common_ioctl+0x1cfb/0x3180
[  528.733611][T14718]  ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470
[  528.737102][T14718]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  528.741239][T14718]  ? __pfx_snd_pcm_common_ioctl+0x10/0x10
[  528.744483][T14718]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  528.746641][T14718]  ? selinux_file_ioctl+0x180/0x270
[  528.749123][T14718]  ? selinux_file_ioctl+0xb4/0x270
[  528.750835][T14718]  snd_pcm_ioctl+0x84/0xc0
[  528.752619][T14718]  ? __pfx_snd_pcm_ioctl+0x10/0x10
[  528.754306][T14718]  __x64_sys_ioctl+0x193/0x220
[  528.756355][T14718]  do_syscall_64+0xcd/0x250
[  528.758594][T14718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.761478][T14718] RIP: 0033:0x7f8f70d799f9
[  528.763523][T14718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  528.772182][T14718] RSP: 002b:00007f8f71b4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  528.775047][T14718] RAX: ffffffffffffffda RBX: 00007f8f70f15f80 RCX: 00007f8f70d799f9
[  528.778333][T14718] RDX: 0000000020000040 RSI: 00000000c1004110 RDI: 0000000000000003
[  528.781853][T14718] RBP: 00007f8f71b4a090 R08: 0000000000000000 R09: 0000000000000000
[  528.785499][T14718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  528.789634][T14718] R13: 0000000000000000 R14: 00007f8f70f15f80 R15: 00007fff7d3380f8
[  528.793142][T14718]  </TASK>
[  528.847358][T14722] lo speed is unknown, defaulting to 1000
[  528.850092][T14722] lo speed is unknown, defaulting to 1000
[  528.853769][T14722] lo speed is unknown, defaulting to 1000
[  528.869468][T14722] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  528.904925][T14722] lo speed is unknown, defaulting to 1000
[  528.909028][T14722] lo speed is unknown, defaulting to 1000
[  528.913799][T14722] lo speed is unknown, defaulting to 1000
[  528.919240][T14722] lo speed is unknown, defaulting to 1000
[  528.923947][T14722] lo speed is unknown, defaulting to 1000
[  528.930480][T14722] lo speed is unknown, defaulting to 1000
[  529.011995][T14728] FAULT_INJECTION: forcing a failure.
[  529.011995][T14728] name failslab, interval 1, probability 0, space 0, times 0
[  529.018969][T14728] CPU: 1 UID: 0 PID: 14728 Comm: syz.0.2462 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  529.024217][T14728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  529.029075][T14728] Call Trace:
[  529.030675][T14728]  <TASK>
[  529.032132][T14728]  dump_stack_lvl+0x16c/0x1f0
[  529.034919][T14728]  should_fail_ex+0x497/0x5b0
[  529.037568][T14728]  ? fs_reclaim_acquire+0xae/0x160
[  529.039984][T14728]  should_failslab+0xc2/0x120
[  529.042039][T14728]  __kmalloc_noprof+0xcb/0x400
[  529.044163][T14728]  ? __pfx_lock_acquire+0x10/0x10
[  529.046347][T14728]  tomoyo_realpath_from_path+0xb9/0x720
[  529.048750][T14728]  ? tomoyo_profile+0x47/0x60
[  529.050780][T14728]  tomoyo_path_number_perm+0x245/0x590
[  529.053133][T14728]  ? tomoyo_path_number_perm+0x232/0x590
[  529.055561][T14728]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  529.058109][T14728]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  529.060650][T14728]  ? __fget_files+0x256/0x400
[  529.062677][T14728]  security_file_ioctl+0x75/0xc0
[  529.064791][T14728]  __x64_sys_ioctl+0xbb/0x220
[  529.066797][T14728]  do_syscall_64+0xcd/0x250
[  529.068780][T14728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.071347][T14728] RIP: 0033:0x7efcd1f799f9
[  529.073285][T14728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  529.081755][T14728] RSP: 002b:00007efcd2d56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  529.085477][T14728] RAX: ffffffffffffffda RBX: 00007efcd2115f80 RCX: 00007efcd1f799f9
[  529.088817][T14728] RDX: 0000000000000001 RSI: 000000000000540b RDI: 0000000000000003
[  529.092104][T14728] RBP: 00007efcd2d56090 R08: 0000000000000000 R09: 0000000000000000
[  529.094790][T14728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  529.098029][T14728] R13: 0000000000000000 R14: 00007efcd2115f80 R15: 00007ffdbb59c4e8
[  529.101423][T14728]  </TASK>
[  529.104925][T14728] ERROR: Out of memory at tomoyo_realpath_from_path.
[  529.107237][T14724] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2461'.
[  529.271911][T14734] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2464'.
[  529.277402][T14734] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2464'.
[  530.321669][T14762] netlink: 'syz.2.2472': attribute type 4 has an invalid length.
[  530.498400][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  530.501969][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  530.518342][T14767] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  530.867887][T14770] EXT4-fs error: 6 callbacks suppressed
[  530.867902][T14770] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  530.981728][T14773] fuse: Unknown parameter '0x000000000000000600000000000000000000'
[  531.002739][T14773] kvm: kvm [14771]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0
[  531.124599][   T57] usb 6-1: USB disconnect, device number 41
[  531.236758][ T5346] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  531.242251][ T5346] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  531.246091][ T5346] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  531.249423][T14778] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2478'.
[  531.253789][ T5346] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  531.257387][ T5346] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  531.260708][ T5346] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  531.266243][T14778] netlink: 'syz.1.2478': attribute type 29 has an invalid length.
[  531.373355][T14786] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  531.392585][T14787] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  531.416303][T14788] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  531.431621][T14789] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  531.440433][T14790] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  531.450834][T14781] ip6gretap0 speed is unknown, defaulting to 1000
[  531.473427][T14791] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  531.495236][T14781] lo speed is unknown, defaulting to 1000
[  531.810631][T12118] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  531.830522][T14797] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  531.852503][T14781] chnl_net:caif_netlink_parms(): no params data found
[  531.924184][T12118] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.041358][T14802] 9pnet_fd: Insufficient options for proto=fd
[  532.141094][T12118] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.213221][T14781] bridge0: port 1(bridge_slave_0) entered blocking state
[  532.222431][T14781] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.225763][T14781] bridge_slave_0: entered allmulticast mode
[  532.233738][T14781] bridge_slave_0: entered promiscuous mode
[  532.308435][T12118] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.320632][T14781] bridge0: port 2(bridge_slave_1) entered blocking state
[  532.324352][T14781] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.328316][T14781] bridge_slave_1: entered allmulticast mode
[  532.333173][T14781] bridge_slave_1: entered promiscuous mode
[  532.378028][   T39] kauditd_printk_skb: 63 callbacks suppressed
[  532.378042][   T39] audit: type=1326 audit(1723740013.686:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  532.396493][   T39] audit: type=1326 audit(1723740013.696:2127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  532.408055][   T39] audit: type=1326 audit(1723740013.706:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  532.418036][   T39] audit: type=1326 audit(1723740013.706:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  532.427959][   T39] audit: type=1326 audit(1723740013.706:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  532.437394][   T39] audit: type=1326 audit(1723740013.716:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  532.444861][T14781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  532.447357][   T39] audit: type=1326 audit(1723740013.716:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  532.460291][   T39] audit: type=1326 audit(1723740013.716:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  532.468029][T14781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  532.469667][   T39] audit: type=1326 audit(1723740013.716:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efcd1f78390 code=0x7ffc0000
[  532.483982][   T39] audit: type=1326 audit(1723740013.716:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14810 comm="syz.0.2483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcd1f799f9 code=0x7ffc0000
[  532.569303][T14781] team0: Port device team_slave_0 added
[  532.575817][T14781] team0: Port device team_slave_1 added
[  532.679788][T14781] batman_adv: batadv0: Adding interface: batadv_slave_0
[  532.683696][T14781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  532.696567][T14781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  532.710382][T14781] batman_adv: batadv0: Adding interface: batadv_slave_1
[  532.717585][T14781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  532.721791][T14818] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  532.728050][T14781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  532.749333][T12118] bridge_slave_1: left allmulticast mode
[  532.752864][T12118] bridge_slave_1: left promiscuous mode
[  532.755626][T12118] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.912578][ T6462] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  533.092184][ T6462] usb 5-1: Using ep0 maxpacket: 8
[  533.096467][ T6462] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  533.101383][ T6462] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  533.106059][ T6462] usb 5-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  533.110723][ T6462] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  533.118090][ T6462] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  533.122745][ T6462] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  533.136306][ T6462] usbtmc 5-1:16.0: bulk endpoints not found
[  533.168593][T12118] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  533.175893][T12118] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  533.181978][T12118] bond0 (unregistering): Released all slaves
[  533.193516][T12118] bond1 (unregistering): Released all slaves
[  533.204178][T12118] bond2 (unregistering): Released all slaves
[  533.310889][T14825] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2487'.
[  533.342238][ T5346] Bluetooth: hci3: command tx timeout
[  533.380544][T14781] hsr_slave_0: entered promiscuous mode
[  533.385520][T14781] hsr_slave_1: entered promiscuous mode
[  533.390328][T14781] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  533.394262][T14781] Cannot create hsr debugfs directory
[  533.397024][T14825] netlink: 'syz.2.2487': attribute type 29 has an invalid length.
[  533.435247][T14827] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  533.958457][T12118] hsr_slave_0: left promiscuous mode
[  533.961755][T12118] hsr_slave_1: left promiscuous mode
[  534.042720][T12118] veth1_macvtap: left promiscuous mode
[  534.044871][T12118] veth0_macvtap: left promiscuous mode
[  534.047027][T12118] veth1_vlan: left promiscuous mode
[  534.048883][T12118] veth0_vlan: left promiscuous mode
[  535.116948][T12118] team0 (unregistering): Port device team_slave_1 removed
[  535.229126][T12118] team0 (unregistering): Port device team_slave_0 removed
[  535.432347][ T5346] Bluetooth: hci3: command tx timeout
[  535.644961][ T5384] usb 5-1: USB disconnect, device number 47
[  536.024964][T14853] EXT4-fs error: 11 callbacks suppressed
[  536.024986][T14853] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.039438][T14855] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.104208][T14858] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.323386][T14865] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.342926][T14867] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.369852][T14868] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.381844][T14869] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.393890][T14871] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.416338][T14873] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.433625][T14874] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  536.476529][T14876] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2493'.
[  536.487727][T14876] netlink: 'syz.2.2493': attribute type 6 has an invalid length.
[  536.501521][T14876] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  536.505756][T14876] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  536.509264][T14876] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  536.512398][T14876] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  536.520829][T14876] vxlan0: entered promiscuous mode
[  536.708880][T14882] FAULT_INJECTION: forcing a failure.
[  536.708880][T14882] name failslab, interval 1, probability 0, space 0, times 0
[  536.717031][T14882] CPU: 2 UID: 0 PID: 14882 Comm: syz.0.2494 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  536.721852][T14882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  536.726376][T14882] Call Trace:
[  536.728141][T14882]  <TASK>
[  536.729682][T14882]  dump_stack_lvl+0x16c/0x1f0
[  536.731846][T14882]  should_fail_ex+0x497/0x5b0
[  536.733983][T14882]  should_failslab+0xc2/0x120
[  536.736118][T14882]  __kmalloc_noprof+0xcb/0x400
[  536.738277][T14882]  io_cqring_event_overflow+0xcb/0x6f0
[  536.740710][T14882]  io_req_cqe_overflow+0x101/0x1e0
[  536.743061][T14882]  __io_submit_flush_completions+0x8fa/0x1b70
[  536.745776][T14882]  io_submit_sqes+0xa78/0x2500
[  536.747942][T14882]  __do_sys_io_uring_enter+0xbd8/0x1130
[  536.750538][T14882]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  536.753321][T14882]  ? ksys_write+0x1ab/0x260
[  536.755505][T14882]  ? __pfx_ksys_write+0x10/0x10
[  536.757690][T14882]  do_syscall_64+0xcd/0x250
[  536.759887][T14882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.762703][T14882] RIP: 0033:0x7efcd1f799f9
[  536.765099][T14882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  536.774988][T14882] RSP: 002b:00007efcd2d56038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  536.778731][T14882] RAX: ffffffffffffffda RBX: 00007efcd2115f80 RCX: 00007efcd1f799f9
[  536.782706][T14882] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 000000000000000f
[  536.786270][T14882] RBP: 00007efcd2d56090 R08: 0000000000000000 R09: 0000000000000000
[  536.789854][T14882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  536.793202][T14882] R13: 0000000000000000 R14: 00007efcd2115f80 R15: 00007ffdbb59c4e8
[  536.796746][T14882]  </TASK>
[  536.946431][T14781] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  536.954394][T14781] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  536.967817][T14781] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  537.000790][T14781] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  537.162487][T14781] 8021q: adding VLAN 0 to HW filter on device bond0
[  537.248653][T14781] 8021q: adding VLAN 0 to HW filter on device team0
[  537.286060][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  537.289208][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  537.301545][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  537.304661][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  537.382709][   T39] kauditd_printk_skb: 89 callbacks suppressed
[  537.382724][   T39] audit: type=1326 audit(1723740018.696:2225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  537.388749][T14781] 8021q: adding VLAN 0 to HW filter on device batadv0
[  537.400168][T14864] syz.2.2493 (14864): drop_caches: 1
[  537.401369][   T39] audit: type=1326 audit(1723740018.706:2226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f2c4f37b78c code=0x7ffc0000
[  537.420187][   T39] audit: type=1326 audit(1723740018.706:2227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f2c4f37b6c4 code=0x7ffc0000
[  537.429647][T14781] veth0_vlan: entered promiscuous mode
[  537.438400][   T39] audit: type=1326 audit(1723740018.706:2228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f2c4f37b6c4 code=0x7ffc0000
[  537.439699][T14781] veth1_vlan: entered promiscuous mode
[  537.447489][   T39] audit: type=1326 audit(1723740018.706:2229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  537.466167][   T39] audit: type=1326 audit(1723740018.706:2230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  537.475817][   T39] audit: type=1326 audit(1723740018.706:2231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  537.484124][   T39] audit: type=1326 audit(1723740018.706:2232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  537.484744][T14781] veth0_macvtap: entered promiscuous mode
[  537.493857][   T39] audit: type=1326 audit(1723740018.706:2233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  537.503648][ T5346] Bluetooth: hci3: command tx timeout
[  537.506152][T14781] veth1_macvtap: entered promiscuous mode
[  537.506271][   T39] audit: type=1326 audit(1723740018.706:2234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14892 comm="syz.1.2496" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  537.527278][T14781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  537.531972][T14781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  537.536894][T14781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  537.541615][T14781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  537.548750][T14781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  537.553823][T14781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  537.558196][T14781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  537.567755][T14781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  537.575914][T14781] batman_adv: batadv0: Interface activated: batadv_slave_0
[  537.625689][T14781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  537.631700][T14781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  537.646924][T14781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  537.651168][T14781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  537.658595][T14781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  537.663686][T14781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  537.668007][T14781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  537.673028][T14781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  537.678691][T14781] batman_adv: batadv0: Interface activated: batadv_slave_1
[  537.685479][T14781] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  537.689306][T14781] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  537.694341][T14781] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  537.698052][T14781] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  537.851041][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  537.859430][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  537.972150][T12118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  537.975801][T12118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  538.068107][T14909] FAULT_INJECTION: forcing a failure.
[  538.068107][T14909] name failslab, interval 1, probability 0, space 0, times 0
[  538.074435][T14909] CPU: 1 UID: 0 PID: 14909 Comm: syz.3.2476 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  538.078127][T14909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  538.082486][T14909] Call Trace:
[  538.083648][T14909]  <TASK>
[  538.084795][T14909]  dump_stack_lvl+0x16c/0x1f0
[  538.086776][T14909]  should_fail_ex+0x497/0x5b0
[  538.088535][T14909]  ? fs_reclaim_acquire+0xae/0x160
[  538.090393][T14909]  should_failslab+0xc2/0x120
[  538.092187][T14909]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  538.094513][T14909]  ? io_submit_one+0x123/0x1df0
[  538.096558][T14909]  io_submit_one+0x123/0x1df0
[  538.098497][T14909]  ? __pfx_io_submit_one+0x10/0x10
[  538.100499][T14909]  ? __might_fault+0x13b/0x190
[  538.102239][T14909]  ? __pfx_lock_release+0x10/0x10
[  538.104367][T14909]  ? __might_fault+0xe3/0x190
[  538.106332][T14909]  ? __x64_sys_io_submit+0x19d/0x330
[  538.108280][T14909]  __x64_sys_io_submit+0x19d/0x330
[  538.110064][T14909]  ? __pfx___x64_sys_io_submit+0x10/0x10
[  538.112280][T14909]  do_syscall_64+0xcd/0x250
[  538.114091][T14909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.116665][T14909] RIP: 0033:0x7fe5dab799f9
[  538.118738][T14909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.126925][T14909] RSP: 002b:00007fe5db8bb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  538.129743][T14909] RAX: ffffffffffffffda RBX: 00007fe5dad15f80 RCX: 00007fe5dab799f9
[  538.132892][T14909] RDX: 0000000020000780 RSI: 0000000000000001 RDI: 00007fe5db892000
[  538.135760][T14909] RBP: 00007fe5db8bb090 R08: 0000000000000000 R09: 0000000000000000
[  538.138867][T14909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  538.141763][T14909] R13: 0000000000000000 R14: 00007fe5dad15f80 R15: 00007ffc967f10a8
[  538.144705][T14909]  </TASK>
[  538.206338][T14907] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  538.470622][T14917] syz.3.2501 (14917): drop_caches: 1
[  538.640118][T14925] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2501'.
[  538.644889][T14925] netlink: 'syz.3.2501': attribute type 6 has an invalid length.
[  538.686549][T14925] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  538.690465][T14925] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  538.695203][T14925] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  538.700119][T14925] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  538.706391][T14925] vxlan0: entered promiscuous mode
[  539.073981][T14917] syz.3.2501 (14917): drop_caches: 1
[  539.583163][ T5346] Bluetooth: hci3: command tx timeout
[  539.906506][T14934] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2505'.
[  540.414642][T14948] syz.1.2506 (14948): drop_caches: 1
[  540.469058][T14948] syz.1.2506 (14948): drop_caches: 1
[  540.503354][T14956] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2506'.
[  540.507645][T14956] netlink: 'syz.1.2506': attribute type 6 has an invalid length.
[  541.467290][T14978] EXT4-fs error: 20 callbacks suppressed
[  541.467305][T14978] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  541.598461][T14979] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2514'.
[  541.844314][T14988] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  542.395662][T14994] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2519'.
[  542.439863][T14998] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  542.499158][T14999] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  542.514341][T15000] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  542.533099][T15001] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  542.545260][T15003] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  542.563257][T15005] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  542.576184][T15007] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  542.777320][T15008] syz.2.2521 (15008): drop_caches: 1
[  542.806664][T15010] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2521'.
[  542.822104][T15010] netlink: 'syz.2.2521': attribute type 6 has an invalid length.
[  542.861927][T15008] syz.2.2521 (15008): drop_caches: 1
[  543.185820][T15013] netlink: 160 bytes leftover after parsing attributes in process `syz.3.2522'.
[  543.517726][T15028] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  543.545006][   T39] kauditd_printk_skb: 23 callbacks suppressed
[  543.545020][   T39] audit: type=1326 audit(1723740024.856:2258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  543.559481][   T39] audit: type=1326 audit(1723740024.856:2259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  543.559530][   T39] audit: type=1326 audit(1723740024.856:2260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  543.559576][   T39] audit: type=1326 audit(1723740024.856:2261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  543.559622][   T39] audit: type=1326 audit(1723740024.866:2262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  543.559672][   T39] audit: type=1326 audit(1723740024.866:2263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  543.559713][   T39] audit: type=1326 audit(1723740024.866:2264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  543.559755][   T39] audit: type=1326 audit(1723740024.866:2265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2c4f378390 code=0x7ffc0000
[  543.589347][T15031] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  543.600009][   T39] audit: type=1326 audit(1723740024.906:2266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  543.661127][   T39] audit: type=1326 audit(1723740024.906:2267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15022 comm="syz.1.2525" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c4f3799f9 code=0x7ffc0000
[  544.580923][T15049] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1674 sclass=netlink_route_socket pid=15049 comm=syz.3.2532
[  544.669951][T15050] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1674 sclass=netlink_route_socket pid=15050 comm=syz.0.2531
[  544.702280][ T5346] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  544.706693][ T5346] Bluetooth: hci4: Injecting HCI hardware error event
[  544.713844][T11620] Bluetooth: hci4: hardware error 0x00
[  544.938120][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2536'.
[  545.092356][ T1418] usb 8-1: new high-speed USB device number 43 using dummy_hcd
[  545.277769][ T1418] usb 8-1: Using ep0 maxpacket: 16
[  545.282627][ T1418] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  545.289284][ T1418] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  545.293551][ T1418] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  545.297832][ T1418] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  545.300976][ T1418] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.310842][ T1418] usb 8-1: config 0 descriptor??
[  545.362411][ T5378] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  545.545330][ T5378] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  545.550063][ T5378] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  545.551767][T15071] 9pnet_fd: Insufficient options for proto=fd
[  545.554766][ T5378] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  545.554791][ T5378] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.557825][T15065] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  545.571932][ T5378] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  545.681213][T15075] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  545.683836][T15075] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  545.688957][T15075] vhci_hcd vhci_hcd.0: Device attached
[  545.739241][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.742851][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.745463][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.748221][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.750730][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.753441][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.756212][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.759142][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.761929][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.765765][ T1418] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  545.783335][T15065] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2537'.
[  545.784394][ T1418] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:045E:07DA.000B/input/input17
[  545.801424][T15065] gtp0: entered promiscuous mode
[  545.804533][T15065] gtp0: entered allmulticast mode
[  545.816102][ T1418] microsoft 0003:045E:07DA.000B: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  545.829402][   T58] usb 7-1: USB disconnect, device number 35
[  545.938051][T15053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  545.942266][T15053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  545.982648][ T5378] usb 15-1: new high-speed USB device number 3 using vhci_hcd
[  546.406840][T15053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  546.415900][T15053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  546.537140][T15076] vhci_hcd: connection reset by peer
[  546.543246][T12118] vhci_hcd: stop threads
[  546.546949][T12118] vhci_hcd: release socket
[  546.551229][T12118] vhci_hcd: disconnect device
[  546.560044][T15091] 
[  546.561227][T15091] ======================================================
[  546.563969][   T58] usb 8-1: USB disconnect, device number 43
[  546.564466][T15091] WARNING: possible circular locking dependency detected
[  546.564476][T15091] 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0 Not tainted
[  546.564489][T15091] ------------------------------------------------------
[  546.577585][T15091] syz.0.2542/15091 is trying to acquire lock:
[  546.580036][T15091] ffff888047e58cf8 (&ovl_i_mutex_dir_key[depth]){++++}-{3:3}, at: walk_component+0x342/0x5b0
[  546.584256][T15091] 
[  546.584256][T15091] but task is already holding lock:
[  546.587029][T15091] ffff8880484c6488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500
[  546.592655][T15091] 
[  546.592655][T15091] which lock already depends on the new lock.
[  546.592655][T15091] 
[  546.597228][T15091] 
[  546.597228][T15091] the existing dependency chain (in reverse order) is:
[  546.601179][T15091] 
[  546.601179][T15091] -> #3 (&of->mutex){+.+.}-{3:3}:
[  546.604490][T15091]        __mutex_lock+0x175/0x9c0
[  546.606984][T15091]        kernfs_fop_write_iter+0x281/0x500
[  546.609646][T15091]        iter_file_splice_write+0x906/0x10b0
[  546.612530][T15091]        do_splice+0x148c/0x1f90
[  546.614945][T15091]        __do_splice+0x327/0x360
[  546.617174][T15091]        __x64_sys_splice+0x1d2/0x260
[  546.619588][T15091]        do_syscall_64+0xcd/0x250
[  546.621841][T15091]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.624668][T15091] 
[  546.624668][T15091] -> #2 (&pipe->mutex){+.+.}-{3:3}:
[  546.627920][T15091]        __mutex_lock+0x175/0x9c0
[  546.630184][T15091]        pipe_lock+0x64/0x80
[  546.632247][T15091]        iter_file_splice_write+0x1f0/0x10b0
[  546.634854][T15091]        do_splice+0x148c/0x1f90
[  546.637304][T15091]        __do_splice+0x327/0x360
[  546.639691][T15091]        __x64_sys_splice+0x1d2/0x260
[  546.642219][T15091]        do_syscall_64+0xcd/0x250
[  546.644492][T15091]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.647319][T15091] 
[  546.647319][T15091] -> #1 (sb_writers#6){.+.+}-{0:0}:
[  546.650556][T15091]        mnt_want_write+0x6f/0x450
[  546.652950][T15091]        ovl_create_object+0x12e/0x300
[  546.655305][T15091]        lookup_open.isra.0+0x10a1/0x13c0
[  546.658006][T15091]        path_openat+0xa3b/0x2d20
[  546.660150][T15091]        do_filp_open+0x1dc/0x430
[  546.662613][T15091]        do_sys_openat2+0x17a/0x1e0
[  546.665065][T15091]        __x64_sys_openat+0x175/0x210
[  546.667448][T15091]        do_syscall_64+0xcd/0x250
[  546.669612][T15091]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.672374][T15091] 
[  546.672374][T15091] -> #0 (&ovl_i_mutex_dir_key[depth]){++++}-{3:3}:
[  546.676044][T15091]        __lock_acquire+0x24ed/0x3cb0
[  546.678306][T15091]        lock_acquire+0x1b1/0x560
[  546.680487][T15091]        down_read+0x9a/0x330
[  546.682448][T15091]        walk_component+0x342/0x5b0
[  546.684656][T15091]        path_lookupat+0x17f/0x770
[  546.686768][T15091]        filename_lookup+0x1e5/0x5b0
[  546.688955][T15091]        kern_path+0x35/0x50
[  546.690906][T15091]        lookup_bdev+0xd9/0x280
[  546.692969][T15091]        resume_store+0x1d8/0x460
[  546.695413][T15091]        kobj_attr_store+0x55/0x80
[  546.697423][T15091]        sysfs_kf_write+0x117/0x170
[  546.699456][T15091]        kernfs_fop_write_iter+0x343/0x500
[  546.702179][T15091]        vfs_write+0x6b6/0x1140
[  546.704275][T15091]        ksys_write+0x12f/0x260
[  546.706064][T15091]        do_syscall_64+0xcd/0x250
[  546.707848][T15091]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.710391][T15091] 
[  546.710391][T15091] other info that might help us debug this:
[  546.710391][T15091] 
[  546.714618][T15091] Chain exists of:
[  546.714618][T15091]   &ovl_i_mutex_dir_key[depth] --> &pipe->mutex --> &of->mutex
[  546.714618][T15091] 
[  546.719712][T15091]  Possible unsafe locking scenario:
[  546.719712][T15091] 
[  546.722646][T15091]        CPU0                    CPU1
[  546.724734][T15091]        ----                    ----
[  546.726822][T15091]   lock(&of->mutex);
[  546.728419][T15091]                                lock(&pipe->mutex);
[  546.731003][T15091]                                lock(&of->mutex);
[  546.733706][T15091]   rlock(&ovl_i_mutex_dir_key[depth]);
[  546.736150][T15091] 
[  546.736150][T15091]  *** DEADLOCK ***
[  546.736150][T15091] 
[  546.739709][T15091] 4 locks held by syz.0.2542/15091:
[  546.741973][T15091]  #0: ffff8880298c19c8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xeb/0x180
[  546.745505][T15091]  #1: ffff888024928420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260
[  546.749358][T15091]  #2: ffff8880484c6488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500
[  546.754106][T15091]  #3: ffff888016744698 (kn->active#77){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500
[  546.758632][T15091] 
[  546.758632][T15091] stack backtrace:
[  546.760756][T15091] CPU: 1 UID: 0 PID: 15091 Comm: syz.0.2542 Not tainted 6.11.0-rc3-syzkaller-00013-g6b0f8db921ab #0
[  546.765210][T15091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  546.769570][T15091] Call Trace:
[  546.771084][T15091]  <TASK>
[  546.772367][T15091]  dump_stack_lvl+0x116/0x1f0
[  546.774278][T15091]  check_noncircular+0x31a/0x400
[  546.776391][T15091]  ? __pfx_check_noncircular+0x10/0x10
[  546.778740][T15091]  ? add_lock_to_list+0x17d/0x380
[  546.780886][T15091]  __lock_acquire+0x24ed/0x3cb0
[  546.783015][T15091]  ? __pfx___lock_acquire+0x10/0x10
[  546.785233][T15091]  ? lock_acquire+0x1b1/0x560
[  546.787358][T15091]  lock_acquire+0x1b1/0x560
[  546.789177][T15091]  ? walk_component+0x342/0x5b0
[  546.791194][T15091]  ? __pfx_lock_acquire+0x10/0x10
[  546.793319][T15091]  ? __pfx___might_resched+0x10/0x10
[  546.795913][T15091]  ? _raw_spin_unlock+0x28/0x50
[  546.797985][T15091]  down_read+0x9a/0x330
[  546.799459][T15091]  ? walk_component+0x342/0x5b0
[  546.801358][T15091]  ? __pfx_down_read+0x10/0x10
[  546.803424][T15091]  ? lookup_fast+0x155/0x540
[  546.805545][T15091]  walk_component+0x342/0x5b0
[  546.807634][T15091]  path_lookupat+0x17f/0x770
[  546.809608][T15091]  filename_lookup+0x1e5/0x5b0
[  546.811813][T15091]  ? __pfx_filename_lookup+0x10/0x10
[  546.814051][T15091]  ? trace_kmem_cache_alloc+0x2d/0xe0
[  546.816180][T15091]  ? kmem_cache_alloc_noprof+0x174/0x2f0
[  546.818056][T15091]  ? getname_kernel+0x52/0x370
[  546.819752][T15091]  ? __asan_memcpy+0x3c/0x60
[  546.821539][T15091]  kern_path+0x35/0x50
[  546.823088][T15091]  lookup_bdev+0xd9/0x280
[  546.824547][T15091]  ? __pfx_lookup_bdev+0x10/0x10
[  546.826578][T15091]  ? __asan_memcpy+0x3c/0x60
[  546.828404][T15091]  resume_store+0x1d8/0x460
[  546.830775][T15091]  ? __pfx_resume_store+0x10/0x10
[  546.832933][T15091]  ? __pfx_lock_acquire+0x10/0x10
[  546.835085][T15091]  ? __pfx___mutex_lock+0x10/0x10
[  546.837284][T15091]  ? __pfx__copy_from_iter+0x10/0x10
[  546.839555][T15091]  ? __pfx_resume_store+0x10/0x10
[  546.841723][T15091]  kobj_attr_store+0x55/0x80
[  546.843724][T15091]  ? __pfx_kobj_attr_store+0x10/0x10
[  546.846179][T15091]  sysfs_kf_write+0x117/0x170
[  546.848582][T15091]  kernfs_fop_write_iter+0x343/0x500
[  546.850948][T15091]  ? __pfx_sysfs_kf_write+0x10/0x10
[  546.853588][T15091]  vfs_write+0x6b6/0x1140
[  546.855377][T15091]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  546.857919][T15091]  ? __pfx_vfs_write+0x10/0x10
[  546.859795][T15091]  ? __pfx___mutex_lock+0x10/0x10
[  546.861671][T15091]  ? __fget_files+0x256/0x400
[  546.863573][T15091]  ksys_write+0x12f/0x260
[  546.865309][T15091]  ? __pfx_ksys_write+0x10/0x10
[  546.867389][T15091]  do_syscall_64+0xcd/0x250
[  546.869585][T15091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.871986][T15091] RIP: 0033:0x7efcd1f799f9
[  546.873893][T15091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.882066][T15091] RSP: 002b:00007efcd2d56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  546.885632][T15091] RAX: ffffffffffffffda RBX: 00007efcd2115f80 RCX: 00007efcd1f799f9
[  546.889004][T15091] RDX: 0000000000000012 RSI: 0000000020000140 RDI: 0000000000000009
[  546.892573][T15091] RBP: 00007efcd1fe78ee R08: 0000000000000000 R09: 0000000000000000
[  546.895990][T15091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  546.899460][T15091] R13: 0000000000000000 R14: 00007efcd2115f80 R15: 00007ffdbb59c4e8
[  546.902983][T15091]  </TASK>
[  546.908061][T11620] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  546.911194][T15091] PM: Image not found (code -6)
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  547.462981][T11503] EXT4-fs error: 4 callbacks suppressed
[  547.462993][T11503] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.2.1654: bg 5: bad block bitmap checksum
[  547.463561][T12118] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  547.465025][T11503] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6551: Filesystem failed CRC
[  547.470128][T12118] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.475555][T11503] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.2.1654: bg 4: bad block bitmap checksum
[  547.502279][T11503] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6551: Filesystem failed CRC
[  547.538119][T12118] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  547.542358][T12118] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.648800][T12118] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  547.652952][T12118] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.749932][T12118] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  547.754369][T12118] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.840092][T12118] bridge_slave_1: left allmulticast mode
[  547.842890][T12118] bridge_slave_1: left promiscuous mode
[  547.845525][T12118] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.850680][T12118] bridge_slave_0: left allmulticast mode
[  547.853420][T12118] bridge_slave_0: left promiscuous mode
[  547.855744][T12118] bridge0: port 1(bridge_slave_0) entered disabled state
[  548.003314][T12118] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  548.009472][T12118] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  548.020569][T12118] bond0 (unregistering): Released all slaves
[  548.042857][T15093] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  548.055510][T15094] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  548.092826][T15095] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  548.101954][T15096] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  548.130710][T15097] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  548.140935][T15098] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[  548.308217][T12118] hsr_slave_0: left promiscuous mode
[  548.310976][T12118] hsr_slave_1: left promiscuous mode
[  548.314345][T12118] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  548.317516][T12118] batman_adv: batadv0: Removing interface: batadv_slave_0
[  548.322192][T12118] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  548.325402][T12118] batman_adv: batadv0: Removing interface: batadv_slave_1
[  548.329449][T12118] veth1_macvtap: left promiscuous mode
[  548.331828][T12118] veth0_macvtap: left promiscuous mode
[  548.336055][T12118] veth1_vlan: left promiscuous mode
[  548.338286][T12118] veth0_vlan: left promiscuous mode
[  548.658454][T12118] team0 (unregistering): Port device team_slave_1 removed
[  548.726243][T12118] team0 (unregistering): Port device team_slave_0 removed
[  549.494858][T12118] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.546903][T12118] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.618076][T12118] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.677383][T12118] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.805303][T12118] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  549.893289][T12118] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  549.964420][T12118] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  550.066972][T12118] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  550.176739][T12118] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  550.180754][T12118] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.248425][T12118] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  550.252604][T12118] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.310342][T12118] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  550.316534][T12118] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.380403][T12118] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  550.384298][T12118] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.470347][T12118] bridge_slave_1: left allmulticast mode
[  550.472825][T12118] bridge_slave_1: left promiscuous mode
[  550.475569][T12118] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.480841][T12118] bridge_slave_0: left allmulticast mode
[  550.484084][T12118] bridge_slave_0: left promiscuous mode
[  550.486793][T12118] bridge0: port 1(bridge_slave_0) entered disabled state
[  550.492951][T12118] bridge_slave_1: left allmulticast mode
[  550.495515][T12118] bridge_slave_1: left promiscuous mode
[  550.498036][T12118] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.503683][T12118] bridge_slave_0: left allmulticast mode
[  550.508088][T12118] bridge_slave_0: left promiscuous mode
[  550.512757][T12118] bridge0: port 1(bridge_slave_0) entered disabled state
[  550.521969][T12118] bridge_slave_1: left allmulticast mode
[  550.525104][T12118] bridge_slave_1: left promiscuous mode
[  550.528644][T12118] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.536830][T12118] bridge_slave_0: left allmulticast mode
[  550.540678][T12118] bridge_slave_0: left promiscuous mode
[  550.543952][T12118] bridge0: port 1(bridge_slave_0) entered disabled state
[  551.091105][T12118] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  551.104851][ T5378] vhci_hcd: vhci_device speed not set
[  551.108837][T12118] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  551.113690][T12118] bond0 (unregistering): Released all slaves
[  551.214526][T12118] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  551.219561][T12118] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  551.228243][T12118] bond0 (unregistering): Released all slaves
[  551.240167][T12118] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  551.246022][T12118] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  551.251163][T12118] bond0 (unregistering): Released all slaves
[  552.082244][T12118] hsr_slave_0: left promiscuous mode
[  552.086428][T12118] hsr_slave_1: left promiscuous mode
[  552.089002][T12118] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  552.092480][T12118] batman_adv: batadv0: Removing interface: batadv_slave_0
[  552.095970][T12118] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  552.098645][T12118] batman_adv: batadv0: Removing interface: batadv_slave_1
[  552.104067][T12118] hsr_slave_0: left promiscuous mode
[  552.106485][T12118] hsr_slave_1: left promiscuous mode
[  552.109344][T12118] batman_adv: batadv0: Removing interface: batadv_slave_0
[  552.113400][T12118] batman_adv: batadv0: Removing interface: batadv_slave_1
[  552.120415][T12118] hsr_slave_0: left promiscuous mode
[  552.123755][T12118] hsr_slave_1: left promiscuous mode
[  552.126687][T12118] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  552.129856][T12118] batman_adv: batadv0: Removing interface: batadv_slave_0
[  552.136713][T12118] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  552.139817][T12118] batman_adv: batadv0: Removing interface: batadv_slave_1
[  552.146960][T12118] veth1_macvtap: left promiscuous mode
[  552.149387][T12118] veth0_macvtap: left promiscuous mode
[  552.151720][T12118] veth1_vlan: left promiscuous mode
[  552.155695][T12118] veth0_vlan: left promiscuous mode
[  552.159162][T12118] veth1_macvtap: left promiscuous mode
[  552.161666][T12118] veth0_macvtap: left promiscuous mode
[  552.164355][T12118] veth1_vlan: left promiscuous mode
[  552.166774][T12118] veth0_vlan: left promiscuous mode
[  552.492432][T12118] team0 (unregistering): Port device team_slave_1 removed
[  552.575207][T12118] team0 (unregistering): Port device team_slave_0 removed
[  553.919742][T12118] team0 (unregistering): Port device team_slave_1 removed
[  554.066209][T12118] team0 (unregistering): Port device team_slave_0 removed
[  555.064594][T12118] team0 (unregistering): Port device team_slave_1 removed
[  555.145080][T12118] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
22:09:06  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000c51834 RBX=0000000000000000 RCX=ffffffff8b121709 RDX=ffffed100d606fda
RSI=ffffffff8bb08e40 RDI=ffffffff8162641c RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20
R8 =0000000000000000 R9 =ffffed100d606fd9 R10=ffff88806b037ecb R11=0000000000000001
R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff9012de18 R15=0000000000000000
RIP=ffffffff8b122aff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020001280 CR3=000000002c574000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffff800 Opmask01=0000000000010100 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe86e4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe86f1
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe86eb
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe86ff
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe8785
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe8863
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000386169 64656d2f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000001b424a 47464e0c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000038 0000000000000001 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fe63f5 RDI=ffffffff9519f6a0 RBP=ffffffff9519f660 RSP=ffffc9000337ef20
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3038383866666666
R12=0000000000000000 R13=0000000000000063 R14=ffffffff84fe6390 R15=0000000000000000
RIP=ffffffff84fe641f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 000fffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 000fffff 00000000
FS =0000 00007efcd2d566c0 000fffff 00000000
GS =0000 ffff88806b100000 000fffff 00000000
LDT=0000 0000000000000000 000fffff 00000000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2f3eaff8 CR3=00000000542ae000 CR4=00350ef0
DR0=0000000000000000 DR1=00000000872c9164 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffffff8 Opmask01=0000000000010100 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe86e4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe86f1
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe86eb
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe86ff
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe8785
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007efcd1fe8863
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000386169 64656d2f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000001b424a 47464e0c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000038 0000000000000001 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffff88806b1467c0 RCX=ffffffff817e45db RDX=ffff888046c88000
RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000370f928
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=ffff88806b328a40
R12=ffffed100d628cf9 R13=0000000000000001 R14=ffff88806b1467c8 R15=ffff88806b23ffc0
RIP=ffffffff818a7cfc RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2dbebff8 CR3=000000003d806000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe0d5de5a0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c4f3e86e4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c4f3e86f1
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c4f3e86eb
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c4f3e86ff
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c4f3e8785
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c4f3e8863
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 0000000000000000 0000000000000000 00000000000001a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000071428c RBX=0000000000000003 RCX=ffffffff8b121709 RDX=ffffed100d666fda
RSI=ffffffff8bb08e40 RDI=ffffffff8162641c RBP=ffffed10030db488 RSP=ffffc900001a7e08
R8 =0000000000000000 R9 =ffffed100d666fd9 R10=ffff88806b337ecb R11=0000000000000001
R12=0000000000000003 R13=ffff8880186da440 R14=ffffffff9012de18 R15=0000000000000000
RIP=ffffffff8b122aff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b328e7ff8 CR3=00000000322c4000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a093 ffffffff8100a093
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a093 ffffffff8100a093
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8100a093
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f70de86e4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f70de86f1
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f70de86eb
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f70de86ff
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f70de8785
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8f70de8863
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff819c4c5d ffffffff819c4be4 ffffffff819c4b15 ffffffff819b4ae8
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff819c4c84 ffffffff819c4c5d ffffffff00040008 0000000f0010000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff819b4ae8 ffffffff819b4a72 ffffffff819b4a37 ffffffff8132df25
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000038
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000